Tootfinder

You Want Microservices, But Do You Really Need Them?
https://www.docker.com/blog/do-you-really-need-microservices/

I was trying to run the Portracker container so I could get a quick overview of the ports currently in use on my server. I couldn't do it because the default port for this container is currently being used by another one. What a paradox!
#docker

Experimentell ließ ich über Scribber (https://scriberr.app), ein recht flexibel konfigurierbares Transkriptions-Tool (Docker-isierbar), eine alte über Zoom mitgeschnittene Vorlesungseinheit von mir transkribieren. Das Ergebnis ließ ich Mistral.AI zusammenfassen. Funktionierte sehr präzise und gut, auch mit Personennamen …

@…
A recommendation from my side:
A full stack #AI launchkit (docker based) for selfhosting with many apps including supabase, ollama, n8n, flowise, etc.

Today I helped two colleagues at the #KohaILS DACH Hackfest to set up koha-testing-docker on their windows laptops via WSL and guided them through their first bug signoff (which I then QA'ed).

@… 1 day, that's all you need, you don't need to make sience out of it.... There is a reason why nearly every good github project offers a docker file and composer.... BECAUSE IT'S STANDARD THESE DAYS, and isolation solves many problems as this github issue proofs - I never got into any problems, I even didn't know that bun env issue existed - because an …

Said no one ever... 🙂
I switched from Docker Compose to Kubernetes at home, and it's been awesome
https://www.xda-developers.com/switched-from-docker-compose-to-kubernetes-thoughts/

I switched from Docker Compose to Kubernetes at home, and it's been awesome
Kubernetes might not be your first choice for home use, but I did it anyway

Using Docker and NGINX-RTMP to setup a streaming forward and overlay on an iMac
Learning Docker by making an nginx relay.
https://chrisalemany.ca/b/4fk

c't-Workshop: Docker und Container in der Praxis
In zwei Tagen lernen Admins und Entwickler im Online-Workshop, wie sie mit Containern stabile und gut skalierbare Serverdienste sicher betreiben.
https://www.

Zum ersten Mal einen eigenen✧ Healthcheck zu einem Docker Compose hinzugefügt.
Bin gespannt ob die Automated-Kicking-Machine auch wirklich tritt.

Best note taking app for selfhosting? #docker #homelab #notes #app

Understanding #Docker Internals: Building a Container Runtime in Python
https://muhammadraza.me/2024/building-container-runtime-python/

Shrinking the Kernel Attack Surface Through Static and Dynamic Syscall Limitation
Dongyang Zhan (Harbin Institute of Technology), Zhaofeng Yu (Harbin Institute of Technology), Xiangzhan Yu (Harbin Institute of Technology), Hongli Zhang (Harbin Institute of Technology), Lin Ye (Harbin Institute of Technology)
https://arxiv.org/abs/2510.0372…

Shrinking the Kernel Attack Surface Through Static and Dynamic Syscall Limitation
Linux Seccomp is widely used by the program developers and the system maintainers to secure the operating systems, which can block unused syscalls for different applications and containers to shrink the attack surface of the operating systems. However, it is difficult to configure the whitelist of a container or application without the help of program developers. Docker containers block about only 50 syscalls by default, and lots of unblocked useless syscalls introduce a big kernel attack surfa…

Which open source wiki software is state of the art? My requirements:
* can be hosted in a docker container/docker compose setup
* still maintained
* simple user management (if at all)
* user friendly (can be used by non-tech people)
Fediverse go!
#Wiki #Wikipedia

I spent the weekend making a fun DevOps pipeline because I felt like it and am now quite pleased.
I'm hosting gitea, n8n and docker registry in my lab. I now have a webhook in gitea for certain repos so that when I push to them, it triggers n8n to pull the repo and build the dockerfile. This image is then pushed to the registry, and watchtower will pull it when it runs.
Naturally have all my own DNS things for these app web guis which go through nginx. All of this is in pro…

Interesting. In parallel, I set up a Docker container "exactly" as a Distrobox container to get ROCm running on Bazzite. And in the Docker container I get
> Memory critical error by agent node-0 (Agent handle: 0x5578c3d90580) on address 0x7f851f8a1000. Reason: Memory in use.
when running `clinfo` after "Max work group size" while in the Distrobox container it works without this error. It would be nice if I could find out what the differences are between the…

The translation of "just use our docker image" into human language is "we don't have good docs and we don't give a shit".

