Docker is just going to be used to run the applications which host your website. What you need to decide first is what your website will be and that will inform the decision on what technologies will be used to host your website. For example, if you are thinking of something like a blog, you might choose WordPress as the main hosting platform. This will need some sort of database behind it, for which you might choose MySQL or Postgres. You would also need some sort of web server software, which you might choose Nginx or Apache. At a basic level, you could now have the entire web stack defined: E.g. WordPress, MySQL, Nginx.

Ok, so now you need to sort out where those technologies will run. The easy, older solution is to spin up a physical box and load all of the software packages on the native Operating System (OS) of that box. This works perfectly well, until it’s time to start patching and updating the OS and software. And you will want to do those updates. This will probably go well for the first few upgrades, but eventually something will go sideways. Often this will be that several of your software packages will require different version of the same, underlying library. Or, something will just not install right and your website stops working. This is where docker comes in.

Docker lets you run each software package in it’s own contained environment. Each application runs in it’s own container, and the other containers are only reached via network calls. It’s like having a separate virtual machine for each service (this is how we used to actually run stuff like this); but, without all the overhead of actually having multiple virtual machines. So, even if you upgrade package XYZ in the Nginx container to version 2.1, the MySQL container could have package XYZ still running at version 1.9. Neither container knows or cares about what is running in the other containers.

The other advantage of containers is that the base OS and software in the container is usually well defined and doesn’t change much. The container will be able to reach permanent storage for any configuration and data files. But, if something goes wrong with the OS or software inside the container, then that container is destroyed and a new copy spun up and attached to the config/data storage. Software upgrades can also take advantage of this, as you can often stop the current container and start a container running the new version of the software, attach it to the config/data storage and maybe run some sort of “upgrade database” command. This makes for less mistakes and chances for things to not go well.

If your goal is to learn to self host, I would recommend putting those posts over in the !selfhosting@slrpnk.net. They are likely to get a better reception than in the programming and Linux communities you spammed with this post. Though, even there you may run into a bit of the RTFM! vibe you got here if you are posting questions without context and which appear to be low effort “I want to do something but have made no attempt to learn anything on my own”. I’d recommend spending some time reading long form blogs/guides on web hosting and watching YouTube videos. Again, long form stuff. Skip the clik-bait-y crap with titles like “get your website running in 5 minutes! <insert stupid emojis here>”. You’ll want to learn the basics on Docker and what is required to run and host a web site. Once you are able to get containers going, try setting up a web stack on your local system (don’t go paying for anything yet) and see if you can get it working and understand how it works. You’re almost certainly going to screw it up a few times in the process, that’s ok. That’s another great feature of containers, you can bork them up really, really bad and not have to care. You delete the container, maybe wipe the attached storage and try again.

Good luck.

If someone asks you if you’re a god, you say YES!

It’s a matter of circumstance. Authoritarianism is only useful in situations where time pressures make the slow, deliberate decisions of democracy unworkable. Combat is a good example of this. When the shells are raining down around you, there isn’t really time to hold a vote on how to proceed. So, in such situations there is usually a chain of command which is given authoritarian control. Other emergent situations will also often require similar levels of top-down control. The person in charge may not make the best or fairest decisions in the heat of the moment. But, inaction will almost certainly be a worse choice.

The other side of this is, when the situation isn’t emergent, a democratic (well, really semi-democratic, but I’m going to use “democratic”) system is likely the best choice. And those democratic systems would be wise to prepare for the emergent situations by identifying and designating the people who will be handed dictatorial control when the fecal matter hits the air circulator. And the system for identifying when the emergency has ended, how dictatorial power is unwound and how the performance of the person handed that power is to be judged.

The reason I hedged with “semi-democratic” is that a truly democratic system can have issues too. The classic “tyranny of the majority” problem. As any majority could override the rights of a minority in a truly horrible fashion. The solution being things like constitutional democracies, where the power of the majority is limited in specific ways (e.g. unrevokable rights).

Azure Linux. Because you still want to be beholden to Microsoft, right?

