Yes. I was laying on the sarcasm heavily.
I presume that’s what these oracle services provide.
Essentially hosts the us governments GDP NFT, so you can right click and download it just like every NFT crypto bro hates you doing.
Whether its actually the US Government hosting the file, or these oracle services hosting it… It doesn’t matter.

Why not just host the files on a government website with appropriate file hashes (so users can verify the file is still the same), let the internet archive and the national archives take a snapshots of the files and pages and hashes etc… ? That’s a well regarded site archival system, and the governmental archival system. Has redundancy, pedigree and public acceptance.
Fuck it, publish just the hash on some block chains so the “fingerprint” of the report is immutable. But call it what it is.

The report isn’t “published on the Blockchain”.
It is linked from some blockchains.
There is still a file hosted by some servers.
You can’t download your favourite blockchain, take it to the top of Mount Rushmore with no internet and inspect the US GDP figures without first downloading the file linked in the block chain.

Blockchain oracles are entities that connect blockchains to external systems, allowing smart contracts to execute depending on real-world inputs and outputs. Oracles give the Web 3.0 ecosystem a method to connect to existing legacy systems, data sources and advanced calculations.

https://cointelegraph.com/learn/articles/what-is-a-blockchain-oracle-and-how-does-it-work

Yay, decentralised and immutable!

Data integrity at source: If the BEA’s initial data is wrong (as sometimes happens with revisions), blockchain only makes the error permanent until corrected with new updates

Oh, so… Like previously just publishing a pdf on a website, then.
I guess it means they can’t hide revisions. Which is what archive.org (and the us government equivalent that archives government sites) provided when the government just published the pdf.

At least it’s decentralised!

Over-reliance on oracles: Chainlink and Pyth are powerful, but their centrality creates new concentration risks. If they malfunction or face attacks, critical data feeds could be disrupted.

Gotcha, still has centralised services.

Quotes taken from https://www.ccn.com/education/crypto/gdp-on-blockchain-us-government-data-bitcoin-ethereum-other-networks/ which seems to have the best technical info I could find

Still not much information. I’m presuming an “oracle” is something that gives you a hash of the “immutable” data, so you only have to pay to get that hash recorded on a blockchain instead of however many kB of PDF.

Edit: never mind

In his Truth Social website President Donald Trump described the Smithsonian as “OUT OF CONTROL” and said museums across the United States are “WOKE.”

Convicted felon says museums are woke and out of control.

In a statement sent to Newsweek the Smithsonian said: "The Smithsonian’s work is grounded in a deep commitment to scholarly excellence, rigorous research, and the accurate, factual presentation of history.

The world’s largest museum, education and research complex says they are grounded in accurate presentation of history.

It’s pretty clear that the US government is targeting the Smithsonian and other historical archives to rewrite history.

Considering the other articles linked which talk about the removal of trump’s impeachments and other pressures on historical facts and accuracy, I’d be worried about the following quote:

"It’s not about whitewashing it’s about full context, so while slavery is obviously a horrible aspect of our nation’s history you can’t really talk about slavery honestly unless you also talk about hope and progress and I think we need to be focusing on the progress that we’ve made then and we need to stop focusing so much on the lack of progress.

So, yeh the Nazis killed a bunch of people. But they also developed the Volkswagen, Porsche and Hugo Boss. And we have all come to appreciate fancy cars and fly shirts. So, let’s not focus on what the Nazis did, but instead let’s concentrate on the hope that cars bring!

And even if you argue that “things are better now”. Sure, somewhat. But, imo, it’s not really something to celebrate. Black people can vote, but shitty racist people in power still suppress the fuck out of them.

Germany recognises it’s history. It teaches it in school, it’s made memorials & museums of historically abhorrent places, and it’s outlawed everything related.

