KOReader is by far better than the crappy stock firmware from Kobo. While the interface is not the prettiest, it still has a lot of advantages :

• it adds the ability to browse the filesystem (how do people use an e-reader without folders ?)
• loading medium to large PDFs takes ages in kobo’s stock UI, while it’s almost instant in koreader
• there are a bunch of plugins you can add to koreader

While I really hate Kobo’s stock UI, I still recommend getting one if you like truly owning your hardware. It’s really easy to enable ssh access and then it’s just regular Linux. It’s even possible to run an X server and launch Linux graphical apps on the e-ink display (not quite usable though)

Having a certificate for any subdomain has implications for other sibling domains, even without a wildcard certificate.

By default, web browsers are a lot less strict about Same Origin Policy for sibling domains, which enables a lot of web-based attacks (like CSRF and cookie stealing) if your able to hijack any subdomain

The Wikipedia page says the following :

On January 28, 2015, the ACME protocol was officially submitted to the IETF for standardization.[28] On April 9, 2015, the ISRG and the Linux Foundation declared their collaboration.[9] The root and intermediate certificates were generated in the beginning of June.[29] On June 16, 2015, the final launch schedule for the service was announced, with the first certificate expected to be issued sometime in the week of July 27, 2015, followed by a limited issuance period to test security and scalability. General availability of the service was originally planned to begin sometime in the week of September 14, 2015.[30] On August 7, 2015, the launch schedule was amended to provide more time for ensuring system security and stability, with the first certificate to be issued in the week of September 7, 2015 followed by general availability in the week of November 16, 2015.[31]

So we’ll have another anniversary to celebrate in nearly a year

I did not have the money to pay the insane amounts these greedy for-profit certificate authorities asked, so I only remember the pain of trying to setup my self-signed root certificate on my several devices/browsers, and then being unable to recover my private key because I went over the top with securing it.

I was exited to read about the recent surge of brute force attempts I received from IPs my fail2ban has not previously seen, but this is just a generic piece from 6 months ago :(

Thank you for the link. I’ve seen it posted a few days ago.

The caching proxy for this tutorial should easily work with any tile server, including self-hosted. However, I’m not sure what the benefits would be if you are already self-hosting a tile server.

Lastly, the self-hosting documentation for OpenFreeMap mentions a 300GB of storage + 4GB of RAM requirement just for serving the tiles, which is still more than I can spare

Hey ! I (superficially) looked up the Belousov-Zhabotinsky reaction and can confirm it is related to the Gray-Scott model.

The Belousov-Zhabotinsky reaction involves an autocatalytic reaction and chemical species diffusing at different rates, just like in the Gray-Scott model. The main differences are related to constraints of doing actual chemistry instead of simulating it :

• The speed constant is (roughly) fixed for any given reaction (and temperature). Scientists cannot tune speed constants like I did in the simulation
• In the simulation, we constantly add some “food” and remove some catalyst. In an actual chemical reactor, there must be an process to achieve this. A real world implementation of the Gray-Scott model would probably use something like a semi-permeable membrane above/below the petri dish. In the Belousov-Zhabotinsky reaction, it is other chemical reactions that ensure “food” gets replenished and the catalyst gets consumed

I did not expect such a detailed code review (the fact that you wrote it on mobile impresses me even more), but I strongly agree with everything you mentioned. I think I was so caught up learning GLSL and its quirks, then playing and experimenting with the simulation, that I “forgot” my coding standards. Anyway, I’ll make sure to take some time to update both the code and the article following your recommandations.

I’ll make sure to look into it and tell you what the differences are. The patterns definetly look similar to the “wave” or “spirals” preset from my video

Thank you for the feedback. I had a lot of fun playing with the model (and still have some improvements on my mind that might require porting it outside of Shadertoy)

Is there any part that was especially hard to understand ? I’m trying to make it as clear as possible for developers without a scientific background.

I can recommend some stuff I’ve been using myself :

• Dolibarr as an ERP + CRM : requires some work to configure initially. As most (if not all) features are disabled by default, it requires enabling them based on what you need. It also has a marketplace with a bunch of modules you can buy
• Gitea to manage codebases for customer projects. It can also do CI but I’ve not looked into it yet
• Prometheus and its ecosystem (mostly promtail and grafana) for monitoring and alerting
• docker mail server : makes it quite easy to self host a full mail server. The guides in their doc made it painless for me to configure dmarc/SPF/other stuff that make e-mail notoriously hard to host
• Cal.com as a self hostable alternative to calendly
• Authentik for single sign-on and centralized permission management
• plausible for lightweight analytics
• a mix of wireguard, iptables and nginx to basically achieve the same as cloudflare proxying and tunnels

I design, deploy and maintain such infrastructures for my own customers, so feel free to DM me with more details about your business if you need help with this

I did not read the link, but two of my biggest concerns do not appear in the summary you provided :

• the burden of hosting an ActivityPub enabled service is often duplicated for each instance instead of being split between them (for example, my Lemmy instance has a large picture folder and database because it is replicating all posts from communities I’m subscribed to)
• it’s a privacy nightmare. All instance admins now have as much spying power as the single centralized service it is replacing

(Edit: typo)

It’s a server that hosts map data for the whole world, and sends map fragments (tiles)as pictures for the coordinates and zoom levels that clients request from them

Are you talking about Nginx Plus ? It seems to be a commercial product built on top of Nginx

According to the Wikipedia article, “Nginx is free and open-source software, released under the terms of the 2-clause BSD license”

Do you have any source about it going proprietary ?

It’s still available in Debian’s default repositories, so it must still be open source (at least the version that’s packaged for Debian)

There have been some changes in a few recent releases related to the concerns I raised :

• the default tile provider is now hosted by the Immich’s team using protomaps (still uses vloudflare though)
• a new onboarding step providing the option to disable the map feature and clarifying the implications of leaving it enabled has been added
• the documentation has been updated to clarify how to change the map provider, and includes this guide as a community guide

In my experience, OnlyOffice has the best compatibility with M$ Office. You should try it if you haven’t

It’s not that I don’t believe you, I was genuinely interested in knowing more. I don’t understand what’s so “precious” about a random stranger’s thought on the internet if it’s not backed up with any source.

Moreover, I did try searching around for this and could not find any result that seemed to answer my question.

Why do you trust NordVPN more than your ISP ? Is your ISP known to be especially bad ?