As a EU citizen that moved to a different EU country: Yes please!
I constantly need a VPN as some services from my old country are geo-blocked. And when I forget to disable the VPN to my old country I can't visit certain sites from my current country. I need two phone numbers as some services require a phone number from the country they operate out of. I'm talking banking, classifieds, insurance, municipal. I can't use certain apps from my current country because I have to switch my account country but that disables apps from my old country.
And the best part, I can't vote for the national elections in my current country. Only for those in my old country. And it will be like that for the rest of my life. An example: I had to enable VPN to see the election results of my old country, the one I am eligible to vote in.
Please unify the EU so I don't have to deal with all of this.
Why should countries allow foreign influence - the voting in the most important elections in the country, by foreign citizens who didn't integrate enough to even get their citizenship?
Participating in local elections is often allowed.
In the case of these two countries dual citizenship is not allowed. So for the rest of my life I will not be able to vote here. This isn’t about “not integrating enough”.
If someone has been living and working in a country for a long time that should be enough to let them vote in national elections, regardless of what citizenship they have.
Not willing to change your citizenship is a sign of not integrating fully, in not being completely loyal to the country and to its citizens.
Imagine that both countries start a war between each other - who are you going to support? Whoever you choose does not matter, the fact remains that you would have to choose, legally speaking. Why should your current living country give the strongest possible leverage to an untegrated potential agent/supporter of the foreign country?
Highest privileges should be given to people who decided to be fully in, in both good and bad. You can't be allowed to only cherrypick the good stuff: "I want to vote, but I don't want to be drafted to be killed in a war".
Having people vote who don't live in the country has always struck me as weird. If you are some place else for say a year or even 10 years it seems a reasonable topic for debate but longer?? Never pay taxes either???
Often the rule is that one gets the vote in local elections after living for some time, but only citizens can vote in national elections (Parlament, President). This makes sense. If you want to fully participate in a society, you should integrate and become a citizen.
> Well written. I hope one day the united states of Europe is a real political entity, burying the stupidity that is fragmented national interests.
And I personally hope it won't. Seeing how things are going, I have no interest for my country to become a small province of the EU to be managed by some bureaucrats in Brussels who have never set foot in it.
Sharing intel and and resources why not? Becoming a vassal state of an EU federation no thanks.
The world is going back to zones of influence, and little fish will be eaten by big fishes. I'd rather that the big fish be the EU than Russia, even if it means giving up some national rights.
> The world is going back to zones of influence, and little fish will be eaten by big fishes
That has always been the case. I don't see how that would justify giving up our independence to become a province of a super state.
Secondly, using Russia a bogeyman to justify giving up our national rights is not a really convincing argument.
Russia hasn't been able to conquer a third of Ukraine in the last 3 years and it's economy is in shambles, yet we are supposed to believe that only a European super state can save us from it? That makes no sense.
But each to their own, those who want to give up their national rights, identities and shared cultural heritage should go ahead and integrate this super state and those who do not should be able to stay out of it.
I guess fundamentally we have a different view of what Europe should be.
>The word "fascist" now has positive connotations for me
Spoken like somebody who never had to endure real fascism.
>I realise a lot of you will want to call me fascist for this comment, or more likely something a bit snider and less direct. Just know that I genuinely don't care. It's just a word now.
No, you may not be a fascist, but it's opinions like yours that helped make it possible. Mitläufer.
It's the old IBM thing. If your website goes down along with everyone else's because of Cloudflare, you shrug and say "nothing we could do, we were following the industry standard". If your website goes down because of on-prem then it's very much your problem and maybe you get to look forward to an exciting debrief with your manager's manager.
That's lazy engineering and I don't think we as technical, rational people should make that our way of working. I know the saying, but I disagree with it. My fuckups, my problem, but at least I can avoid fuckups actively if I am in charge.
I don't, since my stuff is reachable only within the company network/VPN. If I needed to though, I would consult the BSI list of official DDOS mitigation services [0] and evaluate each one before deciding. I would not auto-pick Cloudflare.
Yeah, but people aren't using Cloudflare just for DDOS Mitigation. Some are running pretty much everything over it, from DNS to edge caching to load balancing and even hosting. That's what I oppose mainly.
Unless you are really big, onprem stuff would be 90% internal anyway. For everything public you'd host your hardware in a datacenter with better high speed connectivity. And pretty much every single datacenter I interacted with in the last 5 years does have a DDOS protection solution that you can order for your network.
