mat

joined 2 years ago
sorted by: new top controversial old
WeTransfer se donne l'autorisation d'entrainer des IA sur les contenus qu'elle héberge in c/technologie@jlai.lu
[–] mat@jlai.lu 1 points 1 hour ago

Bon courrage

Dedicated service user or not ? in c/selfhosted@lemmy.world
[–] mat@jlai.lu 1 points 1 hour ago

I guess I will try with a k3s on my workstation, but for a single NAS, I am not sure any kubernetes distribution is useful for now :)

WeTransfer se donne l'autorisation d'entrainer des IA sur les contenus qu'elle héberge in c/technologie@jlai.lu
[–] mat@jlai.lu 2 points 2 hours ago (2 children)

Tu vas changer ou leur en parler ? Ce doit être un peu agaçant, non ?

Dedicated service user or not ? in c/selfhosted@lemmy.world
[–] mat@jlai.lu 2 points 6 hours ago

What kind of annoying things are you dealing with?

Troubleshooting with a machinectl session, switching between services, backing up... It is small annoyances but if I can avoid them i'd like it.

You don't have to put the user home in /var/lib either if that helps at all.

I half regret doing it.

If you're already running rootless, I'd keep doing that unless there's a really good reason not to.

The plan is about switching to a single user, I will stick to rootless podman this is for sure. It is more about dedicated users or a single one.

Dedicated service user or not ? in c/selfhosted@lemmy.world
[–] mat@jlai.lu 2 points 7 hours ago

I guess I should define my threat model first. Your answer pulls me towards a single user though

Dedicated service user or not ? in c/selfhosted@lemmy.world
[–] mat@jlai.lu 1 points 7 hours ago

I am already running rootless podman. My question is more about dedicated service users vs single user to run everything, still in rootless podman. I like podman and its integration with systemd to manage the life cycle of the container compared to docker.

8
Dedicated service user or not ? (jlai.lu)
 

Cross-posted from "Dedicated service user or not ?" by @mat@jlai.lu in !selfhosted@lemmy.world

Hi all !

As of today, I am running my services with rootless podman pods and containers. Each functional stack gets its dedicated user (user cloud runs a pod with nextcloud-fpm, nginx, postgresql...) with user mapping. Now, my thought were that if an attack can escape a container, it should be contained to a specific user.

Is it really meaningful ? With service users' home setup in /var/lib, it makes a lot of small stuff annoying and I wonder if the current setup is really worth it ?

5
Dedicated service user or not ? (jlai.lu)
 

Cross-posted from "Dedicated service user or not ?" by @mat@jlai.lu in !selfhosted@lemmy.world

Hi all !

As of today, I am running my services with rootless podman pods and containers. Each functional stack gets its dedicated user (user cloud runs a pod with nextcloud-fpm, nginx, postgresql...) with user mapping. Now, my thought were that if an attack can escape a container, it should be contained to a specific user.

Is it really meaningful ? With service users' home setup in /var/lib, it makes a lot of small stuff annoying and I wonder if the current setup is really worth it ?

4
Dedicated service user or not ? (jlai.lu)
 

Cross-posted from "Dedicated service user or not ?" by @mat@jlai.lu in !selfhosted@lemmy.world

Hi all !

As of today, I am running my services with rootless podman pods and containers. Each functional stack gets its dedicated user (user cloud runs a pod with nextcloud-fpm, nginx, postgresql...) with user mapping. Now, my thought were that if an attack can escape a container, it should be contained to a specific user.

Is it really meaningful ? With service users' home setup in /var/lib, it makes a lot of small stuff annoying and I wonder if the current setup is really worth it ?

22
Dedicated service user or not ? (jlai.lu)
 

Hi all !

As of today, I am running my services with rootless podman pods and containers. Each functional stack gets its dedicated user (user cloud runs a pod with nextcloud-fpm, nginx, postgresql...) with user mapping. Now, my thought were that if an attack can escape a container, it should be contained to a specific user.

Is it really meaningful ? With service users' home setup in /var/lib, it makes a lot of small stuff annoying and I wonder if the current setup is really worth it ?

