@pterlisten Hmm dann weiss ich auch nicht gerade, der einzige Ort, wo ich UDP verwende (meine Nameserver) nutzt network=host, also sowieso kein Port forwarding

@pterlisten Ich nehme an, du hast den Port wie folgt freigegeben, also mit `/udp`: `-p 443/udp`
ohne Protokollangabe ist es nur TCP

@morgthorak I think you might want to make sure you don’t follow me.

Because your “woke communist propaganda” comment makes me think you’re a moron of the first order.

I strongly suspect I am one of those “woke communists” you worry about. But you probably couldn’t actually explain what either of those words actually mean, could you?

I’m a card-carrying atheist, I think a woman’s right to choose is very important, I think that “well regulated militia” means that guns should be carefully licensed and not just randomly given to any moron with a pulse, and I couldn’t care less if you decided to dress up in the “wrong” clothes or decided you’d rather live your life without feeling tied to whatever plumbing you were born with.

And dammit, if that all makes me “woke”, then I think anybody who uses that word as a pejorative is a f*cking disgrace to the human race. So please just unfollow me right now.

@elkcityhazard @gytisrepecka yes, I also just use the stdlib

@merlin you can also directly login at the .is nic and change some settings directly instead of via the registrar

@rachel @merlin well it's no longer jboss, still java tough (now quarkus)

also had to fight some time until I got the optimization and proxy config working ...

@_davd running nameservers (knot dns), gitlab, mailcow and more in "personal" production since mid 2022.
mailcow in docker everything else in podman quadlets
my ignition config is the bare minimum for most hosts, so just an ssh key

sometimes I stumble over selinux, but there were no other hurdles for me

@cholling not with nginx on its own, but looks like it might be possible together with fail2ban: https://gist.github.com/joecampo/848178ab5c18aada0eab

@cstross "If he's against it, I should be for it" is certainly a supportable position to take, but I've read a few articles like this one claiming that the Wikimedia Foundation is already swimming in cash and (in Mozilla fashion) almost none of it gets spent on making the encyclopedia better, so I don't know what to make of that: https://slate.com/technology/2022/12/wikipedia-wikimedia-foundation-donate.html

@gehrke_test sie schreiben "saved in a Ceph cluster" in der Dokumentation und in der Job ausschreibung suchen sie auch einen ceph experten: https://hetzner-cloud.de/jobs/1827877

hab ich das doch nicht halluziniert ^^

@gehrke_test hetzner s3 ist minio? jetzt nicht nachgeschaut aber dachte das sei ein ceph gateway

@gbraad @nextcloud there are only two providers left on this page?, I remember a lot more, interesting ...

@adrian @winfried well Cloudflare probably only owns one.one.one. (one.one. is an other company) zero.one. is also not owned by cf, so that might also be a reason

@johanneskastl Ran my mail server on Hetzner for a long time, switched to a local smaller company, but not because I really had any problems.

@tendstofortytwo @fredbrooker well you can try using the h2 database, though it might be locked to dev mode, just make sure it's actually in the volume you expect it to be
on the other hand a postgres container won't use a lot of resources, probably less than have of what keycloak requires

@fredbrooker @tendstofortytwo
yes don't miss the production deployment configuration, for example: https://www.keycloak.org/server/containers#_running_a_standard_keycloak_container

and be aware, keycloak is no longer using jboss, so the database is not located in /opt/jboss... I guess it's now located in /opt/keycloak/data/h2, but it shouldn't be used anyway, you're better off going with a separate postgres database

@xeiaso.net there is at least one more in the same area, the Norwegian buypass: https://www.buypass.com/products/tls-ssl-certificates/go-ssl

@ctietze well wireguard is the protocol used by the for-profit corp tailscale to provide a mesh network
tailscale supports(I think) an open-source reimplementation of their service called headscale

@fredonline @guyjantic this, it's pretty clear in the proof mails linked in the reddit post

@kev @amoroso Hmm, isn't the request for donation shown on Wikipedia for your local branch and not for running wikipedia.org? Or, at least as far as I remember, a big part of the donation goes to local actions instead of the foundation. If that's your intention, perfect.

I just hope Mozilla does not forget that they have a browser which should try to keep up with the standard.