Most of the money does not go into the browser anyways.

That really hurts.

And two networks and a reverse proxy and four more volumes …

It’s absurdly complex and annoying and lacks proper documentation.

There currently is no sane way to deploy it via docker since it needs half a dozen of different containers and volumes and networks to barely work at all - overwriting/ruining your already existing setup while doing so.

The cleanest would likely be setting up a VM where you set up docker in and let Lemmy do whatever it wants.

The old age of the Docker image is a bit of a red flag to me.

I settled with SWS since the Docker image and a locally installable version are actively maintained by the creator. It just serves static files and optionally directory listing as JSON (which comes in quite handy).

There is an XKCD for that. Replace “standards” with “programming languages”.

Especially not one I have to “subscribe” to.

The whole idea is just ridiculously stupid.

Ladies and gentlemen, we have a winner!

Temporary workaround applications/scripts become de-facto standards sounds familiar. They disabled loading script files in Powershell but you can still copy&paste the file’s content …

People have no idea how absurd IT in corporations is.

That make the badges NFC tags but without actual NFC …

At least they had the code not in direct sight on their desk.

Big international corporate, IT security hired by personal connections instead of skill, IT security never worked in daily business.

The fun thing is, that they refer to NIST guidelines. Which is even funnier because NIST says 12 digits are enough, user-generated 8 digits are fine, no complexity rules, and password changes only “when necessary” (i.e. security breaches).

https://sprinto.com/blog/nist-password-guidelines ff.

I’ve seen plenty of solutions. Sticky notes, a simple text file. External tools like barcode scanners. Using all letters and just 1! at the end (not that this is less secure on technical level than a completely random string, but it’s easier to bruteforce - theoretically), etc. Some people use KeePass (with a stupid 5 letter password).

Some users have a barcode scanner connected to the system for doing the business stuff. The barcode scanner registers as HID keyboad …

Yes, they did exactly what you think.

They are so heavy on security I have a Citrix environment that takes me 3 logins

My daily routine:

1. Take laptop out of locked shelf
2. Start Laptop and enter boot password
3. Enter Bitlocker password
4. Enter username (not saved) and password
5. Open Citrix website and login with different username and password
6. Enter MFA token to access said website
7. Start server connection
8. Enter different username/password (not saved) to access server
9. Enter different MFA token for the server login
10. Start the business-specific application with 3rd set of not saved and different login data

They also have plans to make MFA mandatory for laptop login, too.

Passwords need to be at least 15 characters long for laptops and 30 for servers and 10 for the business-specific application. All need to have uppercase, lowercase, numbers, and special characters and need to be changed every 60 days (for the server login) and cannot be the last 30 passwords.

Given this context it seems much more reasonable having such a complex and long instructions page on how to run it in Docker. This seems to be something you don’t just try and run simply for checking it out.

I looked at the instructions it under the premise of “lightweight wiki server” and did not check in detail what this specific software is.

Any small Linux distro would do. Just install Docker and maybe Portainer (as container itself of course) if you want a web UI.

Wow, they really hate the idea that everyone could just spin up a Docker container with their wiki software.

So better put Docker in a VM so it can’t do any harm to the host?

I care about anything. RAM usage, file size, etc. I’m a minimalist when it comes to software. Use as less of all resources as possible. After once writing a router in Python I thought I could do this in Lua, too, but never actually tried. Maybe this would be a nice weekend project?

Even if Nginx is the way to go, I currently experiment with SWS which was suggested here. Technical aspects aside: The software is actively developed and the maintainer provides Docker images on their own (easy for Deploying a container based on that) and a package for my distribution (easy for development testing).

Yes, Freenginx should/would/will be a drop-in replacement, at least int he beginning. We’ll see how this works out over time. Forks purely out of frustration never lived long enough to gain a user base and attract devs. But it’s an “anti corporate bullshit” fork and this alone puts it on my watchlist.