Exagone313 :calim: boosted
Exagone313 :calim: boosted

La presse française versus #RGPD

« La principe de symétrie du consentement nous oblige a mettre des bouton refuser général si on met un bouton « accepter » général. Mais on se permet quand même quelques libertés
0. Mettons comme pleins d'autres sites qui font sembjant de collecter un consentement un état par défaut à nul, et non pas refus avec une collecte d'un vrai consentement. De toute façon 9x% des sites web ne se font faire chier à discriminer le chargement des trackers en - 1/7

Exagone313 :calim: boosted

Hi, my name is Jim from Fuckcorp. Our GitHub crawler found your email address and sent you this automated message feigning as a personal introduction. Would you be interested in letting us collect rent for your git repository?

En cherchant "docker makefile" on tombe très vite sur philpep.org/blog/a-makefile-fo de @philpep

J'ai fait un petit essai de constructions d'images Docker nginx utilisant les paquets des distributions Debian et Alpine gitlab.ewd.app/docker/nginx/-/

C'est sympa d'être aidé par une ressource créée par quelqu'un qu'on connaît.

Exagone313 :calim: boosted
LOL. " #GRSecurity violates both the Linux kernel's copyright and the #GCC #copyright by forbidding redistribution of the patches (in their Access Agreement): which are non-seperable derivative works of the kernel and (in the case of the GCC plugins) GCC. Yes: threatening consequences if a licensee redistributes is a restraint on the "rights" given by the original copyright owners. Those "plugins" he is talking about as-well as the kernel patch violate the GPLv2. The GPLv2 FORBIDS adding additional clauses not-within the GPL between the derivative-licensee and the down-the-line licensee. Bradly Spengler / OpenSourceSecurity are violating this stipulation, blatantly, in writing. They are also violating the "no additional restrictions" stipulation in the GPLv2. They ARE violating the Linux and the GCC copyright." https://www.youtube.com/watch?v=rv3a2tzUTn4
Exagone313 :calim: boosted

I now know what to reply when asked why I don't use semicolons in JS

RT @joelnet@birdsite.monster

🤔 I couldn't decide on whether to use TABS or SPACES so I went with semi-colons🤪

🐦🔗: twitter.com/joelnet/status/129

Exagone313 :calim: boosted

Qu'on m'amène le scénariste !

RT @libe@twitter.com

La nouvelle ministre déléguée a démissionné de son mandat de députée pour empêcher son suppléant, mis en examen pour trafic de drogue, de siéger à l’Assemblée
#Remaniement bit.ly/2ZMwUZR

🐦🔗: twitter.com/libe/status/128054

Exagone313 :calim: boosted
Exagone313 :calim: boosted

Changement d'OS complet sans faire de backup.

J'ai juste renommé les sous volumes #btrfs @ (monté sur /) et @home (monté sur /home)

Comme ça je pourrais aller récupérer les fichiers de l'ancienne installation si besoin.

I ❤️ btrfs

Exagone313 :calim: boosted

Hey, I'm looking for an Ingress for Kubernetes thas is built to be secure and to be used on self-hosted ("on-premise") clusters.

It must:

* Use certificates from secrets in another namespace (specified in advance) if possible without having access to all secrets in all namespaces
=> Those are wildcard Let's Encrypt certificates managed by cert-manager (until I find another application that doesn't read secrets of whole namespace), I want to deploy multiple applications and to re-use wildcard certificates.
=> I don't want to copy the certificates in multiple namespaces.
=> bye ingress-nginx, traefik or anything relying on the Ingress resource, not supporting that feature on purpose for "security" reasons that are never explained (tell me what I'm missing in RBAC).

* Offer a way to upgrade without any downtime on any connection (although I'll never notice that in my current setup), while using hostPort for ports 80 and 443 (just like I can do with nginx on host)
=> I don't want to use firewall rules on the host to redirect on a NodePort, unless you prove me there is no other way and it is a good practice (I don't want to loose source IP so it would be SNAT?).
=> Since I bind on host ports 80/443, I can't use rolling update, so it needs to update inside the container itself without restart.
=> Maybe it's possible to use SO_REUSEADDR to be able to run multiple pods on the same port?

* Be easy to use with a PodSecurityPolicy.
=> not with a lot of deployments with different service accounts

I'm starting to brainstorm that project since there is no solution to my madness :)

Exagone313 :calim: boosted

J’ai une question tout à fait sérieuse qui survient en rédigeant un article de blog… SVP, pas de troll… […]

Exagone313 :calim: boosted

You want digital sovereignty? Than you have to chose Free Software! Otherwise you will never be in control and for example other might decide if it is worth supporting your mother language. #DigitalSovereignty #FreeSoftware

Exagone313 :calim: boosted

In my experience, existing contributors who are comfortable in their workflow is a known value, and thereotical new contributors who might be more comfortable in a different workflow is an unknown value. I would sooner cater to the former group, who have already demonstrated a history of consistent contributions under an existing workflow.

This is why sway and wlroots are still on GitHub, despite the fact that, you know, I am the CEO of a competing service. I am in a position to force these projects to move to sr.ht, but it would be disruptive, risk alienating established contributors, and likely be a net negative for the project.

Exagone313 :calim: boosted

If Game Freak were to make a Let's Go game for the second gen, which one should they make?

Exagone313 :calim: boosted

Instead of caving to big media companies demanding DRM in Firefox, Mozilla should have invested in improvments to the BitTorrent ecosystem

Exagone313 :calim: boosted
Exagone313 :calim: boosted

AdGuard literally has a server in Paris but Cogent makes me go trough the US ? :angery:

Je suis à la recherche d'un (ou plusieurs) article/dossier qui explique à un public non expérimenté la collecte des données personnelles, les échanges de ces données entre services et le système publicitaire des enchères, ainsi que le point de vue légal avec le RGPD. Un livre pourrait être pas mal mais ça semble plus difficile à partager et aborder dans ce cas-là.

J'ai les connaissances mais j'ai du mal à conseiller un document où tout est rédigé/expliqué correctement.

La config IPv6 qui ne fonctionne plus sur systemd-networkd, sans aucune raison, après reboot. Sympa. Et pas trouvé moyen de configurer ça manuellement.

Show more
Exagone313's Mastodon instance

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!