Time to avoid Nginx then …

https://www.theregister.com/2024/02/16/freenginx_fork/

I’d always get industrial or enterprise hardware. It’s just better.

I have never seen anything valuable and/or good coming from that instance. Only trolling or hate. So I put it on my instance ignore list.

Yep, it’s the easiest solution. You could also check if the provided hardware is necessary or if your ISP allows other devices to be connected. Then you could use the Fritzbox directly.

Get a somewhat recent Fritzbox and connect all your hardware to this device and then configure it to use your ISP-provided as uplink in the Fritzbox configuration. Since you already use an AVM repeater it should work well together with a Fritzbox.

Some strict mail servers even blacklist you if the DMARC record is missing.

+1 for Forgejo. Runs butter smooth even on not so high-end machines. You can even mirror your GitHub repos.

Plus: It is not owned by a for-profit organization.

You should switch to Forgejo, though. Gitea is owned and maintained by a for-profit corporation that recently decided that all non-Gitea copyright notices from all files have to be removed (which in the end allows relicensing it to a more restrictive license and even making it nonfree).

The corporation taking over Gitea from the community was also a hostile takeover.

https://forgejo.org/compare

B̸̖͊̑E̶͕̜̻̓̎ ̵̯͗̅̓͜N̸̻͒̿O̷̧̪̦̱͒͝T̸̡͇̤͚̉́ ̴̜̻͇͔̋̒̽̾Ả̸̱̋F̵̤̖̊̀Ŕ̷̢̭̦͂͑͊A̵͎͉̙̿Ḯ̴̧Ḏ̶̩̻̽͜͠͝

I remember years ago it already was like this in the forums. It actually made me stop using it and running a custom made web based reader for some time.

I wouldn’t use it anymore nowadays.

FreshRSS is the way to go. It even has plugins (and a plugin for YouTube channels as RSS feeds, very convenient).

This is really dependent on […]

… basically anything. Yes. You will always find yourself in problems where the best practice isn’t the best solution for.

In your described use case an option would be having the application inside the container running with 10000:10001 but writing the data into another directory that is configured to use 1000:1001 (or whatever the user is you want to access the data with from your host) and just mount the volume there. This takes a bit more configuration effort than just running the application with 1000:1001 … but still :)

Yep! The names are basically just a convenient way for referencing a user or group ID.

Under normal circumstances you should let the system decide what IDs to use, but in the confined environment of a docker container you can do pretty much what you want.

If you really, really, really want to create a user and group just set the IDs manually:

FROM alpine:latest
COPY myscript.sh /app/myscript.sh
RUN addgroup -g 10001 mycoolgroup && adduser -D -u 10000 -G mycoolgroup mycooluser
USER mycooluser:mycoolgroup
CMD ["sh", "/app/myscript.sh"]

Just make sure to stay at or above 10000 so you won’t accidentally re-use IDs that are already defined on the host.

You don’t need to create the user first. Here’s the simplest I can come up with:

FROM alpine:latest
COPY myscript.sh /app/myscript.sh
USER 10000:10001
CMD ["sh", "/app/myscript.sh"]

This simply runs /app/myscript.sh with UID 10000 and GID 10001.

It’s actually a suggested configuration / best practice to NOT have container user IDs matching the host user IDs.

Ditch the idea of root and user in a docker container. For your containerized application use 10000:10001. You’ll have only one application and one “user” in the container anyways when doing it right.

To be even more on the secure side use a different random user ID and group ID for every container.

there is no one single entity, or group of entities, dominating it all.

This is what Zuck wants to change with Threads.

lol

lol

I was hoping for an article about the various massive technical and legal issues it has, but oh well.

Annoyingly, I can’t seem to get Bing to generate an image that isn’t square.

Maybe try to cheat that it. Like “… with large black border on top and bottom” (or left/right, depending on what you want) and then manually cropping the result.

That is just not true! You should just use Arch to see the truth!

I use Arch, btw.

Absolutely!

Finally I could live a good life - in my dreams at least.