• 1 Post
  • 26 Comments
Joined 1 year ago
cake
Cake day: July 12th, 2023

help-circle


  • I’ve used nextcloud for a while now, but it does suffer from jack of all trades syndrome. I’ve started offloading the things I use it for to other services that do a particular thing better. Syncthing for general file syncing across my devices, Immich for managing photos, Radicale for contacts and calendar sync…

    If you’re just looking for an all in one Google Drive like experience for your files though, Nextcloud is as good as it gets.



  • I use Portainer and it’s a good UI, but I find the way they market business edition pretty scummy. Like having a banner ad constantly visible on the page, and having half the features visible but disabled with a big bright “upgrade to Business Edition” message next to them, and directly refusing to add any mechanism to opt out. I respect that they need funding for development, but they need to realize that a lot of their users simply don’t need a business license and aren’t going to buy one no matter how much advertisement you throw at them. The fact that they don’t realize that and refuse to budge indicates to me that they’ve stopped caring about the user experience of their product.

    Sorry for the rant, I’ve been annoyed by this for a long time. Some day I’ll set up my own gitops pipeline, but that pesky day job keeps getting in the way.






  • it also means the need for societal shift to support people outside of capitalism is needed.

    Exactly. This is why I think arguing about whether AI is stealing content from human artists isn’t productive. There’s no logical argument you can really make that a theft is happening. It’s a foregone conclusion.

    Instead, we need to start thinking about what a world looks like where a large portion of commercially viable art doesn’t require a human to make it. Or, for that matter, what does a world look like where most jobs don’t require a human to do them? There are so many more pressing and more interesting conversations we could be having about AI, but instead we keep circling around this fundamental misunderstanding of what the technology is.


  • I can definitely see why OpenAI is controversial. I don’t think you can argue that they didn’t do an immediate heel turn on their mission statement once they realized how much money they could make. But they’re not the only player in town. There are many open source models out there that can be run by anyone on varying levels of hardware.

    As far as “stealing,” I feel like people imagine GPT sitting on top of this massive collection of data and acting like a glorified search engine, just sifting through that data and handing you stuff it found that sounds like what you want, which isn’t the case. The real process is, intentionally, similar to how humans learn things. So, if you ask it for something that it’s seen before, especially if it’s seen it many times, it’s going to know what you’re talking about, even if it doesn’t have access to the real thing. That, combined with the fact that the models are trained to be as helpful as they possibly can be, means that if you tell it to plagiarize something, intentionally or not, it probably will. But, if we condemned any tool that’s capable of plagiarism without acknowledging that they’re also helpful in the creation process, we’d still be living in caves drawing stick figures on the walls.







  • I’m not super paranoid about security, but I do try to have a few good practices to make sure that it takes more than a bot scanning for /admin.php to find a way in.

    • Anything with SSH access uses key-based auth with password auth disabled. First thing I do when spinning up a new machine
    • Almost nothing is exposed directly to the Internet. I have wireguard set up on all my devices for remote access and also for extra security on public networks
    • Anyone who comes to visit gets put on the “guest” network, which is a separate subnet that can’t see or talk to anything on the main network
    • For any service that supports creating multiple logins, I make sure I have a separate admin user with elevated permissions, and then create a non-privileged user that I sign in on other devices with
    • Every web-based service is only accessible with a FQDN which auto-redirects to HTTPS and has an actual certificate signed by a trusted CA. This is probably the most “paranoid” thing I do, because of the aforementioned not being accessible on the Internet, but it makes me happy to see the little lock symbol on my browser without having to fiddle around with trusting a self-signed cert.



  • One of the things I like about containers is how central the IaC methodology is. There are certainly tools to codify VMs, but with Docker, right out of the gate, you’ll be defining your containers through a Dockerfile, or docker-compose.yml, or whatever other orchestration platform. With a VM, I’m always tempted to just make on the fly config changes directly on the box, since it’s so heavy to rebuild them, but with containers, I’m more driven to properly update the container definition and then rebuild the container. Because of that, you have an inherent backup that you can easily push to a remote git server or something similar. Maybe that’s not as much of a benefit if you have a good system already, but containers make it easier imo.