Unless you’re working with people who are too smart, then sometimes the code only explains the how. Why did the log processor have thousands of lines about Hilbert Curves? I never could figure it out even after talking with the person that wrote it.
IMO, the best free option is https://freedns.afraid.org/. The biggest downside of that one is that you have to login a couple times a year (IIRC?) to keep it active. I actually still use this even though I have a paid domain, I just CNAME my real domains to the afraid dynamic name. That was easier than changing the config every time I become unhappy with my domain registrar and have to reconfigure everything after swapping.
I’ll start off with a proviso, I haven’t s much touched my Librem 5 in at least a year (maybe even 2?), so if they’ve had some massive turn around in that time I don’t know about it. All of this post is just what I think I remember, if you want actual facts go dig around in the wayback machine or something.
The promise of the L5 was super grandiose. They were going to create this mobile device that could completely replace your android device. It was going to launch with a custom matrix client that would let you make voice and video calls, which no other matrix client at the time could do. It was gonna be great and it was going to be delivered in a year.
Now clearly that was never going to go off without a hitch. I don’t blame them for being late nor for not delivering all their promises right at launch. But when things started getting delayed they seemed to be doing everything in their power to not communicate with backers. And anytime they would say something, they would say “well we didn’t hit that deadline, but we promise we’re totally super duper close now”. And then they’d blow through that deadline without a word too.
I did eventually get my phone, obviously, but it wasn’t anything like a usable device. The battery that it came with was smaller than advertised and it didn’t have any power management so you got a few hours of battery life. The cameras just didn’t exist as far as the software was concerned. The privacy switches would randomly kill power to the modem when you lightly brushed against them without the switch moving out of the ‘on’ position. Which was super annoying since you had to reboot the phone any time you wanted to turn the modem back on. And rebooting took ages.
Even at this point I was still rooting for them to succeed. I really want a proper Linux phone and have since 2008.
But ever since then, I really haven’t seen much of anything change with the software, at least for as long as I was paying attention to it. One of the cameras got support added by a community member at some point, but the pictures it was taking were so bad it looked like some 1999 digital camera taking pictures in a dimly lit room even in full sunlight. There was no way to know if an application in their store was going to work or not, most didn’t, mostly because they were meant for a larger screen & a mouse.
I pulled it out a few times on and off over the years, but the last time I did, I couldn’t even figure out how to get it to update. So, I haven’t really even touched it since then. (I’ve got it out connected to power to see what it’s like now. Though, I’m not sure it’s charging, is flashing green (with an occasional flicker of red) a good thing?)
Since receiving it, the only communication I’ve gotten from Purism has been “Investment Opportunities”. I’m not sure why I’d invest in a company that still hasn’t delivered what it promised me over 5 years ago.
I absolutely want them to succeed, and I hope they prove my pessimism wrong, but at this point I absolutely would not put my money on that happening.
As the owner of a Birch batch Librem 5 and former defender I’m sad to say, agreed.
Less commercial interest means only hobby level development
Podman is developed by RedHat: https://github.com/containers/podman/graphs/contributors
Unfortunately, no. Samba needs a different label. Doing that relabels things so that only containers (and anything unrestriced) can access those files.
IMO, yes. Docker (or at least OCI containers) aren’t going anywhere. Though one big warning to start with, as a sysadmin, you’re going to be absolutely aghast at the security practices that most docker tutorials suggest. Just know that it’s really not that hard to do things right (for the most part[1]).
I personally suggest using rootless podman with docker-compose via the podman-system-service.
Podman re-implements the docker cli using the system namespacing (etc.) features directly instead of through a daemon that runs as root. (You can run the docker daemon rootless, but it clearly wasn’t designed for it and it just creates way more headaches.) The Podman System Service re-implements the docker daemon’s UDS API which allows real Docker Compose to run without the docker-daemon.
If anyone can tell me how to set SELinux labels such that both a container and a samba server can have access, I could fix my last remaining major headache. ↩︎
Pretty similar myself.
Defense in depth. If something escapes the container it’s limited to only what’s under that user and not the whole system. Having access to the whole system makes it easier for malware to hide/persist itself.
If your distro offers it, rootless podman + podman system service is the best setup, IMO. That will give you a docker command that is 1-to-1 compatible with docker and lets you use tools like docker-compose that expect a docker service socket. Then you can just follow tutorials that only explain things for docker.
That’s not really possible with docker TBH, and I say that as a diehard Podman advocate. Docker, the tooling that you install with your package manager, is open source. Sure they have windows and mac desktop stuff that isn’t open, but it’s not like you’re self-hosting with that, right?
Plus there’s always Podman to switch to, which can be a (mostly) drop-in replacement, if you want something with a more trustworthy provenience.
I had an AMD Phenom-II era motherboard that claimed it would be able to do that. OP, you might be able to find an old NIC/mobo that could do this for cheap.
Ah, nice. I think that’s exactly what I was trying to describe. Thanks for the suggestion!
Though, I think the git forge ‘backend’ + “Static CMS” frontend seems a bit more featureful and slick. I think I’m going to keep going down that path instead for now. Good to have a backup of exactly what I originally thought I wanted though.
Gotcha, I’m trying to find something that doesn’t require me to use a local editor. I want to give myself as smooth of an opportunity as possible to write small thoughts. That’s my current setup and even that little bit of friction seems to keep me from writing. (Or that’s my current excuse anyway…)
Nifty. At first blush just making a static clone of a dynamic site doesn’t feel as elegant as using a code forge editor, but I’ll keep that idea in mind if I find the editing experience (images and whatnot) to be too clunky with the gitea suggestion.
I’d personally like to not depend on infra like github, but I hadn’t considered just using the web UI of a code forge. That’s a good idea, I’m going to try that and see if I like it, thanks!
(Still interested in other suggestions if others know of things that are more fit for purpose, tho.)
Do you just use the gitea web editor for that? (I assume it has one right?) Does it provide a nice markdown-aware editor?
I’m curious if that’s actually true. Refusing to let them specifically buy it, because RH knows they want to re-distribute it, is almost like an implicit extra condition that customers aren’t allowed to re-distribute, which is explicitly a violation of the terms of the GPL. Though, of course leaving that term unstated would make it hard to prove.
Obligatory IANAL, but I think they can’t really make it closed source, because it’s a whole bunch of code they don’t own the copyright to that’s under the GPL.
For Red Hat customers and partners, source code will remain available via the Red Hat Customer Portal.
Which I think means the Rocky people would just need someone who is a RH customer to share the source with them or pay for a license themselves. The GPL really only requires you to make the source available to your customers, not necessarily publicly available to anyone, but it still explicitly allows any of their customers to redistribute it freely.
Though, maybe I’m not fully correct on that, because that would mean that this basically accomplishes nothing besides making RH/IBM look bad.
They may block IP addresses associated with consumer ISPs. Assuming that’s the case, I would guess you’re seeing that as an HSTS/TLS error because their network is trying to trick your browser into redirecting to/displaying an error page hosted by some part of their network.