Huh, I had been thinking about dumping Netflix. It’s been nothing but Anime and disappointment for a while now. And I’m not that much of an anime fan.

No, but the country has problems. It’s always had problems. Even with all of the economic hardship and political strife we have today, most people are safer, healthier and have better prospects today than they have had in most of US history. It’s by no means perfect and we have a lot of work to do. But, giving up and checking out has never improved anything. It also doesn’t help that we have a steady drip-drip-drip of negative information fed to us by our phones and algorithms. We are also facing one of the largest Constitutional Crises in US History, with the President pushing the boundaries of his Constitutional powers. Even if nothing breaks, we are likely to see many changes from all this. Hopefully, those changes result in better guardrails on the Presidency. And maybe even a repudiation of the Roberts Supreme Court. But, such a future is hard to see when we are in the middle of the storm.

I even have hope for the slight voting majority which put Trump back in power. It’s easy to dismiss those folks as a bunch of <insert invective terms here>. And some of them almost certainly fit those descriptions. However, there are a lot of them which are just scared and confused by the FUD sandwich being fed to them by the 24-hour news cycle, social media algorithms and politicians looking for easy votes. It’s going to be hard work to pull them back off the brink. And if you’re not up to that work, I understand. It’s hard to want to put in the effort for folks who seem so far gone. I’ve spent a lot of hours arguing with folks with whom I disagree wholeheartedly. It’s tiring and I can only take so much before I decide it’s time to move on for a while. But, I would rather keep up the argument than let the country slide into full blown autocracy.

So ya, I have hope. It’s a grim hope and one which recognizes that we could lose. But, giving up now feels premature.

That is really rich coming from the person who wrote the decision making the President unaccountable to the Rule of Law.

I don’t get why people think putting manifests on a blockchain is a good idea.

Because you can still separate many fools from their money by adding “blockchain” to whatever you are doing.

Fair enough, but absent any evidence that password reuse is leading to a problem, the article is trying to claim that him being the victim of previous breaches is somehow a failure of security on his part. That’s just dumb. Maye he did reuse passwords and that’s going to cause problems. But, absent any evidence of it, the whole article just comes off as yellow journalism, at best.

I understand your desire to be charitable or tempered, but this isn’t some random schmuck who made an oopsie and reused a password from a previous database hack.

And nothing we know shows that he did that. Sure, he could have, and maybe he is that bad at security. The whole article is based on the supposition that he is reusing passwords. With no proof provided. If there’s some evidence, then sure burn the witch. Otherwise, it’s just baseless supposition.

This idiot has his dumb fingers in vital government systems, and the fact that he didn’t clean up his security profile before wreaking havoc says a lot about his ability to do his job safely.

There isn’t anything he could have done about past breaches. As I said, my email is still in the HaveIBeenPwned database, not because I didn’t clean up anything, but because I can’t clean up anything. Once those creds have been published, they stay published forever. The only thing you can do is rotate any affected passwords and move on with life.

And yes, the obvious failures on the DOGE website do speak to poor coding practices. I wouldn’t hire the guy to code anything, but I still think the article is just over the top muck raking trying to turn breached credentials into a story which really isn’t there.

I’m no fan of the folks at DOGE; but, I feel this bit is important to highlight:

the presence of an individual’s credentials in such logs isn’t automatically an indication that the individual himself was compromised or used a weak password. In many cases, such data is exposed through database compromises that hit the service provider. The steady stream of published credentials for Schutt, however, is a clear indication that the credentials he has used over a decade or more have been publicly known at various points.

I know that my own credentials show up in the HaveIBeenPwned database quite a few times. I’ve had the same email address going on three decades now and have been signed up to a lot of services which got breached. The result is that you can find my personal email address and the associated password for whatever service got popped. Does that mean my own security is bad and/or my credentials for anything else are compromised? No, because I use complex, unique passwords everywhere. Yes, if you dig through the data, you can find my username and password for Dungeons and Dragons Online. And that will net you fuck all, because that was the only place I used that password.

