I’ll preface them by saying this is me being critical of it, it is otherwise very good:

• the bellows don’t stay attached, everytime I take the lid off to put beans in I have to reattach them in place
• grind adjustment dial is obscured by the indicator such that you can’t read what it’s set to easily
• adjustment indicator can itself be moved without changing grind size
• bellows tend to blow the fresh grounds everywhere, especially the fines at the end
• as a leftie, the switch is in an irritating position

Don’t stick your dinky were you wouldn’t stick your pinkie

Please do not fap into your coffee grinder, it’ll really increase the retention with all the stickiness. I fear you may have confused grinder with Grindr here

Fantastic grinder, got one a few months back and absolutely love it. Has a few quirks and I can never not laugh at the bellows, but produces generally tasty coffee with minimal dialling in

Turns out knives you can eat a surprising number of before it kills you

Account of a Man Who Lived Ten Years, after Having Swallowed a Number of Clasp-Knives

I don’t know if there’s any legal implications, but morally it’s pretty abhorrent. The question I’d be asking is would you even want to work for a company that engages in that type of tactic, especially since they’re likely to repeat that kind of nonsense after you’ve started the job.

Really simple

“Bollocks”

I would have also put 20 down on an expired certificate

You can use old machines for all kinds of servers, I’ve got a stack of old laptops running a Kubernetes cluster, but synapse would push some of them possibly further than they can go so I have it on my more powerful NAS, and even then it isn’t exactly speedy at times

Lots of decent suggestions here so not going to repeat them, but I do have a couple of my own if using synapse:

• have plenty of RAM
• have plenty of CPU
• have plenty of DB storage space
• use Postgres as your database, SQLite sucks

Basically synapse is just a resource hog, and you need to plan for that. The database itself grows quicker than you’d expect as well

I’m most familiar (although casually) either UK/EU rules, and this page has an excellent breakdown of what’s considered the bare minimum this side of the pond for safety.

https://www.gov.uk/guidance/drivers-hours-goods-vehicles/1-eu-and-aetr-rules-on-drivers-hours

Personally I prefer to have a 20-30 min break every 2 hours which leaves me feeling sufficiently refreshed, and conveniently works perfectly for changing a 64kWh EV enough to do the next leg at the same ratio. I honestly believe switching to an EV has forced me to become a safer driver with regard to taking breaks.

Most welcome, and really enjoying this thread for recommendations myself. Others I’ve been to in person in the last 12 months now I’ve had to think about it:

• Origin coffee, Cornwall - fantastic roastery café, very friendly staff.
• Buxton coffee roasters, Peak District - generally seem to be darker roasts but have some interesting ideas. Sadly doesn’t have a café
• Foundation coffee, Manchester - used to have a lot more in store than is currently online, not sure what’s going on. Two very nice cafés though
• ManCoCo, Manchester - white lie, didn’t go myself in person, but friend I was with did to get me a surprise gift as we were <5 mins away. Was a tasty coffee but can’t comment further.

Places I personally avoid from experience:

• Chatsworth house restaurant blend - had this in a Christmas hamper for the past few years, goes straight in the bin as it is undrinkably dark for my taste
• Pippas London - a front for a huge white label coffee distribution warehouse. Coffee was nice enough, but prefer to support small batch roasters.

Personally I really enjoy the whole going to the roastery and seeing what they have, trying a few things out etc, so I’m heavily biased towards what’s available to me locally. I’ve got The Nocturn to try when I next run out of Kickback, but as I’ve never tried any I can’t pass any judgement.

Current drinking a cup from Kickback Coffee in the Peak District, great coffee and great people, usually go and pick it up in person.

Ah I see, and you’re most welcome. 2FA is something I am very passionate about, to the point I’m trying to convince my whole family to use security keys, but I come up against a lot of resistance to it

Aside from SMS/email, which should be avoided anyway for other reasons, or proprietary solutions like MS’ or Steams approach, there is nothing to be gained from TOTP or WebAuthN.

TOTP (the 6 digit code that changed every 30 seconds, usually) is just a hash of a shared secret between you and the server, and the current time rounded to the nearest 30 seconds.

WebAuthN/FIDO2/U2F is private by design. Keys/authenticators derive a unique key for every credential pair, you can even register the same key multiple times because of this. About the only thing you gain is knowing what type of authenticator is being used, which is of questionable value at best.

Whilst I agree on the glue records, DNSSEC is most definitely included as standard (check my domain itsg.host which is on a free account)

That I very much agree with, CloudFlare is great, but it certainly isn’t for every use case nor should it be. Thats kinda the entire point I was trying to make.

I think it’s also worth bearing in mind there that the average fedi user currently is well aware of the lack of platform level moderation, both the good and the bad that come with that.

Took 4 takes for me to finally work out what it said

Well I was expecting some form of notification for replies, but still, seen it now.

My understanding of this is limited having mostly gotten as far as you have and been satisfied.

For other bouncers, there’s actually a few decisions you can apply. By default the only decision is BAN which as the name suggests just outright blocks the IP at whatever level your bouncer runs at (L4 for firewall and L7 for nginx). The nginx bouncer can do more thought with CAPTCHA or CHALLENGE decisions to allow false alerts to still access your site. I tried writing something similar for traefik but haven’t deployed anything yet to comment further.

Wih updates, I don’t have them on automated, but I do occasionally go in and run a manual update when I remember (usually when I upgrade my OPNSense firewall that’s runs it). I don’t think it’s a bad idea at all to automate them, however the attack vectors don’t change that often. One thing to note, newer scenarios only run on the latest agent, something I discovered recently when trying to upgrade. I believe it will refuse to update them if it would cause them to break in this way, but test it yourself before enabling corn