Skip Navigation
Linux Scores A Surprising Gaming Victory Against Windows 11
  • I must admit that my evil self waits a crowdstrike-like event, but with a kernel-level anti-cheat instead. On the more serious side, it baffles me how much the vast majority of people don't care about privacy or security problematics. They literally don't give a f**k.

  • Why do so many people use NGINX?
  • HAproxy is good at what it does but it’s only good at proxying and simple rules.

    It's possible to write very complex rules/ACLs with HAproxy... stick-tables, ACLs with regexes on whatever HTTP header, source or destination ACLs, map files, geoblocking, lua scripting, load-balancing from round-robin to host header load balancing, dynamic backend servers provisionning through DNS... Not that you can't do it with Nginx (it started as a reverse-proxy before becoming a jack of all trades), nor that nginx isn't a great tool (it is!), but HAProxy can do very complex things too. It also follows the good ol' UNIX philosophy of "one program to do one thing and do it well" and thus doesn't try to be a webserver, hence why you need a webserver behind it to serve anything from static files to PHP/Python/whatever.

  • How bad/terrible is this docker image? (Click here to see it.)
  • You're welcome! scratch and distroless are indeed basically the same thing, scratch being the 'official' docker minimal image while distroless is from google - as I'm more a Kubernetes user (at home and at work) than a Docker user, I tend to think about distroless first :) - my apologies if my comment was a bit confusing on this matter.

    By the way, have fun experimenting with docker (or podman), it's interesting, widely used both in selfhosting and professional environments, and it's a great learning experience - and a good way to pass time during these long winter evenings :)

  • How bad/terrible is this docker image? (Click here to see it.)
  • A bit late but you might want to have a look at docker multi-stage build documentation which does exactly what you did (start from a base image then copying stuff from it to your own image), something like that:

    FROM someimage:sometag AS build
    [do stuff]
    FROM minimalimage:someothertag
    COPY --from=build /some/file /some/other/file
    [and so on]
    USER somebody
    CMD ["/path/somecommand"]
    

    Which will simplify building new images against newer "build" image newer tags easier.

    btw, you were quite creative on this one! You also might want to have a look at the distroless image, the goal being to only have the bare minimum to run your application in the image: your executable and its runtime dependencies.

  • Zelensky refuses to hold elections in wartime Ukraine
    • France, 1914-1918 war: no elections
    • UK, 1939-1945: No general elections were held during the Second World War until Allied victory was assured via acts of Parliament; hence the 1935 House sat until 1945. (per Wikipedia)

    Shall I continue?

  • Are older, but Linux compatible computers capable of running the newest kernel/version of various distros?
  • good old x201 here (i5-720m iirc), 8GB ram, sata ssd. Debian stable. No DE, just stumpWM. Not watching 4k youtube videos but runs fairly well for a 13 years old machine.

  • "Linux Desktop: A Collective Delusion" - an unhinged rant
  • Nope. That's called the burden of proof. You started by saying "gimp is shit", it's up to you to prove it, it's not up to the people responding you to disprove your point of view. What you're doing right now is called a fallacy and just totally discredit yourself.

  • Raspberry Pi or other in data center.
  • If you are in France, or around Europe and don't mind sending your Pi via mail to them, Faimaison and Tetaneutral do propose small computers hosting in their datacenter racks, Pi type included, but also NUCs, respectively for 24€/month (bit expensive but small structure compared to Tetaneutral edit: it's ~15€/month nowadays) and 5 to 10€ / month. That's just an example. Generally you'll get one IPv4 and one /56 or /64 IPv6 prefix.

    You might want to look near your location if there is a LUG, non-profit ISP, or non-profit colocation proposing the same kind of services. You may even meet some nice people! But it's definitely doable at least in Europe.

  • [RANT] I pay $70/mo for this privilege
  • 1Gbps down/700Mbps up here, 35€/month (another french provider), no data caps - for 5 bucks/month more I could have 5Gbps down/1Gbps up, but... well, my home network is still using 1Gbps switches - but all the cabling was built with 10Gbps in mind.

