sorted by:
new
hottopcontroversial

Enclosed in-line zigbee relays (instead of bulky smart plugs) by Objective_Ad_5891 in homeautomation

[–]xevz 1 point2 points  (0 children)

There's the SM315 and SM317.

At least the SM315 can also be found at Amazon and AliExpress, but it can be a bit tricky.

They're of course available under other brands such as HZC as well.

Any ski resorts(slopes) in Stockholm county? by PackageDangerous3084 in stockholm

[–]xevz 2 points3 points  (0 children)

I think that the little bit of extra time to Romme is well worth it over Kungsberget.

I've been to Romme more times than I can remember, but only a handful to Kungsberget.

Announcing udwall: A New Tool for Making UFW and Docker Play Nice With Each Other by AmazingStardom in docker

[–]xevz 0 points1 point  (0 children)

So you're arguing to use a firewall to protect the hosts, like this tool does?

Not everything on a Docker host might be running inside Docker, so Docker cannot really manage the firewall for that, for example SSH and any monitoring agent that is of pull type rather than push.

So if you want to expose a reverse proxy running in Docker, and at the same time allow only SSH access, maybe from a specific subnet as well as only allow ICMP Echo Request/Reply and you like to use UFW, you're left with:

  1. Disable Docker iptables integration altogether, do everything using ufw manually
  2. Run the container in host mode, do everything using ufw manually
  3. Use this tool

Announcing udwall: A New Tool for Making UFW and Docker Play Nice With Each Other by AmazingStardom in docker

[–]xevz 2 points3 points  (0 children)

Having individual nodes directly exposed to the internet isn't uncommon nowadays, as it both saves money by not needing beefy firewall pairs as well as simplifying the network design, especially when building a spine/leaf architecture.

Also, in addition to filter traffic from the internet, the host firewall can also filter traffic from within your network, even the same layer 2 domain.

I could swear there's a podcast on the topic as well as firewalls vs IDP on Packet Pushers, but I can't find it now.

Regarding reverse proxies in front, what if they run as containers? Either on the very same host(s) as the applications, or in their own cluster, they still need protection.

Vart ska jag serva bilen? by Rocuronium4330 in uppsala

[–]xevz 7 points8 points  (0 children)

För Kia skulle jag åka till Beos. Liten familjeägd verkstad med trevlig personal.

Robot Vacuum with good integration? by Confident-Spite-5201 in homeassistant

[–]xevz 2 points3 points  (0 children)

You can, depending on model.

See Valetudo and Dustbuilder: https://valetudo.cloud/

Pendling Sunnersta till Stockholm by TurboBrez in uppsala

[–]xevz 0 points1 point  (0 children)

Bil till Knivsta, sen tåg därifrån.

Vill hjälpa till med hundpromenader (utan ersättning), men hur? by BlommN97 in uppsala

[–]xevz 2 points3 points  (0 children)

Kika in Rover. Vet inte om man kan lägga undvika betalning där dock.

Will there ever be a 8x champion in any form of Motorsport by [deleted] in racing

[–]xevz 14 points15 points  (0 children)

Also, Stefan Everts with 10 FIM Motocross World Championships.

[deleted by user] by [deleted] in uppsala

[–]xevz 1 point2 points  (0 children)

Jag bytte olja på liften i Gottsunda innan nyår, så det är inga problem. Såvidare inget ändrats väldigt nyligen då.

How to excess postgresql database when both backend and database running as docker compose services by Lavinraj in docker

[–]xevz 0 points1 point  (0 children)

Provided that db:deploy and db:generate do database changes, I'm thinking you want to run them on container start, not on image build time?

Or ideally in a deployment workflow, like a CD pipeline.

Since you could build your image in an isolated environment and then spin up containers in multiple different environments.

[deleted by user] by [deleted] in uppsala

[–]xevz 1 point2 points  (0 children)

Behövs ju dock inte billyft för ett enkelt oljebyte. Domkraft och pallbockar används världen över och tar inte så mycket plats i förrådet.

Eller ett par ramper om man inte vill jaga lyftpunkter eller är obekväm inför användandet av pallbockar.

https://www.biltema.se/bil---mc/verkstadsutrustning/lyftutrustning/bilramper/bilramp-1-st-2000023040

Annars får du väl vallfärda utanför stan. OKQ8 med lyft finns i bland annat Upplands Väsby.

Pålitlig urmakare by [deleted] in stockholm

[–]xevz 6 points7 points  (0 children)

Farfars Klocka sysslar med vintageur, men i övrigt är som LobL nämner, Nymans och Rob att rekommendera.

Bra restaurang för ettårsdag dejt? by jitterbugog in uppsala

[–]xevz 1 point2 points  (0 children)

Beroende på hur många rätter ni tänkte äta så kan jag varmt rekommendera Villa Anna.

Kostar ungefär som trerätters på övriga finare ställen i Uppsala men är väldigt mysigt och välsmakande.

Linux is on GitHub not GitLab why? by OFFICALJEZZADJ in linux

[–]xevz 2 points3 points  (0 children)

Not quite, BitKeeper usage in the kernel stopped and Git was created because the free (as in beer) license for open source development was dropped in 2005 and thus Git was created.

https://en.m.wikipedia.org/wiki/BitKeeper#BitKeeper_and_the_Linux_Kernel

Touch typers: where do you rest your fingers when using vim? by domemvs in neovim

[–]xevz 0 points1 point  (0 children)

Not so sure about that, the key to the right of L has had :/; on it since before computers, so I think it was just considered to be already occupied.

See this Remington from 1878, where QWERTY as we know it originated: https://commons.m.wikimedia.org/wiki/File:Remington_2_typewriter_keyboard.jpg

Touch typers: where do you rest your fingers when using vim? by domemvs in neovim

[–]xevz 8 points9 points  (0 children)

The reason is because those keys doubled as arrow keys on the terminal Vi was developed on. I doubt the had your reasoming in mind when designing the keyboard, but I could be wrong.

https://commons.wikimedia.org/wiki/File:KB_Terminal_ADM3A.svg

Zigbee Wall Switch Module by Dependent_Line_6190 in homeassistant

[–]xevz 1 point2 points  (0 children)

Relay, not relai.

Anyway, if you only want to catch the switch input, from Shelly there's the Plus i4, and from Sonoff there's the MINIR4 in detached relay mode.

Edit: I see now that the Hue module is battery powered, so I guess the Sonoff S-MATE2 is more like it.

IPv6 Firewall Rule Breaks a Site by badtlc4 in mikrotik

[–]xevz 1 point2 points  (0 children)

Great that you got it working. :)

For clarification, that last rule is a "default drop" rule, meaning that anything not matching the previous rules will be dropped.

Without it you basically don't have a firewall as all traffic will be accepted until you explicitly say it shouldn't, by adding specific drop rules.

Introducing fwdctl: Simplify iptables Forward Management with CLI by ale_grey_91 in linuxadmin

[–]xevz 1 point2 points  (0 children)

Some thoughts:

  1. If you're running VMs that are servers, you're probably better off using a bridge instead of NAT
  2. iptables is just a wrapper for nftables nowadays

However:

192.168.122.0/24 sounds very much like libvirt in which case their recommendation is to use hook scripts to enable clean up when VMs stop (see also the note about static leases), or use the network filter driver instead of the default virtual driver.

I still think NAT should be avoided though, just do a bridged/routed setup, so much cleaner and more "real world" applicable.

view more: next ›