I’ve not used dockge so it may be great but at least for this case portainer puts all the stack (docker-compose) files on disk. It’s very easy to grab them if the app is unavailable.
I use a single Portainer service to manage 5 servers, 3 local and 2 VPS. I didn’t have to relearn anything beyond my management tool of choice (compose, swarm, k8s etc)
With a small amount of effort and the use of https://github.com/nanos/FediFetcher and https://github.com/g3rv4/GetMoarFediverse you can mitigate basically all those issues. It’s still not perfect by any means but it results in a perfectly usable single user instance.
The first populates the replies of the home timeline posts you see (as well as profiles of people it finds in those replies) and the second pulls down all the content from instances you select for your followed hashtags (choose mastodon.social and you can guarantee you’ll see most all posts with those tags)
IIRC your data would live on your chosen pod server - which does not have to be a fediverse instance.
I’ve not tried it but have been keep tabs.
The two main problems appear to still be ongoing PRs/issues; magazine/community sidebar content doesn’t update and doesn’t federate out at all to lemmy, and moderation actions don’t federate at all (any of the various types) - which is particularly problematic.
If only k/mbin federated better - I’d be all over it :(
If you need something not on steam (GOG, Epic etc) you’ll also want Heroic Game Launcher which wraps those services in the same Steam Linux magic.
Main page of dashboard
If you long press on a tile (this is kitchen)
I’ve had a BBE for almost 4 years, I use it daily. I can create nicer tasting espresso based drinks than Starbucks and Costa and basically any other local coffee shop.
The only people I’ve found locally that can do a better job are the ones who roast the beans I use - and I’d be surprised if they couldn’t.
Ah, well that is indeed unfortunate and realistically also a bit shit.
ActivityPub implementations generally don’t allow this.
This comment will, when I click ‘Reply’, be sent to your instance (dormi.zone), that instance should then run it’s filter/block checks on it and if it’s happy it will forward it onto the lemmy.ml instance for further disemination amongst the subscribers of the group.
If you were to have blocked me then my reply will appear on my instance only (which is admitedly tiny - at 1 user) and go no further. This kind of falls apart if I were to be on a bigger instance as more people would see the reply.
That said, Lemmy may not be doing that quite right as the whole Groups/Communities thing is sort of an extension of the main protocol. I hope it’s doing it the right way.
If buying isn’t owning then piracy isn’t stealing.
Didn’t even think 4k80 was generally available yet?
You’ve not factored in egress costs. Which on Amazon can add up quite quickly.
There’s a couple of caveats with it, but I think neither are worse than your proposed flow.
Immich does support folders?
https://immich.app/docs/administration/storage-template/
With this you can store your photos in whatever structure you want.
I watched something very similar to this hit at least 40mph (~65kph) down my 30mph (~50kph) limit road the other day. The guy did not have a helmet on and was in a light jacket and jeans with trainers.
It was as you said, a motorcycle with pedals - only ridden by more of an idiot than the people who ride around during summer on 600cc bikes wearing shorts and t-shirts (cause at least they have a crash helmet on)
Yes.
Docker will have only exposed container ports if you told it to.
If you used -p 8080:80 (cli) or - 8080:80 (docker-compose) then docker will have dutifully NAT’d those ports through your firewall. You can either not do either of those if it’s a port you don’t want exposed or as @moonpiedumplings@programming.dev says below you can ensure it’s only mapped to localhost (or an otherwise non-public) IP.
Documentation people don’t read
Too bad people don’t read that advice
Sure, I get it, this stuff should be accessible for all. Easy to use with sane defaults and all that. But at the end of the day anyone wanting to using this stuff is exposing potential/actual vulnerabilites to the internet (via the OS, the software stack, the configuration, … ad nauseum), and the management and ultimate responsibility for that falls on their shoulders.
If they’re not doing the absolute minimum of R’ingTFM for something as complex as Docker then what else has been missed?
People expect, that, like most other services, docker binds to ports/addresses behind the firewall
Unless you tell it otherwise that’s exactly what it does. If you don’t bind ports good luck accessing your NAT’d 172.17.0.x:3001 service from the internet. Podman has the exact same functionality.
Strap that into a tank, with - hear me out - legs, and we’re golden.