US still celebrates Thanksgiving.
https://www.forbes.com/sites/maiahoskin/2022/11/24/the-real-history-behind-thanksgiving/

So yeh, here is the directive:
https://www.whitehouse.gov/fact-sheets/2025/03/fact-sheet-president-donald-j-trump-restores-truth-and-sanity-to-american-history/

to work to eliminate improper, divisive, or anti-American ideology from the Smithsonian and its museums, education and research centers, and the National Zoo.

So, eliminate some history.
But - depending on how carefully that scalpel is wielded - it could cut away the bad parts and leave the “good” parts. Cherry picking, if you will.
Leaves a generally positive vibe of slavery.
Divisive and anti-american to whip/hang/rape slaves. So, leave that part out.
But provide the American dream for a slave by impregnating them and giving them a less crowded room and easier slave labour, or elevating them to a house position, or whatever… THATS the American dream!
Slaves that behaved were treated well.
But, just leave out the thousands of slaves that were beaten for sensless reasons because they were considered barbaric and sub-human.
Just… Ignore the fact that they were kidnapped from their home, transported for weeks in horrendous conditions, then auctioned off to rich white men.

So instead of just saying “thank you” I now have to say “think long and hard about how much this means to me”?

That’s a decent W

Buying a french person a bottle of sparkling white would probably kill them

He will get his caddy to drop a ball into the hole, and call it a hole-in-one

“think of the children” WRT school ahootings means more police in American schools and arming American teachers.

I’d hope WSJ buckles in and fights so that discovery gets spicy.

Or Murdoch sees it as a way to “donate” to trump, and settles outrageously.

Ayyy, remember how Canada capitulated on the digital service tax.
https://www.bbc.co.uk/news/articles/c62553ywn77o
https://www.canada.ca/en/department-finance/news/2025/06/canada-rescinds-digital-services-tax-to-advance-broader-trade-negotiations-with-the-united-states.html

Then trump threatens new tarrifs?
https://www.bbc.co.uk/news/articles/cvg819n954mo

(I’m struggling to find new sources,. cause everything is about dropping the DST to allow further trade talks. Not the timeline of DST dropping and the further US tariffs. Maybe these are coincidental, maybe there was always gonna be more Canadian tariffs. Either way, it doesn’t matter. Canada got more blanket tariffs regardless of what they did. Speaks volumes to everyone else dealing with trump)

Trump is destabilising international trade. This doesn’t benefit the US. At all.

Interesting, I might check them out.
I liked garden because it was “for kubernetes”. It was a horse and it had its course.
I had the wrong assumption that all those CD tools were specifically tailored to run as workers in a deployment pipeline.

I’m willing to re-evaluate my deployment stack, tbh.
I’ll definitely dig more into flux and ansible.
Thanks!

Everyone talks about helm charts.
I tried them and hate writing them.
I found garden.io, and it makes a really nice way to consume repos (of helm charts, manifests etc) and apply them in a sensible way to a k8s cluster.
Only thing is, it seems to be very tailored to a team of developers. I kinda muddled through with it, and it made everything so much easier.
Although I massively appreciate that helm charts are used for most projects, they make sense for something you are going to share.
But if it’s a solo project or consuming other people’s projects, I don’t think it really solves a problem.

Which is why I used garden.io. Designed for deploying kubernetes manifests, I found it had just enough tooling to make things easier.
Though, if you are used to ansible, it might make more sense to use ansible.
Pretty sure ansible will be able to do it all in a way you are familiar with.

As for writing the manifests themselves, I find it rare I need to (unless it’s something I’ve made myself). Most software has a k8s helm chart. So I just reference that in a garden file, set any variables I need to, and all good.
If there aren’t helm charts or kustomize files, then it’s adapting a docker compose file into manifests. Which is manual.
Occasionally I have to write some CRDs, config maps or secrets (CMs and secrets are easily made in garden).

I also prefer to install operators, instead of the raw service. For example, I use Cloudnative Postgres to set up postgres databases.
I create a CRD that defines the database, and CNPG automatically provisions all the storage, pods, services, config maps and secrets.

