I know that very well. Ethernet=security concern. Connecting your shiny new scope to company network=no way. Hard to discuss arround it in company environments or push for split network topologies.
Not only killed modding, but also killed the way those unique communities developed. I suppose it's possible you can find people on community Discord servers nowadays for pick up games, but not in the same way as just seeing and talking to the same people all the time on your favorite modded server.
For four great years in my career I ran game servers for an Australian ISP. I really enjoyed tossing up servers for new HL2 / UT / Quakeworld mods and seeing what picked up a community, chipping in on a cyberpunk HL2 mod in the same period.
I have such rose coloured glasses of that time.
Looking back, most of the dedicated server software felt like it was just tossed over the wall. Some of the stuff we used to have to do to get things running happily on headless linux servers was very hacky. Others simply HAD to run on windows hosts.
I feel like the entire industry died as games became "live" services.
Nearly 2 decades later when my kids got into Minecraft, I stumbled into the hosted MC server world and was just amazed by the size of the industry around it.
It was a real "arrrh this is where that same spirit ended up" moment.
And now of course there's huge servers funded by getting kids into gambling and pay to win.... Gross.
Why doesn't pip support PEP 723? I'm all for spreading the love of our lord and savior uv, but it should be necessary to have an official implementation.
I don't know if there's an official reason, but my guess is that it's slightly out of scope for pip: pip is a packaging installation tool, not a virtual environment managing system.
uv, being both, is a more natural fit for an implementation of that PEP.
It's completely out of scope for pip, which is purely about modifying the set of packages installed into non-transient environments.
Pipx is a wrapper that does more or less what you're looking for (including PEP 723 support), but it arbitrarily refuses to process top-level packages unless they specify an entry point (which makes them "applications" even with abstract dependencies).
I'm planning to support it in PAPER, which can roughly be described as my vision of what pip and pipx, taken together, should have been.
That warning applies to anything you run locally. And going further, in this day and age, I would never put up any home service without it being behind Cloudflare Access or some form of wireguard tunnel.
I've done that in the past, even for securing the admin pages of some software (there was once an issue where the admin page auth could be bypassed, this essentially adds another layer). With TLS it's okay for getting something up and running quickly.
Of course, for the things that matter a bit more, you can also run your own CA and do mTLS, even without any of the other fancy cloud services.
After coming across a brief tutorial of mTLS in this tool for locking down access to my family photo sharing [0] I have bounced around the internet following various guides but haven't ended up with a pfx file that I can install in a browser. Can you recommend any resource to understand which keys sign what, and what a client certificate is verified against?
The guides I find often contain the openssl incantations with little explanation so I feel a bit like stumbling through the dark. I realize how much I've taken stacktraces for granted when this auth stuff is very "do or do not, there is no error"
Firefox can be configured to use Kerberos for authentication (search for "Configuring Firefox to use Kerberos for SSO"); on Windows, Chrome is supposed to do so too by adding the domain as an intranet zone.
I mean, I'm aware of SPNEGO etc. It's just that it was... ignored(?) by the startups/the community/google? Whatever little support there is is comparatively a worse experience than what we've got now for no really good reason.
Kerberos is old neckbeard tech, highly complex to set up, with layers upon layers of legacy garbage. Trying to get it working is ... a nightmare, I prefer even the
garbagefest that is Keycloak over dealing with Kerberos. At least that just requires somewhat working DNS and doesn't barf when encountering VPNs, split horizon DNS or split tunnels.
The only places I've seen a working Kerberos setup outside of homelabs is universities (who can just throw endless amounts of free student labor power onto solving any IT problem) and large governments and international megacorps.
Good luck when the TCP or SSL stack has an issue. These bugs are rare but they do exist and you're getting fucked royally if your entire perimeter defense was a basic auth prompt.
Windows and Linux have both had their fair share of network stack bugs, OpenSSL had Heartbleed and a few other bugs, and hell you might even run into bugs in Apache or whatever other webserver you are using.
It would have taken several days to heartbleed your private key in 2013 if you also added fail2ban. Your home lab probably isn't on the high priority target list.
