Show newer

It's stuff like this that makes me concerned about the viability of progressive web apps. We lock down so many native APIs in the name of fingerprinting countermeasures. In the end, if you want something to work reliably, you're pushed towards Electron.

Show thread

Hmm. Seems browsers suppress local IPs from WebRTC ICE candidates unless you get audio/video permission. Makes sense for fingerprinting, but that's kind of annoying. It means P2P data channels have to take a slower route unless you're building a video application.

I didn't realize NewPipe supported PeerTube. Wicked.

My testing of Consul/Nomad/Vault has actually gone so well I've gone ahead and started migrating production systems to it.

Honestly I find it just phenomenal for our use case.

If we fully reverse engineer the brain as a computing machine, it's just a matter of time before it runs DOOM.

I'm migrating our SSH to use Signed SSH keys generated by Vault and there's been a lot of resistance.

As the only security guy all I have to say is

I want to write code but nothing sounds fun right now.

So I got Consul's Envoy integration up and running on my raspi cluster... that was unexpectedly complicated. Apparently support for the platform is still pretty new and rough around the edges.

The wikipedia page about humans doesn't say anywhere on it that it was written by them, which imo is a conflict of interest

Dependabot PRs only solves half the problem. It automatically opens PRs when your dependencies fall out of date. But I still gotta wait for tests to pass, merge it, wait for the others to rebase, wait for tests to pass, rinse/repeat. And it's something you've gotta do *every week* or it all piles up.

I drop kicked Dependabot in favor of WhiteSource Renovate which can automatically merge. Waaaay nicer. Been going steady for a month and I rarely ever need to intervene.

Once I had NixOS deploying correctly, I just flipped two switches for Consul + Nomad.

services.consul.enable = true
services.nomad.enable = true

All that's missing is configuration. Gotta read me some manuals.

I can't believe Nix works this well. It does *so much* and it's all amazing.

Show thread

It freaking works. I got NixOps deploying to a raspi cluster.

The controller (x86) uses Nix distributed builds to farm out arm compilation which builds NixOS changes in parallel, then syncs the file deltas back to the pi cluster.

I've spent the whole day debugging cross compilation bugs for a raspberry pi. It hurts now but the end result is gonna be sick!

I'm playing with Nomad as an alternative to Kubernetes. It seems really nice so far.

QUIC makes me a little sad. It seems like userspace competition to SCTP. And I was really excited about SCTP.

Most minimalists seem to be "extremist minimalists" (extreminimalists?).

But #minimalism is not about owning less than X things, it is about not taking part in excessive consumption just for the sake of consumption! Its about getting _real_ value out of things rather than having lots of things with little value.

Show older

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.