The real fun is going to be when he’s finally up and running… I have ~250TB of data on the Truenas box. Initial sync is going to take a hot week… or 2…
Edit: 23 days at his max download speed :(
Fine… a hot month and a half.
Nope. I don’t talk about myself like that.
The real fun is going to be when he’s finally up and running… I have ~250TB of data on the Truenas box. Initial sync is going to take a hot week… or 2…
Edit: 23 days at his max download speed :(
Fine… a hot month and a half.
Ceph has been FANTASTIC for me. I’ve done the dumbest shit to try and break it and have had great success recovering every time.
The key in my experience is OODLES of bandwidth. It LOVES fat pipes. In my case 2x 40Gbps link on all 5 servers.
Nah, that’d be mean. It isn’t “simple” by any stretch. It’s an aggregation of a lot of hours put into it. What’s fun is that when it gets that big you start putting tools together to do a lot of the work/diagnosing for you. A good chunk of those tools have made it into production for my companies too.
LibreNMS to tell me what died when… Wazuh to monitor most of the security aspects of it all. I have a gitea instance with my own repos for scripts when it comes maintenance time. Centralized stuff and a cron stub on the containers/vms can mean you update all your stuff in one go
40 ssds as my osds… 5 hosts… all nodes are all functions (monitor/manager/metadataservers), if I added more servers I would not add any more of those… (which I do have 3 more servers for “parts”/spares… but could turn them on too if I really wanted to.
2x 40gbps networking for each server.
Since upstream internet is only 8gbps I let some vms use that bandwidth too… but that doesn’t eat into enough to starve Ceph at all. There’s 2x1gbps for all the normal internet facing services (which also acts as an innate rate limiter for those services).
I could… But it would be a royal pain in the ass to find a VPS that has a clean address to use (especially for email operations).
Exactly this. 2 phase into house, batteries on each leg. While it would be exceedingly rare for just one phase to go out… i can in theory weather that storm indefinitely.
Nope 240. I have 2x 120v legs.
I actually had verizon home internet (5g lte) to do that… but i need static addresses for some services. I’m still working that out a bit…
Fire extinguisher is in the garage… literal feet from the server. But that specific problem is actually being addressed soon. My dad is setting up his cluster and I fronted him about 1/2 the capacity I have. I intend to sync longterm/slow storage to his box (the truenas box is the proxmox backup server target, so also collects the backups and puts a copy offsite).
Slow process… Working on it :) Still have to maintain my normal job after all.
Edit: another possible mitigation I’ve seriously thought about for “fire” are things like these…
https://hsewatch.com/automatic-fire-extinguisher/
Or those types of modules that some 3d printer people use to automatically handle fires…
Absurdly safe.
Proxmox cluster, HA active. Ceph for live data. Truenas for long term/slow data.
About 600 pounds of batteries at the bottom of the rack to weather short power outages (up to 5 hours). 2 dedicated breakers on different phases of power.
Dual/stacked switches with lacp’d connections that must be on both switches (one switch dies? Who cares). Dual firewalls with Carp ACTIVE/ACTIVE connection…
Basically everything is as redundant as it can be aside from one power source into the house… and one internet connection into the house. My “single point of failures” are all outside of my hands… and are all mitigated/risk assessed down.
I do not use cloud anything… to put even 1/10th of my shit onto the cloud it’s thousands a month.
The site is already available in HTTPS. Why would you even serve content non-encrypted?
If you need an education on the matter… Here you go. https://www.cloudflare.com/learning/ssl/why-use-https/
“I don’t handle sensitive information on my website so I don’t need HTTPS”
A common reason websites don’t implement security is because they think it’s overkill for their purposes. After all, if you’re not dealing with sensitive data, who cares if someone is snooping? There are a few reasons that this is an overly simplistic view on web security. For example, some Internet service providers will actually inject advertising into HTTP-served websites. These ads may or may not be in line with the content of the website, and can potentially be offensive, aside from the fact that the website provider has no creative input or share of the revenue. These injected ads are no longer feasible once a site is secured.
