What about a static site generator? Plaintext, markdown, but renders to html with headings and whatnot. Version control is because it’s in git.
Read access control is difficult though. You could do some hacks like using encrypting files in the git repo (perhaps with SOPS), and then either using http basic auth to control access to specific pages or something like staticrypt. But these are not ideal solutions.
This is technically yaml I think, a list (with one entry) of lists that contains mostly single items but also one other list. You should be able to parse this with a yaml parser like pythons built in one.
Note that yaml is picky abiut the syntax though, so it wouldn’t be able to handle deviations.
I won’t lie, I use curl | bash as well, but I do dislike it for two reasons:
Firstly, it is much, much easier to compromise the website hosting than the binary itself, usually. Distributed binaries are usually signed by multiple keys from multiple servers, resulting in them being highly resistant to tampering. Reproducible builds (two users compiling a program get the same output) make it trivial to detect tampering as well.
On the other hand, websites hosting infrastructure is generally nowhere near as secure. It’s typically one or two VPS’s, and there is no signature or verification that the content is “official”. So even if I’m not tampering with the binary, I can still tamper with the bash script to add extra goodies to it.
On the other hand (but not really relevant to what OP is talking about), just because I trust someone to give me a binary in a mature programming language they have experience writing in, doesn’t mean I trust them to give me a script in a language known for footguns. A steam bug in their bash script once deleted a user’s home directory. There have also been issues with AUR packages, which are basically bash scripts, breaking people’s systems as well. When it comes to user/community created scripts, I mostly trust them to not be malicious, and I am more fearful of a bug or mistake screwing things up. But at the same time, I have little confidence in my ability to spot these bugs.
Generally, I only make an exception for running bash installers if the program being installed is a “platform” that I can use to install more software. K3s (Kubernetes distro), or the Nix package manager are examples. If I can install something via Nix or Docker then it’s going to be installed via there and not installed via curl | bash. Not every developer under the sun should be given the privilege of running a bash script on my system.
As a sidenote, docker doesn’t recommend their install script anymore. All the instructions have been removed from the website, and they recommend adding their own repo’s instead. Personally, I prefer to get it from the distro’s repositories, as usually that’s the simplest and fastest way to install docker nowadays.
Unfortunately deleted means deleted. Data gone.
My recommendation is to use it as a reverse proxy to expose services but ultimately host from another device.
It’s 1 gb of ram anyway (the free 24 gb of ram arm vps’ are scarce and hard to get).
Another tip is that they monitor cpu and ram and are more likely to delete it if is idling. There exist programs on github that do nothing but waste cpu in order to try to keep the oracle vps up.
Openebs mayastor
But you could fit ceph on that I think. As long as your network between nodes is fast enough.
They like to randomly delete them. It happened to me and a friend.
Use networkmanager. Other alternatives technically work but I have has seen many people struggle with alternatives, they are not as smooth.
Follow the instructions for connecting on android devices. The options will be named the same.
Did you try meshcentral? It’s a selfnhosted MDM.
It’s easy. Mumble. Or the thing you used probably still works.
But you see, people never actually seek a discord alternative. They want a discord alternative that includes all the features in one app that is also federated, AND end to end encrypted, and each one makes things vastly more technically challenging and resource intensive and then you want them together.
A little secret: Matrix is much, much easier to host if you disable encryption and federation. Federation to many servers is the main performance killer, and “failed to decrypt message” will all disappear if you disable encryption.
If your software updates between stable releases break, the root cause is the vendor, rather than auto updating. There exist many projects that manage to auto update without causing problems. For example, Debian doesn’t even do features or bugfixes, but only updates apps with security patches for maximum compatibility.
Crowdstrike auto updating also had issues on Linux, even before the big windows bsod incident.
https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/
It’s not the fault of the auto update process, but instead the lack of QA at crowdstrike. And it’s the responsibility of the system administrators to vet their software vendors and ensure the models in use don’t cause issues like this. Thousands of orgs were happily using Debian/Rocky/RHEL with autoupdates, because those distros have a model of minimal feature/bugfixes and only security patches, ensuring no fuss security auto updates for around a decade for each stable release that had already had it’s software extensively tested. Stories of those breaking are few and far between.
I would rather pay attention to the success stories, than the failures. Because in a world without automatic security updates, millions of lazy organizations would be running vulnerable software unknowingly. This already happens, because not all software auto updates. But some is better than none and for all software to be vulnerable by default until a human manually touches it to update it is simply a nightmare to me.
Second comment, but also investigate Wazuh. It can audit systems and report vulnerabilities. It’s not an external scanner, but I have found it to be more effective and less annoying than greenbone/openvas.
Instead of trying to automatically scan your environment, it’s probably better to figure out how to automatically update applications first. CVE’s eventually get patched.
Fermi is just a custom client for discord/spacebar. It’s not federated.
It’s not federated, just easy to self host and point custom clients at.
Faster than my edits, I see.
Docker compose’s don’t really need to be maintained though. As long as the app doesn’t need new components old docker composes should work.
EDIT: Oops, it does look like spacebarchat’s docker images have last been updated over 2 years ago:
https://hub.docker.com/r/spacebarchat/server
EDIT2: Although this is outdated, I think their github repo has an action to autobuild docker images on pushes. Still investigating.
EDIT3: Okay, they don’t seem to be actually ran.
But using nix to build a docker image is pretty cool.
EDIT4: Oh shit, the docker image build workflows were added just 2 hours ago. Of course they haven’t been ran!
Docker support soon, probably.
EDIT5: the workflow ran, but it looks like it’s private for now.
https://github.com/spacebarchat/spacebarchat
Literally reverse engineered discord, made open source.
It’s not that hard though. There are companies that offer data recovery as a service. If the value of the data on those drives exceeds the cost of those services then it becomes worth it to fish one of the drives out of the dumpster and take it there.
Honestly, the best solution to 1 may be to simply deploy mumble in addition to matrix (or other chat apps).
oh I have tested this game somewhat, although I’ve never actually played it. It is very impressive.