• 2 Posts
  • 33 Comments
Joined 1 year ago
cake
Cake day: August 10th, 2023

help-circle



  • Yeah. this was in high school, in my math class, and we were playing a math game.

    The way it worked, was that every table was a team, and each team had a “castle” drawn up onto the whiteboard. A random spinner was used to determine a team, who would then solve a problem the teacher assigned. If you successfully solved the problem, you could draw an X on another teams castle. 3 X’s mean that you are out.

    My team was out. But, since this was a class, we could still solve problems, and still draw X’s. Our table got selected to solve a problem, and I did successfully. I looked at the board, and realized that only two teams had a single X, every other team had either two or three. In other words, I could choose who won the game, even though I could not win.

    So, I started trying to get bids. I tried to get real money, but someone tried to scam me with some “draw the X first” nonsense. But, the other team offered to pay me four of the school’s fake money, and I accepted that and allowed them to win.

    I may not have won the game, but I certainly felt victorious that day.






  • So, officially no. But there are ongoing theories in the r/emulationonandroid subreddit that they are.

    I think it could be either way, but it’s unlikely that they are the same person. In both cases, harassment caused them to shut there projects down, which could be a reasanobale coincidence, or could be indicative of a larger harassment campaign.



  • Because forgejo’s ssh isn’t for a normal ssh service, but rather so that users can access git over ssh.

    Now technically, a bastion should work, but it’s not really what people want when they are trying to set up git over ssh. Since git/ssh is a service, rather than an administrative tool, why shouldn’t it be configured within the other tools used for exposes services? (Reverse proxy/caddy).

    And in addition to that, people most probably want git/ssh to be available publicly, which a bastion host doesn’t do.


  • So, I’m not gonna pretend flatpak doesn’t use more space then normal apps, but due to deduplication (and sometimes filesystem compression), flatpaks often use less space than people think.

    [nix-shell:~/Playables/chronosphere]$ sudo /nix/store/xdrhfj0c64pzn7gf33axlyjnizyq727v-compsize-1.5/bin/compsize -x /var/lib/flatpak/
    Processed 49225 files, 21778 regular extents (46533 refs), 22188 inline.
    Type       Perc     Disk Usage   Uncompressed Referenced
    TOTAL       53%      898M         1.6G         3.6G
    none       100%      499M         499M         1.0G
    zstd        34%      399M         1.1G         2.6G
    
    [nix-shell:~/Playables/chronosphere]$ du -sh /var/lib/flatpak/
    1.7G    /var/lib/flatpak/
    

    I only have one flatpak app installed, and du says that takes up 1.7 GB of space… but actually, when using a tool that takes up BTRFS transparent compression into account, only half of that space is used on my disk.

    I recommend using compsize for a BTRFS compression aware version of du and flatpak-dedup-checker for a flatpak filesystem deduplication aware checker of space used.

    I think flatpak absolutely does use up more space, because yes, it is another linux distro in your distro. But I think that’s a tradeoff people accept in order to have a universal package manager for graphical apps.

    Also, you can flatpak cli tools. They are just difficult to run at first because you have to do the flatpak run org.orgname.appname thing, but you can alias that to a short command. Here is a flatpak of micro, a terminal based text editor.

    (I prefer nix for cli tools though, and docker/podman/containers for services).


  • So based on what you’ve said in the comments, I am guessing you are managing all your users with Nixos, in the Nixos config, and want to share these users to other services?

    Yeah, I don’t even know sharing Unix users is possible. EDIT: It seems to be based on comments below.

    But what I do know is possible, is for Unix/Linux to get it’s users from LDAP. Even sudo is able to read from LDAP, and use LDAP groups to authorize users as being able to sudo.

    Setting these up on Nixos is trivial. You can use the users.ldap set of options on Nixos to configure authentication against an external LDAP user. Then, you can configure sudo

    After all of that, you could declaratively configure an LDAP server using Nixos, including setting up users. For example, it looks like you can configure users and groups fro the kanidm ldap server

    Or you could have a config file for the openldap server

    RE: Manage auth at the reverse proxy: If you use Authentik as your LDAP server, it can reverse proxy services and auth users at that step. A common setup I’ve seen is to run another reverse proxy in front of authentik, and then just point that reverse proxy at authentik, and then use authentik to reverse proxy just the services you want behind a login page.