irotsoma

Are there any guides to using it with reverse proxies like traefik? I’ve been wanting to try it out but haven’t had time to do the research yet.

Not offering a solution here exactly, but as a software engineer and architect, this is not a Linux only problem. This problem exists across all software. There are very few applications that are fully self contained these days because it’s too complex to build everything from scratch every time. And a lot of software depends on the way that some poorly documented feature worked at the time that was actually a bug and was eventually fixed and then breaks the applications that depended on it, etc. Also, any time improvements are made in a library application it has potential to break your application, and most developers don’t get time to test the every newer version.

The real solution would be better CI/CD build systems that automatically test the applications with newer versions of libraries and report dependencies better. But so many applications are short on automated unit and integration tests because it’s tedious and so many companies and younger developers consider it a waste of time/money. So it would only work in well maintained and managed open source types of applications really. But who has time for all that?

Anyway, it’s something I’ve been thinking about a lot at my current job as an architect for a major corporation. I’ve had to do a lot of side work to get things even part of the way there. And I don’t have to deal with multiple OSes and architectures. But I think it’s an underserved area of software development and distribution that is just not “fun” enough to get much attention. I’d love to see it at all levels of software.

Problem is that unless the person was paid for contributing, what goods or services are being exchanged with the project. I mean if Microsoft received money from that person for a subscription or something I might see them having to ban the user and refund the money. But what did the project receive that would violate sanctions? Volunteer work is usually not covered or else relief organizations and religious missionaries would be banned and the US historically loves sending those. What am I missing?

Try a few live disks out. See what works best with your hardware and workflows. I like Fedora with KDE Plasma, personally. But I prefer RHEL based to Debian based stuff and I don’t like the direction Ubuntu is beimg taken for monetization.

Yes it’s defects in the ingress-nginx controller package.

Depends on what you’re backing up. Is it configs for applications, images, video, etc? If it’s application configs, you can set up those applications in a virtual machine and have a process run that starts the machine, restores the configs, and makes sure the applications start or whatever other tests you want. There are applications for doing that.

If it’s images or videos, you can create a script to randomly pick a few, restore them, and check the integrity of the files. Usually just a check of the file header (first few bytes of the file) will tell you if it’s an image or video type of file and maybe a check on the file size to make sure it’s not an unreasonably small size, like a video that’s only 100 bytes or something.

All this seems like overkill though in most scenarios.

If you want to keep your LDAP as the source of truth, then Keycloak is also a very good option. I did that originally, but decided I only had a couple of things needing LDAP and that wasn’t worth keeping it around. Authentik was a good way to emulate an LDAP but with a different back end. But Keycloak is definitely my recommendation in your case.

Keycloak. Took me a bit to learn the basics, but it has been way easier to troubleshoot than Authentik and has more features. If you need something that mimics LDAP rather than syncing with an existing LDAP, then Authentik is pretty good. I don’t use LDAP, though.

Most could, but most are also designed not to because adding a virtualization type of layer allows for ways to circumvent it. Anticheat needs to trust the environment it is running in so it can rely on the information. Wine is designed to replicate things it trusts in Windows, but not actually necessarily replicate the way the kernel actually does those things, so the things they are relying on might not mean the same thing as the do in Windows. So they’d need to analyze and possibly implement things a bit differently. This takes time and money and for companies like this, the customer isn’t the user, so they have little reason to cater to users needs. Pro gaming and a few online game companies are their primary customers and they generally don’t want to support Linux anyway.

Nope it doesn’t add anything for me. The _netdev option tells mount to wait until the network is connected before attempting to mount. And the nofail option tells it not to error or block the process that called it if the mount doesn’t work or is delayed.

Now if the mount contains your etc or other critical config files, it could cause problems and maybe you want to wait, so don’t want the nofail. And of course this kind of thing is somewhat OS specific depending on what boot system and service manager, etc., is used, so YMMV, but on Fedora, Rocky, and Ubuntu, it has worked for me for many years.

Try adding the nofail and _netdev options in your fstab entry. I have this on a few computers that connect to nfs shares including my laptop that obviously can only connect when I’m at home or on VPN. Example:

server:/path /mnt/path nfs4 defaults,nofail,_netdev 0 0

I haven’t used OpenSUSE before, but I don’t really experience those issues, though I don’t use caps lock that way. I use Fedora with Plasma for desktop these days since Ubuntu is heading too corporate for my taste and plain Debian is missing too much hardware support. I’m sure Fedora will eventually, too, but I also use Rocky on all of my server installs so I prefer RHEL-based over Debian-based, for consistency anyway. Install and setup has always been smooth for me. The Discover app is there for installing stuff. It lags a lot, but otherwise makes installing things pretty easy. I’m sure there must be an equivalent for OpenSUSE. That said, Linux does rely on the command line a lot more than windows. In Windows the command line is bolted on, but in Linux it’s more that the GUI is bolted on, though that has smoothed quite a bit and even on Windows the v7 powershell has smoothed out command line a little bit even if powershell commands aren’t that intuitive IMHO. At least this version understands some dos formatted commands. I use Windows 11 for work.

I use Arthurian legend related stuff. Servers and desktops are locations. My portable devices are the names of swords. IoT devices are more explicitly descriptive since I won’t need to type in, but it’s more important to recognize them when I see them, like lightswitch-livingroom.

I really would love something like Amie Street before Amazon bought it to kill it. I got so much great music on there for pennies which then led me to buy more and more from those artists. My problem is I need to hear a song a few times before it digs into my soul. And preferably not when I’m paying too close attention to the technical aspects so it can hit me more emotionally. So just having a 10-30 second preview or just hearing it one time is never going to be enough to hook me on an artist. Also, cheaper b-sides since it was demand based meant I was much more likely to hear more of their music and get more invested in the artist.

The common, vernacular English word ape, not the version of the term that refers to all Hominoids which is not a common usage outside of scientific communities.

The common, vernacular English word ape, not the version of the term that refers to all Hominoids which is not a common usage outside of scientific communities.

deleted by creator

DNS over TLS handles that. No need for DoH really. Unless DNS ports are blocked or captured by NAT or something and you need to use port 443 with DoH. At least not with a DNS server.

DoH is useful for individual applications to do their own DNS lookups bypassing the OS or network level DNS. Otherwise DoH and DoT provide the same basic protection. DoT is just at a lower network layer and thus more easily applies more broadly across the network or OS rather than being application or resolver specific. There’s never been a real need for a DNS server to use DoH instead of DoT unless DoT is blocked upstream.

Use VPN or DDNS connected to your domain registrar. Of course DDNS might not update immediately, especially if your domain host is not the same as your DNS provider, so you might have outages for short periods when your IP changes. So, depends on if you’re OK with that or what kind of connection you have and whether it changes your IP a lot.

Also, might be able to get an IPv6 address for free depending on your ISP or at least you can set up your router to request that your address block is retained for you. I know Comcast does this. Unfortunately, my ISP does not.

Unbound supports DoH if compiled with the support and given TLS certificates. I don’t use it internally on my home network because I have a pihole that I want to capture the traffic. I do use DNS over TLS for upstream communication, though.