Given I have seen how chickens and birds in general fight, I would fight a 100 chucken-sized t-rexes.

There is now podman compose that can read and use docker-compose files. As for importing, I cannot tell.

Those might look like freedom pitfalls but are actually not. On the one hand gitlab dot com is not really bad for freedom as it has at least an open core and is very freedom friendly. Gitlab can be easily circumvented by using got client directly. Maybe a tag could be helpful here.

Any way, just clearing cookies after closing the session is very enough for github.

Cloudflare? Why are you even mentioning this? This is part of projects infrastructure. We need to draw a line somewhere. For example would you visit a website if it was hosted on Windows server? If they use ESXi? Or if user account are managed with Active Directory or firebase?

Sure you are free to be as eclectic as you want, but at the end, those are very minor issues that do not dent FSF credibility. Remember it stand for Free software first.

Edit: typos

You get a point. This changes a lot of things. I need to review again the project page. I first understood that this is a shared block list. If it is just a mirroring of a given instance, then it is not the same.

I am making an analogy of current situation of mastodon landscape where similar a project is based on questionable sources. Currently beehaw is nice and is blocking Lemmy.world. This makes me believe beehaw then end up blocking Lemmy world.

I will exagerate and ask you: are you discriminating between bigger and smaller instances? While smaller instances are definitely small, together they are big enough.

If he actually is obnoxious, then yes. But what guaranties he is obnoxious? Or that he just statements were just misinterpreted. Happens a lot.

They could have done nothing, but because someone on a so called trusted source de-federated it because he did not like him, de-federation would accumulate.

Actually beehaw is a nice instance and is blocking lemmy.world, which too is fantastic. Thus sharing beehaw’s de-federation list would cut out lemmy.world from a huge audience. In this particulare case, I wonder what lemmy.world did wrong to be worth de-federating from.

So you see, sharing huge block lists would wrongfully cut out people. Since nobody would investigate the whole list because doing so would take weeks.

Joining another instance is out of the question for many because they are firm belivers of self-hosting and decentralization. Two principles that are pillars of the the fediverse.

Seeing the number of down votes I may say that most people do not take smaller or single instance users that are too common. They are the ones that get most hurt with shared defederation lists. This only encourages people to gather to well known instance or accept being cut out from the biggest part of the fediverse.

This is when degeneration is used with sanity. However, people just use that feature to cancel people they don’t like. And this hurts smaller instances a lot.

You forgot people who selfhost single user instances. So they would have to destroy the old instance and create and new one with a new domain, which is a lot of work and resources.

Edit: Please also notice the problem here is not defederation itself, but shared lists of defederation. Because most likely the list is super long and nobody would check if all instances are legitimately blocked.

There are anti viruses that run on GNU/Linux like ClamAv and kaspersky but they actually do not target the machine they run on or at least they are not so useful. Their intention is to stop the spread of malware.

In general, you just need to install softwaref uaong the package manager from trusted sources that are usually the defaults of your distribution and not input your password when you are not expecting it.

When copying commands to the terminal, most terminals will warn you if you are copying a command that requires root privileges.

That said for the operating system, apply it to the browser as well by being eclectic on what extensions you install and voila. 99.99% guaranteed malware free.

You can set your service to start after the graphical session starts by adding this line to the [unit] section:

After=graphical-session.target

You can also add a require with same target.

If you still need a value for an environment variable, you can set it with “Environment=”.

Also as others said, you don’t nedd sudo. Systems should manage all of that. Starting, stopping, reload, environment, dependencies and user context.

Any better?

Instead of a script try the command directly in ExecStart. Systemd should take care of keeping the process running without you having to do nohop and disown.

If you insist on using a script you should use a full path to sh or bash with the path to your script as an argument like ExecStart=/usr/bin/bash /path/to/script.sh.

Yes it is. I’ve been using it for more than a year now. Works reliably. Has pod support aswel.

It is the application Docker that is not secure. Containers are. In fact Docker runs a daemon as root to wich you communicate from a client. This is what makes it less secure; running under root power. It also has a few shortcomings of privileged containers. This can be easily solved by using podman and SELinux. If you can manage to run Docker rootless, then you are magnitudes higher in security.