According to the Necronomicon, people who work in infosec are probably the worshippers of Tiamat (one of the nastier of the Ancient Ones, “at whose Name even [...] the dread KUTULU strains his bonds”) as “their Books are the Books of CHAOS and the flames, and are the Books of Shadows and Shells.”
Chaos, flaming, cracking /etc/shadow and popping shells. Oh and being a pack of bastards.
Last night I wrote a docker-compose setup for containerised wireguard that doesn’t use iptables for isolation because I’m bad at it.
Instead, the sidecar container violently munges the application container by dumping the wireguard interface into the app container with no egress and sets it as the default route.
For control plane access to the app, I used socat to reverse proxy the web interface to a socket which I bind mount and then proxy on an nginx container on my LAN
Blog post to come :)
https://www.youtube.com/watch?v=DUD1V1UnoTI A while ago during lockdown I did a talk at campGNDd which I never actually posted here.
It's a sprawling diatribe about blowing up a BBC Micro's power supply by channelling satan and then hacking together a hex editor to binary repair the spell that did it.
I've been noticing recently that the tone of a lot of what goes on in the fediverse (specifically with regards to FOSS, distributed tech and privacy) is becoming very holier-than-thou and full of disdain.
When I'm about to post a message I try to think about who the audience is - if they're a bunch of people who already agree with me who I want to share a snide disdain for other people with, I don't post it because I feel like it's the junk food of interaction.
Decentralization is COMPLICATED
It involves TRADEOFFS.
It is not an inherent positive.
It is an architectural/technological decision that fits in some cases and doesn't in others.
It is possible to decentralize on different layers/levels, and knowing when to and when not to is super complicated.
[This has been your local friendly architecture guy PSA, please return to your festive activities]
I have a #pleroma question:
Is there a way to have a single server host accounts across multiple domains?
I want something like me@personal, project@project and bot@bot all to be hosted from a single instance.
A bit like a vhost and a webserver.
Is this possible? If not would it be a huge diff?
Did a bunch of FreeBSD dev environment automation today - qemu bootstrapping, poudriere setup because iocage was fixed for 12.0-RELEASE about 14 days ago so I need iocage-devel (and thought I’d use the opportunity to make something reproducible), and hopefully iocage for trialling osem.io tomorrow.
This is what happens when you get ensnared into volunteering by a bunch of FreeBSD nerds.
Don’t get me wrong, I think a lot of the intent is very noble, and in cases very pragmatically applied (*GPL for the Linux kernel feels like a great choice for example), but it’s not one-size-fits-all.
I find the fanaticism of copyleft over MIT/BSD/Apache licenses to be a little bizarre sometimes. There seems to be an assumption that modifications will be committed back upstream rather than just forked into some random internet facing repo that nobody can find...
I release as 3-clause BSD in most cases because I want to enable people to Get Shit Done without the overhead of sanitising and publishing their codebase. Basically I don’t want them to owe me anything.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!