@flaxking said in SSL/TLS client certificates questions:

Domain name doesn't matter, unless you're signing with a public CA. I'd think self-signed vs internal CA vs public CA would depend on what the authentication mechanism supports and how you have to manage the certificates. (i.e. if there are going to be a ton of them it might be easier for the authentication mechanism just to trust certificates signed by a certain internal CA rather than having to make each certificate trusted.

From what I've seen so far, I've come to the same conclusion.

@jmoore said in Redoing Home Network:

@scottalanmiller I'm the same way, I get that habit from my Av days. I bought Allen & Heath mixing boards, QSC amps, and small Community speakers. This is all professional equipment and it had more options and lasted a lot longer. In fact all those pieces are still working today.

Yup, I can from the audiophile world, too. And it was often cheaper to get hifi gear than to get the crappy, sounds horrible consumer junk.

@scottalanmiller said in pi-hole: Group Management:

@marcinozga said in pi-hole: Group Management:

@stacksofplates said in pi-hole: Group Management:

@stacksofplates said in pi-hole: Group Management:

@marcinozga said in pi-hole: Group Management:

@stacksofplates said in pi-hole: Group Management:

I just use CloudFlare for families. If I need to, I can change DNS on whatever to view something.

That only blocks malware and porn if you choose to. What about ads, marketing crap, tracking, etc.?

I leverage what's in the browser for that stuff.

That might not be 100% the best way to handle it, but I don' thave to manage and pay for a server to do it.

No Raspberry Pi lying around?

Who has an unused computer lying around? lol

I don’t, this old box of mine is hitting its last legs...

@stacksofplates said in Local Encryption ... Why Not?:

@scottalanmiller said in Local Encryption ... Why Not?:

@stacksofplates said in Local Encryption ... Why Not?:

@Dashrender said in Local Encryption ... Why Not?:

@scottalanmiller said in Local Encryption ... Why Not?:

@jmoore said in Local Encryption ... Why Not?:

I've advocated we store nothing on our laptops but so far its had little effect. We are very backward here unfortunately. I think storing mostly online is very good and makes services like Nextcloud very valuable in this scenario.

It was turned on by the vendor when delivered. Nothing was stored on the device and they had no idea that there was encryption on it.

A new laptop showed up that way once - I was like - wth?

I think the bigger question was, it didn't get reimaged to whatever standard they're using?

Ha, this is medical. Zero standards. Ever seen any medical that has a standard build? Nope. Or even standard hardware? Nope. Or even consult someone in IT within six months of having put a machine into service? Nope.

Idk when I was doing my business I had a few Drs offices and I reimaged them when they got one.

That's because you got to be in charge, I would assume. Here we are only "as needed" and the head of operations runs IT and only has us fix what she breaks (which is quite a lot.)

@JasGot said in How to start taking a company to Microsoft 365 based operations.:

If a customer is asking to go "Cloud based" and they want to stay MS based. What would be you path for a customer who has standard server now.

The real trick is getting them to talk about their goals. Going "cloud" or "Microsoft" aren't business goals, those are means, not ends. So we have no idea what they are trying to do, only how they think they will do it.

It's like stating your goal as "using a hammer" without stating why or to accomplish what. A hammer is reasonable, maybe. But just knowing it's a hammer, you can't go any further without just making up what they might want to accomplish.

I am currently using ZT to Route between my various networks, like a Site-to-Site VPN. It can be a pain to set up, but once it's up and going, it's great!

@gjacobse said in UBNT EdgeRouter Lite; Performance:

Performance seems best with Upload set and download off....

Those numbers seem about right for a EdgeRouter Lite. If you need QoS enabled for download, you'll either need to upgrade or just live with the slowdown.