Honestly, this article is more an embarrassment to the person who wrote it than the person it’s about. Anyone who has had the same email address for any significant length of time and has used it to sign up to internet based services has probably had their credentials for some of those sites compromised. Sure, the OpSec and practices of folks in DOGE have been terrible, but all we know is that this user has had their credentials from other sites and services dumped, just like every other victim of such breaches. That’s not news, nor does it reflect on the victims of those breaches. This is just a sad attempt at a hit piece, which only shows the author’s lack of ability to find anything interesting to write about.

When people stop believing that justice is possible via the government system, they will seek it through other means. It doesn’t make it right, but it does provide a warning that the system is failing.

ServiceNow is very much aimed at the managers. It’s good at reporting metrics like SLAs, ticket counts and anything else management dreams up to track metrics on. The interface for analysts putting data into it is slimy shit on toast. I swear, one of the questions I plan to ask, the next time I’m interviewing for a job is, “what do you use for security case management”. If the answer is “ServiceNow” or “ServiceNow Security Incident Response (SIR)”, that’s going to be a mark against that company. The only thing worse than ServiceNow ITSM is ServiceNow SIR. It’s all the terrible design of ITSM, but with basic security case management features implemented by clueless idiots.

The entertaining question would be: what do the salaries of the new employees look like, compared to the old ones? I’d suspect that the administration is thinking they can fire a well experienced, but expensive employee and hire on a cheap replacement. However, I also suspect many of those positions are fairly specialized and they are going to end up paying to get rid of all that experience and then end up paying a premiums to hire someone with the needed experience for the position.

“the arrestment failed,” said the official

I wonder at the nature of that failure. I’d immediately think this means “the cable broke” or “the hook broke”. But, it could also mean “the pilot missed the cable and failed to respond correctly”.

I think it’s best to start with the classic mantra:
If you aren’t paying for the service, you are not the customer, you’re the product.

It’s easy to think that Discord isn’t reading your messages or listening to your calls, because the utilize End to End Encryption. And this is a good thing for them to be doing. It means that no one can intercept the conversation, as it passes over the web. However, there is one glaring loophole, the data is decrypted by the Discord app on your device. Does the Discord app then send any/all of that data up to their servers? Probably not, but they probably also have the app scan it for keywords and categorize it so that they can upload that metadata about you to their servers. Also, for public Discord channels, you can bet that they are reading, scanning, and categorizing everything on those channels. The Discord app is also collecting as much information as possible about the device you are using it on.
From their Privacy Policty:

Information about your device. We collect information about the device you are using to access the services. For example, this includes information like your IP address, operating system information, browser information, and information about your device settings, such as your microphone and/or camera.

The ultimate goal of this is to use this data to build a customer profile of you and sell that profile to advertising firms. As for how bad this is, that’s up to your personal level of paranoia. For most people, this is probably a reasonable trade off, most of the time. If you are not the type of person who needs to protect their privacy carefully (e.g. a journalist in a hostile government) and the conversation you are having isn’t all that important (e.g. talking about a video game), then it’s probably fine. But, if you are having a conversation which might actually matter or you are worried about a repressive government, then maybe pick something with a better privacy track record (e.g. Signal).

I feel like I should show up to more meetings with a t-shirt saying “I read your emails”. Granted, this type of thing isn’t at the top of the list of things we’re looking for; but, if we run across it, it’s gonna get reported. Too many people don’t seem to understand that their work computer is not a personal computer.

Any sufficiently advanced technology would be indistinguishable from magic.

And from both of their perspectives, it doesn’t matter. Continuity of consciousness really only matters in the future, not the past. If I die every night when I go to sleep and a brand new me, with all of my memories wakes up the next day, to that future me life is fine (at least until he dozes off). For past me, well they ceased to exist and there’s no point agonizing over their deaths. To current me, falling asleep then becomes a terrifying experience, as that means oblivion for me, and fuck that future doppelganger me. In the Prince’s scenario, unless he plans to piss off another witch, what happened to the previous him isn’t really important. For the princess, it’s even less important, as there is really no difference, from her perspective, of the two paths to arrive at now.

Roll Tide!
Brown tide.