boydster

I don't know what species this is, but I was lichen it when I saw it.

Apologies if the photo quality is insufficient. In a particular bit of forest, I found an area with a large birch population that all seemed to be suffering from the same issue. Something is causing the leaves to first stripe green and yellow, then turn brown/black, and while there are new leaf buds forming, trees are seemingly losing the leaves faster than they can replace them. There are other areas with birch trees on the same forest that don't have this issue at all. In the affected area, some trees have only one or two leaves left with any green in them at all.

This is in New England, USA

According to the lore, Fred Trump, while in the grips of Alzheimer's, insisted on still going to work every day. And the people that surrounded him, in order to let him keep feeling powerful while minimizing the amount of damage he could do to their business dealings, would have him sit in an executive office all day signing papers.

With that backdrop, I got to thinking. I know the administration has been planning on using a steady stream of EOs to keep overwhelming the news cycle. But I think the people surrounding Trump also realize he's completely toast at this point and they're deploying the Fred Trump strategy of keeping him busy signing "very important papers."

That was all. Just some random shower thoughts that were probably too political for the showerthoughts community.

Saw this at the Art Institute of Chicago recently

Greetings. I'm using PiVPN right now. Works great for me, connecting via Wireguard clients and able to use both WAN and LAN. There is one client that I would like to allow to connect to my VPN and be able to use the WAN only, and this is where I'm running into some trouble finding a solution. I took a few swings at the problem by trying to narrow down the Allowed IPs in the wg config file but that not only didn't work but in hindsight it seems like an ineffective way to attack the problem to begin with.

Is there a way to set this up, either via something in the client config file or something else on the hosting side? I don't want to disallow all Wireguard clients from accessing the LAN+WAN. It's just one particular client that I want to allow access to only the WAN.

Thanks!

For people interested in learning Old English, Osweald Bera is an introductory book written by Colin Gorrie that, if I recall from his prior announcement about this, leans on a method called comprehensible input to teach the language. As far as I can tell from watching some of his youtube videos and reading his other online material, this looks like it could be useful for folks that are including "Learn Old English" as an item on their New Year's Resolution list.

The preorders were just announced. They are saying they intend to begin shipping the books themselves mid-November.

Trump was on Univision yesterday for a town hall, and during one exchange he made a huge deal about how great he was for farmers. Additionally, he's been talking about crazy tariffs again at recent events like the Economic Club of Chicago. With those things in mind, I thought it would be relevant to take a quick walk down memory lane. It's also worth noting, the article is pre-COVID - August 30, 2019. As many people with functioning memories will recall, things would not go on to get better from there.

Iran's alleged plot to assassinate former President Donald Trump and hack the Trump campaign amount to "an act of war," according to Republican Senator Lindsey Graham of South Carolina.

Just days after a would-be assassin's bullet grazed Trump's ear in July, the FBI announced that Iran had allegedly been separately plotting to kill the former president. Federal officials later revealed that Iran had hacked and stolen confidential information from the Trump campaign.

...

Paraphrasing his psychotic post that they are discussing in this article: "Bullets are flying, the war has begun, the Immigrant Problem must be brought to a final solution!"

After seeing someone else posting their struggles with getting Docker running on their system, I thought I might share my process for setting up new Docker nodes. I don't make any representations about my way being the right way, or the best way, but this way has been working for me. I have been playing around with a swarm, but if you aren't setting up a swarm you can just omit the swarm commands and some of the firewall allows (keep what you need open, obviously, like 22 for SSH if you're using it). Similarly, if you aren't connecting to a NAS, you can leave out the part about mounting external storage.

# new Docker Swarm node setup from fresh Debian Netinst

# as root, all nodes
apt install sudo
usermod -aG sudo [user]
logout

# as [user], all nodes
sudo apt update
sudo apt upgrade -y
sudo apt install fail2ban rkhunter ufw unattended-upgrades ca-certificates curl -y
sudo ufw allow 22 
sudo ufw allow 2377
sudo ufw allow 7946
sudo ufw allow 4789
sudo ufw enable
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
sudo usermod -aG docker [user]

## Shared Storage Stuff, all nodes ##

nano ~/.smbcredentials
# paste the following:
#   username=[cluserUser]
#   password=[clusterPW]
#
# add mount point for shared storage
sudo nano /etc/fstab
# add the following to the bottom:
# /[NAS.IP.Address]/[ClusterStorageFolder]/ /home/[user]/share cifs credentials=/home/[user]/.smbcredentials 0 0

# on main node only
docker swarm init --advertise-address 
  #  copy the join command, we'll need it next

# on any additional nodes, paste the command copied above
docker swarm join [...all the rest of the command...]

# for each docker container, on any manager node
mkdir ~/share/[serviceName]  
cd ~/share/[serviceName]
  #  copy relevant compose.yml into the folder
  #  if necessary, also create any needed directories
docker compose up -d
docker compose down
docker stack deploy -c compose.yml

Just saw these new HoMe boxed sets are coming out, with the first set releasing in November

Credit: TimeMaps

As part of a personal educational journey, I've been exploring early human cultures. There are a lot of great websites I've encountered along the way, but this one had escaped my radar until yesterday.

I grabbed the map portion from a series of posts they had about early farming and strung them all together into a gif so I could visualize it better for myself, and it ended up looking pretty neat so it seemed crazy not to share it.

The green parts of each slide show you where the farming was happening at the time. The first slide represents 10000 BCE, and each slide after is dated 1000 years further ahead in time, all the way up to the last slide at 3000 BCE, as outlined by the TimeMaps folks.