Currently it supports only HTTP-01 challenges (no wildcards, must be reachable).

What about with e.g. internal ACME endpoints like https://developer.hashicorp.com/vault/tutorials/pki/pki-acme...

https://sre.rs - DevOps course for small companies and individuals/self-hosters.

I’ve posted this previously, but it’s been more than a year since I published the course and it’s still right about $500/mon.

When I was starting all this, I had higher hopes, but it’s been difficult competing with instructors who already have tens of thousands of students and thousands of reviews - they appear on the first page when you search for a particular subject and “no one” goes past the first page.

Landing page immediately sucked me in, and I'm curious about more. I looked at your blog and I was disappointed

Sorry :) That one thing is cool though?

Fuzziness does not seem to be on point for me though, any tips? If I want to `cd` into a directory called `something-with-dashes`, if I do `zi` and then start with `smtw` (omitting the `-`), it doesn't find it. Only when I add `-` it shows up.

Sadly, no :(. I always just look for exact substrings. Might be worth trying to get working though…

On Arch, zfs-linux package has an exact version of linux as a dependency. linux package gets updated fairly often, and by the time zfs-linux package catches up, linux is already on a newer version and you are unable to upgrade.

Sometimes it takes quite a while before those two are in sync and you can upgrade your system.

In addition to the other comments: you could use the zfs-dkms package which builds it from source on every update

If you reorder your repositories so the zfs repository comes before the default one in the configuration you won't have that problem.

Huh, interesting, will have to try that out, thanks.

Targetting the linux-lts package as a dependency instead of linux should reduce the impact of this issue

You can install the specific older version of the Linux package that the zfs package needs. You can also pin it so it won't get updated by regular upgrades.

Is there lts kernel support for zfs-linux? I found I had to switch to the lts kernel on an Arch gaming rig because of issues with Nvidia drivers.

There is zfs-linux-lts for that.

It has nothing to do with HTTPS, it's just that ads are served from the same domain.

And one of my favorite commercials ruins everything with small print at the end: "liquid damage not covered by warranty". This shouldn't be legal :)

https://www.youtube.com/watch?v=DYCnHebwTCM

Google Domains is sold to Sqaurespace and at least 3 of the things you mentioned are a drop in the ocean.

There’s a ViM plugin for VS Code, of course :)

which sadly is a bit lacking

You can use `figlet` to create banners which are readable in the minimap.

That’s not the point. I don’t want any software sending analytics unless I specifically allowed it.

FWIW, it gives you a warning and the chance to disable analytics before sending any analytics. https://docs.brew.sh/Analytics

> Homebrew gathers anonymous aggregate user behaviour analytics using Google Analytics (until our in-progress migration to our own InfluxDB). You will be notified the first time you run brew update or install Homebrew. Analytics are not enabled until after this notice is shown, to ensure that you can opt out without ever sending analytics data.

Agreed, I was shocked when I installed the Dart programming language and found out it sends analytics by default. A programming language!

An implementation of a build system for a programming language

You know, as the law requires in the EU

That is a very simplifying view of the legal situation and that's not helpful at all.

First, it only applies if you collect PII - depending on what they collect, they might not be subject to the GDPR at all.

Second, informed consent is only one of the options that allows collection and storage of PII. There are various other reason that allow collection and storage of PII, among them "Legitimate interest". For example, it is considered legitimate to store webserver logs containing PII (IP Addresses) for purposes of fraud analysis, unauthorized system access etc. Whether a specific collection of data is legitimate under those clauses depends on the specifics of a case (who has access, what's the exact purpose, how long you store, ...) - ask a lawyer if you need an assessment.

Depending on what they log and how they log, they may be either in the clear or in a bad place, but it's definitely not as simple as "the law requires no logging".

The analytics page describes them tracking information across time with a unique user identifier. They claim that identifier doesn't identify you, but it's attached to an exact Brew install so it does track your personal account on your machine at the very least; I'd classify that as PII.

Had they not submitted unique user tokens I think you mag be right. However, that's not how the analytics seem to work.

The law does allow logging for a variety of things but in this case I'd say they're in the wrong. They assume that it's okay because they don't track you across websites and that's good to know, but that's not the point.

I don't think that's true - AFAICT there's no EU law banning analytics. EU law just restricts storing & processing _personal_ data (GDPR) and storing unnecessary data on machines without consent (ePrivacy/'cookie law').

If you want to log fully anonymized data, without persistent tracking ids and without leaking personal data to 3rd parties en route (so no "send it to Google and they promise to anonymize the IP afterwards") then you're all good (but IANAL!).

The only reason you see all those cookie notices and GDPR consent requests is because so few companies are willing to accept even the tiniest tradeoff in their metrics to protect their users' privacy.

There's an implicit _for websites_ on there. Has it been litigated for non-website use like this where the program can control which fields are being submitted?

GDPR doesn't distinguish between websites and applications. It's about collection, storage, and transmission of personal information. No matter who, what, or where. One of the core pieces of information cracked down upon by the French DPA CNIL is that the IP of a user is considered protected under GDPR.

The German DPA has ruled that the usage of Google Fonts on a website broke GDPR because it forced the user's browser to reveal their IP to Google.

Right but they can control what Google Analytics can collect from the program under their control, whereas in a browser, they can't in the same way.

That is not actually how the GDPR works. Anonymous telemetry without PII does not need any consent.

Besides consent there is also the possibility of legitimate interest under the GDPR.

That wouldn't be it

The GDPR applies to anything that collected PII about EU citizens.

What.

Then you can either: 1) don't use the software 2) analyze the software source code to understand what it does before using it

I tend and prefer to assume good-will WRT telemetry in well-known and independent opensource projects.

You forgot 3) Complain at different intensities, up to the shaming, about the unethical dark patterns employed by the software, no matter whether it is open source or not, to make authors of the software aware, that what they do is not welcome by their users.

Disagree, it should be the norm.

I use Little Snitch to alert on any outbound connections and make a decision. The google stuff immediately got a permanent blackhole for Homebrew. Anything I'm uncertain of I'll give a short-term approval (30mins) to not break anything. After a couple of rounds of execution (and sometimes some trial & error) you can usually work out which requests are essential and which are some notifications/tracking thing.

So you didn't see the notice brew(1) gives you on first run?

I can't recall, though this approach isn't specific to homebrew. I block it permanently at a network/process level rather than having to remember to set a ENV var.