Not all routers have all that great security either. Even if the admin page isn’t exposed to the Internet, you can access it and so does your browser. Just takes a little bit of XSS and oops.

They’re just examples of things you could pipe curl into, but no not really. If the download fails you end up with an incomplete file in your tmpfs anyway, and have to retry. Another use I have is curl | mysql to restore a database backup.

If the server supports resuming, I guess that can be better than the pipe, but that still needs temporary disk space, and downloads rarely fail. You can’t corrupt downloads over HTTPS either as the encryption layer would notice it and kill the connection, so it’s safe to assume if it downloaded in full, it’s correct.

With downloads being IO bound these days, it’s nice to not have to read it all back and write the extracted files to disk afterwards. Only writes the final files once.

That’s far from the weirdest thing I’ve done with pipes though, I’ve installed Windows 11 on a friend’s PC across the ocean with a curl | zstd | pv | dd, and it worked. We tried like 5 different USBs and different ISOs and I gave up, I just installed it in a VM and shipped the image.

I’ve had to use that flag.

--silent is useful when you don’t want the progress bar or you’re piping curl into something else. I like to do curl | tar -zxv to download and decompress at the same time, I’ve even tar -zc | curl to upload a backup taking no disk space to do so.

The problem however is it’s really silent: if it fails, it exits with a non-zero code and that’s it. Great when you don’t want debug info to interfere, annoying when you need to debug it.

So you can opt-in to print some errors when in silent mode, but otherwise be silent.

At this point China doesn’t need propaganda, they just let the chinese users look at the US user’s misery by themselves and sit back.

When Rednote was first flooded by the first wave of TikTok refugees, the chinese users were baffled just how much worse it was than their propaganda said. Which is probably why they just let it go and didn’t immediately shut it down.

Rednote is pretty different vibes, I’m on it but not nearly as much as TikTok. It’s pretty interesting for what it is but it’s not a replacement and it’s not competing to be a replacement either.

I would guess they’ll probably move to Bytedance’s other app, Lemon8, or probably Skylight Social as Bluesky is generally pretty popular with the particular part of TikTok I’m on, so everyone already have ATproto accounts and follows.

You need to set up your PC to be on that IP address first, TFTP doesn’t magically listen to a particular IP, you need to configure the PC with that IP.

ip link set eth0 up
ip addr add 10.10.10.3/24 dev eth0
ip addr add 10.10.10.1/24 dev eth0

Then you can start the TFTP server on the interface:

dnsmasq -d --port=0 --enable-tftp --tftp-root=/path/to/tftp/root -i eth0

This is why when an app pops up that permission dialog, you always say no. The number of permissions Meta apps ask immediately upon startup is a red flag on its own.

Can’t collect and upload what it doesn’t have.

For all its flaws and mess, NFS is still pretty good and used in production.

I still use NFS to file share to my VMs because it still significantly outperforms virtiofs, and obviously network is a local bridge so latency is non-existent.

The thing with rsync is that it’s designed to quickly compute the least amount of data transfer to sync over a remote (possibly high latency) link. So when it comes to backups, it’s literally designed to do that easily.

The only cool new alternative I can think of is, use btrfs or ZFS and btrfs/zfs send | ssh backup btrfs/zfs recv which is the most efficient and reliable way to backup, because the filesystem is aware of exactly what changed and can send exactly that set of changes. And obviously all special attributes are carried over, hardlinks, ACLs, SELinux contexts, etc.

The problem with backups over any kind of network share is that if you’re gonna use rsync anyway, the latency will be horrible and take forever.

Of course you can also mix multiple things: rsync laptop to server periodically, then mount the server’s backup directory locally so you can easily browse and access older stuff.

I don’t think I’ve ever updated a BIOS from any operating system, always flashed via the BIOS itself. Most can flash the BIOS without even a CPU installed these days.

It’s a good idea to validate the information before being outraged at it.

Aside from the other answers, no you can’t offload computations to memory. Memory stores data, it doesn’t compute.

