If you’re self hosting Headscale you can configure your network such that Headscale is reachable on your network with or without internet access and available from the internet.

If it were in reference to a particular issue, would that make Banksy a “terrorist?” Maybe it’s better to feign uncertainty at the BBC.

£19 a bottle for water so dirty that it leaves behind measurable solids when it evaporates.

Don’t expect Gitea to make progress on federation. Forgejo is a fork of Gitea and anybody that cares about federation is probably on the Forgejo side of the fork.

He must have meant “piece of Ukraine.” The aggressors just want piece.

If you’re running Kubernetes, what is the point of LXC or Proxmox in this setup? Kubernetes will give better scaling and utilization.

Is it trolling if Trump believes it’s because of the great job he did?

Giving a container access to the docker socket allows container escapes, but if you’re doing it on purpose with a service designed for that purpose there is no problem. Either you trust Watchtower to manage the other containers on your system or you don’t. Whether it’s managing the containers through a mounted docker socket or with direct socket access doesn’t make a difference in security.

I don’t know if anybody seriously uses Watchtower, but I wouldn’t be surprised. I know that companies use tools like Argo CD, which has a larger attack surface and a similar level of system access via its Kubernetes service user.

Mounting the docker socket into Watchtower is fine from a security perspective, but automatic updates can definitely cause problems. I used to use Rennovate and it would open a pull request to update the version.

Git does have a server component. When git connects to an ssh remote it executes an ssh command that needs to be present.

You’re missing GitLab. I’d be looking at GitLab or Forgejo.

But you might not need this. When you access a private Git repository, you’re normally connecting over SSH and authenticating using SSH keys. By default, if you have Git installed on a server you can SSH to and you have a Git repository on that server in a location you can access, you can use that server as a Git remote. You only really want one these services if you want the CI pipelines or collaboration tools.

The issue says at the bottom that SealedSecrets is unaffected.

In a month he’ll blame Biden for this terrible 15% trade deal with Japan and start the whole thing over.

The US does not take care of the Afghans that helped the US during the war.

At least in the past, if you had a fixed amount of work to complete, underclocking would increase overall power consumption.

He’s screwed. He and others in his administration made it an integral part of his platform. Whether it exists or not, his supporters, who have been trained to believe in a deep state conspiracy to cover up child abuse, cannot be convinced that it doesn’t exist, and the more he denies it the more suspicious he looks. Either releasing the evidence would end him, or through multiple layers of convenient, unbelievable incompetence the promised evidence really doesn’t exist. Really? Only one camera that can only see a sliver of a stairway was working and even that has a time gap, and the guards just happened to be slacking off on the night in question? It’d be hard to believe even if the Trump administration hadn’t made such a big deal about it and there wasn’t that photo going around of Trump and Epstein together.

Port scanning isn’t abuse but automatically filing frivilous abuse reports is.

It’s not normal for - model-cache:/cache to be deleted on restart or even upgrade. You shouldn’t need to do this.

He claims to have finally realized what everyone else knew from the start.

The server responds with a 404 error. If you’re using a reverse proxy, make sure the reverse proxy rules are right. Does it work when you connect directly?