I'm trying out kan.bn since my Focalboard install took a shit. kan.bn was fairly easy to get running via Docker on my OpenMediaVault NAS.
I'm not a huge fan of the kanban board style but I'll give it a try. At least until I can find something better to manage my tasks.
https://kan.bn/

CWM: An Open-Weights LLM for Research on Code Generation with World Models
FAIR CodeGen team, Quentin Carbonneaux, Gal Cohen, Jonas Gehring, Jacob Kahn, Jannik Kossen, Felix Kreuk, Emily McMilin, Michel Meyer, Yuxiang Wei, David Zhang, Kunhao Zheng, Jordi Armengol-Estap\'e, Pedram Bashiri, Maximilian Beck, Pierre Chambon, Abhishek Charnalia, Chris Cummins, Juliette Decugis, Zacharias V. Fisches, Fran\c{c}ois Fleuret, Fabian Gloeckle, Alex Gu, Michael Hassid, Daniel Haziza, Badr You…

CWM: An Open-Weights LLM for Research on Code Generation with World Models
We release Code World Model (CWM), a 32-billion-parameter open-weights LLM, to advance research on code generation with world models. To improve code understanding beyond what can be learned from training on static code alone, we mid-train CWM on a large amount of observation-action trajectories from Python interpreter and agentic Docker environments, and perform extensive multi-task reasoning RL in verifiable coding, math, and multi-turn software engineering environments. With CWM, we provide …

🖥️ Communicates with Windows using WinBoat Guest Server to retrieve necessary data and manage applications running in the containerized environment
📋 System requirements: At least 4GB RAM, 2 CPU threads minimum, 32GB free storage space in /var directory, KVM virtualization enabled in BIOS/UEFI
🐳 #Docker installation required for containerization, Docker Compose v2 for compatibility…

Uh, dockerhub is down. Their status page #docker

RT: Tim Bouma 🚴🏻‍♂️
@trbouma Feb 18, 2024
"Typical deployment of a Python Docker container"

nice, looks like Docker is cooked

#Seafile has been removed in #NixOS 25.11 because "upstream only supports docker now", but I didn't want to migrate to docker. Good thing that NixOS 25.11 also introduces an #OpenCloud

Podczas próby przejścia na jednym VPC z Docker na podman dowiaduję się jak wiele docker ustawia automatycznie, co trzeba ręcznie dokonfigurować w podmanie... Już jest blisko. DNSy działają, w jedną stronę ruch już lata (na wyjście), tylko traefik jeszcze coś nie potrafi w drugą stronę puścić ruchu do serwisu.

Heads up for the #homelab / #selfhosting community: #minio has gone source-only and will no longer build new docker images, and the latest version of the image contains an 8.1/10 privilege escalati…

Docker release? · Issue #21647 · minio/minio
Hello, I did not find a new image for the security release Security/CVE RELEASE.2025-10-15T17-29-55Z, on quay.io nor DockerHub. Is it expected? If it isn’t, can you please push a new release for th...

I've been distrustful of Docker for so long that I've never really got into using containers. I get very confused by how it takes over the networking and needs to add and remove its own firewall rules. They clash with my use of nftables, and IPv6, and my other automation. It's made me avoid it.
But Podman has really been coming along and I've been looking at it again. It's going quite well.

I'm getting closer with my nginx-rtmp-Docker-container-on-MacOS project!
I started from scratch on the mac a couple days ago, reinstalled docker with homebrew and then realized that part of my problem was that macOS (and windows) has to run docker in a virtual machine container of its own and *that* can mess with networking.
So I have now figured that out. Colima, the vm that seems most popular on macOS, needs a mac specific option (--network-attached) when starting so that it gets the mac network going. Major Aha! moment.
I also learned more completely how to build my own Docker images.
I've gotten to the point where nginx is definitely running, I know the port is open (via nmap on another device), I know nginx is accepting the stream, but nginx still refuses to publish that stream to Youtube (or at least youtube is not seeing it).
I also can ping apple.com and youtube.com from within the container, so access to the outside world is working.
I
So that's where I'm at.
I just figured out how to get into a container and examine the nginx log files now.
At this point I am going to rebuild the container with nginx configured for full debug level logging. Hopefully that provides some more clues on where it is getting stuck.
I give it a 50/50 chance that it is either an nginx configuration/installation problem or another colima virtual machine/networking issue.
I've learned a lot at least and feel better about my overall Docker knowledge!
And I'm documenting on my blog as I go so I'll have a howto produced from this when it finally works!
#docker #mac #nginx #colima #rtmp #youtube #containerizeit

@… nice! Okay, I’ll have to try that. I haven’t used Podman yet and am just getting used to Docker now. That sounds like a better flow than what I’m currently doing with running it in a Debian 12 VM in Proxmox. It works but updating the binary is finicky. I’d love to just pull a new image in Docker.

