I think Docker is a tool, and it depends on how you implement said tool. You can use Docker in ways that make your infra more complicated, less efficient, and more bloated with little benefit, if not a loss of benefits. You can also use it in a way that promotes high uptime, fail-overs, responsible upgrades, etc. Just “Docker” as-is does not solve problems or introduce problems. It’s how you use it.
Lots of people see Docker as the “just buy a Mac” of infra. It doesn’t make all your issues magically go away. Me, personally, I have a good understanding of what my OS is doing, and what software generally needs to run well. So for personal stuff where downtime for upgrades means that I, myself, can’t use a service while it’s upgrading, I don’t see much benefit for Docker. I’m happy to solve problems if I run into them, also.
However, in high-uptime environments, I would probably set up a k8s environment with heavy use of Docker. I’d implement integration tests with new images and ensure that regressions aren’t being introduced as things go out with a CI/CD pipeline. I’d leverage k8s to do A-B upgrades for zero downtime deploys, and depending on my needs, I might use an elastic stack.
So personally, my use of Docker would be for responsible shipping and deploys. Docker or not, I still have an underlying Linux OS to solve problems for; they’re just housed inside a container. It could be argued that you could use a first-party upstream Docker image for less friction, but in my experience, I eventually want to tweak things, and I would rather roll my own images.
For SoC boards, resources are already at a premium, so I prefer to run on metal for most of my personal services. I understand that we have very large SoC boards that we can use now, but I still like to take a simpler, minimalist approach with little bloat. Plus, it’s easier to keep track of things with systemd services and logs anyway, since it uniformly works the way it should.
Just my $0.02. I know plenty of folks would think differently, and I encourage that. Just do what gives you the most success in the end 👍
Hello, apparently hanging out in Lemmy inadvertently makes you thinking about using Linux. I am planning to install Linux Mint cinnamon on an older laptop, which I want to bring to LAN Parties. From what I read I can just format my C:\ windows disk, install Linux via bootable drive and from what I understand, proton is basically...
Some of these tips are dangerous. You generally don’t want cause insensitivity in your shell. Also, ls should never be used as a subshell to find files as a part of commands.
All you need is the TOTP secret, and it will generate OTPs. If you enter the secret in another TOTP app, you’ll also get OTPs. Here’s a Ruby lib that will render OTPs from a secret, for example: github.com/mdp/rotp
For an Android TOTP tool, I like FreeOTP+. You can even use it for Steam OTPs.
A package typically includes the program and its data inside the package. It’s not just an install script. Imagine if Chrome’s MSI installer was simply a wrapper that also downloaded the browser. Imagine if there was a vulnerability with this, and it downloaded and installed something else. Since the package didn’t include the program files, it wouldn’t be able to tell if they were genuine. It only fetched the MSI, which was a download that initially passed the expected checksum (if it even does that).
Additionally, file lists help ensure that programs and packages don’t conflict with one another. What if you wanted Chromium and Chrome at the same time. Can you do that? Simply wrapping an MSI doesn’t guarantee that. Perhaps there are conditionals in an installer that includes a vendored library under some circumstances, which would make them conflict.
What about package removals? Some programs leave a bunch of junk behind in their uninstaller. Typically, since packages very often contain their own files, they simply delete their files when they’re being upgraded or removed. If a package manager puts full trust in an MSI to always be exactly correct, then it loses complete control over correctly managing file removals.
I could go on and on, with more examples, but “run this binary installer” is the Wild West of putting software on your system. This is mostly the status quo on Windows, but this is a very poor standard. Other operating systems have solved this problem with proper packaging for decades.
When building a package from sources, it makes sense to wrap installers, but then you produce a package that is typically distributed by a mirror. These packages would then by downloaded by you, and contain the source of truth that is trusted to be what it is and that it’ll do what it’s supposed to do without any doubts to consistency and security.
You can only teach someone Linux if they have a desire to learn it. If they don’t want to learn it, then they might learn that it’s “bad” or “weird” compared to mainstream OSes, which would be working backwards.
Yeah, package maintainers should have their dependencies figured out. “Managing dependencies is too hard” is a distro packager’s problem to figure out, and isn’t a user problem. When they solve it and give you a package, you don’t need to figure it out anymore.
Plus, frequent breaking changes in library APIs is a big no-no, so this is avoided whenever possible by responsible authors. Additionally, authors relying on libs with shitty practices is also a no-no. But again, you don’t need to worry about dependences because your packager figured this out, included the correct files with working links, and gave them to you as a solved problem.
Maybe you want to migrate a PostgreSQL database to a newer version without starting PostgreSQL server.
Maybe you installed OpenSSH but don’t want sshd to run yet, because you haven’t hardened the configs.
Maybe you installed Nginx as a part of a migration from Apache httpd, but httpd is already running.
In addition, Arch hardly configures your system in a custom way, too. When you install a package, most of the time, it responds with “here are the files from the developer that you asked for.”
If you don’t like this philosophy, then your feelings are perfectly valid, and this is a textbook example of why different distributions exist 👍
So I installed Signal messenger and later needed pulse audio and lsp plugins. Now the search in the menu no longer finds Signal in search. :-( I have to go to “Internet -> Signal” to open it....
Am I wrong to assume that docker is perfect for single board computers that relies on low life expectancy drives (microsd)?
Title. Mostly because of two flags: --read-only and –log-driver.
It's OK if you cry (infosec.pub)
Why you should never use Facebook or Google to log in to third party websites - what to do instead (tilvids.com)
JPEG (lemmy.world)
https://www.smbc-comics.com/comics/167225794620221228after.png
short question by an aspiring user
Hello, apparently hanging out in Lemmy inadvertently makes you thinking about using Linux. I am planning to install Linux Mint cinnamon on an older laptop, which I want to bring to LAN Parties. From what I read I can just format my C:\ windows disk, install Linux via bootable drive and from what I understand, proton is basically...
Works on my machine (programming.dev)
Navigating around in your shell (blog.meain.io)
How to backup 2FA
So basically what title says....
It's (usually) already installed (lemmy.ml)
Any experience with teaching kids Linux?
Any one here has any experience with teaching 8 to 12 years old kids Linux?
Using Fedora Atomic is like... (feddit.de)
Stolen from linuxmemes at deltachat
Based KDE 🗿 (lemmy.ml)
Enabling Bluetooth on Arch Linux (itsfoss.com)
My "Smart"TV keeps connecting to Netflix, and i don't even have Netflix
https://files.catbox.moe/hzglc3.jpg...
How to fix? (i.imgur.com)
So I installed Signal messenger and later needed pulse audio and lsp plugins. Now the search in the menu no longer finds Signal in search. :-( I have to go to “Internet -> Signal” to open it....