Today, I took a flight and tried to use the in-flight Wi-Fi, but I was unable to login to the the network. Nothing loaded or opened. I poked around in ip route and found two different routes that conflicted created by the Docker daemon. Looking at the following route, there’s two routes: 172.19.0.0/23 and 172.19.0.0/16. These correspond to: 172.19.0.0 - 172.19.1.255 and 172.19.0.0 - 172.19.255.255.
I tried screen sharing in a video call on my Ubuntu 24.04 computer running the Snap Firefox install, but I could never get it to prompt to share a screen, thus it wouldn’t work. This post shows how I fixed that.
For those not aware, Nix is an interesting new application (Nix) and operating System (NixOS) that provides a declarative environment definition and atomic operating system. Declarative means that instead of running apt-get install docker, you write down everything you want and it installs everything and removes everything you don’t want. You can use the same language to manage packages, users, firewall, networking, etc. This is useful because now you can revision control your OS state in Git and have exact replicas across multiple hosts.
My friend, dade, and I have been diving into Nix and NixOS. He got it working on his laptop, I’m trying to get it to be the OS for my four dedicated servers all running Kubernetes. In this post, I’ll walk through the main issues I encountered and how I got a single node running in an existing RKE1 cluster.
I’m not going to go all the way to use Nix to configure everything including my Kubernetes configuration. I know that’s possible, but I already have a Kubernetes cluster deployed using RKE1 that I’m not ready to break yet since it hosts this blog and other services. Maybe in a future iteration I will.
This article is part of the Self-hosted Finances series.
In my Importing and cleaning my Mint transactions, I worked through loading, cleaning, and solving for transfers.
However, Mint and other financial scraping tools are not authoritative and don’t expose everything that the bank itself will provide. For example, Mint and Monarch don’t have detailed enough stock transaction and position data to identify cost basis, tax lots, and positions. Directly going to the bank can give me higher precision time stamps, scans of checks, merchant addresses, and other attributes.
This article is part of the Self-hosted Finances series.
I have several projects running in my Home Lab that now have to store and use sensitive secrets. In my Self-hosted finances series, I developed software to scrape my own bank statements (more on that coming soon.) In other projects, I store API keys to manage DNS or even my dedicated servers.
These applications all run in Kubernetes, which does support Secrets, however, by default, they are not encrypted and are easily accessible to actors that have access to the K8s API.