Max-P

You just put both in the server_name line and you’re good to go.

With Docker, the internal network is just a bridge interface. The reason most firewall rules don’t apply is a combination of:

• Containers have their own namespace including network namespace, so each container have a blank iptables just for them.
• For container communication, that goes through the FORWARD table, not the INPUT/OUTPUT ones.
• Docker adds its own rules to ensure that this works as expected.

The only thing that should be affected by the host firewall is the proxy service Docker uses to listen on a port on the host and send it to the container.

When using Docker, each container acts like an independent machine, and your host gets configured to act as a router. You can firewall Docker containers, the rules just need to be in the right place to work.

It’s sitting at around 46GB at the moment, not too bad.

Instance is a year and a few months old, so I could probably trim down the storage a bit if needed by purging stuff < 6 months old or something.

I think it initially grows as your users table fills up and pictrs caches the profile pictures, and then it stabilizes a bit. I definitely saw much more growth initially.

You need an account to upload stuff. The Internet Archive isn’t just archiving websites, you can also upload book scans to them, rips of old floppies and discs for old software, even old TV shows and movies. For example, the entirety of the Computer Chronicles series is available for download there.

I subscribe to a few more communities and my DB dump is about 3GB plain text, but same story, box sits at 5-15% most of the time.

I would literally donate money directly to Valve if I could for all the good selfless work they’re doing.

Their work on sponsoring DXVK, and Proton’s development, their contributions to make the AMD drivers even more awesome, gamescope, they’ve been driving all the HDR and VR work on Linux, and now they’re also getting even more hands on with Wayland through frog-protocols.

Meanwhile the others are either doing nothing at all except selling the games, or actively sabotaging Linux gaming and furthering Microsoft’s monopoly like Epic Games is doing with their intrusive anti-cheat.

Being on Steam is being strongly pro-consumer and the first thing a developer not publishing on Steam does to me is make sure I’m very unlikely to buy their games because at least on Steam I know I won’t get ripped off.

Couldn’t care less about whiny developers complaining they make slightly less millions in sales for overpriced AAA games, and still impose their own launcher and shit because they only treat Steam like a store and nothing else. I pick what’s good for the players not the developers. If they’re unhappy there’s dozens of indie developers in line to pick up the slack willing to make games I’m willing to pay for.

EDIT: And a couple hours later, Valve delivers once again: https://lists.archlinux.org/archives/list/arch-dev-public@lists.archlinux.org/thread/RIZSKIBDSLY4S5J2E2STNP5DH4XZGJMR/?sort=date

Having the web server be able to overwrite its own app code is such a good feature for security. Very safe. Only need a path traversal exploit to backdoor config.php!

Yep, and I’d guess there’s probably a huge component of “it must be as easy as possible” because the primary target is selfhosters that don’t really even want to learn how to set up Docker containers properly.

The AIO Docker image is an abomination. The other ones are slightly more sane but they still fundamentally mix code and data in the same folder so it’s not trivial to just replace the app.

In Docker, the auto updater should be completely neutered, it’s the wrong way to update the app.

The packages in the Arch repo are legit saner than the Docker version.

I’ve heard very good things about resold HGST Helium enterprise drives and can be found fairly cheap for what they are on eBay.

I’m looking for something from 4TB upwards. I think I remember that drives with very high capacity are more likely to fail sooner - is that correct?

4TB isn’t even close to “very high capacity” these days. There’s like 32TB HDDs out there, just avoid the shingled archival drives. I believe the belief about higher capacity drives is a question of maturity of the technology rather than the capacity. 4TB drives made today are much better than the very first 4TB drives we made a long time ago when they were pushing the limits of technology.

Backblaze has pretty good drive reviews as well, with real world failure rate data and all.

That sounds great and all on paper but that also requires a ton of moderation overhead as now every small instance has to have enough mods to deal with everything being posted, since moderation would be local only. So all the spam and CSAM would have to be taken down by each individual instance. Would also somehow have to find a way for instances to pull the hashtags out of every federated instance too. The way it works on Mastodon is someone follows an account and that causes the data to get pulled in. On Lemmy you don’t follow users, you need a way to pull the data in.

The end result would be a mess of instances not even agreeing on vote counts with vastly different comments too, and even the posts.

Lemmy doesn’t aim to be an uncensorable platform. I join communities for the content, the users, and for better or for worse, the mods too.

The individual problems of having to deal with the duplicate communities will get worked on eventually.

Ethernet splitter

What kind of splitter? Not a hub or switch, just a passive splitter?

