Elvith Ma'for

Congrats! You’re one of today’s (un)lucky 10000!

IIRC the full reveal - and also why the game is titled Horizon Zero Dawn - is quite late. But I think the general theme, that those robots run on biomass is mentioned quite early, although not quite in the sense as it is portrayed in the reveal.

No, see also this diagram: https://www.digitalberry.fr/wp-content/uploads/2023/02/DNS-challenge-process.png

You use an ACME client (either explicitly with e.g. certbot or a webserver that has a client Iintegrated like Traefik, Caddy,…) to communicate with an ACME server (the CA, e.g. Let’s encrypt). Your ACME client asks for a certificate with a DNS challenge. It gets a code that you/the client needs to publish as a DNS record. Only then the client talks to your DNS provider and tells them to put a specific TXT record on your domain (or onanual mode: the client prints out the value and you need to put it there manually). After your DNS provider published it, your client tells the server to check the challenge and hand you your certificate.

Your DNS provider in this diagram is just that one small rectangle in the lower left.

Note: There’s nothing stopping your DNS provider to just do all of this, generate a certificate for you and providing you with a button in your account where you can download a certificate with a single click. Also if you are at a webhoster and only host a simple page there, they will probably also provide your with a TLS cert with the click of a single button.

In general yes, but… that game is now 8 years old, has a successor AND a remaster. So… I don’t really think this is a spoiler anymore at this point.

I read this as they’re even generating the frames with AI:

The tech demo is part of Microsoft’s Copilot for Gaming push, and features an AI-generated replica of Quake II that is playable in a browser. The Quake II level is very basic and includes blurry enemies and interactions, and Microsoft is limiting the amount of time you can even play this tech demo

While Microsoft originally demonstrated its Muse AI model at 10fps and a 300 x 180 resolution, this latest demo runs at a playable frame rate and at a slightly higher resolution of 640 x 360. It’s still a very limited experience though, and more of hint at what might be possible in the future.

“We’ve talked about game preservation as an activity for us, and these models and their ability to learn completely how a game plays without the necessity of the original engine running on the original hardware opens up a ton of opportunity.”

No, I don’t think that you’re talking about preservation then. Not even game emulation. You’re talking about game hallucination.

The DNS provider needs to provide an API, but not an ACME server.

Your server contacts Lets Encrypt and wants a certificate - say for homeserver.example.com. It tells Let’s Encrypt to use DNS based authentication. Let’s encrypt answers with a challenge code, that you now publish as a txt record with a defined name via your providers API for this (sub)domain. Let’s encrypt then checks the TXT record and if it finds the challenge there, it sends you the certificate.

I already use certbot with my DNS provider, so it should generally be supported. And indeed, O found the docs, where all supported providers are listed.

https://doc.traefik.io/traefik/https/acme/#providers

Does Trafik also allow DNS based challenges with additional certbot plugins, or does it only work by serving a challenge in /.well-known/?

I’ve set up my internal homelab with LE certificates, but if I could get rid of certbot and do this automagically, it’d be nice…

Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!

Programmers / Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.

Security technicians: takes a deep swig of whiskey I wish I had been born in the neolithic.

At least we’re constantly told to be ready to act to reroll secrets, etc and try to automate the change/deployment of changed passwords and such.

Depending on the system you’re working with, this may still be a PITA, but at least we do have plans for even the “problematic” systems and we have probably done this a few times. Although maybe not at this scale, tbh.

So, imagining I were tasked to do that for $hyperscaler in “my” systems… I feel some dread, as even if everything is automated ä, there’s always something that doesn’t go as planned - but at least I know what can be done in which way and which timeframe is realistic (and which parts will be the most sensitive). If you do not have plans, well… Good luck. You’ll need it.

Ok, who of you guys is working with Oracle Cloud and has not yet rerolled all API/Access Keys, passwords and so on? And what company do you happen work for? ^Just asking for a friend^

Maybe I didn’t search right, but since I found podlet first, while looking for a tutorial, I was lazy and gave it a try. It’s result was enough to get me there. Maybe, had I completely read the podlet docs and checked all optional arguments, o could have gotten a perfect result. But that way, I learned better about quadlets.

I’m currently trying to migrate my stack on my VPS from docker to podman. Bonus points if I get it running rootless.

Somehow, podman compose just wouldn’t work with my existing docker compose file. I quickly found out that podman has many options, but quadlets are preferred. It took me a while to understand what they even are and their concept. I did get the idea and the concept from the docs, but everything else was demonstrating how to set up a very simple one (think a hello world container). Or I found some blog posts with ready made complex examples for some random stacks that were way over my head. But a simple tutorial on how to map the fields/parts of a docker compose to a .container, .network or .volume file for my stack consisting of several containers in a few networks with a reverse proxy in front of it? Nope.

I’m the end I found podlet and used that to convert a docker-compose. While the result wasn’t completely working (e.g. a problem with some environment vars that got passed and switched in a few “layers” that podlet understandably messed up), it was enough to understand all of it with the docs and complete the quadlet. Now I just need to experiment with the rootless part.

Currently, my first and foremost pet peeve is, that different distros use different approaches and utilities, but many blog posts or guides don’t tell you what distro they’re for. If you google the problem and find the fourth guide on how to solve it and realize halfway through, that it’s again e.g. for Debian based systems, while you’re running on SUSE or RedHat or Arch or… can be very frustrating.

HELLO FELLOW HUMANS. I’m sorry I cannot answer this prompt as it violates OpenAI terms of services. I’m not allowed to answer in a way that misleads people to think I’m a real human and that conceals my nature as a fancy auto complete.

Don’t worry, it’ll cum to your mind

May I press it?

FTFY

I’m currently experimenting if I can convert my stack to rootless podman.

I found in my notes, that

A user-mode networking tool for unprivileged network namespaces must be installed on the machine in order for Podman to run in a rootless environment.

Podman supports two rootless networking tools: pasta (provided by passt) and slirp4netns.

Could this be your problem?

Taken from https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md

Yeah, I drive Horse shift

HorseDick.jpg

…orm removal pill?