Linkding works well. https://github.com/sissbruecker/linkding. No inline annotations I believe, but good third party apps across the Android and iOS. The keyword index is neat.
Not sure I will mix macOS (arm) laptop and building Nix for x86 ever again. It is quite time consuming having to jump between containers and hosts to get to a target. Considering just getting an AMD computer like the Framework instead.
Having grown up with Sublime I'm a fan of the Zed (editor) performance. However, the remote coding capability of VS Code is pretty neat when traveling with an iPad only.
lol Outline must have the weirdest Enterprise level license I’ve seen yet. So for $1 extra I get access to the audit log in my own hosted environment.
https://www.getoutline.com/pricing
Tried Signoz. Holy.. how are they thinking it should be possible to manage that bundle of applications. I’ll take the Grafana+Loki+Thanos++ stack which are split in reasonable pieces over those thousands of lines of values.yaml any day.
I must have saved a few bucks already by deploying things to my Kubernetes cluster over buying a subscription license for various SaaS services. We like much.
Especially exciting to have deployed OpenCost, not to monitor how much cost I add, but how much I save from running at a hyperscaler!
I haven’t worked much on implementing authentication until recently where I’m working to implemented client-side JWT with Authelia to authenticate against GraphQL. I was assuming SSO had a high infrastructure load somehow, but it really doesn’t. All I can say is that the SSO Tax website really is a spot-on initiative https://sso.tax/
Security shouldn’t be the differentiator of a product. Well now, in the long-run it is an incentive for looking for alternatives.
A giving thread about Apple refusing to add a 500ms delay to interactions with call lists, after you hang up a cal, to avoid calling the person next to the hang up-button.
#ux #ios
https://discussions.apple.com/thread/252093974
Just shut down my last OpenBSD virtual machine online at Vultr. This means that about any conventional server I’ve been running has now been migrated. Exception is a router where I’m pretty happy with what OpenBSD has built-in over proprietary options from such as Unifi.
Cost management is an interesting perspective with self-hosted Kubernetes. Not necessary much cheaper compared to a minimum of what I need, but it brings a central vantage point for control.
Copilot in VS Code has a magnificent feature where it generates a draft for a commit messages. Most used LLM feature so far. However I’ve heard that there are options to generate it with feat/fix/chore defs as well?
Been through a few front-end projects lately, mainly built by designers on React. Some of them have been abandoned like it was a surge of an idea - common is that they provide excellent UX and design.
Coming from an engineering background it is a strange situation to see how many dependencies are used and not being updated even though there are alternatives. Such as ending with requiring Node 16 from 2021 for all dependencies due to “one” package. Node 16 was end of life at September 11, 2023, people.
Interesting enough I’m able to update several to be in better state in just a few hours, so it is obviously something I don’t understand in my naivety here - or people just don’t care about security and stability.
After deploying more self-hosted services recently I notice that is where I get most bang for the buck. With Kubernetes that is. It is interesting that we currently evolve around an infinite flow of new apps, startups being bought and you have to move, and that’s the standard modus operandi these days.
The stability and outlook is just not there anymore. That’s before we even start talking about subscriptions. It is always people around driven by short-term commitments that ruin the day for everyone else.
Yesterday I listened to a influencer which seriously told people he targeted
posting about 200 times a day. My sanity is in other words intact with a few.
I like open source, but I still do enjoy GitHub. The workflow combination of
traditional git with a web interface is straight up very good when working in a
creative mode. The "e" shortcut in the web interface and the fact that they
support "cmd+s" as well, and that the UI is fast makes a good value proposition.
That said, I also recently converted from Sublime to VS Code, which also has
great git workflows and was pleasantly surprised at it being something provided
by Microsoft without destruction.
A good combo.
Pretty sweet to see HTTP Header Authentication working smoothly in Netflix
Dispatch (incident management tool). For practical purposes this means that one
can use the auth headers from e.g. Tailscale and avoid costly extra
authentication mechanisms. It works better than the PKCE plugin as well.
There's a thing I've learned rewinding into Kubernetes over the past months and
its complexity and simplicity: sometimes one need to take one step at a time.
