Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)M

moonpiedumplings

@ moonpiedumplings @programming.dev

Posts
30
Comments
658
Joined
2 yr. ago

  • Hmm, any XCP-NG fans for self-hosting?

    Jump

  • Care to elaborate? Proxmox's paid tier is long term support for their older releaes, and paid support. The main code is entirely free, with no features gated behind paywalls or anything like that.

  • What’s a graphical piece of software you wish existed or was better?

    Jump

  • Check out turbowarp, an ultra fast reimplementation of scratch.

    I've seen games that only worked in turbowarp.

    Custom editors are probably needed.

  • What’s a graphical piece of software you wish existed or was better?

    Jump

  • What’s a graphical piece of software you wish existed or was better?

    Jump

  • Kde's spectacle (screenshot utility) does this by default now.

  • Fun/interesting things to self host?

    Jump

  • I don't see any mention of games so far.

    A minecraft server is always a good time with friends, and there are hundreds of other game servers you can self host.

  • The Quest for Reasonably Secure Operating Systems

    Jump

  • Syd3, and gvisor, a similar project in go aren't really sandboxes but instead user mode emulation of the linux kernel. I consider them more secure than virtual machines because code that programs run is not directly executed on your cpu.

    Although syd3 doesn't seem to emulate every syscall, only some, I know rhat gvisor does emulate every syscall.

    If you compare CVE's for gvisor and CVE's for xen/kvm, you'll see that they are worlds apart.

    Xen has 25 pages: https://app.opencve.io/cve/?vendor=xen

    Gvisor has 1: https://app.opencve.io/cve/?q=gvisor

    Now, gvisor is a much newer product, but it is still a full 7 years old compared to xen's 22 years of history. For something that is a third of the age, it has 1/25th of the cve's.

    There is a very real argument to be made that the hardened openbsd kernel, when combined with openbsd's sandboxing, is more secure than xen, which you brought up.

  • Docker security

    Jump

  • I don't know what the commenter you replied to is talking about, but systemd has it's own firewalling and sandboxing capabilities. They probably mean that they don't use docker for deployment of services at all.

    Here is a blogpost about systemd's firewall capabilities: https://www.ctrl.blog/entry/systemd-application-firewall.html

    Here is a blogpost about systemd's sandboxing: https://www.redhat.com/en/blog/mastering-systemd

    Here is the archwiki's docs about drop in units: https://wiki.archlinux.org/title/Systemd#Drop-in_files

    I can understand why someone would like this, but this seems like a lot to learn and configure, whereas podman/docker deny most capabilities and network permissions by default.

  • Nuked and back again – a tale of losing and recovering a bare-metal kubernetes cluster (mostly)

    Jump

  • Is your flux config public?

  • Thanks Solver

    Jump

  • 99.9999% of freecell games are winnable. Very nice, and one of the reasons I preferred freecell.

  • Rust-Written Redox OS Sees Initial Wayland Port

    Jump

  • Shut up science!!

    Jump

  • FreeBSD Networking on a Laptop is Unpleasant

    Jump

  • Re: lag.

    LACP doesn't even work between wifi and ethernet, doesn't it? I thought it required configurations on the network switch, which implies ethernet.

    The bug they mention seems to only apply to the LACP mode of link aggregation, when they should probably be trying to use failover from this page. Where what you do is set the ethernet as the primary and the wifi as the failover (although this doesn't seem to work on their case because the ethernet interface is dynamically created.

    Other complaints and issues they have still apply as well.

  • Steam Deck lead reveals Valve is funding ARM compatibility of Windows games “to expand PC gaming” and release “ultraportables” in the future

    Jump

  • I understand the technical challenges with running x86 apps on arm... but multiple wrappers that do something similar to proton have already been released.

    If you follow the r/emulationonandroid subreddit, they have gotten PC games working on android for a while now. One of the wrappers, gamehub, has made it to the playstore. You can just sign in to your steam account (don't do that gamehub is sketchy af, proprietary, and by a company that stole gpl code fro, yuzu and didn't release a derivative product), download games, and play them.

