Badabinski

Open source can be enshittified. FOSS with many contributors should be basically proof against being fucked with.

Yep, that’s my use-case. I am not interested in unlocking the door, only locking it.

CAD was a big problem for me as well. I’ve been happy enough with OnShape (coming from Autodesk Inventor), but the extreme SaaS nature of it makes me worry.

Anubis has worked if that’s happening. The point is to make it computationally expensive to access a webpage, because that’s a natural rate limiter. It kinda sounds like it needs to be made more computationally expensive, however.

Do you have any sources for the 10x memory thing? I’ve seen people who have made memory usage claims, but I haven’t seen benchmarks demonstrating this.

EDIT: glibc-based images wouldn’t be using service managers either. PID 1 is your application.

EDIT: In response to this:

There’s a reason a huge portion of docker images are alpine-based.

After months of research, my company pushed thousands and thousands of containers away from alpine for operational and performance reasons. You can get small images using glibc-based distros. Just look at chainguard if you want an example. We saved money (many many dollars a month) and had fewer tickets once we finished banning alpine containers. I haven’t seen a compelling reason to switch back, and I just don’t see much to recommend Alpine outside of embedded systems where disk space is actually a problem. I’m not going to tell you that you’re wrong for using it, but my experience has basically been a series of events telling me to avoid it. Also, I fucking hate the person that decided it wasn’t going to do search domains properly or DNS over TCP.

Debian is superior for server tasks. musl is designed to optimize for smaller binaries on disk. Memory is a secondary goal, and cpu time is a non-goal. musl isn’t meant to be fast, it’s meant to be small and easily embedded. Those are great things if you need to run in a network/disk constrained environment, but for a server? Why waste CPU cycles using a libc that is, by design, less time efficient?

EDIT: I had to fight this fight at my job. We had hundreds of thousands of Alpine containers running, and switching them to glibc-based containers resulted in quantifiable cloud spend savings. I’m not saying musl (or alpine) is bad, just that you have horses for courses.

Is it? I thought the thing that musl optimized for was disk usage, not memory usage or CPU time. It’s been my experience that alpine containers are worse than their glibc counterparts because glibc is damn good. It’s definitely faster in many cases. I think this is fixed now, but I remember when musl made the python interpreter run like 50-100x slower.

EDIT: musl is good at what it tries to be good at. It’s not trying to be the fastest, it’s trying to be small on disk or over the network.

I fucking hate this guy. I hate his stupid face and his stupid mouth that he uses to excrete such stupid bullshit. I hate that the people living in a state filled with such beautiful sights chose to elect someone who is so hateful and ugly inside. I fucking hope that we don’t reelect him in 2028 but I am not optimistic.

I was in a crowd of ten thousand people screaming “FUCK MIKE LEE” and god damn did it feel good and god damn do I want that to happen again where he can hear it.

I was in a crowd of people screaming “FUCK MIKE LEE” on Saturday and god do I want to scream it again now. Mike Lee is such a worthless cunt and I’m furious that he supposedly represents me.

Yeah, he’s made 10 comments about this now.

Should have just used AGPL from the start, instead of falling back to this fucked up modified BSD license. It wouldn’t stop people from stripping the branding, but they’d have to release source code which would tell all users what they’re actually using.

Hard power cycling your AC unit is bad for it and may eventually kill it. The fan needs to run for a bit after the compressor turns off. This affects large ACs more than small ones, but it may cause damage after a while. If your AC unit has an RF remote, I’d recommend using something like a Broadlink unit to control it.

I would not recommend ThirdReality zigbee smart plugs. Their firmware updates have been buggy far too often. Honestly, the only smart plugs I’ve been happy with are z-wave ones. Zooz ZEN04-LR and ZEN15-LR (for high current draw applications) plugs have been awesome for me. My hub is PoE, so I can easily stick it centrally in my home.

But k3s so niiiice.

This beautiful series of images and the corresponding text from old reddit. Folks, I present kinder surprise sorry. Old reddit was a fun place sometimes.

In the short term? Grey rock your “friend.” This person is an enabling shit who does not have your best interests at heart. You are being physically abused. What you describe isn’t corporal punishment (which I personally consider to still be physical abuse), it is abuse. Starving someone to punish them is abuse. Anyone who takes part in, or enables said abuse is not someone you want in your life.

Do you have anyone safe in your life that you could go to? Other friends that would not condone what you are experiencing? An estranged parent? Even a trustworthy teacher? I’d recommend trying to build up a support network of people who actually care for your well being before pushing this enabling piece of trash out of your life.

I think you’ll enjoy this if you haven’t already seen it.

https://youtu.be/OnQNdNSgiKc

Proxmox HA cluster with a SAN. VM migrations go wheeeeeeeeee.

I’d just run HA on the mini PC. There are a boatload of add-ons that you can install which will allow you to make better use of the hardware.

Wireguard was written with the explicit goal of having sane, secure defaults. I totally feel you w.r.t. openvpn or ipsec, since it’s easy to do something wrong. Wireguard is much easier because it simply refuses to give you the choice to do things incorrectly.

w.r.t. the certificate thing, you could set up a reverse proxy and do HSTS to ensure nobody can load up a rogue CA on your devices. HSTS has the issue that SSH has (trust on first use or whatever it’s called), but you just need to make sure nobody is MITM you for that first connecting and then you’ll be good to go. This would let you use a self-signed certificate if you do desired.