Thanks for the correction. A full month is much more problematic.

Thanks, SUSE completely slipped my mind

How does the xz incident impacts the average user ?

It doesn’t.

Average person:

• not running Debian sid, Fedora nightly, Arch, OpenSUSE Tumbleweed, or tbh any flavour of Linux. (Arch reportedly unafffected)
• ssh service not exposed publicly

The malicious code was discovered within a day or two a month of upload iirc and presumably very few people were affected by this. There’s more to it but it’s technical and not directly relevant to your question.

For the average person it has no practical impact. For those involved with or interested in software supply chain security, it’s a big deal.

Edit:
Corrections:

• OpenSUSE Tumbleweed was affected; Arch received malicious package but due to how it is implemented did not result in compromised SSH service.
• Affected package was out in the wild for about a month, suggesting many more affected systems before malicious package was discovered and rolled back.

Seems he’s revealing that he is either Bruce Wayne or Bane. As they’re the only two to ever escape from the pit; historically speaking.

Probably not exactly what you’re looking for, but for my personal use I just set up a repo in my git forge (gitea in my case) with a bunch of markdown files in various folders and a Hugo theme.

Every time I want to update a document I can click the link at the bottom of the “Wiki” page and edit it in Gitea’s WYSIWYG editor. Similar process if I want to make a new document. When I save the changes I have a CI job (native to Gitea/Github) that uses Hugo to build the markdown docs into a full website and sync it to a folder on one of my servers where it’s picked up by a web server.

Sounds complicated when I type it all out, but the only thing that I can reasonably expect to be a deal breaker is the Hugo software, of which there are archived versions, and even if there wasn’t Hugo’s input is just markdown, so I can repurpose however I see fit.

You could probably do something similar with other SSG’s or even use Github’s pages feature, though that does add a failure point if/when they decide to sunset or monetize the feature.

It’s because the original image macro that this is based on was about piracy, saying something along the lines of “I bring a certain ‘just torrent it’ vibe to the conversion that the riaa just doesn’t like.”

Their reuse of the macro is indirectly an answer or a continuation of it that can be seen as acknowledging the original message.

They did. Its called airmessage. Has been around for almost 3 years now

Just this one https://wallhaven.cc/w/2y2wg6

Have it hard-coded in my config so I’m less likely to faff around with my wallpaper instead of doing something productive. Less cognitive load IMO

lemfinity

Full disclosure: I’ve never used 1Password so can’t really comment on it compared with others, but I’m currently running a selfhosted Bitwarden re-implementation (vaultwarden) and am generally pretty happy with it. I’ve only ever used LastPass as a password manager before (aside from a seeding algo back in the day), and while I really don’t like their business practices or security history, their extension has or at least had a bit better consistency on Firefox than Bitwarden does, at least with regards to detecting username/password fields and detecting when a new credential is being created and asking it to be saved automatically. That being said, it’s something that I can live with considering it’s free software. As far as I’m aware, in terms of features all the big players in that space are pretty evenly matched, though I do remember some advanced feature that 1Password offered over others; maybe related to privilege access management in enterprise.

Newsgroup.ninja, because I support fellow ninjas and pirates.

Have a backup block on Usenet Farm which I’ve basically never needed.

Raft by Stephen Baxter. Part of the Xeelee sequence series.

Currently on book 2: Timelike Infinity and I’m liking it quite a bit.

Which Android devices are you currently using?

Oneplus 7 Pro

What do you love most about them?

Having a pop-up camera probably, clean uninterrupted screen.

Having an unlockable bootloader and non-oem roms is pretty nice too.

What do you dislike?

Probably the rounded glass screen edges.

Stock roms are utter trash.

Have 256gb storage, but microsd expansion would be nice.

Would love to run CalyxOS or GrapheneOS, but understandably there’s no build for this phone.

Edit: Detail. Also probably won’t consider changing phone until Google foldables get good and can de-google with a aftermarket rom.

Well that’s disappointing. I’ll have to investigate further I guess. I was really hoping to set it up (at least initially) without any type of media storage.

Oh, I forgot it even had an invite code. It’s been quite a while since I registered. Thanks for reminding me!

probably ee3(dot)me. It’s register only though, and somewhat limited selection. No ads though

Oh I see, I definitely misunderstood what you were asking. How is your caddy server set up? Is it serving one site per subdomain (site.your.domain) or is it one site per path (your.domain/site/)? I am running traefik so I probably won’t be able to help with specifics, but it’s worth a shot.

The way I have my monitoring set up is to poll the containers from behind the proxy layer. Ex. if I’m trying to poll Portainer for example:

---
services:
    portainer:
    ...

with the service name portainer

from uptime-kuma within the same docker network it would look like this:

Can confirm this is working correctly to monitor that the service is reachable. This doesn’t however ensure that you can reach it from your computer, because that depends on if your reverse proxy is configured correctly and isn’t down, but that’s what I wanted in my case.

Edit: If you’re wanting to poll the http endpoint you would add it before like http://whatever_service:whatever_port

I believe the Pictrs is a hard dependency and Lemmy just won’t work without it, and there is no way to disable the caching

I’ll have to double check this but I’m almost certain pictrs isn’t a hard dependency. Saw either the author or one of the contributors mention a few days ago that pictrs could be discarded by editing the config.hjson to remove the pictrs block. Was playing around with deploying a test instance a few days ago and found it to be true, at least prior to finalizing the server setup. I didn’t spin up the pictrs container at all, so I know that it will at least start and let me configure the server.

The one thing I’m not sure of however is if any caching data is written to the container layer in lieu of being sent to pictrs, as I didn’t get that far (yet). I haven’t seen any mention that the backend even does local storage, so I’m assuming that no caching is taking place when pictrs is dot being used.

Edit: Clarifications

Thanks for sharing! I’ll definitely be looking into adding this to my infra alerting stack. Should pair well with webhooks using ntfy for notifications. Currently just have bash scripts push to uptime-kuma for disk usage monitoring as a dead man trigger, but this should be better as a first-line method. Not to mention all the other functionalities it has baked in.

Edit: Would also be great if there was an already compiled binary in each release so I can use bare-metal, but the container on ghcr.io is most-likely what I’ll be using anyway. Thanks for not only uploading to docker hub.