The most noticeable change I see is how everyone buys stuff they can’t effort all because of how easy it is to get a loan. With interests of course. Now everyone has a house, a car, an expensive smartphone, nice vacations, eats at fancy restaurants and nice café. Compared to previous generation this was mostly impossible for the vast majority of the population.

So life go easy in the facade because everyone just gets a loan.

I don’t think it does.

I don’t think it does.

I guess you can still use it on the phone with termux.

Look for a desktop app.

Most often you dont want your close friends and family to know about your problems with your partner for many reasons.

Never heard of it. But as the author puts (money without a product) it sound like an MLM scam.

I see everyone worried about hygiene in European countries. So I would ho with a monarch in an Islamic region because of higher standard in hygiene. Muslims clean themselves Fromm 1 to 5 times a day. Take full baths after having sex. They also avoid eating dirty foods or animals that could cause disease like pigs. They also had a somewhat better medicine and medical practice.

At the time some of the monarch had a good time, and some of them lived in a constant state of unrest.

So if I had to respawn my same territory it would be great. I would have some occasional attempted assaniation or coup but its just a but more than what we see today. But having my own guard and stuff would make me feel less worried. Even if I endup getting assassinated I would have lived a better life than today maybe.

For sure we have many technologically induced freedoms like travel and telecommunications but I don’t have the means to travel. But as a monarch, while it would take me longer than today, I would still manage to travel as I want. In fact Arabs are known to be biggest travelers.

What about African countries and other Asian regions? Maybe America?

If you watch closely how most of them are standing and holding the platform above them I doubt they are holding any weight. Most of them have hands crossed, elbows unlocked, or bear the wiight woth neck (heads down) so they are holding nothing. Also some levels are clearly not holding anything from the floor above. So since It can’t stand floating, some kind of platform is involved.

My conclusion is they are just standing in an aseathic way over a platform and not carrying any wight.

The only two important columns are “Local address: port” and “process”. The later is what process is listening whille the former is the interface that process is listening on and the port.

So you see that I don’t have any process listening on any port other than 80 and 443 iin the host and the regular ones.

That said, you containers will still listen on the ports you want but only on a virtual network interface.

Basically you only need to publish ports 80 amd 443 on the container or pod you have your reverse proxy on. Other containers need to only be attached to the same network as you already did.

It is good you have solved you initial issue. However, as you say, your rules are too permissive. You should not publish ports from containers to the host. Your container ports should only be accessible over reverse-proxy network. Said otherwise <my domain>:3000 should not resolve to anything.

This can be simply acheive by not publishing any port on your service containers.

Here is an example of my VPS:

Exposed ports:

$ ss -ntlp
State                Recv-Q               Send-Q                             Local Address:Port                             Peer Address:Port              Process                                                  
LISTEN               0                    128                                      0.0.0.0:22                                    0.0.0.0:*                  users:(("sshd",pid=4084094,fd=3))                       
LISTEN               0                    4096                                     0.0.0.0:443                                   0.0.0.0:*                  users:(("conmon",pid=3436659,fd=6))                     
LISTEN               0                    4096                                     0.0.0.0:5355                                  0.0.0.0:*                  users:(("systemd-resolve",pid=723,fd=11))               
LISTEN               0                    4096                                     0.0.0.0:80                                    0.0.0.0:*                  users:(("conmon",pid=3436659,fd=5))                     
LISTEN               0                    4096                                  127.0.0.54:53                                    0.0.0.0:*                  users:(("systemd-resolve",pid=723,fd=19))               
LISTEN               0                    4096                               127.0.0.53%lo:53                                    0.0.0.0:*                  users:(("systemd-resolve",pid=723,fd=17))  

Redacted list of containers:

$ podman container ls
CONTAINER ID  IMAGE                                        COMMAND               CREATED        STATUS                 PORTS                                     NAMES
[...]
docker.io/tootsuite/mastodon-streaming:v4.3  node ./streaming      2 months ago   Up 2 months (healthy)                                            social_streaming
docker.io/eqalpha/keydb:alpine               keydb-server /etc...  2 months ago   Up 2 months (healthy)                                            cloud_cache
localhost/podman-pause:4.4.1-1111111111                            2 months ago   Up 2 months            0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp  1111111111-infra
docker.io/library/traefik:3.2                traefik               2 months ago   Up 2 months            0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp  traefik
docker.io/library/nginx:1.27-alpine          nginx -g daemon o...  3 weeks ago    Up 3 weeks                                                       cloud_web
docker.io/library/nginx:1.27-alpine          nginx -g daemon o...  3 weeks ago    Up 3 weeks                                                       social_front
[...]

Those might look like freedom pitfalls but are actually not. On the one hand gitlab dot com is not really bad for freedom as it has at least an open core and is very freedom friendly. Gitlab can be easily circumvented by using got client directly. Maybe a tag could be helpful here.

Any way, just clearing cookies after closing the session is very enough for github.

Cloudflare? Why are you even mentioning this? This is part of projects infrastructure. We need to draw a line somewhere. For example would you visit a website if it was hosted on Windows server? If they use ESXi? Or if user account are managed with Active Directory or firebase?

Sure you are free to be as eclectic as you want, but at the end, those are very minor issues that do not dent FSF credibility. Remember it stand for Free software first.

Edit: typos