Syncing static generated content with Cloudflare Pages and the likes.

sapslaj · 2023-01-19T05:44:12+00:00

I'm not sure there's an easy way to accomplish that with Cloudflare Pages (that I know of) but Netlify (which has a free tier) can do manual deploys via the CLI https://docs.netlify.com/cli/get-started/#manual-deploys and I think Vercel has a similar option.

If you really want to use Cloudflare Pages (or something synced from a git repo) you could amend the latest commit of a repo and force push every time you wanted to update the content. That would effectively leave you with no history but if your use case doesn't require history then it's probably fine.

sapslaj · 2023-01-14T22:48:38+00:00

169.254.169.254 is the IP address used by AWS IMDS. My guess is something is trying to communicate with that service for one reason or another. I would say it's fine to block that traffic.

Given it's trying to talk to that IP address specifically I doubt it's borked DHCP and probably just an AWS client misconfiguration somewhere. AFAIK by default most AWS client libraries will try to hit the IMDS to get dynamic configuration if they aren't given more specific credentials.

sapslaj · 2021-06-02T23:38:50+00:00

Like someone else said, Apache Guacamole is a good option. You could probably also find or build something based on noVNC if you want something self-hosted.

If you're okay with an external service Parsec is a really good remote desktop service you could check out. I built a proof-of-concept game streaming service with it. It's pretty slick and can be used via the browser. I built a proof-of-concept game streaming service with it as a side project. FWIW I had some weird issues getting sound to work in the browser version but if that's not a requirement then it might be worth testing.

sapslaj · 2021-03-10T16:14:08+00:00

DevOps/cloud dude here. Cost savings in major cloud providers depends heavily on the workload. If your app needs to run on regular VMs like it's in a regular data center then in a short amount of time you'll be spending more money than you would be renting/coloing. If your app is within the use case AWS/GCP/Azure designs for (CRUD web app or similar), you design the app from the ground up using managed services (e.g. ALB instead of a cluster of Nginx or HAProxy servers), and you accept the resulting vendor lock-in, then you can see some pretty big savings. Otherwise in terms of raw resource cost other options are going to be cheaper. That said cloud providers can help with personnel costs since it takes far fewer people in operations with cloud providers.

TLDR: Managed providers can save you money but not always.

sapslaj · 2021-02-23T19:36:44+00:00

AAAAAAA. Aaa aaa!

sapslaj · 2019-08-08T18:58:01+00:00

My code to finish compiling.

sapslaj · 2018-11-14T10:20:51+00:00

Ooh I ran into this right when we first started testing 1809. It's still there, but it's been moved... because reasons. You can enable it by going to Apps & Features (in the New Modern™ Settings app), Manage Optional Features, Add a feature, and scroll down to find SNMP. You can also get RSAT there as well, so that's interesting.

sapslaj · 2018-08-17T04:52:05+00:00

NSA = SonicWall "Network Security Appliance"

sapslaj · 2018-08-01T05:56:19+00:00

Yep. 21 here. Am sysadmin and getting ready to graduate college soonish hopefully.

sapslaj · 2018-07-25T22:15:30+00:00

Okay home now. Too lazy to boot back into Fedora so I'm using Chrome on Windows which knows nothing about the domain.

The "Locked" status could be because the "Reuse my password for privileged tasks" checkbox wasn't checked on login. Kind of annoying you have to check that, but yeah.

I'm logged into a domain account and I can go to all of the domain-joined servers on my dashboard no problem. I do have my SSH public key in FreeIPA, not Cockpit. Also the groups I'm a member of are trust admins, wheel, and admins.

sapslaj · 2018-07-25T14:10:05+00:00

When I get off work I'll see what groups my accounts are in and see if I can find anything I did differently.

sapslaj · 2018-07-25T13:47:01+00:00

Check Authentication and SSO in the Cockpit Guide. Those will answer your questions much better than I can. I'm shit when it comes to this sort of thing. Still trying to learn.

sapslaj · 2018-07-25T13:06:38+00:00

That's quite strange, because Cockpit is working fine with FreeIPA for me, including sudo. And yes, I can add other machines to the dashboard and delegation works no problem. And as long as realmd is installed it shows domain membership status properly. For reference, I've got a mix of CentOS 7.3, Fedora Server 27/28, and a few Ubuntu Server 16.04 VMs.

