You mean a transparency log? Just sign and publish. Or if it’s confidential, have a timestamp authority sign it, but what’s the point of a confidential blockchain? Sure, we han have a string of hashes chained together á la git, but that’s just an implementation detail. Where does the trust come from, who does the audit? That’s the interesting part.
Or you know, trusted timestamps and cryptographic signatures via normal PKI. A Merkle tree isn’t worth shit legally if you can’t verify it against a trust outside of the tree.
All of the blockchain bullshit miss that part - you can create a cryptographic representation of money or contracts, but you can’t actually enforce, verify or trust anything in the real world without intermediaries. On the other hand, I can trust a certificate from a CA because there are verifiable actual real-world consequences for someone if that CA breaks legal agreements.
I’ll use a folder of actual papers, signed using a pen. Have some witnesses, make sure they have a legal stake and consequences, and you are golden.
Distributed blockchains are useful when all of the below are fulfilled:
Here, we have a single peer creating entries in a ledger. We can get away with a copy of the ledger and one or more trusted timestamping authorities.
It’s your country, your attempt at a democratic system and your mess to deal with internally. That it’s a fundamentally broken system you have over there has been known (and in some cases mathematically proven) for a long time now. Personally, I’m getting tired of the ”Not all americans”-stuff. It kinda worked the first time around, but you had four years to deal with him peacefully through your legal system, demonstrations, manifestations and public pressure. He got reelected and there was a peaceful transition of power, possibly the last.
Enough people voted for him. The margins weren’t even that thin. You are now represented by President Orange in your international affairs and force projection. We can’t really help you that much either, as you have positioned yourselves as a dominant global power, with economical, soft and hard power.
My entirely unqualified guess - we’ll start accepting political refugees from the US, fearing for their lives, fairly soon. I’m guessing LGBTQ+, some ethnicities, some scientists and some public servants are in the danger zone. Stop being ”horrified” and start being ”absolutely fucking terrified”.
In short, go deal with your carrot man, we can’t do it for you. We can hopefully provide some refuge. But we can only deal with you as a nation, represented by Trump. Sorry.
Unless you have actual tooling (i.e. RedHat erratas + some service on top of that), just don’t even try.
Stop downloading random shit from dockerhub and github. Pick a distro that has whatever you need packaged, install from the repositories and turn on automatic updates. If you need stuff outside of repos, use first party packages and turn on auto updates. If there aren’t any decent packages, just don’t do it. There is a reason people pay RedHat a shitton of money, and that’s because they deal with much of this bullshit for you.
At home, I simply won’t install anything unless I can enable automatic updates. Nixos solves much of it. Two times a year I need to bump the distro version, bump the nextcloud release, and deal with depreciations, and that’s it.
I also highly recommend turning on automatic periodic reboots, so you actually get new kernels running…
Not to be that guy, but 12% of 8G isn’t even close to ”heavy as fuck” for a CI/CD and collaboration suite that seems aimed at enterprise users.
You can also tweak how much memory you’d like the jvm to grab with ’-Xms100m’. Any defaults are most likely aimed at much larger deployments than yours.
But yes, Java is a disease.
Well, I’d just go for a reverse proxy I guess. If you are lazy, just expose it as an ip without any dns. For working DNS, you can just add a public A-record for the local IP of the Pi. For certs, you can’t rely on the default http-method that letsencrypt use, you’ll need to do it via DNS or wildcards or something.
But the thing is, as your traffic is on a VPN, you can fuck up DNS and TLS and Auth all you want without getting pwnd.
I’d recommend setting up a VPN, like tailscale. The internet is an evil place where everyone hates you and a single tiny mistake will mess you up. Remove risk and enjoy the hobby more.
Some people will argue that serving stuff on open ports to the public internet is fine. They are not wrong, but don’t do it until you know, understand and accept the risks.(’normal_distribution_meme.pbm’)
Remember, risk is ’probability’ times ’shitshow’, and other people can, in general, only help you determine the probability.
Biomedical AI literally won the Nobel prize last year. But LLMs won’t help at all.
Tangentially related, any biomedical outfit that hasn’t bought a shitton of GPUs to run alphafold on is probably mismanaging money.