Former Reddfugee, found a new home on feddit.de. Server errors made me switch to discuss.tchncs.de. Now finally @ home on feddit.org.
Likes music, tech, programming, board games and video games. Oh… and coffee, lots of coffee!
I � Unicode!
Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!
Programmers / Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.
Security technicians: takes a deep swig of whiskey I wish I had been born in the neolithic.
At least we’re constantly told to be ready to act to reroll secrets, etc and try to automate the change/deployment of changed passwords and such.
Depending on the system you’re working with, this may still be a PITA, but at least we do have plans for even the “problematic” systems and we have probably done this a few times. Although maybe not at this scale, tbh.
So, imagining I were tasked to do that for $hyperscaler in “my” systems… I feel some dread, as even if everything is automated ä, there’s always something that doesn’t go as planned - but at least I know what can be done in which way and which timeframe is realistic (and which parts will be the most sensitive). If you do not have plans, well… Good luck. You’ll need it.
Ok, who of you guys is working with Oracle Cloud and has not yet rerolled all API/Access Keys, passwords and so on? And what company do you happen work for? ^Just asking for a friend^
Maybe I didn’t search right, but since I found podlet first, while looking for a tutorial, I was lazy and gave it a try. It’s result was enough to get me there. Maybe, had I completely read the podlet docs and checked all optional arguments, o could have gotten a perfect result. But that way, I learned better about quadlets.
I’m currently trying to migrate my stack on my VPS from docker to podman. Bonus points if I get it running rootless.
Somehow, podman compose just wouldn’t work with my existing docker compose file. I quickly found out that podman has many options, but quadlets are preferred. It took me a while to understand what they even are and their concept. I did get the idea and the concept from the docs, but everything else was demonstrating how to set up a very simple one (think a hello world container). Or I found some blog posts with ready made complex examples for some random stacks that were way over my head. But a simple tutorial on how to map the fields/parts of a docker compose to a .container, .network or .volume file for my stack consisting of several containers in a few networks with a reverse proxy in front of it? Nope.
I’m the end I found podlet and used that to convert a docker-compose. While the result wasn’t completely working (e.g. a problem with some environment vars that got passed and switched in a few “layers” that podlet understandably messed up), it was enough to understand all of it with the docs and complete the quadlet. Now I just need to experiment with the rootless part.
Currently, my first and foremost pet peeve is, that different distros use different approaches and utilities, but many blog posts or guides don’t tell you what distro they’re for. If you google the problem and find the fourth guide on how to solve it and realize halfway through, that it’s again e.g. for Debian based systems, while you’re running on SUSE or RedHat or Arch or… can be very frustrating.
I also got this survey and I had the same feeling. It felt more like a patron for their game preservation program with possible features like a members-only-community, interviews or documentation about the preserved games, their publishers/studios and the efforts to keep them running or some kind of loyalty rewards/discount coupons. Maybe even ‘special builds’ like ‘experience the OG version 1.0 of $game’.
There was one option, that I interpreted like ‘maybe we will put future compatibility updates after purchase (e.g. supporting Windows 12 or whatever) behind the membership’ - but that’s purely my interpretation of a single bullet point style line in that whole several page long survey
Don’t worry, it’ll cum to your mind
May I press it?
FTFY
IIRC you can send a PM with a command to the remindme bot and it lists all future timers. Not sure whether past timers are included, though.
I’m currently experimenting if I can convert my stack to rootless podman.
I found in my notes, that
A user-mode networking tool for unprivileged network namespaces must be installed on the machine in order for Podman to run in a rootless environment.
Podman supports two rootless networking tools: pasta (provided by passt) and slirp4netns.
Could this be your problem?
Taken from https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md
I can see read posts of dead people!
Now for the news: The judge was found dead this morning after committing suicide by shooting himself in the back 14 times.
Yeah, I drive Horse shift
HorseDick.jpg
Very verbose and communicative? Check
A constant stream of checks for skill in persuasion, deception, intimidation, perception, insight and investigation? Check
Rolling dices? Uhm… Maybe?
I’ll just leave this here
If done correctly, those may only be open from the internet, but not from the local network. While SSH may only be available from your local network - or maybe only by the fixed IP of your PC. Other services may only be reachable, when coming from the correct VLAN (assuming you did segment your home network). Maybe your server can only access the internet, but not to the home network, so that an attacker has a harder time spreading into your home network (note: that’s only really meaningful, if it’s not a software firewall on that same server…)
Instead of thinking with layers, you should use think of Swiss cheese. Each slice of cheese has some holes - think of weaknesses in the defense (or intentional holes as you need a way to connect to the target legitimately). Putting several slices back to back (in random order and orientation) means that the way to penetrate all layers is not a simple straight way, but that you need to work around each layer.
At that point it isn’t your ram anymore…