Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)M

moonpiedumplings

@ moonpiedumplings @programming.dev

Posts
30
Comments
663
Joined
2 yr. ago

  • Google wants to make sideloading Android apps safer by verifying developers’ identities

    Jump

  • localhosting: selfhosting to the min

    Jump

  • There are a few apps that I think fit this use case really well.

    Languagetool is a spelling and grammer checker that has a server client model. Libreoffice now has built in languagetool integration, where it can acess a server of your choosing. I make it access the server I run locally, since archlinux packages languagetool.

    Another is stirling-pdf. This is a really good pdf manipulation program that people like, that comes as a server with a web interface.

  • FiloSottile/age: A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

    Jump

  • I use this for kubernetes secrets with sops. It works great.

  • Exposing docker socket to a container

    Jump

  • Exposing docker socket to a container

    Jump

  • I've seen three cases where the docker socket gets exposed to the container (perhaps there are more but I haven't seen any?):

    1. Watchtower, which does auto updates and/or notifies people
    2. Nextcloud AIO, which uses a management container that controls the docker socket to deploy the rest of the stuff nextcloud wants.
    3. Traefik, which reads the docker socket to automatically reverse proxy services.

    Nextcloud does the AIO, because Nextcloud is a complex service, but it grows to be very complex if you want more features or performance. The AIO handles deploying all the tertiary services for you, but something like this is how you would do it yourself: https://github.com/pimylifeup/compose/blob/main/nextcloud/signed/compose.yaml . Also, that example docker compose does not include other services, like collabara office, which is the google docs/sheets/slides alternative, a web based office.

    Compare this to the kubernetes deployment, which yes, may look intimidating at first. But actually, many of the complexities that the docker deploy of nextcloud has are automated away. Enabling the Collabara office is just collabara.enabled: true in the configuration of it. Tertiary services like Redis or the database, are included in the Kubernetes package as well. Instead of configuring the containers itself, it lets you configure the database parameters via yaml, and other nice things.

    For case 3, Kubernetes has a feature called an "Ingress", which is essentially a standardized configuration for a reverse proxy that you can either separate out, or one is provided as part of the packages. For example, the nextcloud kubernetes package I linked above, has a way to handle ingresses in the config.

    Kubernetes handles these things pretty well, and it's part of why I switched. I do auto upgrade, but I only auto upgrade my services, within the supported stable release, which is compatible for auto upgrades and won't break anything. This enables me to get automatic security updates for a period of time, before having to do a manual and potentially breaking upgrade.

    TLDR: You are asking questions that Kubernetes has answers to.

  • Homarr - A modern and easy to use dashboard. 30+ integrations. 10K+ icons built in. Authentication out of the box. No YAML, drag and drop configuration.

    Jump

  • Try the yaml language server by red hat, it comes with a docker compose validator.

    But in general, off the top of my head, dashes = list. No dashes is a dictionary.

    So this is a list:

     
        
thing:
    - 1
    - 2

    And this is a dictionary:

     
        
dict:
    key1: value1
    key2: value2

    And then when they can be combined into a list of dictionaries.

     
        
listofdicts:
    - key1dict1: value1dict1
    - key1dict2: value1dict2
      key2dict2: value2dict2

    And then abother thing to note is that yaml wilL convert things into a string. So if you have ports 8080:80, this will be converted into a string, which is a clue that this is a string in a list, rather than a dictionary.

  • Homarr - A modern and easy to use dashboard. 30+ integrations. 10K+ icons built in. Authentication out of the box. No YAML, drag and drop configuration.

    Jump

  • PSA: The Amazon Appstore shuts down next week

    Jump

  • The amazon appstore had this crazy setup where you could get microtransactions in certain games without spending any real money. I must have spent over $1000 on jetpack joyride. I unlocked everything.

  • "You prolly white on here"

    Jump

  • Yeah it's called defcon

  • Kent Overstreet winning hearts and minds in the LKML again.

    Jump

  • I'll say it again and again. The problem is neither Linus, nor Kent, but the lack of resources for independent developers to do the kind of testing that is expected of the big corporations.

    Like, one of the issues that Linus yelled at Kent about was that bcachefs would fail on big endian machines. You could spend your limited time and energy setting up an emulator of the powerPC architecture, or you could buy it at pretty absurd prices — I checked ebay, and it was $2000 for 8 GB of ram...

    But the big corpos are different. They have these massive CI/CD systems, which automatically build and test Linux on every architecture under the sun. Then they have an extra, internal review process for these patches. And then they push.

    But Linux isn't like that for independent developers. What they do, is just compile the software on their own machine, boot into the kernel, and if it works it works. This is how some of the Asahi developers would do it, where they would just boot into their new kernel on their macs, and it's how I'm assuming Overstreet is doing it. Maybe there is some minimal testing involved.

