Not that I am aware of. Komodo should be compatible with podman as well.

I deploy and update my service similiar to this fantastic guide: https://nickcunningh.am/blog/how-to-automate-version-updates-for-your-self-hosted-docker-containers-with-gitea-renovate-and-komodo

Basically I run Komodo, which pulls a git repo. Renovate opens a PR (and most of the time the changelog is included, so I can quickly check what happened) for new versions. Once merged a webhook fires to tell Komodo to pull the new version.

I really recommend this approach now. Once setup it is very automatic, but not to the point of YOLO-automation like Watchtower and :latest 😅

is easier to automate for things like providing bots with changed social media credentials

Tbh, sounds a bit like a cursed use case for a password manager, but I am curious how you set that up.

meaning if you disconnect from VPN for whatever reason, the other containers don’t suddenly send data over non-VPN network.

Is that 100% certain? I think I can recall stories from 15 years ago, where torrent clients had kill switches and they still leaked data.

Damn, people are taking Stardew Valley serious

There are 2 more sides unused as of now. Give me a whole minecraft block destruction animation while scrolling down, lol

Now a days, you can do sessions all online.

I wish. Germany usually has a combination of “bad internet”, “tech illiteracy” and “no appointments in the next 2-4 years” .

Honestly, no clue, but in my career the answer why something beneficial hasn’t been done is usually “backwards compatibility”.

They dont detect at all. It depends on what location you choose when you register. So if you want to migrate, you have to create a new account.

dish washer to sterilize jars for canning

Household Dishwashers do not sterilise, they only sanitise at best (with a 65° (150°F)). For sterilisation of all microorganisms including spores they would need to heat up to 120°C (250°F) for several minutes.

That being said you most likely breath in your own poop particles all the time, so sanitation may be enough.

I thought downloading and redistributing tiktok videos was against TikToks TOS?

Which you only agreed to if you have an account (and even then they realistically can only ban your account). If you rehost publically you might get issues with copyright laws though.

Since rootless docker is (mostly) a security improvement, here is a interesting list of other Docker realted security tips I like to consult: https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html

Absolutely, it is not necessary if the proxy can reach the service in other ways (e.g. a shared network). Some non-http services don’t like to be proxied though. Some constellations where the proxy is not on the same host as the containers may also make it necessary. My answer was based on the possibility to not have the same inside/outside port, not necessarily the need though😉

Also a great choice :)

Welcome to the community then :) For rootful Docker you are correct - the inside port can be 80 and you can expose it on whatever port you want (ideally you expose it only via reverse proxy and not by port - I can recommend Caddy-Docker-Proxy for that)

Unless I am missing some obvious setting: Restricted Kubernetes doesnt work like that. You have to run the container with a non-root UID (usually something upwards of a million). Non-root users however can’t reserve ports below 1025. Nextcloud builds on the default php-apache image which comes with the default apache ports.conf (Listen 80).

So now this has to be overwritten either by making a custom build (which may require creating a custom build pipeline) or by mounting a new config file (e.g. via ConfigMap) else it wont start. Both are an additional update risk which now has to be documented and checked before updating in addition to changes from the normal nextcloud changelog.

Similiar issues probably appear with rootless docker/podman unless you add extra capabilities, which is not possible in restricted kubernetes settings.

As long as it is configurable, ideally via env, I dont care about the port.

This could be important for restricted Kubernetes clusters (or certain Gluetun configs). Don’t be Nextcloud with their default port of 80 in their Apache image with only hacky ways to change that. God, I hate Nextcloud. They are truly becoming the next Wordpress.

Besides that point: why tf do they even crawl lemmy. They could just as well create a “read only” instance with an account that subscribes to all communities … and the other instances would send their data. Oh, right, AI has to be as unethical as possible for most companies for some reason.

Voyager (on Android)

I tried multiple and that is what stuck. Thats it.