If you haven’t I recommend reading a few books on management even if you have zero interest in going down that path. It will give you more perspective on what you should be expecting from your manager, which in turn should in turn be what you talk about during 1-on-1s. I like The Manager’s Path by Camille Fournier, though it could use more focus on the ‘why’ instead of the ‘how’.

The best manager I had used a shared private document, where he would dump important points and expected you to add bullets as things came up during the week. This “you drive the conversation” is a good approach and one I intend to use in the future.

• What’s really going on. A good manager should be aware people are inclined to present things as rosier than they are.

• Anything you are unhappy with. They should be fighting to keep you around, and how happy you are is a key piece. The sooner they know something is wrong, the easier they can (potentially) deal with it.

  • I’m planning a career shift into an EM role, and plan on simply being upfront about the Gallup 12 points (actually 13+4). They shouldn’t confine themselves to them, but if a report is ever unhappy about any of them then I absolutely want to talk about it.

• What resources you don’t have that you need to succeed.

• What ideas you have for initiatives. New projects, tweaks to reduce pain points, so on.

• Things from Above that you should be aware of.

Honestly, I’d be more curious what topics where the media does nail the nuances of. Are there any at all?

If he’s someone that’s normally good at being funny - that is good at finding humorous observations and wording things that get people to laugh - then I’d say he’s messing with you.

I would mess with him right back by acting like I’m very seriously trying to understanding the joke and ask increasingly dumb questions until he realizes that yes, I knew exactly what he was doing. Or a knowing smirk if that’s too much.

(Yes this comment is very revealing about my childhood)

This might not be what your friend is going for, but I smirked slightly and this is how I interpret it:

I particularly like jokes that take something absurd and launder it through the structure of things that do make sense. Everything in your friend’s joke is factually true. It’s structured as a logically consistent argument.

And yet it is completely nonsensical. No one has ever thought that windows make something move. It invoked a slightly confused response in me, which is why I found it funny.

It’s not a great joke, but I might tell it to feel out someone’s sense of humor plus whether they pick up on that I’m doing so. I think the analogy to Windows makes it a weaker joke, but I would give that as an explanation just to mess with someone a little.

More topical references would help if there was a strong commentary aspect to Futurama, but it’s never been that kind of show.

The simplest explanation is jokes are the bread and butter of a comedy and they just aren’t that great in Hulurama. Having rewatched it recently, Foxurama also leaned heavily on the plot of individual episodes, but so far the plots feel like retreads or just not particularly interesting.

Which now that I think about it, all of this can be said about The Simpsons.

It’s easy* to setup Hashicorp Vault with your own CA and do automated cert generation and rotation, if you are willing to integrate everything into Vault and install your root CA everywhere. (*not really harder than any other Vault setup, but yaknow). I may go down this route eventually since I don’t think a device I don’t control has ever accessed anything I selfhost, or ever will.

I have a wildcard subdomain pointing to my public IP, and forward port 80 to an LXC container with certbot. Port 80 appears closed outside the brief window when certbot is renewing certs. Inside my network I have my PiHole configured to return the local IP for each service.

Nothing exposed to the internet at all. There is a record of my hostnames on Let’s Encrypt but not concerned if someone will, say, deduce apollo-idrac is the iDRAC service for a Dell rackmount server called apollo and the other Greek/Roman gods are VMs on it. Seemed like a house of cards that would never work reliably, but three odd years later I only have issues if a DNS resolver insists on bypassing my PiHole. And that DNS resolver is SystemD-ResolveD which should crawl back into whatever hellhole it came out of.

They could hijack your site at any time, but with a copy of your live private certs they (or more likely whatever third party that will invariably breach your domain provider) can decrypt your otherwise secure traffic.

I don’t think there’s significant real tangible risk since who cares about your private selfhosted services and I’d be more worried about the domain being hijacked, and really any sort of network breach is probably interested in finding delicious credit card numbers and passwords and crypto private keys to munch on. If someone got into my network, spying on my Jellyfin streaming isn’t what I’m going to be worried about.

But it is why CSRs are used.

Friction between Snap and AppArmor is to be expected. The corporate sponsor of Snap, Canonical, is well known for their icy relationship with the corporate sponsor of AppArmor, Canonical.

I’ve found the idea of LXC containers to be better than they are in practice. I’ve migrated all of my servers to Proxmox and have been trying to move various services from VMs to LXC containers and it’s been such a hassle. You should be able to directly forward disk block devices, but just could not get them to mount for an MinIO array - ended up just setting their entire contents to 100000:100000 and mounting them on the host and forwarding the mount point instead. Never managed to CAP_IPC_LOCK to work correctly for a HashiCorp Vault install. Docker in LXC has some serious pain points and feels very fragile.

It’s damning that every time I have a problem with LXC the first search result will be a Proxmox forum topic with a Proxmox employee replying to the effect of “we recommend VMs over LXC for this use case” - Proxmox doesn’t seem to recommend LXC for anything. Proxmox + LXC is definitely better than CentOS + Podman, but my heart longs for the sheer competence of FreeBSD Jails.

Do you have any trouble with cooling or anything with them? Got like a billion unused PCIe lanes in my Dell R730 and can think of a few things that might benefit from a big NVMe ZFS pool.

Likely an attempt to claim there’s fewer calories per slice, even though people will just cut it in quarters instead of fifths.

@TrenchcoatFullofBats I think this is the winning answer. Looks like it’s about a 1060 6GB, which should be enough horsepower for several desktop VMs, and keeps open my full profile slots should I ever want to install something even more powerful in the future. vGPU support is also nice so I don’t have to juggle which VM gets which GPU.

@Nilz Do you know if the WX 5100 supports SR-VIO? Getting mixed answers about what if any AMD GPUs support it, but having VMs share a single physical GPU would be a perfect solution.

@Nugget Yeah an older Quadro like the P600 is the fallback option. Looks like they run about $50 used on eBay.

Actually I lied, according to the Dell manual the full profile slots have a connector that provides PCIe power though I’d have to buy a cable for it. Long term the answer might be to get a used V100 and dive deep into the vGPU rabbit hole (erp).

@JustEnoughDucks I am planning on getting an Intel Arc for my Jellyfin server at some point. Have an old Dell SFF with a 8700 that I think I’ll eventually stuff into a 2U chassis. It’s probably overkill for my VM server though, since the VMs really just need to not lag in desktop application work (aka IntelliJ) and play Youtube videos without obvious framing.

A little while ago, I read an argument that Traverse City, MI will be the next Portland. I think that’s right. There’s a lot of outdooring within a day drive, and it’s pretty affordable.

Your main downsides are summer wildfire smoke will presumably be a regular thing going forward, and winters are cold with lots of snow thanks to lake effect. Michigan politics are interesting, and Traverse City is in a historically red part of the state - but I think that’s changing.

500k will definitely get you a good house unless you want something extremely new or right downtown. That particular listing is also one block away from one of my favorite breweries of all time.

That’s a good suggestion, I was looking at stainless steel wool and wasn’t finding a lot of great options.

You telling me these brisket sandwiches I’ve been finding outside are actually counterfeit corned beef and pastrami?

Might be onto something, I’ve been finding delicious brisket sandwiches outside my house. Even found a knish the other day.