<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: mrl5</title><link>https://news.ycombinator.com/user?id=mrl5</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Sat, 11 Jul 2026 19:46:31 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=mrl5" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by mrl5 in "TLS certificates for internal services done right"]]></title><description><![CDATA[
<p>TIL, thanks! This makes dns challange automation more approachable for me. I always had an issue with API keys which scope can't be limited to TXT records. This seems to be a nice workaround<p>... and it is even already documented at <a href="https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode" rel="nofollow">https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mo...</a></p>
]]></description><pubDate>Fri, 10 Jul 2026 14:25:56 +0000</pubDate><link>https://news.ycombinator.com/item?id=48860429</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=48860429</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48860429</guid></item><item><title><![CDATA[New comment by mrl5 in "TLS certificates for internal services done right"]]></title><description><![CDATA[
<p>OP here. Actually I tried to use it but apparently prematurely -> <a href="https://github.com/acmesh-official/acme.sh/issues/7085#issuecomment-4887449610" rel="nofollow">https://github.com/acmesh-official/acme.sh/issues/7085#issue...</a><p>Once it's supported I think my next iteration will be DNS persist + internal ip addresses on the public zone.<p>Thank you all for comments and feedback! It's cool to see real interest in this blog post</p>
]]></description><pubDate>Thu, 09 Jul 2026 20:57:09 +0000</pubDate><link>https://news.ycombinator.com/item?id=48852262</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=48852262</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48852262</guid></item><item><title><![CDATA[New comment by mrl5 in "TLS certificates for internal services done right"]]></title><description><![CDATA[
<p>I've documented how to securely set up TLS certificates for internal services without creating TLS issues for http clients downstream. All thanks to split-horizon DNS, WAF and ACME protocol. All for free!</p>
]]></description><pubDate>Thu, 09 Jul 2026 14:57:02 +0000</pubDate><link>https://news.ycombinator.com/item?id=48846996</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=48846996</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48846996</guid></item><item><title><![CDATA[TLS certificates for internal services done right]]></title><description><![CDATA[
<p>Article URL: <a href="https://tuxnet.dev/posts/tls-for-internal-services/">https://tuxnet.dev/posts/tls-for-internal-services/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=48846995">https://news.ycombinator.com/item?id=48846995</a></p>
<p>Points: 182</p>
<p># Comments: 151</p>
]]></description><pubDate>Thu, 09 Jul 2026 14:57:02 +0000</pubDate><link>https://tuxnet.dev/posts/tls-for-internal-services/</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=48846995</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48846995</guid></item><item><title><![CDATA[New comment by mrl5 in "Rearchitecting: Redis to SQLite"]]></title><description><![CDATA[
<p>Thank you. First explanation what might be the root cause :)</p>
]]></description><pubDate>Wed, 25 Sep 2024 19:46:24 +0000</pubDate><link>https://news.ycombinator.com/item?id=41651128</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=41651128</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=41651128</guid></item><item><title><![CDATA[New comment by mrl5 in "Ask HN: What tools should I use to manage secrets from env files?"]]></title><description><![CDATA[
<p>This is an interesting alternative to password manager, esp. if you want to version control your secrets
<a href="https://github.com/getsops/sops">https://github.com/getsops/sops</a></p>
]]></description><pubDate>Tue, 24 Sep 2024 20:32:39 +0000</pubDate><link>https://news.ycombinator.com/item?id=41640616</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=41640616</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=41640616</guid></item><item><title><![CDATA[System Logs Aggregation with Postgres]]></title><description><![CDATA[
<p>Article URL: <a href="https://tuxnet.dev/post/20240712_central-logs-postgres/">https://tuxnet.dev/post/20240712_central-logs-postgres/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=40961947">https://news.ycombinator.com/item?id=40961947</a></p>
<p>Points: 3</p>
<p># Comments: 0</p>
]]></description><pubDate>Sun, 14 Jul 2024 16:53:28 +0000</pubDate><link>https://tuxnet.dev/post/20240712_central-logs-postgres/</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=40961947</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=40961947</guid></item><item><title><![CDATA[New comment by mrl5 in "Neon: Comparing type-safe SQL libraries for TypeScript"]]></title><description><![CDATA[
<p>I wonder why pgtyped [1] was skipped<p>[1] <a href="https://github.com/adelsz/pgtyped">https://github.com/adelsz/pgtyped</a></p>
