@jdx has gone one step further with mise. The issues has been completely disabled. I presume he tracks real issues in another repo. It'd be nice if github could provide first class support for such a workflow.
You don't have to expose your self-hosted services on the Internet to begin with. 0day bugs do exist even if you diligently apply all security updates.
making sure that your system is not exposed to the internet takes effort too. and then you realize you want to share something with friends or family, or access your home server from remote. you also want updates for new features too eventually.
There are different degrees of "exposed to the internet." You don't need to make your self-hosted services fully accessible by anyone from everywhere. VPN, IP whitelists, mTLS, HTTP basic auth, etc. change the calculus of security and feature updates. You can afford to lag a bit behind on updates because you're not running critical enterprise infrastructure at scale.
Pretty much every home router, network firewall, and host-based firewall is set to deny all by default, so the effort is mostly needed to allow exposure to the Internet.
Have the advantage of hosting content on Plex and other media servers that you can play them remotely. I can be on the other side of the Earth and still access my media. This is an extremely common use case.
Branches are expected to change, tags are not. Tags are also mildly harder to change. A tag seems more apt for an archived branch. So I sort of see where OP comes from.
If you read the article, it credits a reddit thread as the source of inspiration; the thread ultimately points to a StackOverflow answer [0] which may offer a better argument as to why they liked yo use this pattern.
Well, it was this at the beginning. Now it’s an open-core competitor to Slack, with higher pricing(!) but you can use the free version that has fewer features.
As someone who came from Windows, and has used Linux as my primary OS for 15 years, and MacOS here and there (cos work provided laptop), I can tell you that Linux was not ready for prime time 15 years ago. Today, I feel it is, but definitely not 15 years ago.
With prime time I mean being comfortable enough to install it for a non-technical user. Even during Ubuntu's Unity days it didn't feel like I could install it on a computer for my parents or siblings for them to use as a daily driver.
My parents did fine with Linux. My mom still does; it's certainly less maintenance effort from me than Windows would require.
It was fine for non-technical users since at least early GNOME 2, if you're ready to help them set up and maintain. Semi-technical users (Windows power users, gamers, &c — people who like to install and configure things, but fear the deep dark abyss of the terminal) were and remain more problematic.
Unity days were the nadir of linux desktop ux — it was when Gnome 2 was gone, and 3 not yet there. Still better than contemporaneous Windows 8, though.
I can bet there’s no OS that are easy to install for a non-technical user. And that start from booting the installation media. Give someone a OS with their software already installed and they will use whatever OS that is.
People are always task-oriented, not tool oriented unless they’re nerds.
I had Kubuntu installed on my grandfather's computer for a year. I ended up replacing it for Windows because my aunt likes to install stuff on it. But my grandfather was happy with it. He only needed a working web browser and a program to use the TV tunner.
GL.iNet routers don't even need this. It has an option to pass through captive portals. So you connect to your GL.iNet AP, then you set it up for the hotel WiFi, tick the option for passing through (it essentially disables VPN, AdGuard Home and other things if enabled), it will then link you to the captive portal where you can log in as you would otherwise.
Once the internet is active, the GL.iNet router will then re-enable things like VPN and AdGuard Home.
Since these devices are OpenWrt underneath with a pretier ui, I presume this is all possible on any OpenWrt device.
For production workloads, you can use systemd socket activation to avoid most of the network issues. The caddy demo I've linked below explains more about the issues it would solve.
Shouldn't be using podman compose. It's flimsy and doesn't work very well, and I'm pretty sure it doesn't have Red Hat's direct support.
Instead, activate Podman's Docker API compatibility socket, and simply set your `DOCKER_HOST` env var to that, and use your general docker client commands such as `docker`, `docker compose` and anything else that uses the Docker API. There are very few things that don't work with this, and the few things that don't are advanced setups.
reply