The only way having more memory can possibly improve performance, is by having a cached copy of files so they don’t have to be fetched from disk, and applications potentially caching the results of heavy but reusable computations. (Unless you run out of memory and starts spilling over to disk, then more memory will make it fast again by avoiding swapping).

I mean I guess technically yes you could transcode into H264 into a tmpfs mount, and then play the H264, but you’re still not doing it faster and certainly not fast enough to watch in real time, you’re just decoding the AV1 well in advance before actually watching it.

The email used to be used to send you notices if your cert wasn’t renewed and other communications. They’ve just discontinued that feature, so the email isn’t super important.

It’s a good idea to provide a valid email address, but it’s not that important and doesn’t really matter for the purpose of issuing a certificate. It’s not part of the problem you’re having.

The main issue you’ll run into is nicher proprietary software being hard to install, but that’s what containers are for. The main one I see is if you need to install some proprietary VPN client it gets annoying, but since you’ll be running a VM anyway you can do some network trickery. My work’s antivirus only works on Ubuntu and RHEL, proprietary kernel modules so it’s got to be at least one of those kernels.

Linux is Linux, nothing’s impossible to solve even with Bazzite’s immutability. Worst comes to worst you make your own images and it’s not that hard, you basically just fork it on GitHub and let the CI do its thing.

But do you have time to fiddle to make it work and take the risk, or do you want to play it safe? How confident are you with Bazzite’s more advanced topics?

Wine has always done that, last seen on Plasma 5 (I switched to Wayland with Plasma 6), and I remember that being a thing way back in 2007 too. Valved patched the scaling in Proton as well I believe so that might be why it didn’t do that.

It behaves how fullscreen apps work on Windows, takes over your whole display and messes with the resolution and all.

It’s supposed to scale correctly, but otherwise Gamescope will take care of that particular issue.

Kinda annoying on Xorg when the game just decides my screen should be 800x600 and then proceeds to crash and leave me at 800x600 on a 4K display with scaling set to 200%.

That kind of makes sense? Aren’t the labs when they’re A/B testing or benchmarking new features before general release and toggle random people’s settings doing so? I vaguely recall some drama around that.

If I turn off telemetry I want those off too, it makes sense they’re linked. It you want a new feature there’s always nightly+about:config, but I don’t want it downloading random config toggles especially if it’s not reporting back that it broke my stuff. The code should be what I installed, not some random lab blob downloaded off their servers at runtime.

It seems to have picked up “circle” as the distro. You’ll need to replace that with the matching Ubuntu or Debian version of what this version of ElementaryOS is.

What do you want the UI for? For configuration it’s usually meh because it’s the kind of thing you configure by config file, often generated config files even. For stats it’s where it gets interesting, usually third-party options like Grafana is used along with something like Prometheus to collect the metrics.

When it comes to easy configuration, newer options go for the zero configuration angle rather than a nice UI to configure it. Just need some Docker tags and Traefik automagically configures itself, so the UI is just for viewing information.

I don’t remember the exact details but it didn’t work right. That was arguably a couple years ago on a server distro approaching EOL, may have been long fixed. It involved Android 4.4.

Few of them for most use cases, especially a VPS. My server have a couple of IPs each mapping to a different VM, they can all claim 22/80/443 as you’d expect, but that’s just basically the same as having a bunch of VPSes anyway.

It’s useful for some other uses like, I might want to dedicate an IP for VPN exit that doesn’t expose any services.

Another use is sometimes you just want two things to stay entirely separate, even if on a technical level it could work with a reverse proxy. It can eliminate some class of exploits like request smuggling.

One use case I’ve had for a customer is they have a system that can only do TLSv1.0, which is wildly obsolete and exploitable. So that particular API endpoint was served from a secondary IP, that way I can continue to enforce TLSv1.2+ on the primary IP. It’s possible with some reverse proxy magic with HAproxy, but I could also just make a new server block in the existing NGINX bound to that IP and call it a day.

The performance is a good point. You can do the striped mirror with ZFS too and still get the advantages of ZFS.

I think you can do all of that through the Proxmox UI, but it shouldn’t be too hard to do on the CLI either. You just make two mirror sets and you’re good to go. ZFS should automatically distribute the load across the two mirrors.