@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:

@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:

@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:

@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:

@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:

@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.

This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.

Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.

No one is discussing your own CA though. The CA mechanism is based on trusted roots.

I responded to certs specifically, regardless of context.

And you are correct, in that context. But that's not what context we were thinking of.

@notverypunny said in BitTorrent/P2P technology for distributed file transfer of large files?:

I would add the caveat to test first...

That always goes without saying, it's part of the development process. I take it testing things first is a new concept for you?

@hobbit666 said in Another Cron issue - reboot:

@IRJ @DustinB3403 will give that a try tomorrow if I get a chance otherwise Sunday

Don't do it as a user, as IRJ says. This is because Cron does not use sudo. That would not make sense, if you dig into it.

Here is why....

The reason you put a cron job under a user is to act as that user. If cron tried to sudo, you'd lose the ability for users with sudo access to act as themselves, compromising security and limiting functionality.

Any user with sudo access to root can put the cron job that they want directly under root itself, so #1 doesn't limit their functionality in any way, it only gives them more functionality.

If it used sudo, tracking down where root level things were happening would become enormously difficult, instead of being centralized.

@Markferron said in SAS Drives RPMs:

@scottalanmiller Thanks, figured as much.

Things like fragmentation are real, and will slow the "storage subsystem" in most cases. But that's not the same as the drive slowing. The drive itself works at a predictable speed that only varies when a block cannot be read and the drive has to try again. But even that speed is predictable. So the mechanical speed of the drive never varies (over time), but the throughput of data pulled from the drive can vary based on the rate of magnetic failure. But once that has any real effect, the drive is toast anyway.

Bookmarking site. Thanks @IRJ!

@Pete-S said in Wget - Download a Web Dashboard For Local Viewing?:

Here is Firefox headless mode:
Firefox uses the same browser, just run with the headless switch. Works from version 57 and newer.
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Headless_mode

Thanks. I won't be able to use this with brightsign, but it might work if I have to run windows for a site that I can't view a public dashboard.

Update:
I was able to get it working with a self-signed certificate and the functionality is great. I had NC connected to the OO server with https://localip That worked fine but once left my LAN, from the web it tried to resolve the local ip. That of course will not work and it does zero good to only work while you are on the LAN. I was unsuccessful at getting the self-signed cert to work behind nginx reverse proxy.
Is it possible to just have nginx forward http to the OO server and:

Allow Letsencrypt to verify and issue the certs Actually function behind the proxy if the actual cert is on the OO server directly. I cannot find any good documentation of OO working properly behind the reverse proxy in the normal sense.

Mellanox definitely has the name and reputation in this case, if that means anything. But saving money is saving money 🙂

@JaredBusch said in Which Hosted PBX Provider?:

@JasGot said in Which Hosted PBX Provider?:

I am an Intermedia Reseller and I can't stand their system. Plus as a partner, the end user cannot call Intermedia for support. This is no fun.

Are you looking for a reseller/partner solution? Then I would look at 3CX They have the business model.

Yes. I want to interact with the end user for config of features only (OS and app maintenance handled by anyone other than me) and I want revenue from the sale of hardware and setup, and I want recurring revenue from monthly fees. The recurring revenue must be charged to me so I can bill the customer at my rates.

@Dashrender
Yeah, further troubleshooting shows that DMZ1 can't initiate communication to anything that's on the other side of the FG. Will be testing against stuff in the management subnet tomorrow. Also going to try enabling asymmetric routing as a short-term test. Otherwise it's going to have to be an all-at-once move, which we were hoping to avoid.

Thanks to all for the suggestions and just for a place to get this out of my head and somewhat organised.

@JaredBusch said in Raspberry Pi 4:

I look forward to getting one fo these and seeing if it can now run Netflix/Crunchyroll better. The Pi3 could not do it well.

Please post after your test.

Here's a decent video on building a small Java class to interface with it: https://youtu.be/Od1FgLlK-mA

I know you were just explaining how to do it but this is a simple task with Ansible.

- name: Ensure user exists user: name: Joe state: present password: "password_hash" groups: wheel, libvirt

Instead of needing the hash up front you can do things like:

{{ Password1234 | password_hash('sha512') }}

@Pete-S said in Digital Signage - Display HTML5 Page That Requires a Login:

You could probably make a script with curl that will login to smartsheet every 5 minutes or whatever, downloads the html5 dashboard page and save it somewhere. Then your media player can access the saved data.

As @Romo said, login details are not sent in the URL.

Yeah. I was thinking it was a long shot. I have been trying to figure out ways to create a local dashboard or similar to what you were saying that does that, or pulls info via an API and then the signage player connects to that, sans login.

@Dashrender said in POS recommendation for a small bar:

@WrCombs said in POS recommendation for a small bar:

@Dashrender said in POS recommendation for a small bar:

@WrCombs said in POS recommendation for a small bar:

@syko24 said in POS recommendation for a small bar:

I think the option we may go with is ehopper.com as it can be used in your browser, android, or ipad.

the Free option doesn't have anything that small business would need, no support line, no way of building your own menu. Located in NY. Limited to 1 POS with almost no features that Small Businesses need in Hospitality.

