What is your opinion on podman rootless containers?
In my mind running rootless containers as differe OS users for each application I'm hosting was an easy way of improving security and making sure each of those services could only mess with their own resources. Are there any known issues with that? Do you have experience with Podman? Would love to hear your thoughts
That sounds like a great option to me. The more functionality you can get out of a container without giving up privileges, the better. Podman is just a tool like any other - I'd happily use it if it's right for the job.
All I would say is: can you run that same thing without a containerisation layer? Remember that with things like ChatGPT it's _really_ easy to get a systemd unit file going for just about any service these days. A single prompt and you have a running service that's locked down pretty heavily.
Yeah I could run them as regular systemd daemons themselves, but I would lose the easy isolation between different services and main OS. Feels easier to limit what the services have access to in the host OS by running them in containers.
I do run the containers as systemd user services however, so everything starts-up at boot, etc
Practical Engineering on youtube has some good videos on the electrical grid. This one in particular is a good explanation on what they had to go through to get power back on: https://www.youtube.com/watch?v=uOSnQM1Zu4w
On use-case I hit just recently is web apps hosted in my internal network, without https, Firefox won't allow me to click the "copy to clipboard" buttons on those pages
Fun! I've been implenting my own to toy around and learn some rust, and has been a very enjoyable journey, specially the debugging part, running test roms, and trying to get all the "bugs" implemented correctly
https://anycrap.shop/product/a-store-that-generates-products...
PS: Nice site!