    Data caps are pure robbery. We run a non-profit ISP/hosting platform and a non-profit IXP with friends in West France, the only thing you pay (and the only thing end users should have to pay) is goddamn bandwidth.

  • Windows 11 vs Linux supported HW
  • Can confirm, recently installed it on a friends' dell G3 laptop and I was quite impressed to see that it recognized both the nvidia graphics card and the intel GPU without a hitch, and installed the nvidia proprietary driver directly from the live usb.

    Then I installed it on my wife's mother thinkpad x260, because she was bored with Windows "getting in [her] way" (her words, not mine) and wanted to try something else (70 years old grandma, main usage is web browsing, mails, some accounting on LibreOffice Calc, Zoom with her friends and... that's all). Everything worked out of the box (well, the x260 is pretty standard by the way). I showed her how to upgrade, how to use her software, how to install or uninstall software from the package manager GUI, and how to use workspaces. She didn't call for help once, and, for the moment, when I ask her about it she's quite pleased with it.

    I'm a Debian and OpenBSD guy but recently got a second hand thinkpad yoga X390 laptop and decided to give Pop a try on it. From touchscreen to touchpad gestures to automatic screen rotation in tent or tablet mode - everything works out of the box (except for the fingerprint reader, but well, we're used to that). Basically it's Ubuntu 22.04 LTS without the snap hassle and a recent kernel (6.4 right now). For what I tested it on, it's always been a pleasant experience.

    Of course, YMMV, and I might as well go back to my trusty Debian Stable + flatpak setup if things goes awry but right now I'm quite impressed with what they've managed to do.

  • The author of vim has sadly passed away
  • Recently I used testdisk/photorec to recover photos from a dead sd card. Made a small donation and sent a big thank you to the developer. As you said, sending appreciations and thanks for someone's hard work is an important thing to do, and if applicable, small donations. Right now I'm quite ashamed I've never did the same for Vim while Bram was still alive, especially since Vim is one of the most important tools I daily use :/.

  • The author of vim has sadly passed away
  • I use Vim since 31 years. Started in 1992, on Amiga with Fred Fish disks. I use Vim daily at work since 20 years. It's like a second home for me, a familiar tool which makes me confident that it'll help me manage whatever task I throw at it. I never had the pleasure to encounter Bram to tell him how much his work helped me throughout the years. I should have sent a "thank you for your hard work" mail when it was still possible. Now I can only send condolences. And some money to the ICCF. That's the least I can do.

  • run my own authoritative DNS
  • Kudos for mentionning powerDNS, it's an amazing software :)

    One thing I love with powerDNS is the various backends available, notably the postgreSQL and mariaDB/mysql ones. Only the primary powerdns instance modifies the database records, the secondary instances just read from database (master or replicas). Thus, no real need for AXFR: as soon as you added/modified a record on the primary, the secondary pdns servers will see it in the database.

    The pdnsutil CLI tool is also really convenient, and the powerDNS API is a godsend when you need to automatise stuff for thousands of domains and hundred of thousands of records. There's also a nice third-party webUI (powerdns-admin, docker image: pdnsadmin/pda-legacy). Bonus, Terraform does have a powerdns provider.

    At work we use dnsdist (from powerDNS too) to load-balance between our powerdns instances (with caching!), and to filter out/rate-limit/temporary ban bad actors (dns laundering, records enumeration and such for example).

  • What is your machine naming scheme?
  • Physical machines get stars names: Vega, Arcturus, Polaris, Fomalhaut, Deneb, Antares, Procyon, Algol, Aldebaran... and so on.

    Virtual machines naming scheme is more reasonable: [os]-[role][number if needed]. Examples:

    • alp-proxy
    • talos-controlplane-3, talos-worker-1, talos-worker-6
    • deb-storage
  • lidstah lidstah @lemmy.sdf.org
    Posts 0
    Comments 14