irotsoma

A desktop environment is a waste of resources on a system where you’ll only use it to install and occasionally upgrade a few server applications. The RAM, CPU power, and electricity used to run the desktop environment could be instead powering another couple of small applications.

Selfhosting is already inefficient with computing resources just like everyone building their own separate infrastructure in a city is less efficient. Problem is infrastructure is shared ownership whereas most online services are not owned by the users so selfhosting makes sense, but requires extra efficiencies.

How do you connect? Is there a domain? Is that domain used for email or any other way that it might circulate?

Also, depends on if the IP address was used for something in the past that was useful to target or not. And finally do you use that IP address outbound a lot, like do you connect to a lot of other services, websites, etc. And finally, does your ISP have geolocation blocks or other filters in place?

It’s rare for a process to just scan through all possible IP addresses to find a vulnerable service, there are billions and that would take a very long time. Usually, they use lists of known targets or scan through the addresses owned by certain ISPs. So if you don’t have a domain, or that domain is not used for anything else, and you IP address has never gotten on a list in the past, then it’s less likely you’ll get targeted. But that’s no reason to lower your guard. Security through obscurity is only a contributory strategy. Once that obscurity is broken, you’re a prime target if anything is vulnerable. New targets get the most attention as they often fix their vulnerabilities once discovered so it has to be used fast, but tend to be the easiest to get lots of goodies out of. Like the person who lives on a side street during trick-or-treat that gives out handfuls of candy to get rid of it fast enough. Once the kids find out, they swarm. Lol

At work we have 6 environments other than production. At home just one. I created a way to ease deployment of the environment from scratch using a k0sctl config and argocd and the data gets backed up regularly if I need to restore that, too.

Note that often it’s more efficient to move infrequently accessed memory for background tasks to swap rather than having to move that out to swap when something requires the memory causing a delay in loading the application trying to get the RAM, especially on a system with lower total RAM. This is the typical behavior.

However, if you need background tasks to have more priority than foreground tasks, or it truly is a specific application that shouldn’t be using swap and should be quickly accessible at all times, or if you need the disk space, then you might benefit from reducing the swap usage. Otherwise, let it swap out and keep memory available.

I mean LLC is just a nice option if you want it to be easy to transfer it to someone else next time so they don’t have to go through any hassle. Adding someone to an LLC to have control over the assets is just easier than if an individual owns those assets.

But this all comes down to ownership. Someone owns the rights to the domain. Sonatype obeys that ownership. So it really comes down to how the owner wants to handle it. And in the US anyway, lawyers aren’t really required for an LLC, depending on the state you live in. Many it’s just a couple of simple documents and a small fee. That’s why LLCs are used by rich people to hide their money, it’s cheap and easy. I’ve done it many times in multiple states for various projects and never had any legal background. The nonprofit part is a little more work, but as long as you aren’t bringing in any money, its not necessary. Still easy in practice, but more research to figure out. Also, it comes with a lot of benefits like free access to a lot of stuff, including some from Sonatype. But again, not required, just thinking ahead and how I would do it.

First step would be just to contact the domain owner. If they are no longer interested in owning that asset, then they may just give it to you. If they are unresponsive and the domain is not in use for anything else, you could also contact the registrar and report it and if they can’t contact the domain owner there’s a possibility that they may allow you to purchase it depending on their policies.

Again, don’t get discouraged, and I’m totally willing to give pointers if you decide to go the nonprofit LLC route, but first, just contact the owner and maybe they’ll just give you the login for the domain registrar or if they don’t want to give up the ownership of the domain, maybe just authorize you with Sonatype to publish the artifacts. Essentially, because it’s an ownership issue, the owner needs to be involved.

Only the owner of a domain can publish a package attributed to that domain. Otherwise you’d have random hackers publishing malware as an Apache project or something. All you can do is try to contact the owner of the domain and see if they are willing to transfer ownership to you, or better yet, set up a nonprofit LLC, or whatever it’s called in your country, to have it transfered to.

This. Get in writing the specific legally binding policies for personal use of their network resources. Not just the personal opinion of the IT people. They don’t write the legally binding policy that you are responsible for following.

I mean, in most cases this isn’t criminal law (in the US at least), so it means you have to attract enough attention of a corporation since they’re usually the only ones who can afford the legal costs to file the DMCA requests and responses for copyright violation. And with many other civil issues, often corporations with the money for it, don’t have standing to sue, and if they did, would be required to sue each individual in the appropriate jurisdiction.

With the removal of Section 230, these costs will go down significantly as a single user’s violation could be enough to bankrupt or shut down an entire site of violating content or, if serious criminal violations like child porn, put the person who hosts the site in prison who, will be much easier to identify and sue in a single jurisdiction or arrest than a random internet user.

