Appreciate the link but this doesn’t make me feel much better. Seems like their license and terms of use is basically, “Ask and we’ll tell you if you can do that.” Not very transparent.

Kebab. Not my favorite visually speaking but I had RSI issues for a while and I’m still very focused on limiting keystrokes (no shift key needed with kebab).

I guess I could just try a minimal install (uncheck every box) and see how it goes.

Don’t remember the specifics but I had a key combo setup to force a soft reset in my DE. Occasionally a kernel or driver update would fuck up my video and make the system unusable but still live. I try to avoid hard resets.

Don’t remember the tool, maybe someone here does, but there’s some web service out there that boasts a “no storage” approach. You provide some URI and some other value (maybe username) and it makes a password for you, but it’s always the same for a given combination. Basically it’s a purely functional generator.

Downside would be forgetting a minor detail (Did it end with a slash or not? What was the username?) or the site going down. You can achieve the same thing yourself with a hash calculator but those passwords are a bitch to type in.

tl;dr just use KeePass

Never tried Authelia or Authentik but I’ve heard good things about them. I’m sure one of them will integrate with a reverse proxy.

Could’ve been something Fedora-ish but based on the GitHub I don’t think that’s it. The most distinct thing I remember is that it appeared abandoned but the author just didn’t feel it needed any changes.

I use like four different devices to browse and some have multiple browsers so checking history has been rough.

Interesting but not what I was thinking of. I think in the GitHub also the author gave a specific example of an OS layered with the Steam client.

You can run pacman on Windows?

I think this is a fair question. I haven’t seen anyone mention the benefits of using a non-web mail client (OP mentioned Yubikey but 2FA isn’t uncommon with web mail). I would actually consider using one if it gave me clean up options (e.g. haven’t opened an email in 3 days and the sender is not in my address book move to Junk/Spam). Main reason I rarely look at email is that it’s 90% stuff I have no desire to read and marking things as spam is a never ending cycle.

Agreed, OpenWRT is for something with limited resources like an OTS router.

I use IceWM on antiX. Seems to be a good mix of low resource usage and aesthetics.

I didn’t for the longest time but now I use Traefik for this. It can automatically add services (i.e. containers) to it’s routing list so the overhead is low and since I also run openwrt on my router I setup *. localhost to point to 127.0.0.1 so I don’t have to remember what ports I’m using for which service (e.g. jellyfin.localhost). You can also setup DNS entries using something like PiHole.

I put the sample template (https://yacht.sh/docs/Templates/Templates/) into a file named docker-compose.yml and Docker said the syntax was invalid. Are you saying I can give Yacht a compose file and it’s cool with it?

Used it for a bit but I didn’t like how you have to deploy things from templates which are basically compose files that don’t look like compose files.

This is the kind of AI stuff that really annoys me. Looking at one of the mutation examples I didn’t see anything that wouldn’t normally be tested by a typical mutation tool. You took a simple, idempotent process and you got an llm to do it slower, less accurately, and using more resources.

If you wanted to marry the two in a new and possibly useful fashion I would say use an llm to analyze the results of a standard mutation test and give guidance on what issues should be acted upon first. An off-by-one calculation could mean somebody loses a million dollars or it could mean a button is grayed out. Standard mutation tools don’t give you that context.

Other than the low chance of you being targeted I would say only expose your services through something like Wireguard. Other than the port being open attackers won’t know what it’s for. Wireguard doesn’t respond if you don’t immediately authenticate.

There’s a little overlap with things like Terraform but it’s not as bad as if they bought the companies that owned Chef or Puppet.

Can’t believe that’s gone through. They took JBoss when they bought RedHat so now it doesn’t have to compete with Websphere and when they bought HashiCorp Openshift doesn’t have to compete with Nomad. At this rate they’ll buy CyberArk and then that’s no more competition with Vault.