Upscaling can't save the world's slowest 'modern' GPU — FSR doubles performance on GT 1030, but titles still barely playable in c/hardware@lemmy.world
[–] mat@jlai.lu 5 points 8 hours ago

AMD technologies for nvidia... sad

France’s Macron calls for major hike in defence spending: ‘To be free, we must be feared’ in c/world@quokk.au
[–] mat@jlai.lu 8 points 1 day ago (1 children)

Let's be free by opressing other countries, where have I seen it? Especially with nuclear weapons. We should be spending less on military and private sector, and more on public education, healthcare and social safety at large. He is a moronic shitty wannabe warlord and I despise him with all my heart.

Israel shooting Palestinian teenage boys in the genitals, say doctors in Gaza in c/palestine@lemmy.dbzer0.com
[–] mat@jlai.lu -4 points 1 day ago

Yeah, Trump is obviously better. But I am not a USan soi don't really give a shot about USan internal politic

Question: Linux desktops for programming in c/linux@programming.dev
[–] mat@jlai.lu 1 points 1 day ago* (last edited 1 day ago)

I used KDE plasma, GNOME or sway ans I would say chat unless you have a config set up on a private device. Windows is like KDE but without any customization, Gnome is MacOS like. In the end, I have VSCodium, Pycharm or Helix as text editor, Firefox as a web browser and my dependencies usually run in docker so this setup could be applied to windows or MacOS but I would not be able to troubleshoot anything in case of desktop issue.

Desktop oriented project based on Illumos in c/bsd
[–] mat@jlai.lu 3 points 2 days ago

I guess why not. The choice of Xlibre seems properly explained, but if Xorg developers went to Wayland, I'd say there is a reason but I don't how Wayland is on Solaris descendants. And at least they acknowledge that they know nothing in politics (they seem US based so they can't receive Iranian or Cuban contributions as it happened to OSM recently)

La présidente de la Commission UE met en garde les USA de contre-mesures si les États-Unis imposent des droits de douane de 30 % in c/france@jlai.lu
[–] mat@jlai.lu 11 points 2 days ago (4 children)

Application rigoureuse du RGPD pour leur sous-titrer plein de thunes ?

14
Bun Hay Mean est mort (fr.m.wikipedia.org)
3
RISE OF THE NORTHSTAR - BACK 2 BASICS [feat LANDMVRKS] (OFFICIAL) (www.youtube.com)
 

Cross-posted from "RISE OF THE NORTHSTAR - BACK 2 BASICS [feat LANDMVRKS] (OFFICIAL)" by @mat@jlai.lu in !paris@jlai.lu

Cross-posted from "RISE OF THE NORTHSTAR - BACK 2 BASICS [feat LANDMVRKS] (OFFICIAL)" by @mat@jlai.lu in !metalcore@lemmy.ml

3
RISE OF THE NORTHSTAR - BACK 2 BASICS [feat LANDMVRKS] (OFFICIAL) (www.youtube.com)
 

Cross-posted from "RISE OF THE NORTHSTAR - BACK 2 BASICS [feat LANDMVRKS] (OFFICIAL)" by @mat@jlai.lu in !metalcore@lemmy.ml

1
RISE OF THE NORTHSTAR - BACK 2 BASICS [feat LANDMVRKS] (OFFICIAL) (www.youtube.com)
3
Rise Of The Northstar - Neo Paris (youtu.be)
 

Cross-posted from "Rise Of The Northstar - Neo Paris" by @eagleeyedtiger@lemmy.nz in !metal@lemmy.world

116
I just erased my project (jlai.lu)
 

As the title says. I put the wrong value inside a clean up code and I wiped everything. I did not push any important work. I just want to cry but at least I can offer it to you.

Do not hesitate to push even if your project is in a broken state.

7
Le bot est toujours en roue libre (jlai.lu)
6
Benjamin Bayart - Privacy comme Business Model - Clever Cloud Fest (06/02/2025) (bee-tube.fr)
 

La vidéo est assez intéressante pour avoir des petites villes sur comment virer les ricains.

view more: next ›