Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)GF
gaylord_fartmaster @lemmy.world
Posts 1
Comments 355
Proton releases a self-custody bitcoin wallet | Proton Wallet is open source and has been audited by a third-party firm, the company said
  • I never switched to Proton for exactly this reason. I'd much rather use a service that does one thing really well than one that does 20 things okay.

    It's all just to keep you locked into your subscription. Now they want you to keep other money tied up in it too.

  • Proxmox bind mounts are a nightmare for user permissions
  • The issue is that the docker container will still be running as the LXC's root user even if you specify another user to run as in the docker compose file or run command, and if root doesn't have access to the dir the container will always fail.

    The solution to this is to remap the unprivileged LXC's root user to a user on the Proxmox host that has access to the dir using the LXC's config file, mount the container's filesystem using pct mount, and then chown everything in the container owned by the default root mapped user (100000).

    These are the commands I use for this:

    find /var/lib/lxc/xxx/rootfs -user 100000 -type f -exec chown username {} +;
    find /var/lib/lxc/xxx/rootfs -user 100000 -type d -exec chown username {} +;
    find /var/lib/lxc/xxx/rootfs -user 100000 -type l -exec chown -h username {} +;
    find /var/lib/lxc/xxx/rootfs -group 100000 -type f -exec chown :username {} +;
    find /var/lib/lxc/xxx/rootfs -group 100000 -type d -exec chown :username {} +;
    find /var/lib/lxc/xxx/rootfs -group 100000 -type l -exec chown -h :username {} +
    

    (Replace xxx with the LXC number and username with the host user/UID)

    If group permissions are involved you'll also have to map those groups in the LXC config, create them in the LXC with the corresponding GIDs, add them as supplementary groups to the root user in the LXC, and then add them to the docker compose yaml using group_add.

    It's super confusing and annoying but this is the workflow I'm using now to avoid having to have any resources tied up in VMs unnecessarily.

  • Server HDD selction
  • I've been doing this for at least a decade now and the drives are just as reliable as if you bought them normally. The only downside is having to block one of the pins on the SATA connector with kapton tape for it to work.

  • What are some privacy focused forms of entertainment?
  • You'd be surprised how often none of that is touched, and I really doubt any repackers are bothering to block any network calls if the original scene release didn't. I've used some equivalent of OpenSnitch that prompts on all network requests that I haven't explicitly allowed already for the past decade, and at least 90% of all games I downloaded during that time tried to phone home.

    ALWAYS set firewall rules to block internet access to any software you pirate.

  • Next BioShock developer "ramping up"
  • A series whose last entry ended with revealing infinite accessible alternate universes has nowhere left to go? Also, a series whose entire reason for existing was to be a spiritual successor to System Shock now needs its own spiritual successor? Why?

  • What are some of the obstacles of making an existing game open source?
  • Someone made something up about you once, so now your plan is to never be introspective again for the rest of your life?

    Good luck with that. I'm sure the issue in that situation was definitely how self-aware you were at the time.

  • Trump is Immune
  • You're being unnecessarily pedantic about your second point. To most people an "email account" is going to mean an email address and mailbox, which is what she had, on her insecure personal email server.

  • Should I use a reverse proxy in a homelab?
  • I like the workflow of having a DNS record on my network for *.mydomain.com pointing to Nginx Proxy Manager, and just needing to plug in a subdomain, IP, and port whenever I spin up something new for super easy SSL. All you need is one let's encrypt wildcard cert for your domain and you're all set.

  • Flatpak haters seem to believe that if an app isn't on their distro's repos, it's the developers' fault.
  • I only use rolling releases on my desktop and have ran into enough issues with apps not working because of changes made in library updates that I'd rather they just include whatever version they're targeting at this point. Sure, that might mean they're using a less secure version, and they're less incentivized to stay on the latest version and fix those issues as they arise, but I'm also not as concerned about the security implications of that because everything is running as my unprivileged user and confined to the flatpak.

    I'd rather have a less secure flatpak then need to downgrade a library to make one app I need work and then have a less secure system overall.

  • 90's Music @lemmy.world gaylord_fartmaster @lemmy.world

    Example - Slow Motion

    Really good obscure indie 90's hip-hop.

    The Strive is another great song from the same EP.

    0