Modern web browsers now limit functionality for sites that are not secure. Important features that improve the quality of the website now require HTTPS. Geolocation, push notifications and the service workers needed to run progressive web applications (PWAs) all require heightened security. This makes sense; data such as a user’s location is sensitive and can be used for nefarious purposes.
I don’t feel the need to be your teacher. You can easily google why you should always be using HTTPS. There’s numerous reason… all overwhelmingly obvious. Forget the basic “Not every ISP is an angel, and they all will collect as much information as they can get”. But I already said that… “It’s still best practice to limit sniffing.” Not sure why I need to elaborate any more on that. Very much akin to “why close your window blinds”, because nobody likes a peeping tom.
Ultimately for this specific website it’s literally changing a couple lines of code in their apache or nginx instance (or whatever proxy they’re using). It’s called best practice for a reason.
Edit: Hell it’s even a bit more of a guarantee that your site makes it to the consumer unaltered. Would be odd for that site to have it’s packets intercepted and midget porn be added to every page wouldn’t it? Think that would hurt the guys reputation?
An SSL here is nothing more than security theater, or marketing.
Or like I already said… is best practice.
Why would the lack of SSL concern you?
Because it means my traffic to that site is in the clear. And while we’re not transacting anything sensitive necessarily. It’s still best practice to limit sniffing.
Automatically swapping to https should be default behavior for every website.
They made a claim… A claim that you can readily show they’re clearly ALREADY doing. They need to GIVE the context.
They chose not to. I’m not going to jump on their bandwagon on just blind faith. I’m going to question their claim because they’re already doing what they claim they cannot do. However the fact that they chose to omit that context that they should have provided from the outset is itself damning. People don’t omit facts that would prove their point. They do however make statements that are inconsistent when they’re lying.
I’m sure as hell not jumping into a comment section spending my time defending a multi-million dollars corporations that already overpays lawyers to do that.
I’m not defending anything. Nothing I’ve said was in defense of Steam. However it was the most basic of fact check for this “Developer” or “source”. Which has shown/proven to already be bullshit. YOU are amplifying that message for some reason without doing the most fundamental of a fact check.
And yes… when I detect bullshit… I’m going to call it out. Bullshit stinks.
… You’re making shit up and lying at the same time. Here, lets squash this bullshit argument once and for all. Please somehow make this make sense. It’s not only cheaper… but a choice of WITH or WITHOUT steam drm and the developer is already doing it.
OFF STEAM with or without steam DRM: $19.95
ON STEAM: $19.99
Edit: I can add more arrows if you’d like.
The source makes a claim that selling off platform without DRM would get them delisted from Steam.
I found you a link showing they do exactly that.
So the developer is either lying… or the source is lying… or the article writer is lying.
https://overgrowth.wolfire.com/buy-now/
Buy Overgrowth On humble bundle
So why is the game still on steam then if that “cited” information was accurate? The humble bundle sells the game without DRM.
https://store.steampowered.com/app/25000/Overgrowth/
Something stinks here… and it’s not Steam.
That’s all you’re able to read? 1/4 of a sentence?
Impressive.
They both have rabid modding communities
Minecraft would have been dead a decade ago if it wasn’t for modding. Look at all those custom servers and hosting platforms. All the Youtube content.
Nothing about their comment outlined that they didn’t know how to use it. But that they never did use it.
Nothing about their comment eludes to any fact that they’re embarrassed at all. They posted it publicly and directly with not reservation which is the opposite of “embarrassed”.
They didn’t blame anyone for anything related to the iron itself. But for shallow intentions if they care at all about the clothes that they wear. Which I can understand and agree with to some extent.
You on the other hand… You’re a jackass. Lots of insinuations, lots of assumptions. Just to put down some random person on the internet for not wanting a fucking iron that probably was the 20$ special at wally world.