    The current concern is performance, but most lower and midrange games run just fine.

  • Zero Trust Architecture

    Jump
    1. Corporations really, really love being admin on everybody elses devices. See kernel level anticheat.
    2. I feel like people have gotten zero trust (I don't need to trust anybody) confused with "I don't trust anybody".
    3. I was listening to a podcast by packet pushers and they were like "So you meet a vendor, and they are like, 'So what do you think zero trust means? We can work with that'".

  • Advice needed for working with GPU's in an HA Cluster

    Jump

  • Yes, you have noticed that HA with GPU's is very, very difficult. My understanding is that most people have given up, where they use something like kubernetes and just kill and restart the application on another machine, instead of truly failing over a virtual machine/container.

    Now, you've stated that you can't afford enterprise grade gpu's. That's okay. You should know that there exist projects to unlock vgpu features on non-enterprise/server grade nvidia gpus.

    this is the main one: https://github.com/DualCoder/vgpu_unlock — but it only supports 2080 nvidia gpus and below. It looks like there is some work on getting 30/40 series nvidia gpus working, but I cannot find a public guide. It should be noted that only the 30/40 series has tensor cores!

    Now, even if you cannot get vgpu working, you should also know that although you cannot share a virtual machine between virtual machines, you can can share a gpu between LXC containers, which proxmox supports management of.

    all of my VM’s are built as if they can freely migrate

    I also want to clarify something about the way HA in proxmox works. Live migration only works when the relevant proxmox hosts are online. Failover, which is a form of high availability, happens when a host goes offline, and the new virtual machine reboots from the shared storage in use.

    My honest recommendation is to give up on HA for this. Going for minimal cost, I would buy one cheaper GPU (intel arc's offer best bang for buck right now iirc) which is dedicated to VDI and jellyfin hardware decoding (but this only works if your VDI and jellyfin are in LXC containers... since there is also no vgpu), and buy one more expensive nvidia gpu with tensor cores for machine learning and AI workflows.

  • [solved] Why is there no .gz.tar?

    Jump

  • This is what zip does. It compresses files individually, and then combines them into the archive. This comes with the advantage that you don't have to extract the whole archive to view and edit files, but it comes with a very big disadvantage, which is that there is no compression across files. Redundant data in each file is not deduplicated.

    Tar.gz does compress across files, which saves more space. That is to say, the reason why we don't just tar gzed files together, is because people decided that compression savings matter more than not having to extract the whole archive to view/edit files.

    7z is the best of both worlds, as it compresses across files, but also lets you view and edit files without extracting the whole archive. But it's important to remember that tar.gz is ubiquitous for it's compatibility, rather than it's performance or features. Even the most smallest, stripped down utilities, or the most oldest, out of date systems, always have gz and tar, whereas even on modern desktop distros 7z may need to be explicitly installed.

  • Average Debian system update experience:

    Jump

  • Despite all the warnings not to install kali linux, I decided to install kali linux and I am now encountering an issue I would not face had I chosen to use a linux distro designed with normal desktop use in mind. Can anyone help me?

    Actually, modern kali is a lot more usable than the older kali. Kali used to only have a root user, so chromium and electron apps wouldn't start since they don't run as root.

    Despite this, nowadays I generally recommend new people away from kali, because I believe the process of installing the tools that kali provides on other distros is a valuable learning experience.

    Kali is great for the professional, but but learners I prefer they get to experience the package manager or other aspects of system management.

  • Harper: Free, Open Source Grammar Checker

    Jump

  • Languagetool's browser extension is no longer open source, which has me concerned. You can still point it at a local server, but yeah.

  • WinBoat adds support for Podman, UWP, app filtering and more

    Jump

  • UWP 💀

    UWP is Microsoft's "new" app format, it's what the windows store and the xbox use.

