Or get lucky with docker.

why do you need to get lucky with docker? what is it that doesn’t work?

now, that sounds more interesting than just “unsupported”!

ok, but it would be wonderful if you could have this run on the TV, while the main screen runs normal plasma.

speaking of that, it’s probably doable with setting up multiseat, probably in systemd logind

edit: @sunzu2@thebrainbin.org
let me know if this way you got a notification

why not codeberg? kind of lightweight on JS, but especially compared to gitlab.

@Nundrum@yall.theatl.social

that would probably work. I think the IP does not need to be static, but there can be problems if your IP changes often, and it’s not updated quickly in DNS.

the only hard requirement for a local headscale (for usage over the internet) is that you are not behind a CG-NAT, and you can forward a port to your server in your router

but for the love of god and your own benefit, put a name constraint directly on the root cert

you don’t strictly need a VPS, what you need is a (mostly?) static IP address, that is especially not behind CG-NAT. if your ISP won’t give that to you, you get a VPS, because one of the most important jobs of headscale is NAT hole punching and patching your devices in

the first paragraph is not like in the post. did they rephrase it because of the “as it does” part?

this is the current version:

Tailscale recently announced our Series C fundraise. We were grateful for all the community support, but the Internet also raised a few of its collective eyebrows, wondering whether this meant the dreaded “enshittification” was coming next.

the internet archive does not show your version either: https://web.archive.org/web/20250702140430/https://tailscale.com/blog/evitability-of-enshittification

where did you get that quote from?

as I heard that’s pretty common at oracle, but it’s good to spread the word

the config and databases or the media, you mean?

if so, the former, but I mount the meadia with a read only docker volume just to be sure, because chances are I would never notice it

you must have lots of LoTs

wpa2, but password limited to 10 characters. letters and numbers only, trying anything else crashes it, and you have to figure this out yourself

ok, a backdoor then. can they overwrite any file with it?

with properly limited access the breach is much, much less likely, and an update bringing down an important service at the bad moment does not need to be a thing

it’ll still cause downtime, and they’ll probably have a hard time restoring from backup for the first few times it happens, if not for other reason then stress. especially when it updates the wrong moment, or wrong day.

they will leave vulnerable, un-updated containers exposed to the web

that’s the point. Services shouldn’t be exposed to the web, unless the person really knows what they are doing, took the precautions, and applies updates soon after release.

exposing it to the VPN and to tge LAN should be plenty for most. there’s still a risk, but much lower

“backups with Syncthing”

Consider warning the reader that it will not be obvious if backups have stopped, or if a sync folder on the backup pc is in an inconsistent state because of it, as errors are only shown on the web interface or third party tools

that’s horrible and funny at the same time.

I will assume they fixed that vuln later

that’s probably way too much for any sane Python algorithm. if they can’t run it, how do they even know how much is needed?

Probably they should only make a prototype in Python, and then reimplement it in a compiled language. it should reduce the resource usage massively

how do you know it’s working if you can’t connect?

if you run the server on your computer, did you set up the port forwarding? does it work if you just connect to localhost, or the local ip of that computer?

you can delete the calendaring and contacts apps

snapshots, clones, or automated setup with ansible or such