That's fair, yeah, and I agree it's not always feasible - but if you have any influence over technical direction at your org, I encourage what I wrote above. Otherwise yeah, let the pea counters in the C-Levels dig their own grave.
Funnily and ironically enough, I was trying to check out a few things on Ansible Galaxy and... I ended up here trying to submit the link for the CF ongoing incident
I would only consider doing stuff on-prem because of services like Cloudflare. You can have some of the global features like edge-caching while also getting the (cost) benefits of on-prem.
Well, between AWS US EAST 1 killing half the internet, and this incident, not even a month passed. Meanwhile, my physical servers don't care and happily serve many people at a cheaper cost than any cloud offer.
You realize these are two different companies right? If you’re saying “I’m an AWS customer with cloudflare in front” I think you’ve failed to realize that two 99.9% available services in series have a combined availability of ~99.8% - that’s just math.
Your physical servers should have similar issues if you put a CDN in front unless the physical server is able to achieve a 100% uptime (100% * 3 9s = 3 9s). Or you don’t have a CDN but can be trivially knocked offline by the tiniest botnet (or even hitting hacker news front page)
I do. But I put both into the "cloud offering off-prem for very much money" shoebox. I setup a CDN once using VPS from different hosting providers for under 100 USD a month, which I would vastly prefer over trusting anything cloud.
And yes, I know that there's sites that need the scale of an operation like Cloudflare or AWS. But 99.9(...)% of pages don't, and people should start realizing that.
People who don't need that, also don't care much for an hour or two of service disruption. Most users will have far worse disruptions with the alternatives.
We have a few colocated servers offsite, each in a different region, each with a zpool of mirrored spinning rust. We use rsync across those at different times.
Yes. And the work environment has gotten slow as molasses. Especially when starting up. It takes 10 minutes to get responsive and load all the applications. Windows 11 has made it even worse. But hey, that’s a good moment to fetch coffee when I’m in the office and socialize with colleagues.
Lenovo Z13 Gen 2 with 64GB RAM and AMD 7840u is what I daily drive. It's 13.3 Inch, premium build with glas and aluminum. It's my favorite laptop by a wide margin, and runs Linux perfectly. Unfortunately Lenovo stopped producing the Z13/Z16, no idea what I will do afterwards.
Sure. You buy a chinese case with 6-8 bays off Aliexpress, throw some board with ECC RAM support into it and a few disks. You install TrueNAS Scale on it, setup a OpenZFS pool. Front panel lights are controllable via Kernel [0], it even offers a ready-made disk-activity module if you want to hack. Surveillance cameras are handled by Frigate, an open source NVR Software which works really well.
Especially when you want to build and learn, there's next to no reason to buy a Synology.
Very valid advice, but you don't do all that in "an hour," of course. Synology's purpose in life is to provide a solution to users who are more interested in the verbs than the nouns.
They are the Apple of the NAS industry, a role that has worked out really well for Apple as well as for most of their users. The difference is, for all their rent-seeking walled-garden paternalism, Apple doesn't try to lock people out of installing their own hard drives.
Kudos to Synology for walking back a seriously-stupid move.
Once you have the case, an hour or two is pretty reasonable... you can even have your boot device pre-imaged while waiting on the case to get delivered.
Not to mention the alternative brands that allow you to run your own software... I've got a 4-bay TerraMaster (F-424 Pro) as a backup NAS. I don't plan on buying another Synology product.
I use swaywm and kanshi [0]. It's write once, forget forever. I have one config for each of the display compositions I have (office, home, gaming, eDP...), and "it just works".
Nice that the community is addressing this. I was never able to trust Ventoy in the past, and as such still have a wide array of USB sticks to install Linux flavors with.
For installation I have had to drop back to a normal single-image USB stick before now because the installer became confused by the EFI partition presented by the unpacked ISO and anything found/not on the target drives.
Ventoy is very handy for running things live though, and not all installers/situations are affected by this (and there they are, it isn't really ventoy's fault).
