Comments

• (Quote) http://www.orgzly.com/ It's what I'm using now. I'm not in love with it, but it works. I still can't get used to the org-mode way of writing links; I know it predates markdown.

  in Any suggestions for personal todo / task management tool? Comment by seanho August 2020
• SuperMicro 846 or similar 4U, SQ PSUs, swap the case fans for Arctics, use active tower coolers to compensate for the reduced airflow. It's a bit janky but works. I do something similar in a few cheap Rosewill 4U cases; the loudest noise is from the…

  in Server rack at home Comment by seanho August 2020
• For DB, my inclination would be to do the HA/failover in the DB, e.g. Postgres streaming WAL replication. Each DB server stores its data on local SSD. You can still use k8s for deployment / lifecycle management of the DB services.

  in Kubernetes cluster with multiple cloud servers? Comment by seanho August 2020
• All I saw is terrible cable management... ;) I have a 36U rack in my basement with a k8s cluster, five dual-E5v2 nodes plus a couple SFF desktops, 10/40Gb networking. My storage needs are not so big, more compute. My rack is nothing compared with…

  in Server rack at home Comment by seanho August 2020
• Unraid doesn't pass TRIM, last I heard. Most folks use it with an array of spinners, plus SSD cache. For 4x NVMe, perhaps zfs pool of mirrors (raid10), depending on your needs.

  in RAID for home PC Comment by seanho August 2020
• Yes, if you're torrenting a lot it can prematurely wear out both HDDs and consumer SSD. One idea is to get a cheap, used, enterprise 10k SAS HDD (plus HBA) just for torrent/seeding; those are pretty sturdy. Enterprise PCIe/U.2 NVMe can have very hig…

  in RAID for home PC Comment by seanho August 2020
• LunaNode has load balancers, you just pay $1/mo for the floating IP.

  in Free Cloud Load Balancer? Comment by seanho July 2020
• Minimize the attack surface as much as possible. If Exim is listening on port 25 and has a CVE, or you haven't updated it in a while and your old version has a CVE, your VPS will be pwned within days, or sometimes within minutes. tcp/4140 is assign…

  in Securing your VPS Comment by seanho July 2020
• Doing the rate limiting directly in zfs is probably the best. In addition, you might investigate piping it through pv with the -L option.

  in How to limit bandwidth of ZFS send/recv? Comment by seanho July 2020
• Oh man, I did a fair bit of Perl hacking, back in the day; this brings back memories. When Perl 5 came out, it was like the sky was falling -- what was a scripting language doing with OO? There was a time when I really bought into the "literat…

  in Perl 7 Announced Comment by seanho June 2020
• Metal detector around the trench?

  in Google authenticator app /lost phone Comment by seanho June 2020
• Not fond of Authy being closed source. I've used FreeOTP for a while but it's ancient. Many password managers nowadays have TOTP built-in; e.g., KeePassDX on Android. Even with good old Google Authenticator, root the phone and use Titanium Backup t…

  in Google authenticator app /lost phone Comment by seanho June 2020
• For internal KB I use hugo in a git repo with CI. I just need to fiddle with the theme a bit; blog layout isn't a good fit for KB.

  in Selfhosted wiki/ documentation Comment by seanho June 2020
• Agent. Key represents an identity, not a host https://developer.github.com/v3/guides/using-ssh-agent-forwarding/

  in VPS and privacy Comment by seanho June 2020
• Nowadays with Proxmox, virt-manager, vagrant, etc., it's super easy to spin up a few KVMs and/or LXC and see for yourself just how dependent the guest OS is on the host OS, and how easy it is for the host to access secrets in the guest.

  in VPS and privacy Comment by seanho June 2020
• Something to be aware of, which tripped me up a number of times: add_header declarations are generally inherited from enclosing blocks. E.g., if headers are specified in a server block, they'll propagate to nested location blocks. However, if a nest…

  in I need some help for NGINX security headers for a 5years old Comment by seanho May 2020
• Farewell to two idlers in FR and UK, it was good while it lasted. Consolidating to dedis and home lab.

  in Aruba discontinues 1Euro pricing from Aug 1 ,2020 Comment by seanho May 2020
• I looked into this with ffmpeg scripting a few years ago, but never finished it. Would you mind tossing your script up on github?

  in Self Hosted Video Sharing? Comment by seanho May 2020
• V2ray and caddy in-memory cache?

  in Unexplained memory leak? Free RAM goes down over time Comment by seanho May 2020
• Huawei corporate has also distanced themselves from it, saying it was the independent actions of a single dev (although pretty high up)

  in Huawei HKSP trying to push exploit code into Linux upstream Comment by seanho May 2020
• Agreed that VNC should not be exposed to the internet. SSH tunnel, VPN (OpenVPN, WireGuard, ipsec, etc), or SSL to a Guacamole server on the LAN. Port tcp/5900+(display number). If using TightVNC server, don't forget client must also be tight (rath…

  in Yet another tutorial on How to install XFCE and VNC on Debian-based server Comment by seanho May 2020
• (Quote) No worries, I understand why you'd want to keep it similar to the current storage VPS offerings. My use cases would be fine with just an S3 interface rather than a full VPS, and I was thinking it might spare you some headache in that you do…

  in Market Research - Storage VPS offer tuning. Comment by seanho May 2020
• How about an S3-compatible object storage service, with either metered or unmetered traffic?

  in Market Research - Storage VPS offer tuning. Comment by seanho May 2020
• Another possibility is to copy/rebase onto a btrfs filesystem and use bedup (extent-panel dedup). Then you get copy-on-write if you need to make modifications. ZFS is another option.

  in Removing duplicated files in server Comment by seanho May 2020
• (Quote) burp is ok, not a ton of development, but not orphaned (one-man show, coming out of his master's thesis). I moved to it (from BackupPC, if memory serves me) mostly because of the Windows VSS support, and haven't looked in detail at other opt…

  in Backups - what are your ingredients? Comment by seanho May 2020
• PoI's Thornhill

  in Backups - what are your ingredients? Comment by seanho May 2020
• Great topic! I've been using a little-known tool called burp for several years, but may move to borg in the future. Incremental with daily/weekly/etc history. Block dedup on the server, which helps with a few Windows clients for which I'm backing u…

  in Backups - what are your ingredients? Comment by seanho May 2020
• What location are you looking for?

  in Looking to replace my OVH server Comment by seanho April 2020
• FreeNAS can be installed to a USB drive; most of the OS is loaded into ramdisk, so it doesn't hammer the USB drive. If using hardware RAID, make sure you're able to procure an identical replacement card (and flash to same firmware) if/when your RAI…

  in Small Infrastructure Server Comment by seanho April 2020
More Comments