moonpiedumplings

joined 2 years ago
[–] moonpiedumplings@programming.dev 4 points 14 hours ago (1 children)

Duckduckgo maps, which seems to scrape yelp?

[–] moonpiedumplings@programming.dev 1 points 21 hours ago (1 children)

Try installing the packages mentioned here: https://docs.ankiweb.net/platform/linux/installing.html#requirements

sudo apt install libxcb-xinerama0 libxcb-cursor0 libnss3 libxcb-icccm4 libxcb-keysyms1

[–] moonpiedumplings@programming.dev 2 points 1 day ago (1 children)

It looks like criticisms similar to mine were offered in the comments of the youtube video you linked at first, and now the youtuber has released a second video, a correction. In this video he uses nginx proxy manager and DNS-01 challenges:

https://www.youtube.com/watch?v=XEltHEZU6aE

Big respect for doing that.

I check if it's open source. If I can't find the source code, it's automatically a no go.

Of course, even if it is open source, that's not enough. Sometimes I delegate less trustworthy browser extensions to separate browser profiles, which are isolated and can't read eachothers data.

Talos Linux is an interesting Kuberntes focused Linux distro that has an extremely minimal init system, with only the components needed to launch Kubernetes.

https://docs.siderolabs.com/talos/v1.13/learn-more/components#machined

The idea is that, since Kubernetes can manage services and do basically everything Systemd often does on modern systems, you just have Kubernetes do it instead.

if they do have an init system at all, it’s usually not systemd but something much simpler, because the environment/task doesn’t need it and there’s a memory and storage benefit to not shipping the extra bulk

Systemd often just straight up doesn't work in containers due to containers having security restrictions that prevent processes in them from accessing certain parts of the Linux kernel. Systemd tries very hard to be a container manager (nspawn, portable services, cgroups controls, and so on), whereas other init systems don't do this, making them work inside containers

[–] moonpiedumplings@programming.dev 2 points 2 days ago (1 children)

Is there a cert you are going for specifically?

I've never tried it but it looks reasonable. It is paid, but it offers courses focused towards certifiacates and hands on labs, with fairly reasonable pricing. There is a a weeklong free trial, so you can just use that to test.

Also check out these:

https://killercoda.com/

https://training.play-with-kubernetes.com/

They are truly free, but have a lot less content. I like to use them to teach stuff sometimes.

You can also set up a homelab with Kubernetes for hosting stuff. I actually really like Kubernetes for that usecase.

[–] moonpiedumplings@programming.dev 4 points 4 days ago* (last edited 4 days ago)

There are probably other private parts of the crates website, like the pages for developers who are uploading crates. It makes sense to just give the same error for everything, from the same logic all in one easily auditable spot.

And of course, just because all crates on the site are public now, doesn't preclude the possibility of private crates im the future.

[–] moonpiedumplings@programming.dev 1 points 4 days ago* (last edited 4 days ago)

We have client isolation, but that would not stop the son from “stealing” the IP address his mom uses by spoofing their Mac address. I dont see how client isolation would help here, but I would need some kind of auth approach.

You can have more than one SSID/Wifi Network, each with their own auth, VLAN, and ofc, access to the network.

Although, the approach I would prefer is to just auth the media server itself.

Sure putting them on different subnets would be an elegant solution, but I can only host 4 wifis from my ap and have more than 4 “permission groups”

Ah. Yeah. Then you have to auth the media server itself.

Although, another approach you can do is have people VPN in (even if already local) and the VPN puts them on different subnets.

Or another approach is to use WPA enterprise, where clients have to use a username and a password to connect to the wifi. With each client having a unique identity, you can then control access or assign them to subnets. But your hardware/software has to support that, and you would also need an LDAP/Radius setup probably, it's the most complicated bundle.

So I guess the above 3 options are listed in order of simple to complex.

[–] moonpiedumplings@programming.dev 8 points 4 days ago (2 children)

Only possible to authenticate with Github

They seem to be working on it

If you go to a page which doesn't exist, one would expect to get the 404 HTTP code (not found). So let's try when we query a crate which doesn't exist:

This is the only one I somewhat disagree with. If you give a 403 error whenever you don't have permissions to access a page, and a 404 whenever you access a page, it becomes possible to discover parts of the website that exist but you can't access.

It's because of this, that both Github and Forgejo just return 404 errors when you access a repo that doens't exist OR it's a private repo. A quick test with Codeberg against a repo that probably doesn't exist gives me an error 404 and the message:

The page you are trying to reach either does not exist, has been removed or you are not authorized to view it.

