• 0 Posts
  • 20 Comments
Joined 1 year ago
cake
Cake day: June 17th, 2023

help-circle
  • I really don’t see much benefit to running two clusters.

    I’m also running single clusters with multiple ingress controllers both at home and at work.

    If you are concerned with blast radius, you should probably first look into setting up Network Policies to ensure that pods can’t talk to things they shouldn’t.

    There is of course still the risk of something escaping the container, but the risk is rather low in comparison. There are options out there for hardening the container runtime further.

    You might also look into adding things that can monitor the cluster for intrusions or prevent them. Stuff like running CrowdSec on your ingresses, and using Falco to watch for various malicious behaviour.


  • ZFS doesn’t really support mismatched disks. In OP’s case it would behave as if it was 4x 2TB disks, making 4 TB of raw storage unusable, with 1 disk of parity that would yield 6TB of usable storage. In the future the 2x 2TB disks could be swapped with 4 TB disks, and then ZFS would make use of all the storage, yielding 12 TB of usable storage.

    BTRFS handles mismatched disks just fine, however it’s RAID5 and RAID6 modes are still partially broken. RAID1 works fine, but results in half the storage being used for parity, so this would again yield a total of 6TB usable with the current disks.








  • My home-assistant installation alone is too much for my Raspberry Pi 3. It depends entirely on how much data it’s processing and needing to keep in memory.

    Octoprint needs to respond in a timely manner, so you will want to have the system mostly idle (at least below 60 percent CPU at all times), preferably octoprint should be the only thing running on the system unless it’s rather powerful.

    If I were you, I would install octoprint exclusively on your Raspberry Pi 3, and then buy a Raspberry Pi 4 for the other services.

    I’m running Pi-hole and a wireguard VPN on an old Raspberry Pi 2, which is perfectly fine if you are not expecting gigabit speeds on the VPN.


  • It would be wonderful with something more granular than “NSFW”…

    I would love if we got something even more granular like a "Content Warning: ".

    Examples:

    • Content Warning: nudity - might be a painting with nude people, might be a photo of nude people, in essence if it isn’t porn, but there’s exposed genitals, butts or breasts.
    • Content Warning: porn - you can probably guess…
    • Content Warning: gore - images with gore, people missing body parts, often dead as well.
    • Content Warning: death - images with people dying, but without gore.
    • Content Warning: blood - images with some blood, but no death or gore. (often seen in news articles)
    • Content Warning: violence - people fighting, but without turning bloody.

    These could of course be expanded with many more categories if need be.

    EDIT: added violence by request





  • The reason a VPN is better to expose than SSH, is the feedback.

    If someone tries connecting to your SSH with the wrong key or password, they get a nice and clear permission denied. They now know that you have SSH, and which version. Which might allow them to find a vulnerability.

    If someone connects to your wireguard with the wrong key, they get zero response. Exactly as if the port had not been open in the first place. They have no additional information, and they don’t even know that the port was even open.

    Try running your public IP through shodan.io, and see what ports and services are discovered.




  • I use Promtail+Loki+Grafana on my home server, which is decently performant, light on resources and storage, and searchable. It takes a little effort to learn the LogQL query language, but it’s very expressive.

    I’m running it on Kubernetes, but it should be pretty straightforward to configure for running on plain Docker.



  • I own both a Kindle Basic 10 and a Kobo Clara HD.

    Both devices can sideload books just fine out of the box, and you will be able to read them without having to do any hacks or jailbreaks. The easiest way to sideload and keep track of your books is using Calibre on a computer.

    But I will say that the sideloading experience of the two devices are night and day.

    Kindles are very clearly built to funnel you into the Amazon book store. Buying books from Amazon is smooth and easy.

    For sideloading on Kindles you must convert to mobi, azw, azw3 or kfx. All of these have different feature support. So if you want Book covers, the updated layout engine and typesetting, then you must use kfx. But Calibre can’t natively convert to kfx. So you will need to install amazons ebook previewer and a plugin in Calibre to make Calibre convert to kfx via the amazon ebook preview application. Each conversion takes roughly 2 minutes, and randomly fails for no apparent reason.

    If you decide to use Kindles’ email option for sideloading, then your books will be converted to mobi, so you lose out on a lot of features. And the kindle sees the books as documents, not books.

    If you sideload with Calibre and try to upload books with book covers, then it will work fine, and for a couple of seconds after uploading the book it will work fine. Then the Kindle will realize that should definitely look up the book cover om Amazon, and if it finds the book if will overwrite your book cover, if not it will replace it with a blank page. You can then reconnect your Kindle to Calibre and Calibre will fix your book covers properly. But if your Kindle is able to look up the book on Amazon it will continue to overwrite your book cover.

    Finally the organization of sideloaded books sucks on Kindle. If you sideload via email, then you can organized the books through Amazon’s website. If you sideload with Calibre you can’t, and your only option is to manually organized your books into folders on the device one by one. This is extremely slow and tedious.

    Sideloading books on a Kobo can’t be done via e-mail, but Kobo supports epub out of the box, which most ebook are. If you want the books to load and navigate faster, you can convert to kepub, this requires a plugin for Calibre, but no additional software. Each book conversion takes 2-3 seconds, and the book arrives on your Kobo with a functioning book cover, full functionality and zero fuss. Additionally Kobos automatically organize books into folders based on both author and series based on your metadata in Calibre, making it a breeze to organize your entire library on your computer and just transfer things, already organized, to your kobo. Kobos also has an additional section called “Collections” which you can map to any field in Calibre you like. I have mapped mine to a Genre field, but you could organize stuff by anything you want.

    So if you are planning to primarily sideload books, I would strongly encourage you to look at a Kobo instead of a Kindle.