BTRFS should be stable in the case of power loss. That is to say, it ought to recover to a valid state. I believe the only unstable modes are RAID 5/6.

I’d recommend BTRFS in RAID1 mode over mdadm RAID1 + ext4. You get checksumming and scrubs to detect drive failures and data corruptions. You also have snapshotting, in case you’re prone to the occasional fat-fingered rm -rf.

For backup, maybe a blu-ray drive? I think you would want something that can withstand the salty environment, and maybe resist water. Thing is, even with BDXL discs, you only get a capacity of 100GiB each, so that’s a lot of disks.

What about an offsite backup? Your media library could live ashore (in a server at a friend’s house). You issue commands from your boat to download media, and then sync those files to your boat when it’s done. If you really need to recover from the backup, have your friend clone a disk and mail it to you.

Do you even need a backup? Would data redundancy be enough? Sure if your boat catches fire and sinks, your movies are gone, but that’s probably the least of your problems. If you just want to make sure that the salt and water doesn’t destroy your data, how about:

1. A multi-disk filesystem which can tolerate at least 1 failure
2. Regular utilities scanning for failure. BTRFS scrubs, for example.
3. Backup fresh disks kept in a salt and water resistant container (original sealed packaging), to swap any failing disk, and replicate data from any good drives remaining.
4. Documentation/practice to perform the aforementioned disk replacement, so you’re not googling manpages at sea.

This would probably be cheapest and have the least complexity.

I wouldn’t trust anything like that to the open internet. It would be better to access the system over a VPN when you’re outside the network.

I use a fuckload of soap and hope it keeps the grease from re-forming. Is that still bad?

Yeah, I believe there’s some kind of bridge mode you must enable on the host’s interface.

As others have said, a reverse proxy is what you need.

However I will also mention that another tool called macvlan exists, if you’re using containers like podman or docker. Setting up a macvlan network for your containers will trick your server into thinking that the ports exposed by your services belong to a different machine, thus letting them use the same ports at the same time. As far as your LAN is concerned, a container on a macvlan network has its own IP, independent of the host’s IP.

Macvlan is worth setting up if you plan to expose some of your services outside your local network, or if you want to run a service on a port that your host is already using (eg: you want a container to act as DNS on port 53, but systemd-resolved is already using it on the host).

You can set up port forwarding at your router to the containers that you want to publicly expose, and any other containers will be inaccessible. Meanwhile with just a reverse proxy, someone could try to send requests to any domain behind it, even if you don’t want to expose it.

My network is set up such that:

• Physical host has one IP address that’s only accessible over lan.
• Containerized web services that I don’t want to expose publicly are behind a reverse proxy container that has its own IP on the macvlan.
• Containerized web services that I do want to expose publicly have a separate reverse proxy container, which gets a different IP on the macvlan.
• Router has ports 80 and 443 forwarding only to the IP address for my public proxy

HR Giger is happily dead after seeing this

Ooh! Thanks for the tip! Been looking for some affordable drives for my next system.

I bought a LFF Dell Poweredge back in the fall, and have been waiting on a good deal for 3.5" disks. My current machine is a SFF HP Proliant, and I hate how much a 2.5" drive with good capacity costs.

A bridge in America collapsed after a cargo ship crashed into it.

Consider SW Michigan. 2h drive/train to Chicago, proximity to large bodies of water for summer enjoyment, and if you live in a reasonably-sized town they’re probably good at clearing roads when it snows.

Besides, our winters get milder each year. There’s a couple of big snow/ice events, but the trick is to not be on the road while the heavy stuff is coming down. Wait a few hours for it to ease up and for the snow plows to do their thing.

Sounds rough. My fiancé does security, and from what I’ve gathered from him, the best time for security to get involved is at the design stage. They look over the proposal, give their input, and then nobody’s surprised at release time, and teams can follow agile practices. Obviously there’s still a review of the final product, but that can be done asynchronously after the fact to confirm that best-practices were followed.

Easy to say, hard to put into practice. Certainly depends on the kind of service your business provides.

I don’t think the security people would like that idea very much

Why not? How do your feature flags work?

Small releases, on a regular cadence.

How do you ensure that you’re not releasing features before they’re ready? Kinda depends on the application, but you might use feature flags. A system for turning features on and off without deploying the application. It could be a Boolean in a redis cache that your app looks for, or a DB entry, or another API. The point is for you to be able to flick a switch to turn it on instantly, and then if if breaks things in prod you can just as easily turn it off again.

And just a word of advice: Consider the performance impact of your feature flag’s implementation. We had a team tank their service’s performance because it was checking hundreds of feature flags in different DBs on every API call. Some kind of in-app caching layer with a short refresh period might help.

…and of course Duck Game never got released on GoG

Fuck this greedy bullshit

I’ve never seen Mille used in reference to money. Only in advertising (eg CPM = cost per mille = cost per thousand ad impressions)

But to answer your question, the original Bloomberg article says 60 million.

Despite what the length of their privacy policies might suggest, first party sites are a lot stingier with their user data now than they’ve been in the past. The value of knowing who someone is and what they want is derived when you convince them to pull out a credit card, at which point you need to collect their data anyway.

Thus, I think we’ll see two tiers of data collection: Deep first-party info shared between retailers and data brokers to target advertising on their first party site, and less granular banner advertising based on privacy sandbox, taking the place of drive-by cookie drops. If privacy sandbox is as good for random blogs as industry is expecting (ie, not as perfect as third party cookies, but less impactful than Apple’s ITP was), I don’t think we will see a wave of email signups.

I don’t quite understand the leap from “No third party cookies” to “You need to create an account”.

If you’re visiting a site and they drop a cookie, that’s a first party cookie. You don’t need to log in for that to happen, and they can track you all the same. Taking identifiers from a first party cookie and passing them to advertisers will still be a thing, it’ll just require closer coordination between the site and the advertiser than if the advertiser dropped their own cookie.

Now yes, that first party cookie won’t follow you around to other websites and track your behavior there, but creating an account wouldn’t enable this anyway. Besides, Google’s Privacy Sandbox product suite is intended to fill this role in a less granular way (associating k-anonymized ids with advertising topics across websites).

As a child, Easter holiday in a cottage in Cornwall. It had a coal fireplace.

What are people’s thoughts about the children’s size urinal? Never use it if there’s another option? Only use it if the other option would place you adjacent to another person? What about if you have a choice between adult and child’s urinals next to each other, but using the child’s urinal would allow space for another person to optimally avoid neighboring persons?

I feel like this is a variant of the trolley problem that’s woefully unexplored.

Because then you can use the ARC protocol to minimize the number of remotes. The TV will pass volume controls through the HDMI port and the sound bar will adjust volume.