(emphasis mine)

Now, I would rather see 404 errors everywhere instead of 403's. It's way more likely that you are encountering a repo or website path that doesn't exist, than you lacking privileges/auth. But, 403's everywhere is an approach I've seen done before and it makes sense when you understand why.

[–] moonpiedumplings@programming.dev 7 points 4 days ago* (last edited 4 days ago)

Performance, it's slightly slower compared to Bun, but it is faster than Node. But it has sandboxing, which is neat.

[–] moonpiedumplings@programming.dev 6 points 4 days ago* (last edited 4 days ago)

Deno is pretty interesting because it has built in sandboxing. By default, no code can even access the network. Everything must be explicitly allowed, including network access and environment variables: https://docs.deno.com/runtime/fundamentals/security/

Access can be scoped pretty granularly as well, only allowing access to specific websites or env variables.

I really like this model since it offers a strong protection against secrets stealers, which have hit NPM extremely frequently. No more of malicious NPM packages scraping the whole system to find secrets.

It does have a performance tradeoff compared to Bun. Bun is (was?) the fastest, Node was the slowest, Deno was in the middle.

 

Pairdop is an open source, browser based, peer to peer file sharing application.

It is cool because it can find other devices on the network. So you open up pairdrop on one computer, and you open pairdop on another, and then you can see the devices and chat with eachother.

But, you also have the options of:

  • Creating a temporary public room for sharing files over the network to another device
  • Permanently pairing devices so that they can access eachother after you close the app

In addition to that, it's a progressive web application, so you can "install", and/or the web page does not need internet to load, firefox will cache it and let you use the app even if you don't have internet.

There is a publicly hosted instance you can try: https://pairdrop.net/

 

cross-posted from: https://programming.dev/post/52054729

Swarm simulator is an open source idle game:

https://github.com/swarmsim/swarm

 

Swarm simulator is an open source idle game:

https://github.com/swarmsim/swarm

 

I can't find the source code for this, I am posting here to save it to remind myself to search later.

 

Other fun answers:

This site is: https://youraislopbores.me/

This site is a "fake chatgpt" where you can pretend to be chatgpt or ask questions to people pretending to be chatgpt.

 

Phone game that measures how high you can throw your phone into the air...

 

It was fairly easy. I used rustic to back up my entire home directory to a USB flash drive.

The trick is to ensure that all applications (except KDE) are closed. Firefox, for example, really hates if you try to actively sync or copy over it's profile directories while it is running.

And then I also nuked my podman user data. (podman system reset). Podman sometimes makes the ownership of it's files weird, but also the container images take up a lot of space that I don't really care about actually backing up. It's okay if those aren't on the new laptop.

Then I backed up to the usb flash drive:

rustic init -r /path/to/repo — this will prompt you for a password

rustic backup -r /path/to/repo /home/moonpie

One cool thing about the backups is that they are deduplicated and compressed. So I backed up 120 gb of data, but it was compressed to 80 gb.

restic snapshots -r /path/to/repo

The snapshots are deduplicated as well. Data that doesn't change between snapshot versions, doesn't take up any extra space.

rustic restore -r /path/to/repo snapshotid /

The / is needed because rustic restores to paths underneath the thing. It gave me a bunch of permission errors about not being able to read stuff not in my home directory, but eventually it restored all of my data.

And then yeah. All my data. Except Wifi passwords, which I had stored as unencrypted for all users, because I didn't like having to unlock the KDE wallet to get to Wifi passwords when connecting. I had (and have) LUKS encryption so I didn't worry about that too much. But it means that data not in my home directory was not copied over.

It was surprisingly smooth, and now I have all my data and firefox profiles and stuff on the new machine.

 

Finally I can doomscroll books

 

As usual, phoronix is full of trolls. I was surprised to see only 17 comments, but perhaps that's because I viewed this very early. A highlight from the first page:

Everyday we stray further from GNU, POSIX, C, X11 and now SysVinit. 80s are over. Party is over. Wake up. It's 2026. Adapt or perish in irrelevance. Future is bright and is inevitable. Long live systemd, Wayland, Rust, Gnome and atomic and immutable distros.

Given the way this covers Systemd, SysV, and AI agents, and the way that I see trolling on the first page, There is a very real chance this could be one of those legendary Phoronix threads that manages to hit the 500 comment limit.

EDIT: more relevant threads: https://www.phoronix.com/linux/systemd

view more: next ›