It’s the way to go, but too difficult for most users in my experience. They rather just install Docker Desktop and use git bash. Sad reality
It’s the way to go, but too difficult for most users in my experience. They rather just install Docker Desktop and use git bash. Sad reality
Their entire offering is such a joke. I’m forced to use Docker Desktop for work, as we’re on Windows. Every time that piece of shit gets updated, it’s more useless garbage. Endless security snake oil features. Their installer even messes with your WSL home directory. They literally fuck with your AWS and Azure credentials to make it more “convenient” for you to use their cloud integrations. When they implemented that, they just deleted my AWS profile from my home directory, because they felt it should instead be a symlink to my Windows home directory. These people are not to be trusted with elevated privileges on your system. They actively abuse the privilege.
The only reason they exist is that they are holding the majority of images hostage on their registry. Their customers are similarly being held hostage, because they started to use Docker on Windows desktops and are now locked in. Nobody gives a shit about any of their benefits. Free technology and hosting was their setup, now they let everyone bleed who got caught. Prices will rise until they find their sweet spot. Thanks for the tech. Now die already.
They use Windows
Not having to install dependencies is a benefit of containers and their images. That’s a pretty big thing to miss. Maybe give it a closer look.
Your choice of container runtime has zero impact on the rate-limits of Docker Hub. They probably had a container image proxy already and just switched because Docker is a security nightmare and needlessly heavy.
I gave podman compose a fresh try just the other day and was happy to see that it “just worked”.
I’m personally pissed about aardvark-dns, which provides DNS for podman. The version that is still in Debian Stable sets a TTL of 24h on A record responses. This caused my entire service network to be disrupted whenever a pod restarted. The default behavior for similar resolvers is to set a TTL of 0. It’s like people who maintain it take it as an opportunity to rewrite existing solutions in Rust and implement all the bugs they can. Sometimes feels like someone just thought it would be a fun summer break project to implement DNS or network security.
A single malfunctioning service that restarts in a loop can exhaust the limit near instantly. And now you can’t bring up any of your services, because you’re blocked.
I’ve been there plenty of times. If you have to rely on docker.io, you better pay up. Running your own NexusRM or Harbor to proxy it can drastically improve your situation though.
Docker is a pile of shit. Steer clear entirely of any of their offerings if possible.
Reddit is free. Other people paying for your free service is a very weak argument to bring up. If Lemmy dies today, nobody but hobbyists and amateurs will care. Just like with LE.
I’ve been there. Not every CA is equal. Those kind of CAs were shit. LE is convenient. There are more options though.
I actually agree. For the majority of sites and/or use cases, it probably is sufficient.
Explaining properly why LE is generally problematic, takes considerable depth of information, that I’m just not able to relay easily right now. But consider this:
LE is mostly a convenience. They save an operator $1 per month per certificate. For everyone with hosting costs beyond $1000, this is laughable savings. People who take TLS seriously often have more demands than “padlock in the browser UI”. If a free service decides they no longer want to use OCSP, that’s an annoying disruption that was entirely not worth the $1 https://www.abetterinternet.org/post/replacing-ocsp-with-crls/
LE has no SLA. You have no guarantee to be able to ever renew your certificate again. A risk not anyone should take.
Who is paying for LE? If you’re not paying, how can you rely on the service to exist tomorrow?
It’s not too long ago that people said “only some sites need HTTPS, HTTP is fine for most”. It never was, and people should not build anything relevant on “free” security today either.
People who have actually relevant use cases with the need for a reliable partner would never use LE. It’s a gimmick for hobbyists and people who suck at their job.
If you have never revoked a certificate, you don’t really know what you’re doing. If you have never run into rate-limiting issues with LE that block a rollout, you don’t know what you’re doing.
LE works until it doesn’t, and then it’s like every other free service on the internet: no guarantees If your setup relies on the goodwill of a single entity handing out shit for free, it’s not a robust setup. If you rely on that entity to keep an OCSP responder alive for free so all your consumers can verify the validity of your certificate, that’s not great. And people do this to save their company $1 a month for the real thing? Even running the shitty certbot in compute has a larger cost. People are so blindly in love with this “free” garbage. The fanboys will never die off
Just ask yourself, who is still posting on Facebook? Your friends? I hope not. The last time I hung out on that site, the groups seemed to be the only valuable section to participate in. But it’s ultimately just a circlejerk and you’re feeding content into a garbage platform stuffed with ads. Not a great way to spend time.
Marketing play to grab the money off of rich parents. There are still teachers, they are just proxied by “AI”. And there will also still be teachers monitoring. And there will still be teachers for certain topics.
So it’s teacherless, but with plenty of teachers.
Should I really give up my empty metric of 70K followers and move my communication and journalistic research to another echo chamber and advertising platform run by another billionaire?
It really is a tough one.
Oh boy, what a marvelous idea. This could save the tanking DJT stock and allow them to prolong the scam. It would allow Trump to close the Truth Social scam with a seemingly sensible move. Elon is supposed to be in his cabinet anyway. It’s perfect.
Right. Who needs expert opinions if an LLM can produce similarly convincing garbage?
I feel like you’re catching on.
So if I watch all Star Wars movies, and then get a crew together to make a couple of identical movies that were inspired by my earlier watching, and then sell the movies, then this is actually completely legal.
It doesn’t matter if they stole the source material. They are selling a machine that can create copyright infringements at a click of a button, and that’s a problem.
This is not the same as an artist looking at every single piece of art in the world and being able to replicate it to hang it in the living room. This is an army of artists that are enslaved by a single company to sell any copy of any artwork they want. That army works as long as you feed it electricity and free labor of actual artists.
Theft actually seems like a great word for what these scammers are doing.
If you run some open source model on your own machine, that’s a different story.
AI is great, what OpenAI does is blockchain-level idiocy.
Where are their numbers coming from? The central registry of carbon emissions for genAI data centers? They know shit. They’re probably shorting Nvidia and are crying over their losses. Fuck Morgan Stanley