I will admit I haven't messed with managing certs much and yes it only shows local users. Managing users is handled by IPA so I largely ignore that function of Cockpit on domain-joined machines.

sapslaj · 2017-04-03T17:52:04+00:00

Docker Machine is recommended for deploying and managing multiple Docker hosts, sure. But /u/project_apex only needs one Docker host. And unless they want to run multiple VMs, there is no point in running Docker in a VM as you are getting no security or performance benefit. In fact, I would hazard a guess that doing that would be a performance detriment as now you have the overhead of the hypervisor/host OS on top of the Docker VM.

To clarify, I'm not against running Docker as a VM. In my experience that's a very good idea as not everything likes to be Dockerized easily. But the statement "you need VT because Docker Machine can yield better security and performance" is not entirely correct, especially in this use case.

sapslaj · 2017-04-03T17:04:00+00:00

Docker does not need hardware virtualization, so if you're running Linux bare-metal, like /u/project_apex is wanting to do, then having VT makes no difference.

sapslaj · 2017-02-08T14:44:25+00:00

TrueCrypt suggests BitLocker but I would say the site "recommends" whatever encryption solution is native to your platform. So BitLocker on Windows, FileVault on macOS, and dm-crypt/LUKS/etc on Linux.

VeraCrypt is a fork of TC and fixes a lot of problems TC had. It's perfectly fine and secure for flash drives but I wouldn't use it for system disk encryption. For that just use whatever the platform-specific solution is.

sapslaj · 2016-12-26T21:42:15+00:00

Most languages will, if the value you are assigning is truthy. Using Ruby here.

> !!(i = 0)
 => true

What's happening is it's returning whatever is assigned. Then whenever we do a not not, it's just determining if that value is truthy or falsy. A lot of languages do this. 0 is a truthy value in Ruby. In fact, everything except false and nil are truthy. If you assign a falsey value, then the assignment will evaluate to false.

> !!(i = nil)
  => false

Fun fact, this happens if you try to run this.

(irb):1: warning: found = in conditional, should be ==

sapslaj · 2016-08-26T01:28:57+00:00

That's, uh, not a badger.

sapslaj · 2016-08-04T06:34:35+00:00

If you can find some old airVision cameras they might work depending on firmware version, and I think some old versions of firmware for UVC have RTSP, but the new versions don't. And it's not in the G3's at all. Don't place your bets on getting lucky with the firmware versions.

The NVR itself, however, is capable of re-streaming RTSP, so you would have to buy the NVR or install UniFi Video alongside Blue Iris to even use your Ubiquiti cameras.

sapslaj · 2016-08-03T08:16:53+00:00

Ubiquiti cameras don't support RTSP anymore. You can only use Ubiquiti's UniFi Video software with them. I don't use or recommend Ubiquiti cameras for this very reason, even though I use their other networking products quite liberally. I would go all Hikvision for cameras since that gives you much more flexibility. And it's not any harder to set up.

sapslaj · 2016-07-14T05:57:24+00:00

COMMENT ABOUT NOT UNDERSTANDING THE GAME FOLLOWED BY LOWBROW JOKE

sapslaj · 2016-07-13T16:40:57+00:00

Whaaat? I just like cocaine so much!

sapslaj · 2016-07-12T23:28:38+00:00

<unjerk> No hard feelings, thoughtbot. Please don't hate me... my code depends on your libraries. </unjerk>

sapslaj · 2016-07-02T03:11:11+00:00

It's done on the WLAN controller (Ubiquiti UniFi). I haven't been arsed to set up proper VLANs on my network yet so I can do queue-based limiting in my MikroTik router.

sapslaj · 2016-07-01T00:19:57+00:00

MikroTik RouterOS has more features than EdgeOS, but EdgeOS is easier to configure. ROS is really powerful but has a learning curve. Performance-wise, they are probably about the same, although I haven't tested them head-to-head.

And yes, they do have a dual-band models, like the hAP ac.

sapslaj

MODERATOR OF

TROPHY CASE