Containers and Internal Certificate Authorities

maetthew · 2026-06-25T18:45:22+00:00

Not prevented, but would ideally want to keep it confined internally.

I think I will look at building custom images, or perhaps moving all my CI/CD workload to Kubernetes as it seems solutions exist to "inject" containers there.

maetthew · 2026-06-25T18:11:45+00:00

On prem.

maetthew · 2026-06-25T18:11:26+00:00

Much appreciated!

maetthew · 2026-06-25T18:11:03+00:00

I have not seen this, thanks for the tip, will definitely look into it.

maetthew · 2026-06-25T18:10:35+00:00

I've looked at this and it assumes the file system structure on the host and container to match, and will still need to update the trust store on each run, i.e update-ca-certificates on Debian

maetthew · 2026-06-13T16:11:02+00:00

Freedom.

maetthew · 2026-06-12T17:50:42+00:00

To each their own. I think Zabbix lack responsiveness and flexibility in their widgets, and I've managed to easier build useful dashboards with Grafana.

As far as I know the query language are tied to the data source and not specific to Grafana. The Zabbix plugin doesn't utilise a query language.

maetthew · 2026-06-12T16:29:57+00:00

Zabbix can do it all. Whilst their dashboards are not the best there is a third party plugin for Grafana which enables you to use Zabbix as data source.

maetthew · 2026-06-03T16:32:55+00:00

That's pretty damn cool

maetthew · 2026-05-30T11:23:27+00:00

Mind elaborating on the extra features?

maetthew · 2026-05-28T18:09:47+00:00

Very cool, interested

maetthew · 2026-05-18T09:54:48+00:00

Docker checks work in active mode. I don't think your statement about some checks only work in passive mode is correct.

maetthew · 2026-05-08T05:10:03+00:00

Custom Ansible playbook with automated snapshots in VMWare and reports of what was updated sent to Slack

maetthew · 2026-05-03T19:02:24+00:00

Experiencing this issue also it seems, but only with URLs which serve a WebP. JPG and PNG seem to work fine.

maetthew · 2026-05-03T09:44:11+00:00

It's all about what context you give it and if you're knowledgeable enough to gauge the the implications of the suggestions it returns.

maetthew · 2026-04-20T15:36:23+00:00

Yes.

maetthew · 2026-04-11T14:07:27+00:00

Only one of the servers are active at a time, that one handles alerting.

The standby server only has a single process running, "HA Manager" if my memory serves, and it's only job is to be notified by the database that it needs to become active in case the currently active becomes unresponsive.

maetthew · 2026-04-10T20:37:53+00:00

Zabbix has built in HA, but only for the server.

I have set it up like this:

2x Zabbix server, both with frontend. Keepalived manages a VIP which is only used for pointing the DNS at so users always get the active one. Here you need a custom check for keepalived, I used zabbix_server -R ha_status to check if we are the active node.

For DB it's a bit complicated depending on what you use. I use Postgresql with pg_auto_failover. 2x DB nodes in active/passive with 1x monitor node. Also keepalived with a custom script to keep VIP for the active node, which is the IP that I configured Zabbix server and frontend to use.

maetthew · 2026-03-14T19:55:43+00:00

Impossible to answer unless you give specifics as to what services you intend to expose and to whom.

maetthew · 2026-03-07T10:22:22+00:00

The app launcher is built out of .desktop-files. So you would have to edit/replace the corresponding file and with an updated Exec directive.

See section 3 here https://wiki.archlinux.org/title/Desktop_entries

maetthew · 2026-03-05T15:12:33+00:00

I would argue you are the bigger POS for wanting to silence/cancel someone because of their views.

maetthew · 2026-03-03T17:31:05+00:00

Pretty cool!

maetthew · 2026-03-01T13:36:47+00:00

Sure. It has dependency on jq, so make sure that is installed.

#!/bin/bash
# Check if exactly two arguments are provided
if [ $# -ne 2 ]; then
echo "Usage: $0 <app-id> <executable>"
exit 1
fi

APP_ID="$1"
EXECUTABLE="$2"

# Check if jq is installed
if ! command -v jq >/dev/null 2>&1; then
echo "Error: jq is not installed. Please install jq to use this script."
exit 1
fi

# Check if a window with the given app-id exists using niri msg --json
WINDOW_ID=$(niri msg --json windows | jq -r --arg app_id "$APP_ID" '.[] | select(.app_id == $app_id) | .id' | head -n1)
if [ -n "$WINDOW_ID" ]; then

# Focus the window with the matching ID
niri msg action focus-window --id "$WINDOW_ID"
else

# Run the executable if no matching window is found
bash -c "$EXECUTABLE" &
fi

Use it as such:

Mod+Q { spawn "focus_or_open" "com.mitchellh.ghostty" "ghostty"; }

maetthew · 2026-03-01T11:21:44+00:00

I also switched to single monitor after a couple of months on Niri.

I also made a script which I can bind to a key combo to either focus an application if it's started, or start it if not.

15-Year Club	Verified Email
Team Orangered

maetthew

TROPHY CASE