OneCardboardBox

OneCardboardBox , 5 days ago (edited 4 days ago)

As others have said, a reverse proxy is what you need.

However I will also mention that another tool called macvlan exists, if you're using containers like podman or docker. Setting up a macvlan network for your containers will trick your server into thinking that the ports exposed by your services belong to a different machine, thus letting them use the same ports at the same time. As far as your LAN is concerned, a container on a macvlan network has its own IP, independent of the host's IP.

Macvlan is worth setting up if you plan to expose some of your services outside your local network, or if you want to run a service on a port that your host is already using (eg: you want a container to act as DNS on port 53, but systemd-resolved is already using it on the host).

You can set up port forwarding at your router to the containers that you want to publicly expose, and any other containers will be inaccessible. Meanwhile with just a reverse proxy, someone could try to send requests to any domain behind it, even if you don't want to expose it.

My network is set up such that:

• Physical host has one IP address that's only accessible over lan.
• Containerized web services that I don't want to expose publicly are behind a reverse proxy container that has its own IP on the macvlan.
• Containerized web services that I do want to expose publicly have a separate reverse proxy container, which gets a different IP on the macvlan.
• Router has ports 80 and 443 forwarding only to the IP address for my public proxy

OneCardboardBox , 4 days ago

Yeah, I believe there's some kind of bridge mode you must enable on the host's interface.

OneCardboardBox , 16 days ago

Not sure if you're able to edit the title, but this doesn't look like FOSS, just open source.

OneCardboardBox , 16 days ago

Did you mean source-available?

I guess? Always thought there was some pedantic Stallman-esque argument for the differentiation between FOSS and OSS, independent of the Open Source vs Source Available distinction.

OneCardboardBox , 23 days ago

I used to never drink coffee because I didn't want to become dependent on it. It also helped that all the coffee I ever tried tasted terrible.

Then one day, my husband was raving about switching to french press and how good it was. To humor him, I took a sip and... it was so delicious! My fate was sealed, and I regret nothing.

OneCardboardBox , 1 month ago

Ooh! Thanks for the tip! Been looking for some affordable drives for my next system.

I bought a LFF Dell Poweredge back in the fall, and have been waiting on a good deal for 3.5" disks. My current machine is a SFF HP Proliant, and I hate how much a 2.5" drive with good capacity costs.

OneCardboardBox , 1 month ago

A bridge in America collapsed after a cargo ship crashed into it.

OneCardboardBox , 1 month ago

Inscryption is a video game where you play cards against dark and insidious opponents. Outside of the story about your character and their opponents, there's a super-story about a someone who found a mysterious floppy disk with Inscryption on it, told through video clips.

OneCardboardBox , 2 months ago

Ahh, sorry. Our prior emails accidentally got sent to a family of 4 on their way to a birthday party. We promise our next job offer won't miss!

OneCardboardBox , 2 months ago

He'd rather have a GNU contributor take a diarrhea dump on his pull request.

OneCardboardBox , 3 months ago

He shunts all your long running jobs to the slowest hardware on the rack.

OneCardboardBox , 3 months ago

So we're back to "If we all ignore the government, it will wither away" type anarchism?

OneCardboardBox , 3 months ago

Neither shrooming, nor dismissing. It just reminded me of that school of thought. I don't know any anarchist theory, so I assume it's evolved since the days of the Paris commune.

OneCardboardBox , 3 months ago

I've never seen Mille used in reference to money. Only in advertising (eg CPM = cost per mille = cost per thousand ad impressions)

But to answer your question, the original Bloomberg article says 60 million.

OneCardboardBox , 3 months ago

I don't quite understand the leap from "No third party cookies" to "You need to create an account".

If you're visiting a site and they drop a cookie, that's a first party cookie. You don't need to log in for that to happen, and they can track you all the same. Taking identifiers from a first party cookie and passing them to advertisers will still be a thing, it'll just require closer coordination between the site and the advertiser than if the advertiser dropped their own cookie.

Now yes, that first party cookie won't follow you around to other websites and track your behavior there, but creating an account wouldn't enable this anyway. Besides, Google's Privacy Sandbox product suite is intended to fill this role in a less granular way (associating k-anonymized ids with advertising topics across websites).

OneCardboardBox , 3 months ago

Despite what the length of their privacy policies might suggest, first party sites are a lot stingier with their user data now than they've been in the past. The value of knowing who someone is and what they want is derived when you convince them to pull out a credit card, at which point you need to collect their data anyway.

Thus, I think we'll see two tiers of data collection: Deep first-party info shared between retailers and data brokers to target advertising on their first party site, and less granular banner advertising based on privacy sandbox, taking the place of drive-by cookie drops. If privacy sandbox is as good for random blogs as industry is expecting (ie, not as perfect as third party cookies, but less impactful than Apple's ITP was), I don't think we will see a wave of email signups.

OneCardboardBox , 4 months ago

Firstly, discord is entirely the wrong medium for documentation.

Secondly, documentation should be at least as accessible as the code. That is to say, if I can view the code without creating an account for some service, then I should also be able to read the documentation too.

OneCardboardBox , 4 months ago

Every morning at 4am, the village children wake up. With swatters in hand, they race into the memory banks, ready to debug the relays before the morning batch job is run.

OneCardboardBox , 7 months ago

I'll believe that it's a contender against existing quartz movements when they lay out the production costs for their design. You can't consign discrete ticks to the dustbin of history until you can compete with a $3 SpongeBob watch from Malaysia.