Your comment has a bit of an inexperienced smell. Business auth infinitely more complex than saving a user and salting/hashing his password.

> There must be a behavioral pattern there...

The pattern is that your comment is very far from reality.

My point is that people mess up things as basic as salt and pepper, or encryption at rest. People are not even trying...

If we deal with the intricacies of rbac, abac, acl mixed with scopes ,sso, saml, oidc, mfa, etc... I don't find these too conceptually, complex.

I mean, it should be avoidable complexity. Most of the complexity is technical debt, bad implementations etc. But by itself it is not THAT complex.

Well the disadvantage is that you're responsible for your companies keycloak.

Exactly. Do you want to become ops? Because that's how you become an ops team.

For now. Valve has a long history of shipping compatibility after release.

You can choose to not host your game on steam. Plenty of developers do.

You can do this with a bunch of clones. But this will make your software slower and kind of defeats the entire purpose.

> docker compose pull && docker compose up -d is a fine command if you are SSH’d into the host. At customer scale—dozens of self-managed environments behind firewalls, each with its own change-control process—that manual process doesn’t scale.

We just use ansible for this part.

A really nifty thing is that you can also of course bind this to the device's tailscale ip!

Also you don't even need the loopback address if the traffic is between one container and another, just a bridge network is fine.

This is how I self host all my home services (Home Assistant, PFSense, Frigate etc), I do not for the life of me understand why so many folks doing self-hosted services for themselves put them on the public internet.

Caddy will even do fully automated valid TLS certificates for private IP ranges via DNS ACME challenge for free etc with renewals handled, so all my internal self-hosted sites have properly terminated TLS too, accessible by connected VPN clients.

It's funny that for many of us in our day job, we stand up private services behind a VPN all the time so only work clients can access it, but when self hosting don't bother with a simple wireguard/tailscale config etc.

A lot of people using docker or even k8s don‘t know that by default, a service is available to all other services via the service name defined in the compose file or your yaml specs. Docker compose builds an implicit bridge network. Most internet tutorials are wrong here and bing ports publicly to your ipv4 interface. So if you follow them you‘ll accidentally expose your database or similar to the public web

You won't get any benefits using async with CPU heavy code. Quite the opposite really.

Comments like these are so incredible far fetched from reality. Are you really going to implement your own PyTorch? Why even compare your cute examples to enterprise solutions?

As you have been reminded of in other comments, there is no "enough battery backup". These weather events aren't exactly rare either. Germany for example has on average multiple episodes of both subnormal wind and sun energy production in high-pressure systems.

Did you read my comment? 10% budget for gas backup buys you 35 days, if on those days there is 0% other production (extremely unlikely). Seems pretty conservative to me?