    It also isn't compatable with wine, and my pet theory is that this was the entire point of it. Combined with Windows S mode, which doesn't let you install apps other than from the windows store, the goal was to lock down the windows ecosystem by having apps that can't be made to run on linux.

    I remember seeing a compatability layer for UWP apps a while ago, and I am pleased to see that it has come this far. Great work!

    Edit: wait this uses a windows VM. Still good though and lets people escape the windows ecosystem.

  • Emulation - Retro Gaming In Style @lemmy.world
    moonpiedumplings @programming.dev

    My perspective on Duckstation

  • NixOS @infosec.pub
    moonpiedumplings @programming.dev

    home-manager now has a built in option to wrap packages with NixGL, for non-nixos systems

    home-manager.dev /manual/unstable/index.xhtml
  • nixos @lemmy.ml
    moonpiedumplings @programming.dev

    home-manager now has a built in option to wrap packages with NixGL, for non-nixos systems

    home-manager.dev /manual/unstable/index.xhtml
  • Nix / NixOS @programming.dev
    moonpiedumplings @programming.dev

    home-manager now has a built in option to wrap packages with NixGL, for non-nixos systems

    home-manager.dev /manual/unstable/index.xhtml
  • Linux @lemmy.world
    moonpiedumplings @programming.dev
    Solved but only for mpv

    Is there any way on KDE, I can "click through" a partially transparent window to interact with the window behind it instead?

  • Linux @lemmy.ml
    moonpiedumplings @programming.dev
    Solved but only for mpv

    Is there any way on KDE, I can "click through" a partially transparent window to interact with the window behind it instead?

  • Linux @programming.dev
    moonpiedumplings @programming.dev
    Solved but only for mpv

    Is there any way on KDE, I can "click through" a partially transparent window to interact with the window behind it instead?

  • The Eternal Playlist @crazypeople.online
    moonpiedumplings @programming.dev

    JT Music — Tiny Toilet Man

  • Kubernetes @programming.dev
    moonpiedumplings @programming.dev

    KubeVirt user interface options | KubeVirt.io

    kubevirt.io /2019/KubeVirt_UI_options.html
  • Open Source @lemmy.ml
    moonpiedumplings @programming.dev

    GitHub - element-hq/ess-helm: Element Server Suite Community Edition

    github.com /element-hq/ess-helm/
  • Opensource @programming.dev
    moonpiedumplings @programming.dev

    GitHub - element-hq/ess-helm: Element Server Suite Community Edition

    github.com /element-hq/ess-helm/
  • Ask Lemmy @lemmy.world
    moonpiedumplings @programming.dev

    Give me some of your hardest riddles? (with solutions in spoilers)

  • Asklemmy @lemmy.ml
    moonpiedumplings @programming.dev

    Give me some of your hardest riddles? (with solutions in spoilers)

  • Linux @lemmy.world
    moonpiedumplings @programming.dev

    There doesn't appear to be a limit to the maximum size the KDE cursor can get when you shake it.

  • Linux @lemmy.ml
    moonpiedumplings @programming.dev

    There doesn't appear to be a limit to the maximum size the KDE cursor can get when you shake it.

  • Linux @programming.dev
    moonpiedumplings @programming.dev

    There doesn't appear to be a limit to the maximum size the KDE cursor can get when you shake it.

  • Programmer Humor @lemmy.ml
    moonpiedumplings @programming.dev

    shell-mommy is a program that encourages users while using command line applications.

    github.com /sudofox/shell-mommy
  • Programmer Humor @programming.dev
    moonpiedumplings @programming.dev

    shell-mommy is a program that encourages users while using command line applications.

    github.com /sudofox/shell-mommy
  • Linux @programming.dev
    moonpiedumplings @programming.dev

    Introducing Incus 6.7

  • Programmer Humor @lemmy.ml
    moonpiedumplings @programming.dev

    93% of Paint Splatters are Valid Perl Programs