No worries, I thought it was pretty interesting and I'd never heard of it before so thought I'd share.
The most difficult part for me was configuring nginx to properly serve the files. The gpg part was actually the easy bit.
blackstrat
joined 1 year ago
There's 2 methods, one uses a subdomain and one doesn't. Without is called 'direct'. No special DNS entries required really. I have a wildcard subdomain entry which works for me. Just so long as the key is available over HTTPS using one method.
I've been using it for a few years. Really handy way if avoiding cooperate firewall rules.
How'd you set that up with Opnsense fail over? I have an opnsense VM with input straight from the ISPs FTTP box to the NIC on my server. So I can't fail over to my second proxmox box without swapping the cable over.
Run your own DNS server on your network, such as Unbound or pihole. Setup the overrides so that domain.example.lan resolves to a local IP. Set your upstream DNS to something like 1.1.1.1 to resolve everything else. Set your DHCP to give out the IP of the DNS server so clients will use it
You don't need to add block lists if you don't want.
You can also run a reverse proxy on your lan and configure your DNS so that service1.example.lan and service2.example.lan both point to the same IP. The reverse proxy then redirects the request based on the requested domain name, whether that's on a separate server or on the same server on a different port.
I imagine they use it in much the same way as any enterprise. Running servers and workstations, mostly.
F16's run Kubenetes clusters.
Lots of individual bits of hardware on specialized devices will be running embedded operating systems. QNX is big in automotive for the same reasons it'd work on a rocket.
I don't understand it either. On one hand people say don't remember addresses, use DNS and on the other DNS relies on static addresses but then every device is "supposed" to have random addresses via SLAAC or privacy addresses. It just doesn't seem to tie together very well, but if you use them like IPv4 addresses you're apparently doing it wrong.
RAID IS NOT BACKUP RAID IS NOT BACKUP RAID IS NOT BACKUP
Don't use Red drives for a NAS!! You need the Red Plus (or is it red pro) disks as they're CMR.
I'd go for Ultrastar drives personally. There's a few really good videos online analyzing the backblaze stats for different drives that are well worth watching.
I received so much spam and abuse of my network from .xyz domains that they are fully blocked in every conceivable way from being accessed or accessing my network.
Just because a DE looks sparse doesn't means it also uses less resources. In imagine KDE would actually run well as it doesn't need all the bells it offers and is actually a well written performant DE.
You can download the public key from the web interface. I then imported it in to gpg with a
gpg --import public.ascand then used the above commands to generate the WKD structure.