DNS as Code with DNSControl and GitLab

With the “infrastructure as code” renaissance, managing infrastructure has never been easier. Every change is easily recordable and reproducible and, because it’s all code, it’s never been easier to store a history of what’s changed to easily review in git log.

But short of running your own DNS servers and running custom scripts to convert code into a BIND zonefile, it’s historically been hard to manage DNS in the same way – so often, even though the servers themselves are easy to change, managing DNS means connecting to Route53, or Cloudflare, or any of a myriad of different domain registrars and DNS providers and manually changing fields in their application with no easy way to propagate changes across multiple domains or to roll back to a historical record if a new change causes something to break.

Using a tool like DNSControl, which allows a provider-agnostic view of DNS records as code, along with automatic capabilities to update records at your provides, fixes all of this.

Continue reading

Mastodon really is crumbling — and it will only get worse

I am 100% serious with the title, despite the appearance of click-bait. Mastodon has a serious structural rot that is only worsening as time gets on. I think this is for a few reasons which I will outline below.

Ironically, I don’t feel safe posting this directly to the fediverse because of the very forces I’m about to describe. I’m not worried about the cancel crew, I just don’t want to deal with hostile interactions right now. I might link to this post but it’s less likely to get hate mail I suspect if I do it that way rather than write this all up in a giant thread on fedi.

What I am presenting is largely anecdotal opinion, although it has been gathered from countless others (I’m not going to name any names, they deserve better than harassment or people trying to change their views and in the process merely reinforcing them).

Continue reading

RISC-V isn’t as interesting as you think

I had wrote this before the Unleashed was revealed, so some of the bits on economics have changed. As of writing this, I still stand by my other beliefs. One of the most hyped things in hardware design is RISC-V, the open ISA available without license fees. Many organizations including Western Digital have pledged support for RISC-V, and the open source community has a lot of faith in it, and with Nvidia’s recent purchase of Arm, people are concerned. However, I feel these hopes are somewhat misleading, as RISC-V’s openness is less at the benefit of the user and more for CPU vendors.

Continue reading

FreeBSD 12.1 on a QNAP TS-251

I had recently gotten such a NAS for dirt cheap (they didn’t know what they had!), and wanted to put it into useful service. The specifications include a Celeron J1800, and mine had been upgraded to 8 GB of RAM in its past life.

The OS on these things (QTS) is bizarre; basically a homelab in a box, but it’s sludge. The UI is some fake desktop thing, in the vein of eyeOS/YouOS of old. There are servers for things like LDAP, MariaDB (recommending you use phpMyAdmin…) and RADIUS, but I’m not sure who would even use them. There’s even an X server running, for some reason – with IR remote support! This thing is really a low-end SMB-for-SMB and Plex box through and through. I didn’t really like the OS though, so I decided to load something else on.

Continue reading