IMO, the best free option is https://freedns.afraid.org/. The biggest downside of that one is that you have to login a couple times a year (IIRC?) to keep it active. I actually still use this even though I have a paid domain, I just CNAME my real domains to the afraid dynamic name. That was easier than changing the config every time I become unhappy with my domain registrar and have to reconfigure everything after swapping.
That doesn’t mean the issue wasn’t/won’t be escalated. It might even mean it’s more likely since someone bothered to make a response macro for it, they presumably got more than one or two emails about it. So it’s probably more likely to make it on a “list of issues we saw this week/sprint/month/quarter”.
Less commercial interest means only hobby level development
Podman is developed by RedHat: https://github.com/containers/podman/graphs/contributors
As others have said, it’s quite good on privacy. For the truly paranoid, IIRC you can even self-host the sync server.
From the security perspective of privacy, do make sure to use a good password for the Mozilla account, the account password is also the encryption key for the E2E encryption.
Assuming you meant de-federate, there are a few listed on https://fedipact.online/ that seem to be lemmy instances.
Unfortunately, no. Samba needs a different label. Doing that relabels things so that only containers (and anything unrestriced) can access those files.
IMO, yes. Docker (or at least OCI containers) aren’t going anywhere. Though one big warning to start with, as a sysadmin, you’re going to be absolutely aghast at the security practices that most docker tutorials suggest. Just know that it’s really not that hard to do things right (for the most part[1]).
I personally suggest using rootless podman with docker-compose via the podman-system-service.
Podman re-implements the docker cli using the system namespacing (etc.) features directly instead of through a daemon that runs as root. (You can run the docker daemon rootless, but it clearly wasn’t designed for it and it just creates way more headaches.) The Podman System Service re-implements the docker daemon’s UDS API which allows real Docker Compose to run without the docker-daemon.
If anyone can tell me how to set SELinux labels such that both a container and a samba server can have access, I could fix my last remaining major headache. ↩︎
I’m not sure that applies to billionaires, who have unlimited access to the best possible medical care.
Defense in depth. If something escapes the container it’s limited to only what’s under that user and not the whole system. Having access to the whole system makes it easier for malware to hide/persist itself.
If your distro offers it, rootless podman + podman system service is the best setup, IMO. That will give you a docker
command that is 1-to-1 compatible with docker and lets you use tools like docker-compose that expect a docker service socket. Then you can just follow tutorials that only explain things for docker.
That’s not really possible with docker TBH, and I say that as a diehard Podman advocate. Docker, the tooling that you install with your package manager, is open source. Sure they have windows and mac desktop stuff that isn’t open, but it’s not like you’re self-hosting with that, right?
Plus there’s always Podman to switch to, which can be a (mostly) drop-in replacement, if you want something with a more trustworthy provenience.
Ah, nice. I think that’s exactly what I was trying to describe. Thanks for the suggestion!
Though, I think the git forge ‘backend’ + “Static CMS” frontend seems a bit more featureful and slick. I think I’m going to keep going down that path instead for now. Good to have a backup of exactly what I originally thought I wanted though.
Gotcha, I’m trying to find something that doesn’t require me to use a local editor. I want to give myself as smooth of an opportunity as possible to write small thoughts. That’s my current setup and even that little bit of friction seems to keep me from writing. (Or that’s my current excuse anyway…)
Nifty. At first blush just making a static clone of a dynamic site doesn’t feel as elegant as using a code forge editor, but I’ll keep that idea in mind if I find the editing experience (images and whatnot) to be too clunky with the gitea suggestion.
Do you just use the gitea web editor for that? (I assume it has one right?) Does it provide a nice markdown-aware editor?
C was originally created as a “high-level” language, being more abstract (aka high-level) than the other languages at the time. But now it’s basically considered very slightly more abstract than machine code when compared to the much higher level high-level languages we have today.