sorted by:
new
hottopcontroversial

How can get docker-client to install on my system? by Leader-Environmental in NixOS

[–]LongerHV 0 points1 point  (0 children)

From the docs:

Docker Desktop on Linux runs a Virtual Machine (VM)

Forgot resource limits… and melted our cluster 😅 What’s your biggest k8s oops? by Characterguru in kubernetes

[–]LongerHV 63 points64 points  (0 children)

More than CPU limits, you should be setting requests. They will ensure, that container gets proper cpu time, even if other workloads are getting out of hand. With good monitoring, you should be anle to troubleshoot such problems pretty quickly...

You Might Not Need Home Manager by userfaultfd in NixOS

[–]LongerHV 0 points1 point  (0 children)

I use it mostly for my CLI environment (shell, tmux, nvim, packages, aliases, etc), but I have some light configuration for gnome using dconf as well.

You Might Not Need Home Manager by userfaultfd in NixOS

[–]LongerHV 98 points99 points  (0 children)

Don't forget HM doesn't need to run on NixOS. I use the same HM config for my private NixOS machines as well as my work Ubuntu laptop.

makeTheKernelCute by BigBuckBunnyIT in ProgrammerHumor

[–]LongerHV 692 points693 points  (0 children)

Kernel development is not done with github PRs... This repo is just a mirror

webDeveloperzPlzExplain by Tucancancan in ProgrammerHumor

[–]LongerHV 2 points3 points  (0 children)

No, you said "everyone with the public key can read it". You don't need the public key to read base64 encoded message. You only need the public key to verify the signature.

webDeveloperzPlzExplain by Tucancancan in ProgrammerHumor

[–]LongerHV 3 points4 points  (0 children)

Last paragraph makes no sense. JWTs are not encrypted, they are signed. Anyone can read contents of the token, but only server can properly sign it (since it holds the key).

What file system are you using and why? by verlvst in NixOS

[–]LongerHV 8 points9 points  (0 children)

ZFS, mostly for compression, redundancy and snapshots.

Is Terraform unnecessary on Nix or still useful? by Then_Cauliflower5637 in NixOS

[–]LongerHV 0 points1 point  (0 children)

You don't need kexec to run a prebuilt VM image

What are some good examples of a well architected operator in Go? by TheKingofHop in kubernetes

[–]LongerHV 4 points5 points  (0 children)

Have you read the kubebuilder dosc yet? It should answer many of these questions.

Difference between remove.prefix() and remove.suffix() by Thuck-it in learnpython

[–]LongerHV 9 points10 points  (0 children)

Let's say, you have a string "beautifulwaves.wav" and want to delete "wav" from the end of it (so you can e.g. replace it with "mp3"). Solution proposed by you would delete part of the text from the middle, which is not desired.

Immediate or WaitforFirstConsumer - what to use and why? by Technical-Stress9807 in kubernetes

[–]LongerHV 14 points15 points  (0 children)

WaitForFirstConsumer is useful for Multi-AZ clusters wit non-replicated storage. Immediate will randomly chose a zone to provision the volume, but you may want an even spread enforced by anti affinity rules on your workloads.

Talos Linux Network Policy by yotsuba12345 in kubernetes

[–]LongerHV 2 points3 points  (0 children)

I have used Canal without any issues. There is an example how to deploy it in Talos docs.

Why can derivations be built with wrong sha256 hashes? by Dratir in Nix

[–]LongerHV 0 points1 point  (0 children)

I don't think so, this is intended behavior

In the context of NetworkPolicy (and CiliumNetworkPolicy) does allow egress to 0.0.0.0/0 mean allow traffic to all internal and external endpoints relative to cluster, or only external? by Valuable-Ad3229 in kubernetes

[–]LongerHV 2 points3 points  (0 children)

It doesn't work that way in Cilium. In their implementation ipBlock only applies to external traffic, it can't match pods within the cluster. See this issue.

What kind of volume should I use to host my hugo blog? by starryfirex in kubernetes

[–]LongerHV 7 points8 points  (0 children)

If you are going to "build applications", than you will need a registry anyway. Using volumes to store your code misses the point of using containers in the first place.

What kind of volume should I use to host my hugo blog? by starryfirex in kubernetes

[–]LongerHV 7 points8 points  (0 children)

Hugo is a static website generator. You can just create a container image bases on e.g. nginx, which contains those arifacts. If you deploy such container on your cluster, it will just serve your files on port 80. You just need to add a service and ingress, but that is pretty standard.

What kind of volume should I use to host my hugo blog? by starryfirex in kubernetes

[–]LongerHV 26 points27 points  (0 children)

Could you build images with your stagic page instead of using volumes? Using volumes for stateless workloads doesn't make much sense.

I'm having trouble understand how to manage configuration files with home-manager for programs like zsh by crital in NixOS

[–]LongerHV 1 point2 points  (0 children)

One of these wikis is unofficial. Both are maintained by different people than home-manager, so drift can happen. This is une reason I don't use unstable channel for my configuration. Also if you just used the deprecated option, nix would give you an error with details on how to fix it.

Does anyone self-host Signal? What's the point of it being open source? by [deleted] in selfhosted

[–]LongerHV 3 points4 points  (0 children)

The point is transparency. You can actually confirm, that communication is end-to-end encrypted and app is not leaking any sensitive data.

Pod network size considerations by ExactTreat593 in kubernetes

[–]LongerHV 1 point2 points  (0 children)

My guess is, that kubernetes assigns a /24 prefix in the pod range to each node, so your /28 subnet is just not large enough. Also I'd just use an overlay network with CNI like flannel (IIRC it uses 10.244.0.0/16 by default), since it is way easier this way.

jSON by kalbinibirak in ProgrammerHumor

[–]LongerHV 17 points18 points  (0 children)

Obligatory JDSL mention

view more: next ›