iron-alpine
linux
iron-alpine | linux | |
---|---|---|
5 | 1,037 | |
137 | 186,192 | |
0.7% | 1.6% | |
5.0 | 10.0 | |
14 days ago | 3 days ago | |
Dockerfile | C | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
iron-alpine
- Would I be able to install Iron Alpine docker image on an LXC container in Proxmox?
-
Best Practice for AV on Containers
Look into implementing container vulnerability scanning in your build pipeline. Iron alpine is another possibility to reduce risk. https://github.com/ironpeakservices/iron-alpine
-
Does Alpine needs hardening?
If hardening is needed or not depends on your requirements. For a standard use case running a container based on default Alpine image should be secure enough. If you feel, you need to increase security a bit more - and are open to take the slightly increased risk of incompatibility with your setup aka effort - you may use all / parts of the additional hardening steps. See also https://github.com/ironpeakservices/iron-alpine for an actively maintained repo.
-
Scripts for setting up a fresh install? (disable root, enable sudo, create new user, etc)
I'm looking for something like this, but for ansible. I'v been searching for a ansible hardning script for alpine, but only thing i have found so far is iron-alpine docker container. https://github.com/ironpeakservices/iron-alpine
- Bootstrap Security in Kubernetes Deployments
linux
-
Ask HN: Is anyone doing anything cool with tiny language models?
Many changes require multiple smaller changes, so this is not always possible.
For me the commit message should tell me the what/why and the diff is the how. It's great to understand if, for example, a change was intentional or a bug.
Many times when searching for the source of a bug I could not tell if the line changed was intentional or a mistake because the commit message was simply repeating what was on the diff. If you say your intention was to add something and the diff shows a subtraction, you can easily tell it was a mistake. Contrived example but I think it demonstrates my point.
This only really works if commits are meaningful though. Most people are careless and half their commits are 'fix this', 'fix again', 'wip', etc. At that point the only place that can contain useful information on the intentions are the pull requests/issues around it.
Take a single commit from the Linux kernel: https://github.com/torvalds/linux/commit/08bd5b7c9a2401faabd...
-
What does "supports DRM functions and may not be fully accessible"mean for SSDs?
> Indeed where the DRM error message comes from https://github.com/torvalds/linux/blob/ffd294d346d185b70e28b...
That's for compact flash cards. Based on the kernel message from the StackExchange post we can tell it isn't a CF. So it's not coming from the line you linked, but 4 lines below.
-
Exploring AI for Refactoring at Scale
I’ve randomly selected screenshot-to-code. While it is definitely not a linux repo, it is old enough to already face tech debts and far more complex than those MVP projects people are building with AI. git clone https://github.com/abi/screenshot-to-code
-
Ask HN: Why it is difficult to copy strings from web pages?
Maybe it is just me being delusional, but I found it more and more difficult to copy strings, especially substrings from web pages.
Example:
Click this link (https://github.com/torvalds/linux/pull/1115/files#diff-821e5c0c63b06b94e7d7a562e03e7b0c6c633b21f0e0ef82c9c9e80a1df4b304) and tries to copy "namespace" from the "ipc/namespace.c". I couldn't do it.
Yes I know there is a "Copy" button to the right side of it -- but I don't want the whole path. Plus, the real issue is not with the Linux repo, because most of its filenames are short anyway, but with my work repos, where you can get "dir1/dir2/abc_def_ghy.yaml", and I only want the "abc_def_ghy" part.
I think the problem is that -- there are too many clickable items on web pages nowadays. If it's clickable, users can't click in the middle without opening something.
What do you think? This has been a constant minor frustration for me for a long time.
-
Lenovo Officially Announces the Legion Go S Handheld with SteamOS
I'd say on PC because it's easier to name the modern controllers that don't use Xinput: Nintendo, Sony, and Steam. Basically every other controller targeting PC from the old Logitech F710 to the Flydigi Apex 4 will be using XInput to communicate with the computer. Even the Hori Steam Controller has an alternative XInput mode despite being the only current standalone Steam Controller.
Steam Link the streaming application does require the Steam. Steam Link the discontinued hardware was able to run local applications without Steam.
The Steam Controller defaults to a keyboard and mouse mode until it receives a signal from Steam. So even on Linux, the Steam controller required Steam until someone reverse engineered the controller protocol and contributed it to the kernel. Can read about it in the driver comment header: https://github.com/torvalds/linux/blob/master/drivers/hid/hi...
- Show HN: Instantly visualize any codebase as an interactive diagram
-
A Simple ELF
The Linux kernel source tree has nolibc [1], a header-only C standard library implementation that is about as barebones and paper-thin as it gets and is the next step up from a pure freestanding environment as shown in this article. I've used it to create a tiny but working program that prints out the ASCII table [2] as part of my Ghidra extension test suite.
[1] https://github.com/torvalds/linux/tree/master/tools/include/...
[2] https://github.com/boricj/ghidra-delinker-extension/tree/mas...
-
When power cycling your (x86) server isn't enough to recover it
The Linux kernel supports rebooting using a number of different strategies[1]. Some PCs need a different one than the default in order to make sure everything is properly reset.
[1]: https://github.com/torvalds/linux/blob/9b2ffa6148b1e4468d08f...
- Show HN: Replace "hub" by "ingest" in GitHub URLs for a prompt-friendly extract
-
RAII and the Rust/Linux Drama
There’s a one-sentence implied claim in here that raii is the reason for c++ rejection and rejection of c++ implies rejection of raii.
The author is clearly unaware of the recent cleanup attribute infrastructure submitted on the c side of the kernel: https://github.com/torvalds/linux/blob/master/include/linux/...
What are some alternatives?
distroless - 🥑 Language focused docker images, minus the operating system.
zen-kernel - Zen Patched Kernel Sources
backblaze-personal-wine-container - Run the Backblaze personal backup client in a docker container
serenity - The Serenity Operating System 🐞
backblaze-personal-wine-container - Run the Backblaze personal backup client in a container
DsHidMini - Virtual HID Mini-user-mode-driver for Sony DualShock 3 Controllers
docker-db-backup - Backup multiple database types on a scheduled basis with many customizable options
winapps - Run Windows apps such as Microsoft Office/Adobe in Linux (Ubuntu/Fedora) and GNOME/KDE as if they were a part of the native OS, including Nautilus integration.
bootstrapsecurityinkubernetesdeployment - Bootstrap Security in Kubernetes Deployments
Git - Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.
dockerfilesrepo - A repository of Dockerfiles and kubernetes deployment manifests pre-configured with docker/k8s best practices
freeCodeCamp - freeCodeCamp.org's open-source codebase and curriculum. Learn to code for free.