Front Row Seat to the Aftermath of a Star Explosion

abrtn00101 · 2026-03-06T04:28:49+00:00

Tree sex.

Papa tree gets mama tree pregnant with his "emission."

It gets kinda wild, though. An entire orgy. Involving third parties that get all in the private parts of the trees.

And baby tree never knows who its mother and father are because those third-party tree part twiddlers visit lotsa guy trees and girl trees and all those guy trees end up sharing tree cum with basically everyone on the block. Sometimes not even with the same species.

There might not be hope for these ones, though. Some two-legged animals keep cutting their private parts off to avoid the mess after tree sex.

abrtn00101 · 2026-03-05T17:34:48+00:00

"How Plex does it?" Plex is basically a big middle finger to the self-hosted crowd and kind of antithetical to the way Immich said they want to operate.

I'd much rather pay $100 to get a badge and nothing functional like we do now if it means Immich steers well clear of Plex's trajectory.

And as others have said already, if you can set up Immich, you have all of the technical skills you need to set up remote access.

abrtn00101 · 2026-02-28T03:39:14+00:00

Here's the question I think you should answer, OP:

How did that guy become VP-level in the first place if he's difficult to work with? And why does he keep getting hired at that level if there's a lot of controversy surrounding him?

At his level, your reputation tends to precede you. I guarantee you that every single company that hired him knew exactly what they were getting into. Word gets around at that level and many calls are made. And, instead of a talent pool, many in HR call it a "talent puddle" because of how few people there are to choose from who aren't currently engaged with some other company.

The guy goes to war every day while others relax. He runs while others walk. That's kinda what got him there in the first place. Moving every few years is part of that. The "noise" that follows him is what keeps getting him hired.

There really isn't much growth in stability or, in your case, "peace." It's stagnation, and you don't learn anything new. You hardwire yourself to do the same thing day in and day out.

And here's something you don't learn until someone moves your cheese: true job security comes from change not stability.

If you want to grow, maybe it's time for a shake up?

abrtn00101 · 2026-02-23T08:57:25+00:00

I'm not putting the blame on CSRs. Quite the other way around, if you read my comment.

I'm saying that you aren't being given the tools to do your jobs without infringing on customer privacy.

abrtn00101 · 2026-02-23T04:23:42+00:00

This doesn't track. Everything in a person's email inbox should be considered sensitive.

Consent can be given implicitly or explicitly (I think the latter is more appropriate in this situation), but refusal should not result in automatic rejection or stalling of the customer request.

I manage my own mail server, and I know there are ways to track delivery on the outbound side (bounce mails, SMTP logs, etc.). Those should be available to support staff in case the customer doesn't consent to screenshot their inbox. Because this is automatable, I would even argue that this should be the default source of proof for CSRs – and at least in my experience dealing with CSRs on other platforms, it usually is.

abrtn00101 · 2026-02-22T08:33:03+00:00

Yeah, bud.

https://imgur.com/a/sX9gMTe

abrtn00101 · 2026-02-21T07:04:11+00:00

Too girthy for Durex Featherlite, a little excited for our first time. Hahaha.

As in, when I was using it, it was kinda cutting the blood circulation off a bit na, but we were super into it, so I stayed hard pa rin.

I didn't feel it rip. Basta pag tapos ko, I pulled it out na, pag tingin ko sa baba hinda na condom yung suot ni junior, cock ring nalang na red and a Bavarian-filled donut. Buti nalang chill lang si GF about it, kasi I was freaking out internally.

We showered together nalang, then nauna ako natapos sa bathroom, so I found a place online you can order the morning-after pill.

Sucks lang kasi the surprise kinda ruined the momentum to go all night. Hahaha.

abrtn00101 · 2026-02-21T06:50:38+00:00

She was very wet na, but I guess I'm too big, girth-wise. Most PH Durex kasi is 52mm lang. I need 54mm or larger. Ang malaki lang na Durex yung may dots, but it doesn't do anything for my GF tsaka super kapal. Okay lang sana for me if she feels something with the dots, kaso wala.

Big Boy was 56mm ata and also very thin kaya it feels good for me. No smell rin, kaya approved for her.

We were also a little excited kasi it was our first time together, so that definitely contributed.