Those do exist to do 4x 100M links on a single pair each, but you can’t just plug those into a router or switch and get 4 ports, it still needs to eventually terminate as 4 ports on both ends.

If you’re behind Cloudflare, don’t. Just get an origin certificate from CF, it’s a cert that CF trust between itself and your server. By using Cloudflare you’re making Cloudflare responsible for your cert.

And all that forever too. The developers don’t pay a dime after Steam’s cut to keep the game alive and downloadable and playable. Even Steam keys, you can sell as many as you want outside of Steam, for free.

The devs can just raise the price by 30% if they feel they really need the money. I’ll pay the extra to have it on Steam and just work out of the box in Proton. Unlike Apple, it’s not a monopoly, nothing stopping anyone from just distributing on their own.

Epic is anti-consumer and also anti-Linux, they don’t make any effort to support other platforms, the app is shit.

Meanwhile, Steam is

• Actively working with the FOSS community to help preserve old games
  • Kernel improvements for better graphics performance
  • Lots of VR and HDR work
  • Many contributions to the open-source AMD drivers
• Has been supporting Linux gaming for a decade with no signs of backing down
• They have a portable Linux gaming console experience, and it’s intentionally left wide open for users to mess with
  • They’ve taken several community features and built them into the OS
• Their DRM is weak and unintrusive
• Their anticheat is ununtrusive
• The sales are pretty good
• They have tons of features for users:
  • Family sharing
  • Remote Play Together
  • Remote Play
  • Streaming
  • Community forums for every game
  • Mod workshop
  • Matchmaking
  • Steam Chat / Voice Chat / Streaming

The only appealing thing for EGS is, EGS takes a lower cut from the developers who just pockets it and doesn’t even result in lower prices for users. As a Linux user, praise our Lord GabeN for all the good Valve has done for gamers. Even for the developers, most are quite happy with the services they get back from that 30% cut.

I’d say the dislike is mainly that for the users, EGS doesn’t bring in anything new or interesting or useful that Steam didn’t already do well, and goes directly against a lot of the good Steam has been doing. It’s just a store that makes big developers slightly more happy.

There’s also Cockpit if you just want a basic UI

We’ve been using vector rendering for decades, this isn’t new at all. This just makes it better because supposedly now it can be offloaded to the GPU.

From the OS’s perspective it doesn’t care: it hands a rectangle to the application to render into along with some metadata like what scaling to render as. Then the application does what it needs to do to get the pixels in there.

This would be handled entirely in Qt, in this case, but any competing toolkit can also implement something similar and all.

No but it does show how much capitalism relies on the absolute exploitation of the labor market and the double-standards from the US in that regard. Free market good but only when US companies are the ones fucking everyone over.

• US companies buying cheap stuff from China and marking it up 500%: good, American values
• China cuts the middleman and sells the same product for the same price they would sell it to the reseller: noooooo we can’t compete with that, China bad, it’s so unfair! Waaaaaaa

At least the EU doesn’t constantly brag about muh freedom and how the free market is the best thing ever and you’re a commie if you don’t agree that capitalism is the best.

I believe you, but I also very much believe that there are security vendors out there demonizing LE and free stuff in general. The more expensive equals better more serious thinking is unfortunately still quite present, especially in big corps. Big corps also seem to like the concept of having to prove yourself with a high price of entry, they just can’t believe a tiny company could possibly have a better product.

That doesn’t make it any less ridiculous, but I believe it. I’ve definitely heard my share of “we must use $sketchyVendor because $dubiousReason”. I’ve had to install ClamAV on readonly diskless VMs at work because otherwise customers refuse to sign because “we have no security systems”. Everything has to be TLS encrypted, even if it goes to localhost. Box checkers vs common sense.

IMO that’s more of a problem with the industry not really caring to support lower specs, or generally not seeing the deck as a real console or platform to target. People still make Switch games and the damn thing was already outdated at launch and they even underclocked it for good measures.

At 800p you’ve got to start thinking, is most of the detail those games compute even actually visible the on screen? How many PCs does that make obsolete? If the deck can’t run it at 800p, even at 1080p you’re gonna need what, an RTX 2060 for the lowest settings on a PC?

Some of the example titles don’t even sound like they’re the kind of titles that are made to showcase what your 4090 can do, which logically you’d want as many people as possible to be able to play it.

LetsEncrypt certs are DV certs. That a put a TXT record for LetsEncrypt vs a TXT record for a paid DigiCert makes no difference whatsoever.

I just checked and Shopify uses a LetsEncrypt cert, so that’s a big one that uses the plebian certs.