[-] moonpiedumplings@programming.dev 2 points 2 months ago

Joysticks on the bottom again... whyyyyy...

My hands find that setup so uncomfortable, I wish they would put them on the top.

[-] moonpiedumplings@programming.dev 2 points 3 months ago

Personally, I think Proxmox is somewhat unsecure too.

Proxmox is unique from other projects, in it's much more hacky, and much of the stack is custom rather than standards. Like for example: For networking, they maintain a fork of the Linux's older networking stack, called ifupdown2, whereas similar projects, like openstack, or Incus, use either the standard Linux kernel networking, or a project called openvswitch.

I think Proxmox is definitely secure enough, but I don't know if I would really trust it for higher value usecases due to some of their stack being custom, rather than standard and mantained by the wider community.

If I end up wanting to run Proxmox, I’ll install Debian, distro-morph it to Kicksecure

If you're interested in deploying a hypervisor on top of an existing operating system, I recommend looking into Incus or Openstack. They have packages/deployments than can be done on Debian or Red Hat distros, and I would argue that they are designed in a more secure manner (since they include multi tenancy) than Proxmox. In addition to that, they also use standard tooling for networking, like both can use Linux Bridge (in-kernel networking) for networking operations.

I would trust Openstack the most when it comes to security, because it is designed to be used as a public cloud, like having your own AWS, and it is deployed with components publicly accessible in the real world.

[-] moonpiedumplings@programming.dev 2 points 3 months ago

Their license is not a free software/content license, as it has a non-commercial clause.

I'm frustrated with non-commercial as a clause because it feels difficult to define. Even though selling the content is pretty clear cut, there are so many ways to reuse content that indirectly make money, in a society where everything is business. If I use this content on my resume and then that gets me a job, was it a commercial usecase?

[-] moonpiedumplings@programming.dev 2 points 3 months ago

the licence is still in the spirit of open source

that's the problem. The license is only good in spirit, and simply doesn't work in practice.

For example, a corporation could run a subsidiary business which doesn't make enough money to violate the license, which then rents use of the software to the the big corporation. Google used to use a similar scheme, to shift money around and essentially evade taxes.

Although in a legal system where money is a win button, you can't really win going to win even if they just decided to violate the license.

Anyway, if you don't want big corporations to use it, just use the AGPL.

Google basically bans use of the AGPL internally — you can't even install AGPL apps!

[-] moonpiedumplings@programming.dev 2 points 3 months ago* (last edited 3 months ago)

I don't know how to retire a car but my dad has guided me through replacing a few bits of the engine mount, so does that count?

[-] moonpiedumplings@programming.dev 2 points 9 months ago

https://wiki.archlinux.org/title/List_of_applications/Internet#Pastebin_services

That pages shows how to use curl to upload to 0x0.st.

I've used the pastebinit program listed on that page to upload to paste.debian.net, but it supports other sites as well.

[-] moonpiedumplings@programming.dev 2 points 10 months ago

Because forgejo's ssh isn't for a normal ssh service, but rather so that users can access git over ssh.

Now technically, a bastion should work, but it's not really what people want when they are trying to set up git over ssh. Since git/ssh is a service, rather than an administrative tool, why shouldn't it be configured within the other tools used for exposes services? (Reverse proxy/caddy).

And in addition to that, people most probably want git/ssh to be available publicly, which a bastion host doesn't do.

When syncthing is configured to go both ways (the default), it also syncs any deletions. You can somewhat get around this by something like one way sync, but it's not really a proper "backup" software.

Personally, I like to treat data synced by syncthing, even between multiple machines, as one copy of the data when I am following the 3-2-1 backup rule*, because syncthing won't save me from a buggy program deleting all my files or user error, or anything like that.

*See wikipedia for info about the 3-2-1 backup rule.

It doesn't need root, but it is shady as fuck. Thankfully, there's been no reports of malware from the official lucky patcher project... although that link doesn't look official, given the ads and popups, I got that link from my copy of the app.

I briefly looked into the revanced project to see if they had any relevant patches, as I would rather recommend FOSS solutions first, and revanced is shaping up to be lucky patcher, but FOSS, but they didn't have anything,

[-] moonpiedumplings@programming.dev 2 points 1 year ago* (last edited 1 year ago)

Such a pattern is common in Spain, called "Siesta".

I used to do this before my days got busier, now I aim for one 6-8 hour block at night.

You can also look into "polyphasic sleep" - which doesn't actually work unless you get enough sleep though.

Siesta, and what you do is "biphasic sleep" - two phases.

Nothing in the cloud.

We have a proxmox cluster, which is where this would probably go, but I would prefer a non-integrated solution, rather a single thing I can either put within a proxmox vm (nested virtualization) or on an on premise piece of physical hardware.

[-] moonpiedumplings@programming.dev 2 points 2 years ago* (last edited 2 years ago)

My important data is backed up to several usb drives, and kept in sync between two computers via syncthing. Soon I will back it up to my college's box cloud, using rclone's crypt feature.

But this isn't about data. This is about me being able to tinker without worry, breaking down to even the lowest level of my system. In addition to that, I don't want to have to waste time manually restoring a system snapshot/backup, as I will soon be busy with other things like classes. I want a one step process.

view more: ‹ prev next ›

moonpiedumplings

joined 2 years ago