I wouldn’t go onto a teen community and spout off how to make explosives even though they’re relatively safe to a trained individual.
same reason behind not allowing a hobbyist and amateur community to think that iptables and firewalld is the best/only solution.
it’s dangerous and someone will get hurt eventually.
this is selfhosted. a community that’s predominantly amateur or hobbyist.
some people love them so much they actually do.
lives are worth more than the dysfunction caused by the delay in services.
the only thing this did was to weaken the resolution of leadership when a real disaster happens.
the next time information like this comes forward, be it real or fake, it will cause a delayed reaction which will ultimately cost lives.
yes.
Jesus can eat shit from my ass. when he does that I’ll switch to jellyfin.
it’s far easier, and safer to have all your network config done in the network. from system migrations to securing/hardening. it’s far more efficient and effective to have a single source of truth that manages network routing and firewall rules. hell, you can even have a redundant or load balanced firewall configuration if you’re afraid of a single point of failure.
point is, firewalld and iptables is for amateur hour and hobbyists.
if you want to complain that “docker doesn’t respect system firewalls” then at least have the chutzpah enough to do it the right way from the beginning.
it’s hilariously depressing how most people hate on Ruby because of the shit Rails does.
also, Sheon Han(the author), is a corpo-shilling hack that writes predominantly fluff pieces for his silicon valley friends and neighbors.
don’t believe what he writes because he only gets paid when his opinions garner traffic.
want to know why Ruby still has a following? same reason why Java is still holding on. Same reason why COBOL and FORTRAN is still going. because it works and people still use it.
let me put it this way.
the police will give known violent rapists and violent racists a job.
as long as you don’t ask questions like, "is that legal?” or “should we be doing that? it feels wrong.” you will undoubtedly have a bright future in law enforcement.
oh look, another jellyfin circle jerk.
What if you rent a bare metal server in a data center?
any msp will work with your security requirements for a cost. if you can’t afford it, then you shouldn’t be using a msp.
Or rent a VPS from a basic provider that expects you to do your own firewalling?
find a better msp. if a vendor you’re paying tells you to fuck off with your requirements for a secure system, they are telling you that you don’t matter to them and their only goal is to take your money.
Or run your home lab docker host on the same vlan as other less trusted hosts?
don’t? IDK what to tell you if you understand what a vlan is and still refuse to set one up properly to segment your network securely.
It would be nice if there was a reliable way to run a firewall on the same host that’s running docker.
don’t confuse reliable with convenient. iptables and firewalld are not reliable, but they are certainly convenient.
You may say these are obscure use cases and that they are Wrong and Bad. Maybe you’re right, but personally I think it’s an unfortunate gap in expected functionality, if for no other reason than defense-in-depth.
poor network architecture is no excuse. do it the proper way or you’re going to get your shit exposed one day.
this is the second time I’ve seen a post like this.
docker has always been like this. if it’s news to you then you must be new to docker.
if you’re using the built in firewall to secure your system on your wan, you’re doing it wrong. get a physical firewall. if you’re doing it to secure your lan then you just need to put in some proper routes and let your hardware firewall sort it out with some vlans.
don’t rely on firewalld or iptables for anything.
upvote things I enjoy or agree with.
I downvote things hate or disagree with.
one exception though. if what they said is correct or justified, even though I disagree or hate it, I’ll do neither.
for example, if a comment said “all men are pigs”, I wouldn’t do anything. technically wrong but also not wrong.
if a comment said, “all men are pigs and deserve to die.” it would get a downvote, unjustified violence against a group is unreasonable and illogical.
if the comment said, “my husband is a pig. he squeals every time I peg his ass.” that would get an upvote, because it’s hilarious.
ah yes, the honey badger defense 🤣
instructions unclear. cracked open and sucked out the goodies like a crab.
a mix between egirl bath water and egirl piss. bonus points for a splash of egirl spit.
🤤
I have “kidnapped” a small child and am brainwashing them to think like me.
they will be me, essentially.
one day they will do the same, and “I” will live on for eternity.
some guys get so horny they just can’t help but be reminded that they need to control themselves. mace does a great job of reminding them of that fact.
sticking your dick in crazy is an amazing yet scary experience. one you will never forget.
yellow makes most people seem more approachable and thus more attractive.
my vote is for Barbados or Flanders.