I have strongly debated getting some of their coffee for my very racist father in law, just to see his head explode when he reads the back.

Hey! Those are better than mine which just end up looking like dicks.

Get better coffee. Not grocery store brand or Starbucks. Check the roast date - keep it within the past two weeks. Grind your own, don’t buy pre-ground.

Try to go with things like light roast, washed processed - more “speciality”.

I highly recommend cxffeeblack - I use their Guji Mane for espresso and it’s amazing.

M’Emulator

For another interesting take on privacy in the future, take a look at Brian K Vaughn’s The Private Eye graphic novel.

In that world, everyone’s privacy was lost “when the cloud burst”, revealing every private kink, writing, messages, etc for everyone including the rich and powerful. The response was a hard turn towards absolute privacy via avatars.

Plus the art style is great.

http://panelsyndicate.com/comics/tpeye

Fixed link https://en.m.wikipedia.org/wiki/White_Wilderness_(film)#Controversy

Boy, markdown + deep links is not a good combination.

Shit, indeed actually got me a job once, and I’m starting to look again after 8 years.

I’ve been meaning to add his patreon. I have too many as it is and need to call a bit, but I just feel guilty about it.

It’s not like you can learn from it (even if the topic is something you’ll never use like a 2 hour dissertation on heat pumps or a multi-video series on how an old pinball machine uses only relays to calculate scores).

Why yes, I am subscribed to Technology Connections, how could you tell?

The first paragraph says that she pulled a huge Karen, getting out her phone to look up the law and even called the governor’s office so that they would give her the shot.

And it’s surprise to absolutely fucking no one, she is still a huge pro-lifer.

I would get multiple drives and do RAID. Here’s a helpful calculator to figure out drive quantity, size, and configuration. The reason to do RAID is redundancy. Hard drives will fail (even NAS branded drives). You do not want your photos, media, etc to be lost in that case. I personally do not go with anything below RAID5 (and for super sensitive things, I’ll even go RAID6 - despite the hit on overall capacity. If the optiplex has drive capacity for multiple drives, I strongly recommend you go this route.

If you’re in the states, check out cxffoeeblack: https://cxffeeblack.com/

Black owned supply chain, makes excellent decaf that doesn’t taste burned.

There’s nothing worse than taking extreme measures to troubleshoot a problem with a third party system that’s out of your control.

Okay, then I’m thinking your router/NAT maybe causing the problem. Typically, your ISP won’t block subdomains for dns, they may outright block Source NAT (SNAT), but if you could get through via the IP, you should be good to go.

An easy way to check is to visit a site like this and check for port 443: https://www.yougetsignal.com/tools/open-ports/. You don’t need to be on the server that’s hosting your portfolio, just any thing that’s on the same network as your portfolio (something behind your external router)

Just to make sure.

1. When on your home network, doing nslookup (or similar), your fqdn resolves to your public IP
2. When on a hotspot, if you go to https://fqdn/ it does not connect (probably with the ERR_CONNECTION_TIMED_OUT that you mentioned below)
3. When on hotspot, if you to telnet to port 443 on 206.x.x.x, it connects

What happens if you, on the hotspot, try browsing to https://206.x.x.x? When you are on the same network as the portfolio, can you reach https://[internal ip]?

What I’m leaning towards is a router/firewall that may be causing some issues. To help with troubleshooting, does your website server have any local firewalls (for ubuntu that would typically be ufw, but it could be iptables or firewalld)?

Try this command from a terminal on the system from which you’re attempting to connect:

nslookup <yourfqdn>

It should come back with something like this:

~ ❯ nslookup stronk.bond
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   stronk.bond
Address: 172.67.174.80

If it says something like “can’t find” that means that your dns isn’t configured appropriately. Does your IP address start with 192.168, 10., or 172.? That would be a private IP address (something which isn’t accessible from the internet.

Oh! And where is everything - is your workstation/laptop on the same network as your portfolio? Is the portfolio on a different network? That could effect things as well.

What does your nginx config look like for ssl? It should specify a certificate and key file - that certificate subject needs to match your fully qualified domain name (fqdn). Certificate can have subject alternative names (SAN) for other names and even IP addresses.

For instance, you could have a single certificate for foo.bar with a SAN for just foo and an IP SAN for 192.168.1.30.

Certificates also need to be signed by a certificate authority (CA), and in order for your browser to visit https://foo.bar/ without a warning your browser must trust that CA.

If you did a self signed cert, this is most likely the problem you’re running into.

It’s important to know that your communication is still encrypted because of SSL, but since your browser doesn’t trust the CA (or the subject doesn’t match the FQDN) the browser will say it’s not secure.

I’m confused - what was here before the domain expired? The only thing I’m finding for AZA is the association of Zoos and Aquariums.

Sometimes when I sneeze, my arm hurts.

I’m fairly certain it’s not a heart attack.