selfhost
Moby
selfhost | Moby | |
---|---|---|
9 | 212 | |
1,416 | 67,768 | |
0.7% | 0.3% | |
3.1 | 10.0 | |
5 months ago | 4 days ago | |
Jinja | Go | |
GNU Affero General Public License v3.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
selfhost
-
Pyinfra: Automate Infrastructure Using Python
I just started using Pyinfra to wrangle a bunch of servers and it is a breath of fresh air compared to Ansible. I moved all of my server OS installs to Fedora CoreOS which doesn't ship with Python in the OS and since Pyinfra doesn't need Python on the host node I can kick off tasks in bulk to do server things. It is great. I cannot wait to see where the Pyinfra project goes.
On a side note, one of the most hacky things I came up with to get Ansible working on Fedora CoreOS was to bind mount a container rootfs that had python 3 and then symlink it into the right spots. You can of course add Python in with rpm-ostree if you want but I wanted to avoid layering packages at the time. I wasn't proud of it. But it worked.
https://github.com/forem/selfhost/blob/main/playbooks/templa...
-
Deploying Forem on Render.com PromptZone.com
This is not the suggested way of deployment by the forem team, nevertheless I found it easier and smother than using the deployment selfhost, however I think it's good to know different approaches and use the one suits you the most, if you don't have time to manage a server I think using a pass like Render does the job, and it's cheaper then Heroku at the time of this post.
-
Open Source Repositories
Forem Self-Host. You should probably know Forem. But in case you don't, just know that DEV is hosted on it.
-
Docker is dead? Podman – an alternative tool?
I only use Podman for my workloads these days. Docker was always a headache for me on Linux. Podman allows me to quickly do whatever I want with containers and I can use systemd or a simple bash script to easily create services on my workstation or in production with Nomad with https://github.com/hashicorp/nomad-driver-podman
I am super thankful for the team of developers that work on Podman. It has really come a long way since 2.0 and they are very responsive to issues in my experiences. If you are using Linux as your daily driver and you use Containers give Podman a try. Here are some examples of the things I have done with Podman.
https://github.com/forem/selfhost
https://github.com/jdoss/ppngx
https://gist.github.com/jdoss/25f9dac0a616e524f8794a89b7989e...
https://gist.github.com/jdoss/ad87375b776178e9031685b71dbe37...
-
Encourage Community with a Good ReadMe
To automatically generate a TOC, you can use an online tool like the GitHub Wiki TOC generator. I used this tool to create the TOC in Forem’s Selfhost project when I was a developer advocate there.
- Podman 4.0.0
-
Forem AWS user access is too high
Hi, everyone; I just tried the tutorial for deploying a self-hosted instance of forem (https://github.com/forem/selfhost) on AWS. A step in the tutorial asks for the creation of an AWS user with Programmatic access called forem-selfhost with the following
-
Please stop closing forums and moving people to Discord
We (I work for Forem) have an opensource selfhost installer [0] so you can have total control over your data and community too.
[0] https://github.com/forem/selfhost
-
Forem Self-Host is Now Officially Supported
If you know what Forem you want to build, please follow the instructions and go live — again, the Self-Host instructions are available here!
Moby
-
Release Radar • March 2024 Edition
Having been featured in our February 2023, and January 2024 Release Radars, Moby is the original Linux Container runtime. This new version adds a bunch of changes to the Docker CLI and Moby itself with additional features. There's bug fixes and enhancements, with the main thing for users to be on the look out for containers that were created using Docker Engine 25.0.0. These containers might have duplicate MAC addresses, and thus must be recreated. The same goes for those containers created with Moby 25.0+ and with user defined MAC addresses. Read up on all these changes in the release notes.
-
Choosing a Name for Your Computer
Formlabs does this as well for their 3d printers, my earliest encounter of this was when Docker started getting popular: https://github.com/moby/moby/blob/master/pkg/namesgenerator/...
- Docker Inc. refuses to patch HIGH vulnerabilities in Docker
-
Do not install Docker Desktop on GNU/Linux systems
Try to use moby instead since that is the engine in Docker.
https://github.com/moby/moby
-
Exploring Podman: A More Secure Docker Alternative
> Podman is designed to help with this by providing stronger default security settings compared to Docker. Features like rootless containers, user namespaces, and seccomp profiles, while available in Docker, aren't enabled by default and often require extra setup.
Seccomp has been enabled by default since 2015: https://github.com/moby/moby/pull/18780
It is true that Rootless isn't enabled by default but its "extra setup" can be done with a single command (`dockerd-rootless-setuptool.sh install`)
- Moby: Block io_uring_* syscalls in default profile
- Io_uring will be blocked by default on Docker
-
OpenZFS 2.2: Block Cloning, Linux Containers, BLAKE3
Perhaps.
Thing is, https://github.com/moby/moby/blob/670bc0a46c4ca03b75f1e72f73... is using https://github.com/mistifyio/go-zfs which features code like `out, err := zfsOutput("get", "-H", key, d.Name)` (Source: https://github.com/mistifyio/go-zfs/blob/master/zfs.go#L315) to get a single zfs property.
Somebody chose to use a library as abstraction that looks good but is implemented as a MVP (nothing wrong with that). "In the future, we hope to work directly with libzfs" should have raised an alarm somewhere, though.
-
The Twelve-Factor App
AppArmor can restrict /proc and this is even used by docker: https://github.com/moby/moby/blob/master/contrib/apparmor/te...
What are some alternatives?
Postmill
podman - Podman: A tool for managing OCI containers and pods.
ansible-role-nginx - Ansible Role - Nginx
containerd - An open and reliable container runtime
nodeBB - Node.js based forum software built for the modern web
nerdctl - contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
tildes
docker-openwrt - OpenWrt running in Docker
Flarum - Simple forum software for building great communities.
ofelia - A docker job scheduler (aka. crontab for docker)
podman-desktop-companion - Podman desktop companion
k3d - Little helper to run CNCF's k3s in Docker