I bought Baldur’s Gate 3 early on because it was on GOG. If you’re gonna release a AAA game DRM free on GOG when new I’m gonna support that.

I can’t remember the last time I bought a non-indie game soon after release. Maybe AOE2? I normally do the 5 year delay thing.

No problem! I’ve used it for years, though my home assistant running on a Raspberry Pi 4 is now doing the pi-hole thing with adguard instead as the original one was having issues. Though you get weird DNS quirks when the machine running DNS also relies on the internet.

Plus that time I did a dumb thing in home assistant to see what would happen, and it brought the internet down.

So I am keen to get another Pi. I highly recommend keeping it on a dedicated device you never touch except for updates!

I ran it on an original Raspberry Pi B which has the same RAM and a slower CPU than the original Zero! It was still in use as a Pi-hole (running the DietPi OS) until recently where it seems to be dying or not keeping up.

One of my favourites that I haven’t seen mentioned is the Todo.txt extension.

It adds a todo list in the tray synced to a couple of files (that I store in Nextcloud). I add things I need to do to the list, and I also play with the settings so it colours by priority and sorts by priority.

I also use the ntodotxt app on my phone to sync items. The app is fine but I really like the gnome extension, very handy.

Haha what year is it? 🫤

Ok thanks, I’ll have to be extra careful deploying any changes.

Thanks! I did see there’s a docker format and a podman format which I assume is what this difference is about. I’m not against discord but I’ve never really used it. I’ll check it out if I get desperate 🙂

Thanks, I had already played a bit with distrobox and hadn’t worked that out either. It seems adding a Z flag to my bind mount to keep SELinux happy is all that was needed.

I seem to have got it working using podman, adding a Z flag to the bind mount to make SELinux happy.

Oh shit I think that’s it! I’ve added that Z flag to each bind mount declaration in compose.yaml, and it seems to be running properly now. Thanks!

Any idea what the implications are of this transferring to an ubuntu based distro?

As far as I can tell, you just run the command with sudo to run as root? But this doesn’t help, I have been using sudo.

Edit: I think this is solved, someone else mentioned using the Z flag on the bind mount declaration and it seems to be working!

I’m already using bind mounts under the /home directory. I learnt pretty early on day 1 not to fight the distro, so I’m trying to understand the way Bazzite wants this to be done. From another reply, it sounds like it’s a difference in rootless/rootful containers so I’m going to try to work out how to run a podman container as root and see if this helps.

Thanks, I will have a go at trying to get it running as a rootful container!

I was running Nobara before, which is also based on Fedora, so not sure why it would be different in regards to SELinux?

I mentioned this in my original post.

Searching online shows everyone saying just use podman, it comes pre-installed and is a drop in replacement. The problem is that it doesn’t work.

But someone else has mentioned the issue is the containers are rootless by default, so I’ll explore that line of troubleshooting.

I guess my position is that I am not worried about someone confirming content exists on my server. But I don’t live in the US, if I did I might be more worried. I also geofence to my country to limit exposure.

Thanks!

So after I save and close a group… where do I find it?

Cheers for that. Many of these issues allow an authenticated user to do admin actions if they do the right things, so it seems you should never allow a user that you don’t fully trust to have an account.

But outside of this, there isn’t anything in there that on its own worries me given the nature of the platform (that is, that if it all burnt down I could retrieve all data from other sources). I’m no expert but a cursory look shows a bunch of potential issues that may be layered with other issues but no clear attack path except with prior knowledge.

These should obviously be fixed but there’s nothing that makes me want to rip my server off the open internet in a hurry.

What kids of things?

I’ve never worried that much because it’s not critical data and it’s containerised in Docker, but I am curious about specifics because large numbers of people expose it to the internet (through reverse proxies).