A much better idea than when I tried to organize my restaurant with hashtables.

It was too much for the waitstaff, who had to reindex the floor plan every time they added or removed a plate.

On the plus side, delivering the right food was always O(1).

Definitely: https://web.archive.org/web/20221204145004/https://www.desertcart.com.om/products/30202270-toy-camera-mickey-mouse

Yes, OP I highly recommend a GL.iNet device. It’s pocket sized and always does the job.

It’s also great for shitty wifi that tries to limit how many devices you can connect. The router will appear as one MAC and then all your other devices can route traffic through it.

Why’d ye spill yer memes, Winslow? Why’d ye spill yer memes?

As someone who has owned enterprise servers for self-hosting, I agree with the previous comment that you should avoid owning one if you can. They might be cheap, but your longterm ownership costs are going to be higher. That’s because as the server breaks down, you’ll be competing with other people for a dwindling supply of compatible parts. Unlike consumer PCs, server hardware is incredibly vendor locked. Hell, my last Proliant would keep the fans ramped at 100% because I installed a HDD that the BIOS didn’t like. This was after I spent weeks tracking down a disk that would at least be recognized, and the only drives I could find were already heavily used.

My latest server is built with consumer parts fit into a 2U rack case, and I sleep so much easier knowing I can replace any of the parts myself with brand new alternatives.

Plus as others have said, a 1U can be really loud. I don’t care about the sound of my gaming computer, but that poweredge was so obnoxious that despite being in the basement, I had to smother it with blankets just so the fans didn’t annoy me when I was watching TV upstairs. I still have a 1U Dell Poweredge, but I specifically sought out the generation that still let you hack the fan speeds in IPMI. From all my research, no such hack exists for the Proliant line.

Assuming that the disk is of identical (or greater) capacity to the one being replaced, you can run btrfs replace.

https://wiki.tnonline.net/w/Btrfs/Replacing_a_disk#Replacing_with_equal_sized_or_a_larger_disk

I’d recommend BTRFS in RAID1 over hardware or mdadm raid. You get FS snapshotting as a feature, which would be nice before running a system update.

For disk drives, I’d recommend new if you can afford them. You should look into shucking: It’s where you buy an external drive and then remove (shuck) the HDD from inside. You can get enterprise grade disks for cheaper than buying that same disk on its own. The website https://shucks.top tracks the price of various disk drives, letting you know when there are good deals.

Haven’t used it yet, but I’ve been researching authentik for my own SSO.

BTRFS should be stable in the case of power loss. That is to say, it ought to recover to a valid state. I believe the only unstable modes are RAID 5/6.

I’d recommend BTRFS in RAID1 mode over mdadm RAID1 + ext4. You get checksumming and scrubs to detect drive failures and data corruptions. You also have snapshotting, in case you’re prone to the occasional fat-fingered rm -rf.

For backup, maybe a blu-ray drive? I think you would want something that can withstand the salty environment, and maybe resist water. Thing is, even with BDXL discs, you only get a capacity of 100GiB each, so that’s a lot of disks.

What about an offsite backup? Your media library could live ashore (in a server at a friend’s house). You issue commands from your boat to download media, and then sync those files to your boat when it’s done. If you really need to recover from the backup, have your friend clone a disk and mail it to you.

Do you even need a backup? Would data redundancy be enough? Sure if your boat catches fire and sinks, your movies are gone, but that’s probably the least of your problems. If you just want to make sure that the salt and water doesn’t destroy your data, how about:

1. A multi-disk filesystem which can tolerate at least 1 failure
2. Regular utilities scanning for failure. BTRFS scrubs, for example.
3. Backup fresh disks kept in a salt and water resistant container (original sealed packaging), to swap any failing disk, and replicate data from any good drives remaining.
4. Documentation/practice to perform the aforementioned disk replacement, so you’re not googling manpages at sea.

This would probably be cheapest and have the least complexity.

I wouldn’t trust anything like that to the open internet. It would be better to access the system over a VPN when you’re outside the network.

The man is a monster. I don’t know how many of my build jobs have been murdered by this fiend.

Yeah, I believe there’s some kind of bridge mode you must enable on the host’s interface.

As others have said, a reverse proxy is what you need.

However I will also mention that another tool called macvlan exists, if you’re using containers like podman or docker. Setting up a macvlan network for your containers will trick your server into thinking that the ports exposed by your services belong to a different machine, thus letting them use the same ports at the same time. As far as your LAN is concerned, a container on a macvlan network has its own IP, independent of the host’s IP.

Macvlan is worth setting up if you plan to expose some of your services outside your local network, or if you want to run a service on a port that your host is already using (eg: you want a container to act as DNS on port 53, but systemd-resolved is already using it on the host).

You can set up port forwarding at your router to the containers that you want to publicly expose, and any other containers will be inaccessible. Meanwhile with just a reverse proxy, someone could try to send requests to any domain behind it, even if you don’t want to expose it.

My network is set up such that:

• Physical host has one IP address that’s only accessible over lan.
• Containerized web services that I don’t want to expose publicly are behind a reverse proxy container that has its own IP on the macvlan.
• Containerized web services that I do want to expose publicly have a separate reverse proxy container, which gets a different IP on the macvlan.
• Router has ports 80 and 443 forwarding only to the IP address for my public proxy

Ooh! Thanks for the tip! Been looking for some affordable drives for my next system.

I bought a LFF Dell Poweredge back in the fall, and have been waiting on a good deal for 3.5" disks. My current machine is a SFF HP Proliant, and I hate how much a 2.5" drive with good capacity costs.

Reminds me of an early Uni project where we had to operate on data in an array of 5 elements, but because “I didn’t teach it to everyone yet” we couldn’t use loops. It was going to be a tedious amount of copy-paste.

I think I got around it by making a function called “not_loop” that applied a functor argument to each element of the array in serial. Professor forgot to ban that.

Consider SW Michigan. 2h drive/train to Chicago, proximity to large bodies of water for summer enjoyment, and if you live in a reasonably-sized town they’re probably good at clearing roads when it snows.

Besides, our winters get milder each year. There’s a couple of big snow/ice events, but the trick is to not be on the road while the heavy stuff is coming down. Wait a few hours for it to ease up and for the snow plows to do their thing.

Reverts work because users have equal write access to all the data. You can mess things up in the codebase, and even if you die of a heart attack 10m later, my revert is just as valid as your commit.

It’s not really the same when every user has “sovereignty” over their address in the ledger. A bad actor has to consent to pushing a revert transaction onto the chain, or they have to consent to using a blockchain system where 3rd-party reversion is possible (which exists on some systems, but also defeats the concept of true sovereignty over your address).

Sounds rough. My fiancé does security, and from what I’ve gathered from him, the best time for security to get involved is at the design stage. They look over the proposal, give their input, and then nobody’s surprised at release time, and teams can follow agile practices. Obviously there’s still a review of the final product, but that can be done asynchronously after the fact to confirm that best-practices were followed.

Easy to say, hard to put into practice. Certainly depends on the kind of service your business provides.