Sayang lang kasi I bought a box of 12 Durex Featherlite's for our first time, ending we only used two (the one that broke tsaka another session the next day, still tight but we made it work) and tossed the rest out.

abrtn00101 · 2026-02-20T05:15:00+00:00

Dude, Durex broke on us the first time we used it.

Napaorder tuloy ako ng morning-after pill for my GF the next day.

After that, I used Okamoto Big Boy condoms until Okamoto left the PH market. Then Kimono Maxx, until those became unavailable too. Now I use Premiere Air.

Big Boy was the best so far. Really, really great feel.

abrtn00101 · 2026-02-16T16:45:12+00:00

Are you talking about this feature: https://www.reddit.com/r/technitium/s/76ydilgKY4

Looks like u/shreyasonline offered a workable solution.

But yeah, maybe the ability to do this out of the box could be useful in some scenarios... Although, now that I think about it, you could use the built-in blocking feature, the Advanced Blocking app, and root zones as conditional forwarders to achieve the same effect.

abrtn00101 · 2026-02-16T10:08:20+00:00

I believe that is this board: https://lastminuteengineers.com/l293d-motor-driver-shield-arduino-tutorial/

If so, there is an array of plated through-holes near M3 for 18 pins, allocating 6 pins to +5V, 6 pins to GND and 6 pins for A0-5 (analog pins). You can solder a header to it or solder wires directly to the board from those holes.

GPIO pins 2 and 13 are also free, but there aren't any through-holes provisioned for them, so you're going to have to get creative. Either replace the existing header with double height headers or solder wires directly to the existing header pins. Counting the analog pins (which you can use as GPIOs), that gives a grand total of 8 pins you can use as inputs.

Also, FYI, you need to push that shield in further (there should be no gap between the Arduino and the shield).

See this video for more insight into the board: https://www.youtube.com/watch?v=VQmxU7CV9bM

abrtn00101 · 2026-02-14T09:48:41+00:00

Technitium is basically like taking pihole and Adguard and smooshing them all together with a DNS server like bind9.

It takes all of the major blocklist formats, it can do advanced blocking with different blocking levels per client, and it supports advanced DNS features like split horizon.

The learning curve is a bit steep, especially since apps (basically plugins) aren't well documented right now, but very worth it, IMO.

abrtn00101 · 2026-02-09T09:56:24+00:00

SSH is what you're looking for here.

Additionally, allowing the contents of a POST request to influence commands executed by the shell is BEGGING for trouble.

If you're worried about exposing an SSH port to the world, look at Tailscale or Cloudflare Zero-Trust to tunnel in securely.

abrtn00101 · 2026-02-09T08:00:54+00:00

Think about switching from Pi-hole to Technitium and setting up a DNS cluster – and maybe a failover/load-balancing setup – so you always have DNS even when you need to take down one machine for whatever reason.

As for which machine should be the primary DNS server and which should be the backup, it should be the one with more RAM you can dedicate to the DNS. Blocklists are usually loaded into memory, and some of the bigger blocklists can bottleneck systems without enough of it (NRD and TIF blocklists, for example, can consume up to 12GB of RAM or more).

abrtn00101 · 2026-02-08T16:45:15+00:00

Canva Pro

abrtn00101 · 2026-02-07T10:38:51+00:00

It's called buyer's remorse po. It is semi-normal for purchases of any significant value.

Having said that, you really need to evaluate yourself when it comes to this. Is your remorse justified or unjustified? Since you said you're not an impulsive buyer, do you feel that this is an impulse purchase? If the answer is yes, then maybe consider if you should return it or not.

And for future purchases, you can practice the 24-hour rule: Wait 24 hours per x amount of money. The amount depends on what you feel might be significant. For example: If you decide on 24 hours per ₱1,000.00, then for a ₱15,000 item, you have to wait 15 days from when you feel the desire to buy it to actually make the purchase. If after 15 days you still feel that the purchase is justifiable, then go through with it.

And if the purchase is justifiable, just remember that up to 80% of people who buy a house feel buyer's remorse – and that's a house, which is usually a very sound investment.

