blake (@blake@mastodon.bsd.cafe)
I'm Blake — reintroducing myself as I'm back on the timeline.
I'm a Cloud Engineer working in Site Reliability and DevOps in the healthcare industry. I design and build highly scalable, resilient infrastructure that powers modern healthcare systems. Day-to-day I work with .NET, JavaScript, and TypeScript to deliver reliable platforms.
Outside of work, I build with Go — creating tools that prioritize performance, privacy, and user empowerment.
A couple things I'm working on:
RideAware — A cycling training platform for building structured training plans, analyzing ride data, and completing indoor workouts all in one place.
Arcline Hosting — A self-hosted web hosting service for people who want to know exactly where their data lives. It runs on hardware I own and operate — no AWS, no Cloudflare, no third-party CDN. Shared, WordPress, and VPS plans with personal ticket and email support.
My core interests span SRE, cloud infrastructure, DevOps/automation, and network engineering. I spend a lot of time with Linux, Docker, Kubernetes, Terraform, and enjoy digging into routing, firewalls, and secure network design.
I'm here because I care about privacy, self-hosting, and building things that give people more control over their own data. Good to be back — looking forward to reconnecting with this community.
#reintroduction #CloudEngineering #SRE #DevOps #Go #Golang #Linux #Docker #Kubernetes #Terraform #SelfHosting #HomeLab #Privacy #DataSovereignty #WebHosting #Cycling #HealthcareIT #FOSS #BSD
Show Original Post
LPI (@LPI@fosstodon.org)
In this episode of the DevOps Tools Engineer 2.0 Introduction series, Fabian Thorns and Uirá Ribeiro cover exam objective 702.1, focusing on #Docker and #Podman containers.
Read it to prep for the exam and sharpen your #DevOps skills: https://lpi.org/mryy
#LPI #devops #containers #docker #podman #cloudnative #CI #CD #kubernetes #freesoftware
Show Original Post
admin (@admin@mastodon.raddemo.host)
How to Install #Docker Engine on #Ubuntu #VPS Server This article provides a guide for how to install Docker Engine on Ubuntu VPS server.
What is Docker?
Docker is an application that utilizes OS-level virtualization to provide software in bundles called containers. While you can run Docker on any VPS, Ubuntu remains its most popular OS of choice.
Containers provide an application's code, dependencies, libraries, and ...
Continued 👉 https://blog.radwebhosting.com/how-to-install-docker-engine-on-ubuntu-vps-server/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #kvmvps #installguide #vpsguide
Show Original Post
ros (@ros@techhub.social)
Install OpenClaw in minutes with Docker. Run locally with Ollama (GPU) or use Claude Sonnet 4.6 (CPU-only). Includes setup, model config, testing, and troubleshooting.
#Hosting #Self-Hosting #LLM #AI #Ollama #Docker #Open Source #RAG #OpenClaw
https://www.glukhov.org/ai-systems/openclaw/quickstart/
Show Original Post
benzogaga33 (@benzogaga33@mamot.fr)
Après les images durcies, Docker veut étendre la sécurité au niveau des paquets https://www.it-connect.fr/docker-hardened-system-packages-securite-conteneurs/ #ActuCybersécurité #Cybersécurité #Docker
Show Original Post
kAlvaro (@kAlvaro@mastodon.social)
Docker commands have been carefully designed to maximise profit from consulting fees, and you won't be able to convince me otherwise.
#docker #rant
Show Original Post
rikeriki (@rikeriki@social.tchncs.de)
Dependent on use case. #adobeexpress is the next commercial and sadly bigtech solution for the typical canva use case. #unplugbigtech
If you want open source and self hosted https://aktivisda.earth/ could be an idea. But it is for activist movements. #akitvisda
@penpot can be used like this but isn't as easy as drag and drop like #canva is. Comparable to #figma. You can easily set it up locally with #docker.
#penpot
#PolotnoStudio seems to be a self-hosted alternative as well. But I'm not sure how easy it is to set up and use. https://polotno.com/
For complete graphic design locally I would go for a mixture of @GIMP @krita @inkscape. You can basically create the #content design for everything just with those three.
Show Original Post
jobsfordevelopers (@jobsfordevelopers@mastodon.world)
Shield AI is hiring Staff Engineer, C++ Systems Integration (R4016)
🔧 #cplusplus #python #api #grpc #rest #cicd #docker
🌎 Washington, District of Columbia
⏰ Full-time
🏢 Shield AI
Job details https://jobsfordevelopers.com/jobs/staff-engineer-c-systems-integration-r-4016-at-shield-ai-dec-23-2025-d77423?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring
Show Original Post
post (@post@mander.xyz)
Announcing Docker Hardened System Packages
https://mander.xyz/post/48342506
Show Original Post
totentanz (@totentanz@metalhead.club)
Warum hat #Docker immer wieder Probleme mit dem Netzwerk, wenn Container neu gestartet werden (in diesem Fall nach dem pull einer neuen Version)?
Und vor allem: wie kann eins das beheben?
Show Original Post
docker (@docker@techhub.social)
Announcing Docker Hardened System Packages
#Products #Security #Docker #DockerHardenedImages #Security #Securitypackages #Softwaresupplychainsecurity
https://www.docker.com/blog/announcing-docker-hardened-system-packages/
Show Original Post
ashed (@ashed@mastodon.ml)
Для защиты вам надо полностью убрать возможность маскироваться под системные процессы и усилить аутентификацию.
Запрет root в контейнерах — это must have. Запускайте процессы от непривилегированного пользователя (User ID > 0). У обычного пользователя нет capability CAP_NET_BIND_SERVICE, поэтому он физически не сможет открыть порт < 1024.
Запретите контейнерам доступ к порту 2049 на уровне сети, если приложению не нужно монтировать NFS. Принцип минимальных привилегий на уровне L3/L4.
Аутентификация Kerberos (KRB5) — единственный способ проверять личность, а не место. Даже если атакующий подделает IP и порт, без валидного криптографического тикета сервер отклонит запрос. Это золотой стандарт защиты NFS.
Убедитесь, что на сервере включен root_squash (обычно активен по умолчанию). Это превращает любые операции от uid=0 (root) в операции от бесправного пользователя nfsnobody. Атакующий смонтирует шару, но упрётся в права доступа к файлам.
Show Original Post