    So Overstreet gets confused when he's yelled at for not having tested on big endian architectures, because where is he supposed to get a big endian machine that he can afford that can actually compile the linux kernel in less than 10 years? And even if you do buy or emulate a big endian CPU, then you'll just get hit with "yeah your patch has issues on machines with 2 terabytes or more of ram" and yeah.

    One option is to drop standards. The Asahi developers were allowed to just merge code without being subjected to the scrutiny that Overstreet has been subjected to. This was in part due to having stuff in rust, and under the rust subsystem — they had a lot more control over the parts of Linux they could merge too. The other was being specific to macbooks. No point testing the mac book-specific patches on non-mac CPU's.

    But a better option, is to make the testing resources that these corporations use, available to everybody. I think the Linux foundation should spin up a CI/CD service, so people like Kent Overstreet can test their patches on architectures and setups they don't have at home, and get it reviewed before it is dumped to the mailing list — exactly like what happens at the corporations who contribute to the Linux kernel.

  • Giving Up on Element & Matrix.org

    Jump

  • [Discussion] Flatpaks, ram/disk usage and compression

    Jump

  • There is uksmd for ram dedupe.

  • New 'Shade BIOS' Technique Beats Every Kind of Security

    Jump

  • It wouldn't, I don't think. Secure boot is the bios/uefi verifying the rest, but this replaces the bios/uefi with something malicious.

  • Deleted

    Permanently Deleted

    Jump

  • No, the duckstation dev obtained the consent of contributors and/or rewrote all GPL code.

    https://www.gamingonlinux.com/2024/09/playstation-1-emulator-duckstation-changes-license-for-no-commercial-use-and-no-derivatives/

    I have the approval of prior contributors, and if I did somehow miss you, then please advise me so I can rewrite that code. I didn't spend several weekends rewriting various parts for no reason. I do not have, nor want a CLA, because I do not agree with taking away contributor's copyright.

  • Deleted

    Permanently Deleted

    Jump

  • This is not the same as the Fedora OBS situation. Duckstation is now under a CC by no derivatives, non commercial clause.

    Packaging software can be considered making a derivative, so people can't really legally package the latest version of Duckstation anymore.

    Instead, the packages use the older GPL version*.

    In theory, nothing would stop Fedora flatpak from simply shipping the OBS version in their own repo instead. But here, something like that isn't legally possible.

    To add further context, it is theorized that this developer**, Stenzek, is actually an alt account of Talreth, the creator of the android PS2 emulator. Both accounts have a pattern of creating a discord, and then being unwilling/unable to moderate it (or appoint any other moderators).

    So Talreth got harassed on discord, because the audience of an android ps2 emulator is mostly children, many of whom are ungrateful. And it ended with Talreth's final update to Aethersx2 being a borking update that broke the emulator for everyone.

    And that is why I would rather not use the official version of duckstation. I'm not interested in seeing my home directory get nuked because some kid called Stenzek a slur on the discord.

    And this is what distros exist for. They act as a barrier, betweem potentially hostile developers and the users. For example, when Audacity added telemetry, all the distros would patch it out when they compiled it.

    *Afaik, he did either get permission to relicense, or rewrite GPL contributions of others. The latest version of Duckstation does not illegally use GPL code.

    ** In r/emulationonandroid, I have been following this drama for a while. A long while. The less mature community seems to be drama prone and it sucks.

    EDIT: Found the reddit post: https://www.reddit.com/r/EmulationOnAndroid/comments/11q726j/do_not_update_aethersx2_on_google_play_i_repeat/ . It's not truly broken, but it did get ads and performance was made much worse.

  • The pest book is finally complete now!

    Jump

  • No, you can do what's called dual licensing, where you make contributes sign an agreement where they give up their code to the org so the org could take it proprietary.

    Part of the controversy over Ubuntu's changes to LXD was the change to this dual licensing setup from a permissive license.

  • Maomao Is Renamed To "Mango"

    Jump

  • at just a glance I have some theories:

    1. the project was named after the creator. Maybe they wanted it to seem more community organized
    2. Food reference. Foss developers often name stuff after food, Idk why. Maybe cuz they like mangos (I do too).
    3. Dodges copyright or trademark issues. Certain things, like town names (wayland is a town in the US) are essentially uncopyrightable/trademarkable, so by naming your project after those you eliminate a whole host of potential legal issues.

    These are just theories though. No reason is actually given, at least not that I could find based on 30s of searching.

  • ArchLinux doesn't boot after computer lost power during system update

    Jump

  • This worked for me. Thankfully, I didn't have a hard crash during an update, so my system proceeded to boot normally.

    The craziest part is that I didn't google this. My computer crashed, I rebooted it via magic sysrq keys, and then booted to an error.

    I went on Lemmy on my phone out of frustration and by sheer chance one of the first things I saw was a solution.

  • ArchLinux doesn't boot after computer lost power during system update

    Jump

  • I think I'm getting the same error as OP, and booting from a snapshot sadly does not work.