Pretty incredible that there isn't a longer than 0,5m C14 to C7 cable to find in
webshops here in Norway. I'm guessing that most people don't connect mac minis
to a UPS. How come?
This went under the radar. The Matrix Synapse homeserver has been moved from the
foundation to the commercial arm Element.
> Synapse is an open-source Matrix homeserver developed from 2019 through 2023
> as part of the Matrix.org Foundation. The Matrix.org Foundation is not able to
> resource maintenance of Synapse and it continues to be developed by Element;
> additionally you have the choice of other Matrix homeservers.
> – https://github.com/matrix-org/synapse
It makes sense to some degree, to not have software and protocol dev entangled,
but this gives me bad vibes from how other companies have operated in the past
ending up using the community for dev and the locking things down.
Micro-datacenter, a new buzzword for having a small rack. I would guess the difference is the price between having it at home and on-premise. Yup. That’s what I do. Time to get paid.
Iran Threatens Israel's Critical Infrastructure With 'Polonium' Proxy
https://www.darkreading.com/ics-ot-security/iran-threatens-israel-critical-infrastructure-polonium-proxy
Israel's critical infrastructure is under threat from an Iranian proxy hacking group operating in Lebanon.
Iran's partnership with armed militant groups throughout the Middle East is well documented. Less widely known is its collaboration with extranational hackers, like "Polonium" (aka "Plaid Rain"), which since 2021 has seemingly operated with the sole purpose of attacking Israel.
This was a new one with Unifi gear for me. The first time except for APs and
OpenWRT on them actually.
So I set out to create a custom controller. A little different semantics in
their menus, and I migrated from the simple and lovely Netgear switches I've had
for years. Turns out I borked the network in the transition, of course, and my
Unifi controller was in the Kubernetes cluster running on it.
The default, fallback IP addresses of Unifi units are 192.168.1.20 and if you
connect them all without changing the static IP, or you have a DHCP server on
that management network, it will argue with each other, and you will get weird
errors such as "Adoption failed" and being required to run ever-failing advanced
adoptions, where you could swear that you remembered or have a copy of that SSH
password.
I learnt some other good ones about Unifi gear on the way. One of the things to
take note of is that Unifi is opinionated towards using the controller, and when
that doesn't work, don't expect to get too much "hacking" help from friends in
forums. There are however, some tidbits here and there that help you along. More
in the thread.
Telnet. This is a Cisco IOS-like interface: First ssh to 192.168.1.20 and then telnet to localhost. Here you can control and see the config of the interfaces. Long story short, I gave up a little on this and setup a standalone controller on my laptop, and connected it with ethernet instead to do the adoptions.
This is a good resource for getting e.g. an SSH password from your encrypted controller backup file: https://github.com/zhangyoufu/unifi-backup-decrypt/blob/master/decrypt.sh
In short these are the commands you need to decrypt it (static and old key, so why bother encrypting it at all, Unifi? However, love that it is actually possible to open it):
openssl enc -d -in "network_backup_[...].unf" -out tmp -aes-128-cbc -K 626379616e676b6d6c756f686d617273 -iv 75626e74656e74657270726973656170 -nopad
yes | zip -FF "$TMP_FILE" --out "$OUTPUT_ZIP" > /dev/null 2>&1
This may be just me, but the worst thing about deploying to Kubernetes is
programs that doesn't provide interfaces to provide config as environment
variables. Currently looking at you matrix-media-repo. #kubernetes
I have started realizing why every kubernetes admin has their own “Personal Charts”. I’ve had a look on a fair bit of Helm Charts over the past weeks, and there’s a lot of bad structure and missing pieces going on. Lots of mistakes and bad configs working only on local or single-machine deployments. Not so re-producible after all, is it?
This may be just me, but the worst thing about deploying to Kubernetes is
programs that doesn't provide interfaces to provide config as environment
variables. Currently looking at you matrix-media-repo.
This may be just me, but the worst thing about deploying to Kubernetes is
programs that doesn't provide interfaces to provide config as environment
variables. Currently looking at you matrix-media-repo. #kubernetes
Oddbean new post about login | logout
Notes by Tommy Skaug | export