moonpiedumplings
@moonpiedumplings@programming.dev
- Submitted 2 days ago to games@lemmy.world | 0 comments
- Comment on Get some quality twin-stick shooters in the latest Humble Bundle 1 month ago:
You may be interested in this:
- Comment on I tried to selfhost Nextcloud at work 1 month ago:
No, I think if you’re using the nextcloud all in one image, then the management image connects to the docker socket and deploys nextcloud using that. The you could be able to update nextcloud via the web ui.
- Comment on LDAP to UNIX user proxy 2 months ago:
So based on what you’ve said in the comments, I am guessing you are managing all your users with Nixos, in the Nixos config, and want to share these users to other services?
Yeah, I don’t even know sharing Unix users is possible. EDIT: It seems to be based on comments below.
But what I do know is possible, is for Unix/Linux to get it’s users from LDAP. Even sudo is able to read from LDAP, and use LDAP groups to authorize users as being able to sudo.
Setting these up on Nixos is trivial. You can use the users.ldap set of options on Nixos to configure authentication against an external LDAP user. Then, you can configure sudo
After all of that, you could declaratively configure an LDAP server using Nixos, including setting up users. For example, it looks like you can configure users and groups fro the kanidm ldap server
Or you could have a config file for the openldap server
RE: Manage auth at the reverse proxy: If you use Authentik as your LDAP server, it can reverse proxy services and auth users at that step.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Addictive arcade game about archery. Reminds me of flappy bird, not in the raw mechanics, but in the way they are both addicting in the same manner.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Simple bike racing game, although the player is very fragile, which adds some difficulty. Playable in browser.
All the maps are user created content.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
This site has a few high quality browser games. The one I come back to is X Type, a bullet hell shoot-em up that has ever expanding enemy ship sizes, and never ends. It gets hard fast.
I also like Xibalba, which is a Doom/Wolfenstein style game playable in the browser.
The creator also did a rewrite of quake in 13 kb of javascript
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
A webgl/browser based 3d dungeon crawler with proceduraly generated levels.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
A short questionaire game that demonstrates the difficulties of poverty.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Gameboy roguelike that is simple, but very elegant.
Sadly, since romhacking went down, I don’t think it’s possible to find the translation patch for it, unless they uploaded it to the internet archive.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Gameboy puzzle game. Very high quality.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
A simple but elegant io game. You are a ball, and you want to knock other balls to the ground.
One thing I like is that rounds in small, 4 person lobbies, rather than the massive worlds of other io games. Although you can’t really make friends, you can know personas, and it’s more personable.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Fork of the older warsow, open source movement shooter. Think quake.
Sadly, it seems to be dead on steam.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
A wonderful and life changing experience.
I like to link it without the ending title, like store.steampowered.com/app/1944240/ because it’s funnier when people can’t see the game title in the link.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Learn the pleasures of loving another human, and the pain of being a programmer — at the same time!
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Absolutely obligatory, the simply named “The Game” is a work of art, and truly a life changing experience. You’ll never think about things the same after experience “The Game”.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
A fnaf fangame that is close enough to feel like fnaf, but has a twist: Every single level also involves a puzzle. While trying to survive enemies fnaf style. Although I’ve never played this game, I LOVE watching it on Twitch. I like to call it “Human’s can’t multitask: The Game”.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Fun arcade bullet hell survivors (think vampire survivors) type game. Dodge bullets, and survive as long as you can.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Also by double speak games, and open source gridland is a variant on the math 3 style. During the day phase, you accrue and store resources, and build stuff. During the night phase, you fight.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Open source idle game, but not quite. It eventually expands beyond watching numbers go up, into a sort of roguelike, where you can wander the world and collect stuff. And die. Die a lot.
A Dark Room was where I first saw the @ symbol used to represent the player character.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Open source idle game, playable in browser. No clicking, just watching numbers go up.
- Comment on Recommendation engine: Downvote any game you've heard of before 2 months ago:
Aw yeah. This is where my knowledge of absurdly good but extremely niche games comes in. I think I’ll make multiple replies to this comment.
Think enter the guneon combined with superhot, but simplified a lot. It’s a turn based bullet hell, and an excellent arcade game playable in the browser.
- Comment on JPEG is Dying - And that's a bad thing | 2kliksphilip 3 months ago:
- Comment on JPEG is Dying - And that's a bad thing | 2kliksphilip 3 months ago:
- Comment on Nextcloud appreciation post 6 months ago:
What was it? I’m planning to do a nextcloud deployment via helm soon.
- Comment on If hot air rises, why is it colder at the top of a mountain? 7 months ago:
- Comment on Ubuntu will manually review Snap Store after crypto wallet scams 7 months ago:
One of the downsides to hardcoding snap to only be able to use a single repo/store is probably added difficulty in creating testing infra for testing if uploads/CI/CD work.
lol, one of the first one’s I click on: snapcraft.io/test-snapd-public (by Canonical)
A basic buildable snap that is expected to be published in public mode
Maybe if they didn’t insist on holding a monopoly over the store, they would be able to have an internal version of the store for testing, rather than cluttering the public one.
- Comment on We’re one step closer to a global cybersecurity standard for smart home devices 8 months ago:
It’s a huge step forward to have a global consumer IoT security certification. It’s so much better than not having one,” Steve Hanna, Infineon
- Comment on PSA: Docker nukes your firewall rules, and replaces them with its own. 8 months ago:
Dockers manipulation of nftables is pretty well defined in their documentation
Documentation people don’t read. People expect, that, like most other services, docker binds to ports/addresses behind the firewall. Literally no other container runtime/engine does this, including, notably, podman.
As to the usage of the docker socket that is widely advised against unless you really know what you’re doing.
Too bad people don’t read that advice. They just deploy the webtop docker compose, without understanding what any of it is. I like (hate?) linuxserver’s webtop, because it’s an example of the two of the worst footguns in docker in one
To include the rest of my comment that I linked to:
Do any of those poor saps on zoomeye expect that I can pwn them by literally opening a webpage?
No. They expect their firewall to protect them by not allowing remote traffic to those ports. You can argue semantics all you want, but not informing people of this gives them another footgun to shoot themselves with. Hence, docker “bypasses” the firewall.
On the other hand, podman respects your firewall rules. Yes, you have to edit the rules yourself. But that’s better than a footgun. The literal point of a firewall is to ensure that any services you accidentally have running aren’t exposed to the internet, and docker throws that out the window.
Your original point was:
I think from the dev’s point of view (not that it is right or wrong), this is intended behavior simply because if docker didn’t do this, they would get 1,000 issues opened per day of people saying containers don’t work when they forgot to add a firewall rules for a new container.
And I’m trying to say that even if that was true, it would still be better than a footgun where people expose stuff that’s not supposed to be exposed.
But that isn’t the case for podman. A quick look through the github issues for podman, and I don’t see it inundated with newbies asking “how to expose services?” because they assume the firewall port needs to be opened, probably. Instead, there are bug reports in the opposite direction, like this one, where services are being exposed despite the firewall being up.
- Comment on PSA: Docker nukes your firewall rules, and replaces them with its own. 8 months ago:
Probably not an issue, but you should check. If the port opened is something like
127.0.0.1:portnumber
, then it’s only bound to localhost, and only that local machine can access it. If no address is specified, then anyone with access to the server can access that service.An easy way to see containers running is:
docker ps
, where you can look at forwarded ports.Alternatively, you can use the
nmap
tool to scan your own server for exposed ports.nmap -A serverip
does the slowest, but most indepth scan.