I really, really hate this site. This is not the first time I've seen low quality garbage. It reports old news as crazy new novel techniques.

This helm chart is not just matrix/synapse, but also element (web ui), and "matrix authentication service", which adds SSO/OIDC support to a normal synapse instance, which is pretty neat. I haven't seen any helm charts that include the full matrix stack, just separate synapse or element helm charts. And helm definitely makes deploying services to Kubernetes easier than other ways of deploying applications.

The other reason why I like an official helm chart, is because I have seen unofficial one's be stopped being maintained by the community member(s) maintaining them. With an official one, it will (probably) be maintained indefinitely.

Docs:

https://www.psycopg.org/psycopg3/docs/basic/params.html#danger-sql-injection

https://hexgl.bkcore.com

Not on android, but it does have a web version with touch controls.

https://en.wikibooks.org/wiki/Non-Programmer%27s_Tutorial_for_Python_3

So based on what you've said in the comments, I am guessing you are managing all your users with Nixos, in the Nixos config, and want to share these users to other services?

Yeah, I don't even know sharing Unix users is possible. EDIT: It seems to be based on comments below.

But what I do know is possible, is for Unix/Linux to get it's users from LDAP. Even sudo is able to read from LDAP, and use LDAP groups to authorize users as being able to sudo.

Setting these up on Nixos is trivial. You can use the users.ldap set of options on Nixos to configure authentication against an external LDAP user. Then, you can configure sudo

After all of that, you could declaratively configure an LDAP server using Nixos, including setting up users. For example, it looks like you can configure users and groups fro the kanidm ldap server

Or you could have a config file for the openldap server

RE: Manage auth at the reverse proxy: If you use Authentik as your LDAP server, it can reverse proxy services and auth users at that step. A common setup I've seen is to run another reverse proxy in front of authentik, and then just point that reverse proxy at authentik, and then use authentik to reverse proxy just the services you want behind a login page.

I just realized... a previous lemmy post I saw appears to be this sign.

https://discuss.tchncs.de/post/21651766

LXD/Incus. It's truly free/open

Please stop saying this about lxd. You know it isn't true, ever since they started requiring a CLA.

LXD is literally less free than proxmox, looking at those terms, since Canonical isn't required to open source any custom lxd versions they host.

Also, I've literally brought this up to you before, and you acknowledged it. But you continue to spread this despite the fact that you should know better.

Anyway, Incus currently isn't packaged in debian bookworm, only trixie.

The version of lxd debian packages is before the license change so that's still free. But for people on other distros, it's better to clarify that incus is the truly FOSS option.

A tip I have is to move away from manjaro.

When you use a rolling release, you lose one of the main features of stable release distros: Automatic, unattended upgrades. AFAIK, every stable release distro has those, and none of the rolling releases do (except maybe opensuses's new slowroll and centos rolling, but I wouldn't recommend or use them).

Manjaro has other issues too, but that's the big one.

Although I use arch on my laptop, I run debian on my server because I don't want to have to baby it, especially since I primarily access it remotely. Automatic upgrades are one less complication removed, allowing me to focus on my server itself.

As for application deployment itself, I recommend using application containers, either via docker or podman. There are many premade containers for those platforms, for apps like jellyfin, or the various music streaming apps people use to replace spotify (I can't remember any of the top of my head, but I know you have lots of options).

However, there are two caveats to docker (not podman) people should know:

• Docker containers don't auto update. Although you can use something like watchtower to automatically update them. As for podman, podman has an auto update command you can probably configure to run regularly.
• Docker bypasses your firewall. If you forward port 80, docker will go around the firewall and publish it. The reason for this is that most linux firewalls work by using iptables or nftables behind the hood, but docker also edits those directly... this has security implications, I've seen many container services people didn't intend to put on the public internet, on there.

Podman, however, respects your firewall rules. Podman isn't perfect though, there are some apps that won't run in podman containers, although my use case is a little more niche (greenbone service and vulnerability scanner).

As for where to start, projects like linuxserver provide podman/docker containers, which you can use to deploy many apps fairly easily, once you learn how to launch apps with the compose file. Check out this nextcloud dockerized, they provide. Nextcloud is a google drive alternative, although sometimes people complain about it being slow.. I don't know about the quality of linuxserver's nextcloud, so you'd have to do some research for that, and find a good docker container.

I haven't encountered any of these issue on matrix, but admittedly I haven't joined a lot of matrix chats.

Yeah but if you automatically pay authors a dollar or two for every view, rather than your data, then how will data brokers resell your data hundreds of times for hundreds of dollars?

I joined the cybersecurity club at my school and they used word or pdf for submissions. I spent a good 15 minutes trying to get code blocks and proper formating working on either but it didn't work. I gave up and just tool a scrolling screenshot of my blog and added a link in the docx file.

(And yes, I tried pandoc. My blog uses quarto, a static site generator based on pandoc markdown, and it uses pandoc. I tried to generate word and pdf using it and they looked awful.)