My grandfather had a stroke at 81. He did not in fact become an asshole, he just got a little slower and spent less time working on his old truck. This is 100% on fetterman for having shitty opinions and being bitterly dug in. I don’t think it’s fair to all the wonderful people affected by strokes to give him that out.

I feel like “weird” misses the mark. It’s quite hurtful to people who are outside the norm and proud of it.

“Creepy” is a way better description of those guys.

So it’s a $66K VW but with Ford’s awful rotary shifter thingy?

I don’t need artificial intelligence in my terminal. Do you know how many times some troll has posted about “rm -fr /” on Reddit and other shitty forums, which then gets gobbled up and laundered by LLMs? Not letting that anywhere near my prod servers with valuable data.

Servers are 100% efficient at heating, but heat pumps are 300% efficient. Get the most energy efficient devices you can, and heat your house with a proper heat pump.

I did it back in 2020 when we all had nothing better to do. Got as far as installing X11 and Openbox, and halfway through setting up the toolchain for Firefox.

It was fun - the kind of fun digging a big hole is. It’s not for everybody, but I sort of enjoyed it.

Yep. I did both of my tests on manual vehicles, one a VW hatch and the other an old farm truck, simply because it’s what I had available. Under the UK/EU system I guess I would have an extra endorsement, but it makes absolutely no difference in Canada.

I did something very similar with Opensearch rather than grafana, but it’s definitely possible. My setup:

• fluent-bit installed on webserver to scrape and parse nginx logs, then forward them over TLS to the monitoring server
• on the monitoring server, a second fluent-bit service runs here to collect the forwarded logs and insert them into the correct index pattern. A filter also inserts geoip lookups into the records.
• opensearch & dashboards set up to exclude known “bot” user-agents from the analytics, and do some other basic data cleanup to make the dashboards pretty

It works well, but could be a bit simpler admittedly. You may choose to use Loki instead of Opensearch/Elasticsearch, and there are plenty of other log parsing tools out there.

Another, much simpler option is to just run Goaccess on your log files, either periodically to generate reports, or as a daemon to create a live dashboard.

It’s fine. RAID is not a backup. I’ve been running simple mirrors for many years and never lost data because I have multiple backups. Focus on offsite and resilient backups, not how many drives can fail in your primary storage device.

I believe it’s called a “stupidcharger” in this context

Not sure how to do that in docker, I’ve run mine as a plain old PHP-FPM site for years and years. It might be something that can be tweaked using config files or environment variables, or might require building a custom image.

ClamAV is slow and doesn’t catch the nastiest of malware. Its entire approach is stuck in 2008. It’s better than nothing for screening emails, but for a private file store it won’t help much considering that you’ll already have the files on your system somewhere. And most importantly, it slows down file uploads 10x and increases CPU load substantially. The only good reason to use ClamAV for nextcloud is if you will be sued if you don’t!

It needs some tweaks to be snappy. The defaults are really bad.

• change database from SQLite to a proper database like MySQL or Postgres, and configure the database server to use your memory fully
• increase the PHP memory limit from the default (128M on many distros) to >1G, the more the better
• install APCu in-memory cache for PHP
• add Redis as additional cache
• turn off the antivirus extension, if installed (ClamAV is useless)
• use http/2 on Apache/nginx to increase performance with multiple connections

https://docbot.onetwoseven.one/services/nextcloud/

This was my setup from about four years ago. Other than moving suricata elsewhere, it’s largely the same. Worth a shot if it’s something you’re into!

https://nbailey.ca/post/linux-firewall-ids/

OpenBSD is also great, I’m just more familiar with the Linux tools. All the required tools are in the base image, and they have a great official guide:

https://www.openbsd.org/faq/pf/example1.html

Yep. Firewall, routing, dhcp, dns, everything you’d expect from a gateway device. Plain Debian (or really any distro) can do it all. With a 1gbps bi-directional connection fully saturated it will run at about 10% cpu on my very crappy low power Celeron CPU.

Plus, there’s no web UI full of janky and insecure CGI scripts to exploit, and software updates are forever (well, until x64 is deprecated, so basically forever).

IPtables on Debian because I like my life to be boring and unchanging.

For about a year I was running a full out of band IPS on my network. My core switch was set up with port mirroring to spit out a copy of all traffic on one port so that my Suricata server could analyze it. Then, this was fed into ElasticSearch and a bunch of big data crap looked for anomalies.

It was cool. Basically useless because all it did was complain about the same IP crawler bots as my nginx logs. But fun to setup and ultimately good for my career lol.

Sadly the Canadian mint takes a loss on every coin and bill. Every $50 note they create actually costs about $65 (with the tip).

I just got my first Chucky Buck this weekend, we can’t switch to a new currency this quickly! Our economy is in shambles!

Great… another nine ton brickmobile to spontaneously catch fire in a tunnel

Not an arch user, but it’s possible they moved dbus to a user scoped unit now. Might be possible to start it like this (or something similar)

systemctl —user start dbus.service