@scottalanmiller said in Installing Laravel on Ubuntu 20.04:

@Pete-S said in Installing Laravel on Ubuntu 20.04:

@Pete-S said in Installing Laravel on Ubuntu 20.04:

@scottalanmiller said in Installing Laravel on Ubuntu 20.04:

@Pete-S said in Installing Laravel on Ubuntu 20.04:

OK, if you are not running apache or nginx, you should install the php-cli package instead.

So that seems to get installed anyway as a dependency on its own.

Yes, it does. But by using the php package and not php-cli, you probably got apache installed on your system as well - by dependencies.

You could find out by running: apt list --installed | grep apache

Or systemctl status apache2 to see if it's running.

Even if it was, Laravel uses Artisan's server.

I'm guessing they are invoking php's built-in webserver.

Regardless, the point is that if you swap php to php-cli in your install guide you don't get apache and other stuff you don't need.

Still nothing?

So here's a playground example of using functional options and error handling: https://play.golang.org/p/cfw7axv6pjO

The advantage over method chaining is that we can return our errors correctly this way. Using the following as an example, I can return my error the whole way to the function call in main() and only need to handle it in a single place.

type MethodOption func(*http.Request) (*http.Request, error) func NewRequest(opt ...MethodOption) (*http.Request, error) { r := &http.Request{} var err error for _, opt := range opt { r, err = opt(r) if err != nil { return nil, err } } return r, nil } func SetURL(URL string) MethodOption { return func(r *http.Request) (*http.Request, error) { u, err := url.Parse(URL) if err != nil { return nil, err } r.URL = u return r, nil } } req, err := NewRequest( SetURL("https://google.com"), ) if err!= nil { fmt.Println(err) os.Exit(1) }

My plan too as soon as the Meraki license comes up next year

@Skyetel said in Anyone Using Amazon Chime Business Calling:

That's why they don't include CNAM or 911.

No one should get CNAM from their carrier anyway. It is a silly expense to pay for no reason for many businesses.

@stacksofplates said in Linux Desktop Environment:

I use GNOME 3 pretty much no matter what it is. Every so often I'll use i3, but I really like GNOME.

I use Gnome 3, but only out of standardizing. I actually prefer most other options. Cinnamon just calls to me a lot.

yes, it was down this morning

@FATeknollogee said in Help setting up routing:

@JaredBusch Just curious, what it the /23 on eth3, is that one of your LAN IP blocks from AT&T?

AT&T can't issue private IP addresses.

@JasGot said in Sending Secure E-Mail?:

The dept is engaged in a grant program with the State Department of Environment…, which requires us to include our banking information on every reimbursement application.

Come to think of it, banking information is not really sensitive info, is it? If you send an invoice to anyone, they have your banking information.

The only risk here is a man-in-the-middle attack where banking information is changed on the application while it's being submitted. So that the money is transferred into another account.

So do the company send all their invoices and ordinary mail containing banking info by registered mail in locked containers, so it is secure from end to end?

If not, then email isn't any less secure.

@brandon220 said in Anyone here know of core banking vendors that are actually good for small community banks?:

The only one I've ever had dealings with starts with an F. I have listened to a few of the others give their "sales pitch" but when you are so heavily involved and invested with the same core for so many years, there is a "fear" among the C-levels that prevent them from wanting to change. Some of the ones we listened to even offered to buy out the current contract, etc. just to be awarded the contract.

My biggest gripe with the above mentioned is the lack of keeping software current and not using legacy programs and software. In 2020, we still are forced to use IE11 for most of the web-based items. If you question it, you are asked to submit a feature request to update a platform.

Yeah a lot of our services require IE11 and they wont even work with modern browsers. Much of the applications we have been using are terrible, slow, clunky and end of life with minimal support from our core vendor.

Final verdict, it completed and showed clean shutdown.

I deleted all the log files at this point and the database mounted.

Email flow resumed around 4pm with no lost email as the spam filter kicked delayed messages in response to inbound email.

Having this issue on another Ubuntu 20.04.

Same error as before, but everything seems to be installed correctly

vagrant plugin list No plugins installed.