]]></description><pubDate>Fri, 04 Aug 2023 15:42:34 +0000</pubDate><link>https://news.ycombinator.com/item?id=37001551</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=37001551</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=37001551</guid></item><item><title><![CDATA[New comment by mrl5 in "Firejail: Light, featureful and zero-dependency security sandbox for Linux"]]></title><description><![CDATA[
<p>There is also <a href="https://github.com/google/nsjail">https://github.com/google/nsjail</a></p>
]]></description><pubDate>Tue, 11 Jul 2023 15:40:04 +0000</pubDate><link>https://news.ycombinator.com/item?id=36682540</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=36682540</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=36682540</guid></item><item><title><![CDATA[New comment by mrl5 in "The Clock of the Long Now"]]></title><description><![CDATA[
<p>"It is still being assembled deep inside a mountain in west Texas. The Clock provides a rare invitation to think and engineer at the timescale of civilization. It offers an enduring symbol of our personal connection to the distant future."</p>
]]></description><pubDate>Sat, 08 Jul 2023 06:43:24 +0000</pubDate><link>https://news.ycombinator.com/item?id=36641961</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=36641961</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=36641961</guid></item><item><title><![CDATA[The Clock of the Long Now]]></title><description><![CDATA[
<p>Article URL: <a href="https://longnow.org/clock/">https://longnow.org/clock/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=36641960">https://news.ycombinator.com/item?id=36641960</a></p>
<p>Points: 2</p>
<p># Comments: 1</p>
]]></description><pubDate>Sat, 08 Jul 2023 06:43:24 +0000</pubDate><link>https://longnow.org/clock/</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=36641960</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=36641960</guid></item><item><title><![CDATA[New comment by mrl5 in "USB armory – small secure computer from WithSecure (previously F-secure)"]]></title><description><![CDATA[
<p>it went to space recently <a href="https://twitter.com/WithSecure/status/1664260736254717952" rel="nofollow">https://twitter.com/WithSecure/status/1664260736254717952</a><p><a href="https://www.withsecure.com/en/whats-new/pressroom/usb-armory-post-quantum-encryption-put-to-test-in-space" rel="nofollow">https://www.withsecure.com/en/whats-new/pressroom/usb-armory...</a></p>
]]></description><pubDate>Sat, 03 Jun 2023 07:32:08 +0000</pubDate><link>https://news.ycombinator.com/item?id=36174514</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=36174514</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=36174514</guid></item><item><title><![CDATA[New comment by mrl5 in "Zstandard – Real-time data compression algorithm"]]></title><description><![CDATA[
<p>Interesting fact that under the hood it's based on tANS introduced by Jarosław  Duda from Jagiellonian University:<p>some cool references:<p><a href="https://www.youtube.com/watch?v=uXtmN9fE01k" rel="nofollow">https://www.youtube.com/watch?v=uXtmN9fE01k</a><p><a href="https://th.if.uj.edu.pl/~dudaj/" rel="nofollow">https://th.if.uj.edu.pl/~dudaj/</a><p><a href="https://demonstrations.wolfram.com/DataCompressionUsingAsymmetricNumeralSystems/" rel="nofollow">https://demonstrations.wolfram.com/DataCompressionUsingAsymm...</a><p><a href="https://encode.su/threads/2078-List-of-Asymmetric-Numeral-Systems-implementations" rel="nofollow">https://encode.su/threads/2078-List-of-Asymmetric-Numeral-Sy...</a></p>
]]></description><pubDate>Sun, 04 Sep 2022 20:26:22 +0000</pubDate><link>https://news.ycombinator.com/item?id=32717354</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=32717354</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=32717354</guid></item><item><title><![CDATA[New comment by mrl5 in "Show HN: Vulner – discover CVEs for packages installed by the portage"]]></title><description><![CDATA[
<p>## my main motivation for developing `vulner`<p>1. learn rust by doing something tangible<p>2. improve security of funtoo linux (or gentoo, or any other distro that uses portage)<p>## my main motivation to share it on Hacker News<p>I'd like to gather some feedback related to (but not limited to):<p>1. user experience<p>2. potential improvements<p>3. source code (sth like code review)<p>... and maybe even get new users and/or contributors :)</p>
]]></description><pubDate>Fri, 17 Jun 2022 19:52:30 +0000</pubDate><link>https://news.ycombinator.com/item?id=31783392</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=31783392</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=31783392</guid></item><item><title><![CDATA[Show HN: Vulner – discover CVEs for packages installed by the portage]]></title><description><![CDATA[
<p>Article URL: <a href="https://github.com/mrl5/vulner">https://github.com/mrl5/vulner</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=31783375">https://news.ycombinator.com/item?id=31783375</a></p>
<p>Points: 4</p>
<p># Comments: 1</p>
]]></description><pubDate>Fri, 17 Jun 2022 19:50:50 +0000</pubDate><link>https://github.com/mrl5/vulner</link><dc:creator>mrl5</dc:creator><comments>https://news.ycombinator.com/item?id=31783375</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=31783375</guid></item></channel></rss>