I absolutely love that zip-tie mounting solution, it’s the kind of thing I wish I saw in more homelab setups.

People joke about linux.exe, but there was such a thing as andLinux/coLinux

As a note, the EU requirements for cookie banners actually have a few interesting requirements.

So they engineered the consent mechanism to be as high-friction as possible to say “no”, while the “yes, violate my privacy” choice is always a single click.

A consent dialog needs to offer a “decline” option that’s at least as easy to access as the “agree” option. If they try to coerce you to give consent simply to avoid tedium, then that consent mechanism is in violation of GDPR.

Also a fun tidbit;
Ended up sharing a table at a speakers dinner in 2019 with a guy who worked for the same advertisement company that caused the Target scandal (among others). He had some interesting things to share about how such things happen, and also how the advertisement industry works internally.
It’s got a remarkable amount of parallels to high-frequency trading.

I really do hope that Funkwhale get their 2.0 release out soon, should make self-hosted Spotify-like stacks simpler to do, and the fact that it works for creation and distribution as well is great.

I think the login-redirect system is just broken for ADFS, it feels like it adds all the SSO-logout URLs for all systems you’re logged into to the redirect queue when it times your session out.
Which means you’ll have to log in enough times to exhaust that queue before it finally reaches the actual system you’re trying to log into.

But that’s just an assumption.

Added an edit with the filter line

I actually recently added the Microsoft logout page to µblocks domain filter at work, since it would every now and then trigger a logout the very first page load after I’d log in to the email there.

This has also somehow caused a bunch of other AD-connected systems to suddenly behave a lot better when it comes to session termination.

No longer an assumption - from itch themselves: https://itch.io/updates/update-on-nsfw-content

Assuming that this is due to pressure from VISA/MasterCard - like it’s been with Steam.

It’s patently bizarre how a company whose only purpose is transferring money from account A to B can then arbitrarily decide what people are allowed to buy and sell.
It’s one thing to refuse to be an acceptable payment method for NSFW games, but to forbid the store from selling them at all? That’s just megalomania, and a great pointer to why monopolies (and duopolies) are A Bad Thing™

For sparkling, it’s commonly referred to as “homeopathic lager” among colleagues - i.e. without any active ingredients.

Interesting, that’s definitely not what I’m seeing from regular use. Are you running any added applications? LDAP? SSO? External mounts?

Are you looking at data rates or IO operations? Because this is almost exclusively stat queries, i.e. inode queries.

Oh yeah, CPU usage is basically zero, and memory usage of the PHP code itself is also basically nil compared to other software I run. It’s just the sudden storms of IO requests that causes issues, and since those come over a network pipe it causes issues for other pieces of software as well.

Again, it works until it requires reloading, i.e. the next update of any component or the next restart of the server.

I’m also running an inode cache on the client side, on top of the persistent opcache, but due to the sheer number of files that Nextcloud consists of it still generates a frankly ridiculous amount of calls when it needs to invalidate the cache. If you’re running on local drives then that’s likely much less of an issue, regardless of what kind of drive it is, but this is hosted on machines that do not have any local storage.

Yep, those values are actually somewhat tame compared to my own cache tuning, the issue remains that the code requires reloading PHP files from disk during runtime in order to support applications and updates, which - even if it doesn’t happen often - causes IO storms that temporarily break both Nextcloud as well as other software.

Currently working to move away from Nextcloud myself, it’s PHP nature causes IO storms when it tries to check if it needs to reload any code for incoming requests.

All OpenWRT-based routers have the option of built-in DNS-based adblock, can thoroughly recommend the Turris routers for such things.

One has super cow powers, the other one doesn’t.

Default block for incoming traffic is always a good starting point.
I’m personally using crowdsec to good results, but still need to add some more to it as I keep seeing failed attacks that should be blocked much quicker.

Honestly, the two reasons I’ve been sticking with Plex is the federated/shared libraries and watch together.

If they’re starting to axe those then I see no reason to continue using it.