Do you have to do this every time you update your phone?

Care to share how you disabled every bit of AI in the phone?

Yet companies are manipulating survey results to justify the FOMO jump to AI bandwagon. I don’t know where companies get the info that people want AI (looking at you Proton).

I maintain the DNS plugin for Vultr and I can say that it’s “safe”, but if you’re worried you should check their source code.

I believe it’s easier to have a vulnerability in the external provider’s API (for example, caddy-dns/vultr uses govultr) than Caddy. But I wouldn’t take things for granted if I was skeptical about these plugins.

I have a k3s cluster for fun and I can admit that k8s is way too complicated.

I don’t want to dig hours through documentation to find what I’m looking for. The docs sometimes feel like they were written for software devs and you should figure part of the solution yourself.

I have a ExternalName service that keeps fucking up my cluster everytime it restarts, bringing down my ingresses, because for some reason it doesn’t work and I have no idea where to look at to figure out why it doesn’t work - I just end up killing the service and reapplying the yaml file and it works.

I had to diagnose why my SSL certificates would get stuck in “issuing” in cert-manager, had to dig through 4 or 5 different resources until I got to an actual, descriptive error message telling me that I configured my ClusterIssuer wrongly.

I wanted a k3s cluster to learn but every time I have issues with it I realize it’s a terrible idea.

I wish I had podman + compose but it does seem like a docker-compose is more complicated. Also, I wish I could do ansible but I have no idea where to start (nor how it works).

EDIT: oh yeah I also lost IPv6 support because k3s by default doesn’t enable v6 and I was planning on using Hetzner CCM to have a 2 node cluster until I realized Hetzner Networks don’t support v6.

Can you use CrowdSec to track logs from a k8s pod? Say I have my website and some other services hosted on a k3s cluster, do I need to spin up a new pod for CrowdSec or should it be installed on the host?

I guess Wifi 6 doesn’t work in 5GHz band?

The VPN bandwidth doesn’t need to be that good, I was checking the GL iNet models and 200 Mbps on WireGuard is enough for me.

The default config for sudo is to ask for root password. I too was annoyed by this and had to change the setting to ask for the user password, not root, every time I used sudo.

Can someone ELI5 what’s going on? Seems like they are still fighting about Nix allowing a defense company to sponsor their conferences, and trying to ad hominem the project leaders.

I found Tailscale/Headacale way more difficult to setup than Wireguard.

I tried 5 different credit cards to setup my account and none of them worked for the free tier. Contacted customer support, they simply said “well we can’t do anything about it, it’s clearly a problem in your end and not ours even though you tried 5 different credit cards to pay for the service”.

Try Piper for your Logitech peripherals.

That doesn’t seem to be the case. From what I read on HN, the dev quit because he thought it didn’t make sense to submit CVEs for temporary/wip solutions, and F5 thought otherwise.

So as I see it, the developer quit because he didn’t agree that a CVE should be opened for a work-in-progress solution that was live on Nginx.

So… not using Signal because it’s based off a conspiracy theory that it’s secretly funded by CIA?

Well, let’s stop using RSA and encryption because the most used secure crypto algorithms today were created by none other than the NSA!

EDIT: None of the alternatives provided are good alternatives for Signal. Matrix is an extremely complicated protocol that lacks some features compared to normal IM apps (I use Matrix and the experience is quite close to a standard messaging app). XMPP is dead and has a very niche userbase. The others are not suitable for being a daily messaging app.

Signal is a good alternative and while I do agree with some points, they are not bad enough to prevent you from using it (e.g. not having usernames).

You can install the log transformer plugin for Caddy and have it produce a readable log format for fail2ban: https://github.com/caddyserver/transform-encoder

I had this setup on my VPS before I moved to a k3s setup. I will take a look at how to migrate my fail2ban setup to the new server.

I had a similar issue with my laptop, where Arch wouldn’t be recognized as a bootable system on my NVMe drive unless I disabled RST with Optane on the BIOS, setting it to AHCI mode.

I do remember seeing a similar issue a while ago as well, but I don’t remember if the user managed to fix it.

I could suggest removing the Windows drive, installing Arch and checking if everything works, then plugging the Windows drive back in. Windows loves to delete non-Windoes bootloaders from every drive it can.

The same issue happens to me when opening links from any app on Wayland. For example, every time I click a link on a Discord chat, I have to manually click on the Firefox window because the focus is not automatic.

I run Wayland and it’s definitely worse than X11, but it’s getting better day by day. I always struggle with Wayland and I literally did nothing different than installing KDE Wayland. For example, ever since I moved to Wayland, Firefox will randomly freeze and crash when I’m using my PC - this happens at least once per gaming session.

Also, Wayland is still not feature complete and assuming it’s the system fault for poor compatibility is wrong.

Just give arewewaylandyet.com a read.

If you own a domain name you can use the DNS-01 challenge instead of hosting a web server to serve the challenge response.

With DNS-01 it will add a TXT record to your DNS zones and check if the record exists to verify that you own the domain and then issue the certificate.

Depending on which tool you use, they usually support DuckDNS and some other free DDNS providers. If you have your domain on a registrar, chances are that it’s also supported.