This would depend on whether the limit is defined as ingress or egress or both. For example AWS has free ingress traffic from the internet but there is a cost for egress traffic to the internet.

A better solution would be to find a unmetered service, which means that you have a fixed transfer speed (e.g. 500 Mbit) but have unlimited bandwidth. OVH offers this in their VPS products.

Not OP but this is how I learned it and how it’s presented in the help file.

$ help while while: while COMMANDS; do COMMANDS-2; done

$ help if if: if COMMANDS; then COMMANDS; [ elif COMMANDS; then COMMANDS; ]… [ else COMMANDS; ] fi

I bought it personally but I would hardly call it expensive. The three year license is like ~67 USD a year for both CRT and FX.

I love it mainly because it’s multi-platform but I wish it had more features. They boast their great integration with VShell but it would be much better if they just had better support for OpenSSH, like being able to push ssh keys to a host.

Best news I’ve heard all day.

The fiber we use at our datacenter is quite flexible but still gets damaged if you bend it too far. To roll it like they describe you would still want to have a fairly large drum (probably like 3-4 inches in diameter) which would make it pretty bulky for a small drone.

NoSQL is best used as a key-value storage, where the value can be non-tabular or mixed data. As an example, imaging you have a session cookie value identifying a user. That user might have many different groups, roles, claims, etc. If you wanted to store that data in a RDBMS you would likely need a table for every 1-to-many data point (Session -> SessionRole, Session -> SessionGroup, etc). In NoSQL this would be represented as a single key with a json object that could looks quite different from other Session json objects. If you then need to delete that session it’s a single key delete, where in the RDBMS you would have to make sure that delete chained to the downstream tables.

This type of key-value lookups are often very fast and used as a caching layer for complex data calculations as well.

The big downside to this is indexing and querying the data not by the primary key. It would be hard to find all users in a specific group as you would need to scan each key-value. It looks like NoSQL has some indexing capabilities now but when I first used it it did not.

Sadly, most of the ones I’ve found are too complicated, and getting all devices to accept the CA is more hassle than it’s worth for self hosting. I’ve given up and just buy my wildcard cert for 60$/yr and just put it on everything.

Here’s a snapshot of the memory of a running live cd of Ubuntu. I ran a script to load 0123456789abcdef over and over and it’s clearly readable. Nothing special is required for this, as the Hypervisor has access to anything that the VM does. If the VM loads the encryption key for your disk into memory it will be available to the provider.

Dunno what rock you were hiding under but this is absolutely possible in a hosted environment. There’s even ESXi documentation on how to do it. Taking a snapshot can be detected, but can’t be prevented. These memory dumps can include encryption keys, private keys (such as SSL certificates) and other sensitive data.

Unless you can physically touch the drive with your data on it, I would not store any sensitive data on it, encrypted or not.

The DNS-01 challenge can be used to generate a wildcard by creating the requested dns record in your public dns zone, then you can use that cert for internal servers/dns. With certain dns providers it can even be automated.

https://eff-certbot.readthedocs.io/en/stable/using.html#third-party-plugins

While this is a great writeup on Lemmy instances, the thread was specifically about Mastodon and it’s numerous forks. I believe they use the same tech but are vastly different things. The instance I found wasn’t quite Mastodon apparently, even though it works very similar and the app designed to connect to a Mastodon instance wouldn’t connect to it.

I’ve been looking for a new instance to join due to various reasons. Ended up setting up and account somewhere and spending 2 hours manually copying over various settings only to find my Moshidon client won’t even connect with that new instance. Normal people are just going to quit when that happens.

Pretty sure there’s not a per-domain setting for that. If you have HTTPS-Only Mode turned on in the settings it will always try to use HTTPS first and present a warning before switching to HTTP.

If you want to continue using HTTPS you can setup your own CA certificate to sign certificates for your .LAN domain names. All you need to do then is add the CA certificate to your trusted certificates in Firefox and the signed certificate to the device hosting the HTTPS service.

EDIT: TIL there an exclusion feature. Neat. I didn’t see this on Firefox for Android though. https://support.mozilla.org/en-US/kb/https-only-prefs

You mentioned ping. If you’re using Termux you may need to manually update its DNS settings (different from the system DNS). The file is /data/data/com.termux/files/usr/etc/resolv.conf

To make it roam you probably want your home dns first then some internet resolvers after that.

In the US they are usually governed as real estate legally. You can resell it, but most people aren’t interested in paying the maintenance fees. You’ll find all sorts of timeshares out there being resold for 1$ because they just don’t want to pay the maintenance fee anymore.

The -k argument on my openssl accepts a passphrase, not a file. You likely encrypted with the filename as the secret, not it’s contents. Perhaps you should use -kfile instead.

$ openssl aes-256-cbc -help
Usage: aes-256-cbc [options]

General options:
 -help               Display this summary
 -list               List ciphers
 -ciphers            Alias for -list
 -e                  Encrypt
 -d                  Decrypt
 -p                  Print the iv/key
 -P                  Print the iv/key and exit
 -engine val         Use engine, possibly a hardware device

Input options:
 -in infile          Input file
** -k val              Passphrase**
 -kfile infile       Read passphrase from file

In days past some drive vendors had different sector layouts for drives and would cause issues with raid. Pretty sure most nowadays are all the same layout and you won’t run into any issues. I still look to get the same drive model anyways just to be perfectly sure that there are no issues.

Even then you may run into weird issues like one of my 1.2 TB enterprise ssd drives was reporting 1.12 TiB rather than 1.09 TiB the other 7 drives had. TrueNas refused to build a vdev with that drive and I had to return it to get a new one.

Typically a Fiber ISP will run Fiber optics only to your DEMARC (or Demarcation) point. This will be usually where your main cable (before any splits) or DSL line used to come in (in the US they’ve been using Orange tubes to indicate this and it will usually run to a panel in some closet or laundry). At the DEMARC they’ll install one of two things: a basic fiber to ethernet converter which will provide you a single ethernet port and a pure tap to the internet, or a Gateway device that will convert the fiber to multiple eithernet with NAT (usually providing other capabilites like TV, Phone, etc).

If you have the latter, you may not get much say in what you can do with your connection, and would be limited to a DMZ mode that is configured on the Gateway. What you put behind the converter or gateway is up to you.

I’ve got my mom setup on their PC backup service, no complaints so far (on the Backblaze side that is, she still insists that she doesn’t need continuous backups even though I’ve had to restore multiple times for her).

I switched my backups from Crashplan to B2 as it was significantly cheaper than going to AWS. B2 is more expensive than what I was paying for Crashplan Pro Unlimited (about 8x for the amount of data I have), but I have more peace of mind with it not relying on Crashplan’s terrible Java client.

A reminder that the only good backup is a tested backup.

Yes, ULA are one of the exceptions I mentioned. It covers fc00::/7 which is fc00 to fdff, though I believe most use just the top half. I use one for an intermediate network between my edge router and my primary firewall to not consume one of my limited /64 networks.

I haven’t played with IPV6 NAT much. I know its use is a bit discouraged as NAT was always designed as a stopgap measure for IPV4 exhaustion. It might be a good option if you need additional space and your ISP doesn’t support additional prefixes. Just keep in mind that if you use these in DNS, they won’t be accessible externally.