Everyone (and their mother) have been trying to convince me that I should use one of my less loaded servers to be a Fediverse node. However, all Fediverse software packages I checked only support being installed on complicated systemd + Docker machines. My servers don’t have either of those, because neither systemd nor Docker even exist on OpenBSD and illumos.

I know that it would be possible to manually install (e.g.) Lemmy, assuming that I won’t ever need official support, but I wonder why the world outside a limited subset of the Linux ecosystem is - at most - an afterthought for Fediverse developers.

How can I help to change that?

  • rhabarba@feddit.deOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    And yet the OS you’re using doesn’t support it.

    It would, but Docker doesn’t support it. I’m not sure how this means that the OS was worse.

    Sorry, I didn’t realise that these are FreeBSD-specific

    They are, including its descendants (that includes the FreeBSD 4.8 fork DragonFly BSD).

    Deployment.

    How is “run this black box of arbitrary software, requiring a kernel module and numerous services” a superior deployment than tar xf application.tgz? Just because people do it, people could still do the wrong thing. Not every website is Facebook.

    Sorry for the incorrect information.

    No problem. I was genuinely curious.

    Sure, Docker has had a few issues, but overall it’s more secure to run your apps in Docker containers.

    Docker imposes additional attack vectors to the underlying system, a (for example) backdoored PHP application running inside an OpenBSD chroot (OpenBSD runs its built-in web server inside chroot by default, so web applications can never reach anything outside the web folder anyway) does not, if I understand you correctly. I know that you consider the 1979 technology chroot to be not modern, but I wonder which security feature is missing.

    Since Dockers containers are immutable and all the actual data is stored elsewhere, it’s always safe to delete the container and replace it with a patched version.

    What if nobody maintains the container anymore, although the software itself is still maintained?