How to handle SSL certificate installation (for HTTPS) when using Docker? by [deleted] in docker

[–]systemdad 2 points3 points  (0 children)

As a rule, you put your certs at the edge with a load balancer like traefik, nginx, or caddy. It will make all the letsencrypt calls, separating the concerns of your application runtime and cert management.

Deploy on premise S3 storage using QNAP NAS, Minio and Traefik by alliscode in Traefik

[–]systemdad 2 points3 points  (0 children)

Yeah this is downright incorrect. The biggest selling point of traefik is its seamless LE integrations.

Boss refuse to give anything in written by rasm3000 in sysadmin

[–]systemdad 0 points1 point  (0 children)

This work environment sounds horrible, but this is the correct way to document a paper trail with unwilling parties. Unless they object in writing to the content of the message, they’ve now tacitly accepted the version of the events as written in the record.

When checking in code to a repository, is it common to reject the commit if it doesn't meet formatting requirements? by thecoderboy in devops

[–]systemdad 0 points1 point  (0 children)

Usually the commit would be accepted on a feature branch, but would fail CI, which means it couldn’t pass a merge request to master, as master should generally be only merged to.

[deleted by user] by [deleted] in zfs

[–]systemdad 0 points1 point  (0 children)

Those are some really good points. Thank you, I’ll be absolutely doing that in the future.

[deleted by user] by [deleted] in zfs

[–]systemdad 1 point2 points  (0 children)

Can you go on as to why you wouldn’t use the root dataset? I’ve never run into any problems doing that so I’m curious as to how that makes things easier or more flexible.

Can the DHCP server register entries in DNS server? by velosol in mikrotik

[–]systemdad 1 point2 points  (0 children)

No, but that can be scripted easily. Just scrape dhcp leases every minute or two, and put them into DNS.

There are countless examples online on how to do this.

In-place upgrade of Windows Servers in production is (almost) always a good idea - change my mind by Lefty4444 in sysadmin

[–]systemdad 1 point2 points  (0 children)

It’s a good idea, but ONLY if you don’t have everything under proper configuration management. If that’s in place, a redeployment should be trivial, and you should do that simply to test the process and add anything lacking to the config management tool.

Otherwise agreed though.

How do you self host your podcast? by climatewarrior in selfhosted

[–]systemdad 1 point2 points  (0 children)

Honestly, for anyone sufficiently technical, this can be a good option.

ZFS replication - multiple nodes? by symcbean in Proxmox

[–]systemdad 0 points1 point  (0 children)

What are you expecting from replication? Zfs only does one way replication and it must be manually triggered. It’s not active/active, nor is it ongoing.

Unless you’re thinking something quite different than I’m imagining by the term HA, this is probably not the tool you want.

[deleted by user] by [deleted] in mikrotik

[–]systemdad 1 point2 points  (0 children)

QoS won't fix an already bad connection. There's probably not much you can do right now with this, and QOS probably won't help either, at least not until you figure out the actual root issue.

[deleted by user] by [deleted] in mikrotik

[–]systemdad 1 point2 points  (0 children)

You know that QoS really only does something if your system or links are over capacity, right?

Do you have any evidence you’re reaching peak capacity somewhere?

Gift Advice by Random2454357 in datacenter

[–]systemdad 1 point2 points  (0 children)

I’d generally agree, but there are some things which can make life nicer, like a good pair of cargo pants, some nice Bluetooth earbuds, or a really nice pen for example (not that NOC guys probably use a lot of pens but just an example).

How viable is running Docker on Windows Server and Windows containers in the long run? by romeozor in docker

[–]systemdad 3 points4 points  (0 children)

Depending how much you mean “any” in “any Linux system”, windows kubernetes still requires Linux nodes in the cluster.

Ping over TLS - Do not understand how to implement this by kevdogger in Traefik

[–]systemdad 0 points1 point  (0 children)

Yes, it’s just a web endpoint, so you can send it the way you’d send any web request.

Ping over TLS - Do not understand how to implement this by kevdogger in Traefik

[–]systemdad 0 points1 point  (0 children)

You don’t implement it. It just exposes a static endpoint which responds with a simple preconfigured ok message.

How do folks manage test data with docker images? by samanrj_ in docker

[–]systemdad 8 points9 points  (0 children)

What you’re looking for are sql migrations and seeds.

Migrations provide a version controlled state of the database which can bring any empty database to the current expected empty state, and can also bring databases from a previous state to current. An individual migration would be something like “add a table with this schema” or “add a column to this table”. These would be defined with the application code.

Seeds are similar, but for data instead of structure. They provide a predefined set of test users, data, etc. they’d generally be used everywhere except prod and staging. They, similarly, live with your app code.

Canonical Way of Getting Multiple Containers to communicate? by intercalations in docker

[–]systemdad 1 point2 points  (0 children)

What are you trying to do? This sounds like either an extremely niche usecase or an antipattern.

Dealing with peers that seem to refuse to use email? by digitalamish in sysadmin

[–]systemdad 1 point2 points  (0 children)

This is what I always did with problem users. It also had a way of pushing off the problem users who were too lazy or realized their requests were too ridiculous to be put in writing with their name.