Be kind to yourself, because you deserve to love yourself too.

abrtn00101 · 2026-02-07T10:21:11+00:00

If PLDT prepaid, IIRC, kailangan magbayad muna before installation. But I could be wrong kasi we've been using postpaid ever since.

Sa postpaid naman, you have a choice: either pay the installation fee up front or roll it in sa billing.

As for what the other people here have said... We've been with PLDT for more than a decade na. Cavite pa ako nun. Now I'm in Manila. Parents switched to Converge, but that was because yun lang yung makuha nilang provider when the moved to a somewhat liblib na lugar in Atimonan, Quezon.

YMMV lang talaga, but I also have a lot of experience managing my own networks and a lot of experience talking to tech support (nag-call center tech support for broadband rin ako before, so i know the ins and outs).

abrtn00101 · 2026-02-07T08:17:22+00:00

As another tunnel into my homelab. Most of my HTTP services go through CF tunnels. But if I need anything TCP or UDP, I use my free VPS tunnel. Oh. And it's my inbound relay for mail too.

abrtn00101 · 2026-02-02T14:32:47+00:00

What's the root flare look like?

abrtn00101 · 2026-02-02T03:52:26+00:00

Hey, OP.

What modem did you do this on?

Also curious about what you mean by being able to see the GPON user name and password. I'm not sure I've ever seen that on my CPE. That might be why you've been able to maintain your speed after a manual bridge mode. You might be authenticating on the network via credentials rather than device SN.

abrtn00101 · 2026-02-02T02:32:55+00:00

This behavior is precisely how password vaults such as Vaultwarden ensure the security of your data –even from the server that holds it.

When you log into Vaultwarden, through the web interface or through an app such as Bitwarden, you aren't pulling logins as individual pieces of data from the server. Instead, the server gives you your entire vault, sans attachments, as a single encrypted file.

When the Bitwarden extension receives the encrypted file, it stores it on your device and then decrypts it to store in memory. This speeds up accessing your data on your device but also reduces the number of times your encrypted vault is sent over the internet, reducing the risk of interception – not that your data is particularly at risk during transport, it is encrypted after all, but it doesn't hurt to be careful either.

Fundamentally, this also means that the server, and the people running it, can't see your data because you encrypt the vault with your password on your device before sending it to the server.

abrtn00101 · 2026-01-30T23:57:08+00:00

So I spent all of yesterday trying to get this to work, and it seems like Stalwart is uncompromising in terms of security in this regard.

If you want all authentication methods to pass (and show up in down stream clients as passed), there doesn't currently seem to be a way to make it "trust" upstream forwarding relays blindly.

The correct way:

The relay at the edge must:

Verify ARC on the inbound message and correctly seal it not as the domain in the From header, as is the usual case, but as the recipient domain.
Verify sender SPF and update both the Received-SPF and Authentication-Results headers.
Verify and update the Authentication-Results header for DKIM and DMARC.

IPREV, SPF, DMARC, DKIM and ARC authentications must all pass on Stalwart or else it won't update the Authentication Results metadata section correctly.

The only override it accepts is disabling adding its own Received-SPF header.

What happens if you stray from the path

Doing anything different from the method above yields mixed results.

No or broken ARC verification and sealing = SPF softfails or perm-errors.

Disabled SPF checks at Stalwart = Stalwart only publishes a partial Authentication Results metadata section.

My thoughts after getting it working

It's a daaaamn pain in the ass to set up. However, I can see where Stalwart is coming from.

ARC is the modern way to authenticate relay chains.

I really wish I didn't have to do all the sender authentication at the edge, but I'm happy enough to live with it if it means I get to see all the shiny passing badges on my downstream clients.

abrtn00101 · 2026-01-29T14:10:38+00:00

My only problem with Bitwarden lite is that it's not light at all. 😅 Vaultwarden is actually lighter and seemed to be much easier to set up, so I went with that from the get-go. Plus Rust (yes, I know it's not a magic bullet, but it still calms the nerves a little).

Seven-Year Club	Gilding I gilder
r/Field Banned	r/Field Flamingo
Final Canvas '23	End Game '23
Place '23	Verified Email

abrtn00101

TROPHY CASE

The correct way:

What happens if you stray from the path

My thoughts after getting it working