I have a bunch of network-bootable installers set up on my DHCP server. If I want to install a new machine I simply set it to boot from the network. From there I can just select whichever distro I want. I also added some utils like Memtest86
I tried to set up netboot a few times, it seems like this should be very easy to do, especially that I self host many things, but I get lost in the technical details every time. I think I succeeded once, with the dhcp server running on a laptop running Debian…
Turns out doing some speleology to find a USB key and burning an ISO on it using cat or pv ends up being radically easier…
(OTOH it's been a while since I last tried and now I have root on my router running OpenWrt so I guess it would be a tad easier…)
I'm sure there's howto's around, maybe this one from ipxe is a good place to start [1], but if you're running isc-dhcpd (which is discontinued, but still works, so....) you add something like this into your subnet config:
(use your addresses instead of rfc 5737 addresses). Note that the client-arch for amd64/x86_64 matches what PXE clients actually use instead of what the rfc 4578 says (there's an errata, but rfc policy is not to incorporate corrections sigh ). If you've got other archs, you can probably figure it out.
You've got to run a tftp server on the next server address; and just FYI some PXE clients won't reach outside their subnet to get to the tftp server. Grab the ipxe binaries from wherever is convenient and they live in the root of the tftpserver.
You can follow the ipxe docs for what to put in your menu file. I've got a menu of weird things, which includes
item --key n netboot netboot.xyz [n]
You could probably just use the boot.netboot.xyz in your dhcpd config and then you don't have to write a menu at all.
Depending on your client machines, expect to have to fiddle around a bit. I've got some machines where PXE works, but the keyboard won't work in PXE, so that's not super useful. Others where PXE doesn't really work in UEFI mode, only in BIOS mode; there's probably some vice versa. Also, I've never figured out a good way to load ISOs in UEFI mode ... in BIOS mode you can use MEMDISK and if the OS supports it, it can find the disk image in memory and mount it when it boots. The netboot people do a good job of finding ways to make things work, but don't expect everything to work.
I originally started from some version of this document [2], but I've moved on since then. IMHO, netbooting is a nice way to run hobby OSes... no need to worry about a boot loader and all that, just build for multiboot and ipxe will work (and grub will work, too, if you ever do want to run off a disk)
It's possible to get Windows ISOs to boot with PXE, but it takes a lot more patience than I've got to make it work well ... if I use iscsi, the OS loads, but takes several minutes to get the disk image mounted after the installer starts; it would probably be faster to write the image to a usb disk and run from there. I was able to install to an iscsi drive, but then the same problem with mounting happened when I tried to boot from there, and then you just end up at a stop error screen because the OS really does want a mounted filesystem when it starts. (there's something about tweaking the driver setup, but that's too much work for me, I found a drive to run off of, and did what I needed to do)
You don't image it. You drag and drop ISOs into a directory on the SSD, and the USB device emulates a DVD ROM drive with the contents. You choose the ISO through a small screen and button on the device.
Can confirm, also have 2 IODD devices for this purpose, though I usually grab my (simplest) USB stick that has netboot.xyz flashed to it, and just boot off that, and select whatever netboot image I want and have it get everything from the interwebs. No need to ever update this workflow.
With the iODD 2531: It has modes: CD, HDD, and dual. CD provides emulation only. HDD and dual expose an FAT32 drive volume that can contains a magic _ISO directory to store .iso's. One limitation though is it doesn't support fragmented (discontinuous) files, and so those need to be minimally defragmented occasionally.
It also has an issue with remembering the last mounted .iso if its filename is beyond a certain length, in which case it will instead load a random (although always the same) .iso in the same folder.
I mainly had this issue with the default Windows install image names.
Fragmentation can be a bit annoying, especially when using exFAT, which doesn't appear to have defragmentation tools available. It can be avoided by never deleting files and instead reformatting every so often.
That being said, it's still a fantastic tool because all the images "just work" everywhere a class-compliant USB optical drive would.
No sense using exFAT because it's not as widely-supported. Don't have to reformat fat32 because File Allocation Tables are extremely simple. Move all files off, and then move them back serially, and presto, no more fragmentation.
FAT32 is not an option because Windows images these days are all over 4GiB. exFAT is very widely supported; the alternative would be NTFS, which doesn't work well (no write support) on macOS.
That was both it's charm,and it's notoriousness. I was using it, but when the blob thing became a concern, me and the guy who recommended it, stopped using it,and now it's more of a curiosity, but no longer used. EFI is basically crippleware now,and two dev friends of mine just bought macs, leaving me their Lenovo collections. Two X1 carbons and three T590s.
reply