It is NFS4:

vineta.h.kfe.pt:/nfs/nas on /nfs/nas type nfs4 (rw,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,soft,proto=tcp6,timeo=600,retrans=2,sec=krb5p,clientaddr=2001:470:7391::ce,local_lock=none,addr=2001:470:7391::c0,_netdev)

I have 9.3. It works for me on a local file system on the client as well as the server, just not through NFS.

No. (Of course, if you want to use it, use it.) I used it for everything on my server starting out because that’s what everyone was pushing. Did the whole thing, used images from docker hub, used/modified dockerfiles, wrote my own, used first Portainer and then docker-compose to tie everything together. That was until around 3 years ago when I ditched it and installed everything normally, I think after a series of weird internal network problems. Honestly the only positive thing I can say about it is that it means you don’t have to manually allocate ports for those services that can’t listen on unix sockets which always feels a bit yucky.

1. A lot of images comes from some random guy you have to trust to keep their images updated with security patches. Guess what, a lot don’t.
2. Want to change a dockerfile and rebuild it? If it’s old and uses something like “ubuntu:latest” as a base and downloads similar “latest” binaries from somewhere, good luck getting it to build or work because “ubuntu:latest” certainly isn’t the same as it was 3 years ago.
3. Very Linux- and x86_64-centric. Linux is of course not really a problem (unless on Mac/Windows developer machines, where docker runs a Linux VM in the background, even if the actual software you’re working on is cross-platform. Lmao.) but I’ve had people complain that Oracle Free Tier aarch64 VMs, which are actually pretty great for a free VPS, won’t run a lot of their docker containers because people only publish x86_64 builds (or worse, write dockerfiles that only work on x86_64 because they download binaries).
4. If you’re using it for the isolation, most if not all of its security/isolation features can be used in systemd services. Run systemd-analyze security UNIT.

I could probably list more. Unless you really need to do something like dynamically spin up services with something like Kubernetes, which is probably way beyond what you need if you’re hosting a few services, I don’t think it’s something you need.

If I can recommend something instead if you want to look at something new, it would be NixOS. I originally got into it because of the declarative system configuration, but it does everything people here would usually use Docker for and more (I’ve seen it described it as “docker + ansible on steroids”, but uses a more typical central package repository so you do get security updates for everything you have installed, and your entire system as a whole is reproducible using a set of config files (you can still build Nix packages from the 2013 version of the repository I think, they won’t necessarily run on modern kernels though because of kernel ABI changes since then). However, be warned, you need to learn the Nix language and NixOS configuration, which has quite a learning curve tbh. But on the other hand, setting up a lot of services is as easy as adding one line to the configuration to enable the service.

Here’s some more:

• Bought Rocket League and immediately stopped maintaining the perfectly working Linux version that people paid for
• Sold people Fortnite Save the World (PvE mode) and stopped caring about it when the Battle Royale mode took off, it was never finished

Also I don’t know if this is really anti-consumer but as an Unreal fan I still hate them for it:

• Stopped working on the new Unreal Tournament when Fortnite Battle Royale took off
• Took the old Unreal games off the store for no real reason

They can claim it’s a secure protocol because they have full control over it. An application like Beeper gaining access undermines this.

Claiming their protocol is “security by obscurity” would not be the win for them you think it is.

That’s a deliberate decision

I would REALLY like a MessageKit like they already have CallKit which allows integrating other messengers with the Messages app so I can just use the one app for everything. Probably wishful thinking though.

Yes. This is the new “visual programming will make executives be able to write programs themselves” but this time the technology (assuming OP means LLMs since both the ones in his image post seem to be LLMs) is completely unsuitable from the start.

(X) Doubt

Sir, this is a Wendy’s !technology

Does right click on the tab bar, click Customize Toolbar, drag the “Flexible Space” where you want it to be work?

Double the cost?! Jesus, if it were that high here I wouldn’t. I basically order from two restaurants when I do, for one of them that uses one of these delivery apps it’s around 20% more since they list higher prices per dish than on their menu and have a 1.50€ delivery fee on top, but the restaurant I usually order at where you can order delivery directly has a flat 1.50€ delivery fee with same prices as the menu so that’s around 7% more than going in person (usually I order for around 20€).

It doesn’t arrive cold since they put it in one of these isolation boxes. Especially in the winter I think that’s better than me getting it myself which is a 10 minute bike ride, without an isolation box. I’m gonna have to try that next summer though. Never hurts getting a bit of exercise and I actually never checked until now and assumed it would be more like 30 minutes lol

I’m eying servercheap.com and it says in description “1 IPv4”, but then it offers “Add’l Ipv4 Addresses” for 9$. I’m bit lost here and I’m not even sure do I need IPv4 address. Maybe I can run duckdns or ddclient to avoid additional cost?

You should have an IPv4 address unless you’re sure everyone who needs to access it has working IPv6 access or you don’t mind setting up 6to4/6in4 at the locations that don’t (or complain to ISPs until they fix it). The one should be fine.

One of these is not like the others (and it’s not CMake).

Also, the syntax is absolutely mental but I like CMake :V

Windows 8 being unusable on my shitty laptop I had back then, IIRC it would bluescreen 9 out of 10 times on startup (this same bug still persisted when eventually Windows 10 came out). I essentially switched to Linux full time after that.

I actually went through and customized all the Plasma keybindings to be more like Mac a couple days ago. It works pretty well, but yeah unfortunately only in KDE applications. And there’s still some stuff you can’t change such as the “extend selection to start/end of word” shortcuts always being set to ctrl+shift+left/right even if you set the “move to start/end of word” keys to option+left/right.

idmapping

idmap only works with Kerberos auth, but iirc I didn’t have to set anything up specifically for it. Though I’ve also never really had to test it since my UIDs match coincidentally, I just tested with the nfsidmap command.

One of the most basic security principles is literally “never trust the client side.”

qjackctl will actually connect to pipewire, I use its graph window a lot to route audio when the default volume control isn’t enough. But yeah it does (or can) replace jackd.

Can it sync transports?

I’m not sure, I’m not a pro audio user. Sorry!

Pipewire exposes both a JACK and Pulseaudio client interface, so you don’t need to run the JACK daemon anymore.