Yeah, other countries have similar or even more strict requirements, so yeah it all depends on the jurisdiction. You have to also understand that just hosting something externally, doesn’t mean you don’t fall under laws of another country. It’s the internet. And if you live in a country, you may be held responsible for obeying their laws. I’m not a lawyer, so it’s something to be careful of even if externally hosted.

This is especially necessary to consider if you live in the US right now. One of the things the current administration is pushing for even harder than past administrations is removal of Section 230 of the communications act that was enacted in the 90s. This provides a defense against liability for the content you host as long as you make a reasonable effort to remove content that is illegal. Problem is that this makes it really difficult to censor (maliciously or otherwise) content because it’s hard to go after the poster of the content and easier to go after the host or for the host to be under threat to stop it from being posted in the first place. But it’s a totally unreasonable thing, so it basically would mean every website would have to screen every piece of content manually with a legal team and thus would mean user generates content would go away because it would be extremely expensive to implement (to the chagrin of the broadcast content industries).

The DMCA created way for censors to file a complaint and have content taken down immediately before review, but that means the censors have to do a lot of work to implement it, so they’ve continued to push for total elimination of Section 230. Since it’s a problematic thing for fascism, the current administration has also been working hard to build a case so the current biased supreme court can remove it since legislation is unlikely to get through since those people have to get reelected whereas supreme court justices don’t care about their reputation.

So, check your local laws and if in the US, keep an eye on Section 230 news as well as making sure you have a proper way to handle DMCA takedown notices.

Are there any guides to using it with reverse proxies like traefik? I’ve been wanting to try it out but haven’t had time to do the research yet.

Problem is that unless the person was paid for contributing, what goods or services are being exchanged with the project. I mean if Microsoft received money from that person for a subscription or something I might see them having to ban the user and refund the money. But what did the project receive that would violate sanctions? Volunteer work is usually not covered or else relief organizations and religious missionaries would be banned and the US historically loves sending those. What am I missing?

Rust crates manifest file requires a license be set to be hosted on crates.io and the example manifest file uses:

[package] 
license = "MIT OR Apache-2.0"

Something like the Java’s jar manifest doesn’t have a predefined license property for interpreters to parse. Maven has a property, but it’s not required.

Yes it’s defects in the ingress-nginx controller package.

Yes, but punish the government and those who support those governments. The majority of people who live in a fascist country do not agree with the government otherwise fascism wouldn’t be necessary.

I live in the US and I don’t agree with nor apologize for the anti-trans, anti-women, anti-immigrant, and racist policies the federal government has recently implemented. In fact many policies directly affect me and my wellbeing.

I voted against them, but unfortunately we weren’t given an option to vote for something better because of the way things work here. And many of these countries don’t even have that. Nor do I think anyone else who lives in or visits the US should be punished for the actions of its government. Same goes for any other country.

And in this case it looks like it may just be someone visited one of those countries sometime in the past, though details are scarce. I get then need to sanction people involved with the bad stuff, but people who just visit or live there with no other connection to the bad stuff is a little extreme. Especially since contributing to this project, for free, is not producing profit for or supporting any government.

I think its just that the language having built in licensing is a newer concept as opposed to just having a companion document. And MIT and Apache are the licenses the pieces of the language is licensed under, so they made those default. That way it’s a conscious decision to make it more restrictive.

I don’t think it’s Rust exactly. I think Rust is just newer and this attracts developers with less experience with licensing. It’s not really something developers want to think about very much so they often just use the default. Heck, most code on github, etc., didn’t have any licenses at all for a really long time until businesses realized they couldn’t use the code without them due to copyright laws being applied by default but patents not being default in many countries, etc.

There are consequences to using copyleft as opposed to more permissive libre licenses, and vice versa, that may not be well understood by a lot of developers in general until they get into a situation where it matters. Either their code can’t be used by people they wanted to sue it, or companies are abusing the code without proper attribution, etc.

Depends on what you’re backing up. Is it configs for applications, images, video, etc? If it’s application configs, you can set up those applications in a virtual machine and have a process run that starts the machine, restores the configs, and makes sure the applications start or whatever other tests you want. There are applications for doing that.

If it’s images or videos, you can create a script to randomly pick a few, restore them, and check the integrity of the files. Usually just a check of the file header (first few bytes of the file) will tell you if it’s an image or video type of file and maybe a check on the file size to make sure it’s not an unreasonably small size, like a video that’s only 100 bytes or something.

All this seems like overkill though in most scenarios.

If you want to keep your LDAP as the source of truth, then Keycloak is also a very good option. I did that originally, but decided I only had a couple of things needing LDAP and that wasn’t worth keeping it around. Authentik was a good way to emulate an LDAP but with a different back end. But Keycloak is definitely my recommendation in your case.

Keycloak. Took me a bit to learn the basics, but it has been way easier to troubleshoot than Authentik and has more features. If you need something that mimics LDAP rather than syncing with an existing LDAP, then Authentik is pretty good. I don’t use LDAP, though.