Spending a chunk of my weekend wrangling servers and once again frustrated with Guix in particular for how heavyweight the package manager is. There's this one VM that only needs like 5-10G of disk space* and 1G of RAM to do its actual _job_ but if I don't provision it with twice as much RAM and four times as much disk, `guix pull` and `guix system reconfigure` are liable to run the thing completely out of storage and crash.

I have a concrete idea for what to do about this, I call it a "drone" deployment of a declaratively configured OS. In Guix terms, this would be a type of system image, in which the guix-daemon and the `guix` command are *not* included. The store would include only the packages required at runtime by the operating-system spec, not any of the packages required to rebuild them.

The idea is that you have a separate beefier machine that rebuilds the image periodically, and then you push that image to the drone somehow, ideally in a way that mimics `nixos-rebuild --boot` (i.e. the running system is not affected until you reboot it).

In addition to making it possible to use a smaller machine or VM instance with this kind of OS, this should also be good for server hardening. The store could be kept read-only, you wouldn't have to consider the package manager as part of the attack surface, etc.

Has anyone done anything even vaguely like this already? For any base OS, not just declarative distributions of Linux?

* the part of me that grew up in the days of 1.44MB floppy disks is horrified that this is a *small* amount of disk space, but that's a me issue

#guix #nix #sysadmin

**Jeff Fortin T.** @nekohayo@mastodon.social · 1d

Jeff Fortin T. @nekohayo@mastodon.social

Filed a #GNOME app idea for those casually troubleshooting or investigating their networks and latency across the globe: a maps-enabled graphical version of "My Trace Route".
https://gitlab.gnome.org/bertob/app-ideas/-/issues/289

GitLabGraphical traceroute — network packets route pinging / tracing tool with maps (#289) · Issues · Tobias Bernard / App Ideas · GitLab Summary We have a @lo-vely's "

#network #sysadmin

**Monospace Mentor** @monospace@floss.social · 1d

Monospace Mentor @monospace@floss.social

If you want to raise your shell scripts to a new level, give `shellcheck` a try! It'll give you valuable feedback on the style of your shell code and on possible issues with it.

https://www.shellcheck.net/

www.shellcheck.netShellCheck – shell script analysis toolShellCheck finds bugs in your shell scripts

#Linux #SysAdmin #SystemAdministration

**tech** @tech@unfufadoo.net · 1d

tech @tech@unfufadoo.net

The image depicts a historical scene where a large group of men is attempting to move a very large IBM hard drive, specifically a 5MB model from 1956, through the entrance of a building. The hard drive is so sizable that it requires multiple individuals to carefully maneuver it on a dolly. Several onlookers and photographers document the event, which is captioned humorously at the top with "MOVING AN IBM 5MB HARD DRIVE IN 1956 STORING YOUR GRANDFATHERS PORNO." The text "UNFUFADOO.NET" is also present, likely indicating the source or creator of the meme or image. The historic and humorous context contrasting old technology with current digital modestorage is evident.

#tech #cloud #funny

**tech** @tech@unfufadoo.net · 1d

tech @tech@unfufadoo.net

The image is a humorous comparison highlighting a contrast between idealized and practical scenarios for PC enthusiasts. The top photo shows a high-end, organized gaming setup with multiple monitors, colorful lighting, and a clean environment, suggesting someone with a well-paying job and little time for gaming. The lower photo depicts a cluttered setup with numerous empty cans and bottles on the desk, indicating a more practical, everyday gamer's environment. The text overlay emphasizes the disparity between the ideal (top) and the reality (bottom) of PC gaming enthusiasts.

#tech #infosec #sysadmin

**tech** @tech@unfufadoo.net · 2d

tech @tech@unfufadoo.net

The image depicts a modern, high-tech immersive environment, likely used for simulations or presentations. It features large, transparent display screens arranged in a semi-circular pattern around a centrally placed table, which holds a laptop and other electronic devices. The displays project a seamless, panoramic view of an outdoor landscape, suggesting a shaded area with benches and a pathway, indicating an effort to simulate an outside environment. This setup is commonly found in advanced control rooms, research facilities, or virtual reality demonstration centers where a heightened sense of immersion and detailed visualization is required.

#tech #cloud #infosec

Continued thread

**Jan Schaumann** @jschauma@mstdn.social · 2d

Jan Schaumann @jschauma@mstdn.social

System Administration

Week 7, HTTP and CDNs

After discussing the DNS, we now move on to #HTTP and HTTPS. While we don't have videos for these sections, hopefully the lecture slides can help you get an idea of what we're covering there. We review the basic HTTP protocol, peek at #QUIC and H3, and talk about load balancing and content delivery networks:

https://stevens.netmeister.org/615/07.pdf

#SysAdmin #DevOps #SRE

**Stefano Marinelli** @stefano@bsd.cafe · 2d

Stefano Marinelli @stefano@bsd.cafe

I was thinking about how it was possible to stop using a gem like HAProxy for so long. It used to be my go-to choice, but then I switched to using Nginx for everything, and I almost forgot about it.
Well, it’s great to reconnect with old friends!

#HAProxy #Nginx #SysAdmin