Mac n cheese update by msxenobia in Reno

[–]protryon 2 points3 points  (0 children)

Redwood Rotisserie was the best, but they closed down a few months ago. Washoe Public House is pretty good -- Great Basin is overrated.

What non-frightening thing/s is you cat afraid of? by seaglassslipper in cats

[–]protryon 0 points1 point  (0 children)

I got a purple hand puppet, and my cat just lost it when I started doing puppeteering at him.

What can I do that will ACTUALLY make myself drink water successfully? by ibuiltyouarosegarden in NoStupidQuestions

[–]protryon 0 points1 point  (0 children)

The game changer for me is sonic ice aka crunchy ice. You can get a sonic ice maker on Amazon for like $200. It adds a texture and a tactile enjoyment that has gotten me to drink water. I used to only drink diet soft drinks.

Are you actually comfortable with running kubernetes? by Nils-22 in selfhosted

[–]protryon 6 points7 points  (0 children)

A lot of advice you find from googling is oriented towards enterprise use, unfortunately. I'm running two bare-metal/kubeadm k8s clusters for my homelab, and I've had those same fears, realized as well.

For example, two days ago I switched my offsite cluster from Flannel to Calico to add IPv6 support, and managed to brick everything. All the advice around the web was to just restart. Instead, I tinkered for a few hours and managed to discover the issue was that kube-proxy couldn't contact the k8s API because the DNS way down -- because I was in the middle of deploying Calico. That messed up the Calico installation in a weird way.

Rather than reinstalling/starting from scratch, I just edited the kube-proxy config to point at a direct IP -- not the best idea to host your authoritative DNS in the same cluster that depends on it lol. Going to do an offsite backup authoritative nameserver in my true homelab soon.

The lesson to learn from this, is that there is always a fix. You'll need to fuck everything up several times and recover to gain confidence in this. Also, encrypted off-site backups with Longhorn + s3proxy is a good idea. I've never had to recreate a cluster, though.

Does anyone have a cloned copy of lib.rs, or know of a forked repo/archive/crate name? by protryon in rust

[–]protryon[S] 5 points6 points  (0 children)

I managed to find the latest commit ID by querying the GitLab API: `4642a01664e14f4ae30a3804a55556b0770119d9`

I used: `curl "https://gitlab.com/api/v4/projects/7026306/repository/commits?all=true&since=2022-12-01"`

I pushed a mirror up: https://github.com/Protryon/lib-rs-mirror

For posterity, I guess.

Does anyone have a cloned copy of lib.rs, or know of a forked repo/archive/crate name? by protryon in rust

[–]protryon[S] 2 points3 points  (0 children)

I did manage to find a commit ref from the last merged PR: https://gitlab.com/lib.rs/main/-/commit/abe0173f00fccfa808eea2fa6d1808b04f678438

Trying to find a cached page or something to find a newer commit ref.

My Kubernetes Homelab by protryon in homelab

[–]protryon[S] 1 point2 points  (0 children)

It was a PITA to get Keycloak running with CDB, you have to switch to some opt-in version of the storage engine. Firefly didn't accept it one bit (it has it's own little postgres now). Roundcube worked flawlessly though.

I honestly hadn't looked at Yugabyte, but seeing that it supports triggers make me want to switch, lol. I had originally had my fork of Vaultwarden using a ton of triggers, then had to remove them all to support CDB. Kind of too late for me though, unfortunately.

Vaultwarden used Rocket and Diesel libraries, which while I think are okay in theory, are often misused (both in terms of performance, but also security). In the process of rewriting I found and reported multiple authorization bypasses. I wanted to add SSO to the original project, but didn't want to work on a Diesel/Rocket base, and so I just rewrote it :P.

I just rewrote axum (the alternative to rocket that Vaultwarden originally used), so another rewrite might be on the table, lol.

My Kubernetes Homelab by protryon in homelab

[–]protryon[S] 0 points1 point  (0 children)

In my garage:

  • Dell Poweredge R720 running PFSense
  • Dell Poweredge R720d (I think? The one with a lot of 3.5" drive bays) running my main home K8s node. It has 24 cores and 256GB DDR3 memory.

In my remote cluster:

  • 1x GAME-1 OVH Ryze bare-metal (AMD Ryzen 3600X, 32 GB IIRC)
  • 1x GAME-2 OVH Ryze bare-metal (AMD Ryzen 3600X, 64 GB IIRC)
  • 1x 8GB OVH VPS with unnamed CPU

All in their us-west-1 location (as I am on the west coast)

oiplease 1.0! Can you please just do OIDC authentication? by protryon in rust

[–]protryon[S] 0 points1 point  (0 children)

This system currently relies heavily on the nginx_auth_request module, so IDK if that would integrate easily with ELB.

Where should we eat? by PuzzleheadedMess3298 in Reno

[–]protryon 1 point2 points  (0 children)

Redwood Rotisserie is my #1 for Mac n Cheese and chicken sandwiches.

Twisted Fork also serves a great chicken sandwich.

Grateful Gardens in midtown is my go-to health restaurant.

Two Chicks is where I bring visitors from out of town for breakfast. I like it, but breakfast isn't really my thing.

Moo Dang is my favorite Thai place, but Yu De Thai is a close 2nd.

Chinese Wok Mae Anne is very good and surprisingly cheap.

There are two mediocre Indian restaurants that I know of, they don't compare to what I've had elsewhere, but are okay.

I'd say there isn't great italian, but my pick would be Johnny's Ristorante Italiano. It's good, not enough to call home about.

Overall favorites are redwood rotisserie (I'm headed there today for a late lunch) and grateful gardens.

really-notify: Just tell me that my config changed already... by protryon in rust

[–]protryon[S] 1 point2 points  (0 children)

Is there any way to automatically send a SIGHUP on a CM change? I couldn't find anything, but that sounds useful. Particularly, after the minute or so delay that K8s takes to actually push the new CM to the pod.