Had a serious database failure earlier due to cascading bad decisions. I started deleting a bunch of old data, rather than using #tootctl. This led to a bunch of errors in the #pgsql#docker container.
I moved the database into bare metal using a #nuc with 32GB of RAM and 4 cores. I'm going to use this for other services too, and it was on my roadmap of transition. #nextcloud will be moving to that as well.
I found finally a better way to build #php Docker images, no compiling required, smaller image than alpine, but still glibc so no incompatibilities or performance problems with PHP. How? It's possible with Wolfi-OS by @chainguard_dev
I am finding that the documentation for installing #mastodon via #docker is REALLY scattered, and hard to follow. I am having to piece together one solution from lots of different solutions. I feel like there should be one document that users can rely on.
I find myself backtracking and starting over several times, and i use docker every single day.
I've absorbed so much new information about Meilisearch this week, and I still feel like there is so much I don't quite understand. So today's TIL is filled with things I wasn't sure about... but I did learn things.
Started putting together my #Mastodon instance last night. Running in #Docker . Running into a weird problem (.env.production isn't writing) but shouldn't be too much longer.
I am haven't installed a firewall, as it's a raspberry pi on a local machine that I am going to point the router to, so it feels okay.
The real reason is that when i turn on the firewall, fediverse.local stops responding, and i have to use the IP Address.
Ever worked on #nodejs projects locally and wished for a more standardized, production-like experience for your team? Try @ddev! I walk you through setting your local up with #docker#containers in my latest article on @lullabot
(1/2) Setting A Dockerized 🐳 Python 🐍 Environment — The Elegant Way
A few weeks ago, I created a short tutorial about setting up a dockerized 🐳 Python 🐍 environment via the CLI, or the hard way. The second tutorial on this topic provides a more elegant and robust approach for setting up a Python dockerized development environment with VScode and the Dev Containers extension 🚀.
General Docker question (I think), if I update a .config/default.yml and restart the containers, is that going to catch that or do I have to do some magic for that?
As if the whole #xz fiasco wasn't a big mess already, just learned that #Redis has ditched #FOSS and is now only Source Available, a.k.a. you can view the code, but not distribute or do anything with it.
It's already been forked though as #Valkey. I would assume you could still use Redis for free, no problem, though I'm not too sure you could ship it in your (paid) projects anymore. Regardless, if you use Redis in your projects like I do in my containers, it's probably a good idea to swap them with Valkey instead (although... they don't seem to have an official #Docker container just yet).
There's a huge backdoor (#CVE -2024-3094) allowing remote SSH access (as far as I can tell at this moment) caused by a util called #xz affecting a ton of systems (#Linux and #macOS, well not really) and it's causing quite a huge panic. I honestly don't know much about it just yet, but just sharing some pieces to read about the huge vulnerability.
The person who had maliciously planted this vulnerability into xz-utils, Jia Tan, has made at least 750 contributions to the project over the past 2 years. They even have direct push access to the code repo, allowing them to have pushed commits with forged authors. Being "free" from this vulnerability is not as simple as reverting to a previous version due to just how much and how long they've contributed to the project, and people are rightfully suspicious that this person might have hidden other backdoors in xz.
Unlike most other vulnerabilities, it's a lot harder to pinpoint versions affected by this but the most likely case is most systems out there have xz installed on their system that are impacted - which at this moment, the info being thrown around is any version past 5.3.1, 5.4.6, or 5.6.0 (latest is 5.6.1).
As far as I can tell, you're only impacted by this vulnerability only if:
Your distro sources/packages xz from their release tarballs rather than through the Git source directly.
The payload was only included for the #RPM or #DEB packaging, so unless your distro uses these - you're probably safe.
As far as I can tell, it also only affects x86 systems so #ARM based systems should be fine.
As far as I can tell, your system needs to be running #systemd to be impacted by this, so #Docker/#Podman#containers should mostly if not entirely be fine....? maybe.
In other news, people are currently investigating and evaluating other projects also actively contributed by the compromised developer, Jia Tan, including #libarchive.
People are also analysing the dev's commit history to deduce their background from their activity lol. They've been found to push commits during office hours Mon-Fri, every other Saturdays, presumably Public Holidays that seem to align with China's PH, and seems to be on GMT +8 locale.
Anyone gotten #jetbrains#rider to build a #dotnet#docker container without fast mode and still be able to access user secrets?
Our container doesn't currently work well with fast mode. I've told VS to build it in regular mode and that works fine. But in Rider, when disabling fast mode, all user secrets are null. I've tried mounting volumes directly etc. to no avail. Hoping someone else has slayed this one already 🤞
The dev environment for my Pelican blog uses Docker, via Colima when I'm on my Mac.
The default Colima config uses qemu and sshfs. If I switch to --vm-type vz --mount-type virtiofs, rebuild time when I change a file drops from >25s to around 9s. Not bad!
Discover the benefits of a single Drupal hosting platform | Remove the friction of hosting highly available sites | Skpr is 100% secure, reliable and supported
In the latest episode of our 20 minutes Cloud Commute podcast, @boredabdel talks about serverless platforms and the complications with GPU workloads; as well as anything #kubernetes, #gke, #cloud, #docker and more 🔥
Les presento mi próximo proyecto ñoño: Armar mi propio NAS
Voy a remplazar un Qnap de 2 discos por un sistema armado con 4 discos. Ya tengo el gabinete, fuente de poder, procesador, RAM, SSD (Reciclada de la que cambié en el laptop) y los discos duros los reutilizo del Qnap. Solo falta que me llegue la placa madre.
Voy a utilizar TrueNAS SCALE como sistema operativo.
Skpr Blog - A practical guide to Docker contexts (www.skpr.com.au)
Discover the benefits of a single Drupal hosting platform | Remove the friction of hosting highly available sites | Skpr is 100% secure, reliable and supported