The way I use kubernetes for the projects I do is:
Apply all the infrastructure stuff (gateways, metallb, storage provisioners etc) from helm files (or similar).
Then apply all my pods, services, certificates etc from hand written manifests.
Using garden, I can make sure things are deployed in the correct order: operators are installed before trying to apply a CRD, secrets/cms created before being referenced etc.
If I ever have to wipe and reinstall a cluster, it takes me 30 minutes or so from a clean TalosOS install to the project up and running, with just 3 or 4 commands.

Any on-the-fly changes I make, I ensure I back port to the project configs so when I wipe, reset, reinstall I still get what I expect.

However, I have recently found https://cdk8s.io/ and I’m meaning to investigate that for creating the manifests themselves.
Write code using a typed language, and have cdk8s create the raw yaml manifests. Seems like a dream!
I hate writing yaml. Auto complete is useless (the editor has no idea what format the yaml doc should take), auto formatting is useless (mostly because yaml is whitespace sensitive, and the editor has no idea what things are a child or a new parent). It just feels ugly and clunky.

So uplink is 500/500.
LAN speed tests at 1000/1000.
WAN is 100/400.
VPN is 8/8.

I’m guessing the VPN is part of your homelab? Or do you mean a generic commercial VPN (like pia or proton)?

How does the domain resolve on the LAN? Is it split horizon (so local ip on the lan, public IP on public DNS)?
Is the homelab on a separate subnet/vlan from the computer you ran the speed test from? Or the same subnet?

No.
I tried a smart watch for a week or so, and hated wearing it.
Hadn’t worn a watch in 20 years, and it felt very strange

I’m always nervous about fintech companies. Maybe it’s time to get over that and give curve pay a spin.
The cashback seems nice, considering a lot of shops I use are on there.

Not if you use wildcard dns records.

Yup, true.

But contactless via a phone can have no limit.
Adding a debit card to phone case means the upper limit is £100. Which is actually fine, and is the limit I have normally set for phone contactless. But I can instantly remove that limit via my banking app.

And the phone needs to be unlocked to make a payment.
Do if I lose my phone anyone can charge £100 to the debit card.

Servers: one. No need to make the log a distributed system, CT itself is a distributed system.

The uptime target is 99%3 over three months, which allows for nearly 22h of downtime. That’s more than three motherboard failures per month.

CPU and memory: whatever, as long as it’s ECC memory. Four cores and 2 GB will do.

Bandwidth: 2 – 3 Gbps outbound.
Storage:
3 – 5 TB of usable redundant filesystem space on SSD or.
3 – 5 TB of S3-compatible object storage, and 200 GB of cache on SSD.
People: at least two. The Google policy requires two contacts, and generally who wants to carry a pager alone.

Seems beyond you typical homelab self hoster, except for the countries that have 5gbps symmetric home broadband.
If anyone can sneak 2-3gbps outbound pass their employer, I imagine the rest is trivial.
Altho… “At least 2 [people]” isn’t the typical self hosting

Edit:
Tried to fix the copy/paste.

Also will add:

https://crt.sh/
Has a list of all certificates issued.
If you are using LE for every subdomain of your homelab (including internal), maybe think about a wildcard cert?
One of those “obscurity isn’t security”, but why advertise your endpoints? Also increases privacy (IE not advertising porn(dot)example(dot)com)

This… Except for contactless payment.
I used graphene for a month. It was lovely. Even things like banking apps worked.
I don’t care about absolute privacy, but I do care about controlling my privacy. Grapheme gave me that.

I had only 1 issue.
Contactless payment.
It’s extremely convenient to me, from public transport to groceries. I just bop my phone.

The fact that Google has that locked down surely violates some EU laws. But I’m sure they wave away the laws because of “financial security” or some other bullshit.
As if bank card NFC/contactless doesn’t suffer exactly the same issues.
I looked into some “graphene contactless payment” type systems or workarounds, and I couldn’t find anything that would fill the gap.