I was also looking at aronium.com which is a free Windows POS software. It has a lot of potential but no merchant services options yet.

Based in Russia, No pricing on Website for Upgrades , All feaures seen are basic, No Storage of information was offered in the features section.

@syko24 said in POS recommendation for a small bar:

@JaredBusch said in POS recommendation for a small bar:

@syko24 said in POS recommendation for a small bar:

Run on Windows or possibly just browser based - not looking for iPad or Android App (screens are too small)

This is a horrible requirement. I've never seen staff have problem with a tablet based system due to the form factor.

How could it be too small? And if that is truly a problem, I have seen systems with oversized tablets. Used one to day as a customer when I took my wife's car to the carwash.

I have a client looking to move from some old shitty Windows based POS to something tablet based in fact.
https://www.republicofit.com/topic/19543/anyone-heard-of-rezku-pos

I agree that there are larger sized Android tablets that could work. I have also looked at some of the Android emulators like BlueStacks.com . The reason I had said Windows was a requirement was because the two owners (both in their 70s) are familiar with Windows. Plus they want to use hardware they already own. It's called shit we got 🙂 .

So, here's what I tell my customers when they say that they want to use their own hardware:
I can bring in a bag of food to your restaurant, give it to you and say go cook this like you cook your (insert Food found at restaurant - usually steak for example) and you will?
lets say you do, but it comes out under Par for the standard of your restaurant, then what?
I'd obviously still want a steak, are you going to replace that steak with one of yours for the same price im paying your chief to cook it?

for bars; am I allowed to bring my own alcohol into the bar?
lets say I bring in stuff for a mixed drink, will you make it with what I have?
(they usually stop me here. and say no,)

So think about it like this/ explain it like this: your clients will not allow someone to bring their own liquor/cups/food into their place of business where they offer a service and have a standard of business and guarantee for their product and services.

That's not exactly the same thing - at least in cases where the POS system does allow you to provide your own hardware.

How many of those tablet based solutions make you buy your own iPads/Android tablets?

I know for sure HRPOS says to buy your own.
Makes it better/easeir that way for support.

For aloha and Brink the analogy works, And for the last 6 years we only sold Aloha.

This is a salesman gimmick to sell this system. Definitely not something a hired consultant should ever use. For the consultant, it should be about what's best for the buyer.

Sure, other peoples equipment is a headache.
We dont support it.
In few cases, we let it go and help people out but they pay us to set up the terminals.
cause it's not a part of our Business Model to allow customer equipment in the site.

Honestly, anything higher than the 1080p resolution on a 13-inch laptop is a gimmick. The screen size is simply too small for any practical case of higher resolution. And even with 1080p, I have to scale my 13.3-inch laptop to 150%.

@Dashrender I just checked a couple of clients and Time To Live where set to 3600 at most and counting down.

@Obsolesce If it's default then one hour it is.

@JaredBusch said in Need a good example of getting powershell arguments:

I'll hit the google later, because I am on other things, but I found that something I touched today could very easily be improved if I can add parameter handling to the powershell script.

Now, the basics are easy as it is all in the $ARGS variable/object.

But I want to have some safety checking. because it is easier to do things right the first time.

Example: I want a parameter to note if I should make the thing being done the default.

I can pass a 1 like dothing.ps1 1 and I can simply code something to check $ARG[0] eq "1" but that is not very explanatory to the person using the script.

This is more explanatory dothing.ps1 -default for a command.

So has anyone seen a good example of parameter handling that I can put into my dothing.ps1 script?

I'm not sure I understand exactly what you mean.

Taking a guess here, but how I understand is that you'd want to add this at the top of your script:

[cmdletbinding()] param ( [Parameter()] [Switch]$Default ) if ($Default) { Write-Host "The -Default parameter was specified." } else { Write-Host "The -Default parameter was NOT specified." }

Doing that will give you the following output:

PS > .\JBTest.ps1 -Default The -Default parameter was specified. PS > .\JBTest.ps1 The -Default parameter was NOT specified.

If you want to accept input from a pipeline to work with, let me know.

Would this work for you? Much smaller, and still POE - just need to set the port to 48v

https://www.amazon.com/Tycon-Systems-POE-MSPLT-USB-POE-Converter-x/dp/B00PZ009AQ

41cK-P30W7L.jpg

@DustinB3403 said in Setting up an HP DL185 G5:

@Dashrender That is where I was thinking a surveillance system would be a good use. I could use it as a backup repo for my VMs as well with a simple NFS share.

Just needing some things to do with it, maybe something the kid could eventually use. (years from now. . . she's almost 1 already.)

All these things basically go directly to what Scott said - make it a giant storage array.