7·
1 month agoAlright, I’ll give you that… Welcome!
Antithetical
- 0 Posts
- 51 Comments
Joined 2 years ago
Cake day: April 10th, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Nobody has won, they’re just going to the store to get some lube…
Oh certificates are so much fun and you have so many options. From fairly easy to mindboggling complex.
Your current solution is OK if you keep in mind security implications of distributing certs using scripts.
It is not entirely clear where you do your tls-termination but it sounds like that is the Caddy reverse proxy so that is where your certs should be.
Placing them in a location like
/etc/ssl/example_com/asfullchain.pemandprivkey.pemis probably easiest. Make sure access rights are appropriate. Then point Caddy at them and it should work. I have no experience with Caddy itself though. If Caddy runs in Docker be sure to map the certificates into the container.Mind that in this scenario the certificates are only on the Caddy server, connections from the reverse proxy to the services is unencrypted over http. You can’t easily use the LE certificates on the services itself without some ugly split-horizon DNS shenanigans.
Alternatively you can set up a PKI with certificates for your services behind the reverse-proxy for internal encryption and do public tls termination in the proxy with Let’s Encrypt.
3·4 months agoFor my own domains I’m using Migadu since they support unlimited domains per account. Quite happy with them…
WSL(2) was not Microsoft “being good”. It was part of Embrace, Extend, Extinguish.
It was clear Linux won in the server world (not IIS). So why don’t you run this lovely Linux as an app in our nice safe OS where we can keep milking you.
Ha, soon most of them don’t even know what ‘class A(…’ means. They just vibe some stuff, and when it doesn’t work, they vibe some more!
6·6 months agoHmm, I really liked most of the GTA series.
- So much fun driving around and shooting stuff up. Great humor as well.
- Even better with nice graphics and lighting effects.
- Just wow, GTA but you are actually in a 3D city.
- Vice City had a great vibe and colorful world.
- S.A. huge world (felt like it at the time) and a great radio soundtrack. So much to see and do.
- Depressing, slow and mostly a chore… Didn’t like this one.
- Alive, funny and beatiful open world. Really great if you skip multiplayer and the later milking of the franchise.
- We’ll see…
The Lazlo character was also great on the radio show… He was kind of the voice of reason until they completely ruined him with an apprarance as sleazebag on GTA V.
1·6 months agoNFS is easy as long as you use very basic access control. When you want NFSv4 with Kerberos auth you’re entering a world of pain and tears.
That AI bot must be saturated with break-up and “Delete Facebook, hit the gym!” advice…
How I read it is that they’ve reintroduced it in FF 139 and that you need to enable the third-party certificates to acces the client certificate in the Android cert. store. But the linked bugs in the later replies of my link mention a regression in FF 140+.
I do agree that this is still a horrible UX though. Sadly I don’t have the time currently to test it.
I was curious so I looked it up… But it should technically work on FF for Android, although there is a bug in the UI.
See:
This is only true for the connection security. With mTLS you can also authenticate to the webapplication you’re trying to reach. So consider your use-case between von/mtls.
If you’re really out of options you can just brute-force it:
# grep -r 'old.home.lab' /etcOr any other dir with configs…
Github. The
/key is usually a shortcut in Firefox (and many other software) for search. But they hijacked it to their search-field that requires you to be logged in anyway. So you can only use ctrl+f on their site.For websearch I’ve switched to Kagi and it does exactly what I need, nothing more, nothing less.
Hosting a Gitlab for work and for my private projects I agree. The CI/CD is excellent and I really like the way they handle issues and merge-requests. Gitlab is great but quite a beast, so throw some good CPU and fast storage at it.
It’s a sad state of affairs. I would pay for youtube in a heartbeat if it wasn’t connected to the biggest spyware company in the world. But now, even while paying you still get ads and they still track you. The people working at Alphabet are bad and should feel bad.
Yeah, the action part is the least interesting, especially…
spoiler
the shootout at the end.
But I really like the soundtrack of the last scene and the credits after that.
Thats pretty cool. Movies with such wide distribution are often at least interesting… Not per se good though.
Yes, since before I was 10 (qwerty)… Learned it on an electric typewriter. Once a colleague switched two keys on my keyboard around as a joke. I hadn’t noticed untill he told me about it three months later.