> Your home lab probably isn't on the high priority target list.
Yeah but these days with botnets widely available to hire? Everything is fair game and whatever you run gets indexed on Shodan and whatever almost immediately. The game has never been easier for skiddies and other low-skill attackers, and mining cryptocoins or hosting VPN exit nodes makes even a homelab a juicy target.
My homelab for example sports four third-hand HP servers with a total of about 256GB RAM and 64 CPU cores on a 200/50 DSL link. That's more than enough horsepower to cause serious damage from.
Keeping an eye on this. I've been wanting something like this to manage an air-gapped system. I don't want to worry about keeping on offline apt repository (or what have you) synced, I just want to boot a full new image and mount my home folder.
I haven’t set it up myself yet, but at least in theory all you need to do is build and push (and sign) images to a self-hosted container registry, and then have your air-gapped systems update from that machine.
I have used GitHub Actions and GitHub Container Registry the way Bluefin uses it to build and push images there. You might be able to even just mirror them from there if you want to punch a hole in your air gap.
YNAB doesn’t allow maintaining your chosen spending per category over multiple time periods. Last time I checked
When I spend an extra 50 on groceries this month, I can’t then reduce groceries by 50 next month or 25 over 2 months. That doesn’t make sense to me for a budget
I also switched from Mint to YNAB a few years ago, and YNAB is head and shoulders better than Mint. I've always had good finances / self discipline and didn't think I needed YNAB, but it's been way better than Mint for me. It's easily worth the cost.
If you don't mind me asking, what makes it worth the cost for you? I'm a long time mint user with very good financial discipline and can't imagine paying $100 per annum for such a service. But I'm open to learning new things and would love to hear your experience...
I didn't understand this until after I switched to YNAB, but Mint wasn't future-focued enough for me. I've always been good about saving and tracking my spending, but with the way I used Mint, I usually only focused on the current month. I had good savings so I easily had ~5k of comfortable wiggle room floating around if I needed it for random expenses, but I also wasn't planning ahead in detail.
Example: Need new tires? Yeah, I had the cash, but I wasn't really expecting/tracking those things, so sometimes a bunch of expenses would all hit at the same time.
YNAB has a philosophy called "give every dollar a job." At first, this feels so intuitive that it's almost silly, but after you've used YNAB for 3+ months, it builds steam.
For instance, if I know now that I'm going to need new tires next summer, I can think "Do I want to spend $50 on dinner out today, or put the $50 into my 'new tires' fund to use in May? With Mint, I wouldn't be thinking about May. I'd be focused on the current month, or maybe one month ahead. But with YNAB, I budget much further out into the future, and I do so in granular detail. So no more "5k wiggle room cash on hand for random things in the future" -- everything is planned. I'm probably more type-A than most YNAB users, but I have 50+ categories to stash money into, including things like future vet bills, future car maintenance, specific funds for vacation in Spring 2024, Summer 2024, December 2024, etc. (Most people probably have fewer categories)
Pre-YNAB, I'd think "Do I want to spend $50 on dinner now, or do I want to save it?" With YNAB, I think, "Do I want to spend $50 on dinner now, or do I want it for my vacation in December 2024?"
The result is that mental tradeoffs are significantly more clear, and I can prioritize better. In terms of value, I'm honestly not sure if I save $100 per year, since I was very frugal even before YNAB, but the mental clarify of having full transparency into my current and future choices is easily worth $100 to me.
YNAB is definitely very "opinionated". You have to convert to their "give every dollar a job" budgeting method, but I found really works well for me.
I moved off of Mint when they were acquired by Intuit, so I felt the price was worth it maintain full auto-import capabilities in an ad-free app. (The way Mint advertised at the time didn't really bother me, but I assumed that ads would get more intrusive under Intuit)
Exactly. I didn't think that giving every dollar a job would be that important, since I was good at saving even with Mint, but it makes the mental tradeoffs so clear. Love it.
Their Python module caches the downloads, which is checked before downloading them again...but you're probably not wrong on the crazy bandwidth bill. Looks like they have crazy VC money though, considering the current climate.