🚫 Docker Desktop unsupported, #Podman unsupported, distributions emulating Docker through Podman socket unsupported, rootless containerization solutions currently unsupported
🛠️ Built with #NodeJS and #Go

Happy #PHP 8.5 release day! Keep in mind that the first 8.5.0 #Docker/#OCI images will show up in 8 hours till a couple of days after the release.
P.S. Mine are updated till the latest RC and will swap in the final with no tag changes:

In a #Kotlin multiplatform project, I switched my Docker base image from #NodeJS to #Bun.
The former is ~160MB, the latter ~106MB, a 33% slimdown!
I need to check if everything works as before, but I'm…

Today I added `extra_hosts: "host.docker.internal:host-gateway"` to a docker-compose.yml so I could access a service running on my host (well, in fact in another container) from inside a container.

Für mein #Roadwarrior Notebook habe ich mich entschieden, in #Docker eine #Pihole Installation zu machen. Läuft.
Klasse! :blobcatsunglasses:

If you can't accomplish most of what you want to do in a homelab with VMs on a laptop or docker containers on a 16GB Raspberry Pi, and RAM prices are what's keeping you down, consider buying some old-ass server or Dell workstation instead. You'll pay more in power, and performance won't be cutting-edge, but REG ECC DDR3 is under $1/GB on AliExpress, and you can still slap a 5090 into into the box if you insist (with some degree of PCIe throttling that shouldn't bother you…

I use Teedy for document management on my Docker server. The downside is that this application does not allow you to set your preferred language; it chooses it itself based on your browser's language.
What a pain. The Spanish translation is so bad that I had to write a tutorial to figure out what each button does.
#selfhosting

Is #Mobilizon still maintained somehow? Or is it completely dead now. I tried the docker compose setup from their documentation but that's referring docker images that do not exit.

Recently I installed #wanderer on my home server via docker compose.
Connected my wife's strava and tried to upload some GPX files.
The strava routes are imported, the according statistics show all zero.
My GPX can't be uploaded due to some elevation error.
😔
Maybe I'll formulate some bug report next weekend.

Woke up to a broken Traefik docker setup (for my Matrix/Element server), it turns out a new version of Docker and Traefik are not playing nice 😔 https://github.com/traefik/traefik/issues/12253

Replaced article(s) found for cs.DC. https://arxiv.org/list/cs.DC/new
[1/1]:
- Resource Management Schemes for Cloud-Native Platforms with Computing Containers of Docker and Ku...
Ying Mao, Yuqi Fu, Suwen Gu, Wenrui Mu, Long Cheng, Qingzhi Liu

now _this_ is a good docker container (it has two files inside) https://codeberg.org/git-pages/-/packages/container/git-pages-cli/latest

Can't run a signal proxy because the distribution media is docker :(
https://github.com/signalapp/Signal-TLS-Proxy

GitHub - signalapp/Signal-TLS-Proxy
Contribute to signalapp/Signal-TLS-Proxy development by creating an account on GitHub.

✨ Smartcard passthrough support, comprehensive resource monitoring dashboard, and many more features being added regularly to enhance functionality
🔧 Technical approach: #Electron application running Windows as virtual machine inside #Docker container, uses

I started building an application to schedule posts across multiple social media platforms. Details are irrelevant to this post. Suffice to say, modules are running in a #Docker container on my #SynologyNAS at home. It’s access it when I’m at home. However, I’ll soon travel to Australia for weeks, and …

AHA! #docker #nginx #mac Success!
After much logging and inspecting and reconfiguring you know what worked? (It's what always works!). Turning it off and on…
It's just a matter of turning the *right* thing off and on.
In this case, it was a matter of rebooting the webcam itself, which I really should have known because it has been unreliable at accepting new settings without a full reboot in the past. Weird that it was making the connection to NGINX but not actually sending data on that connection. The reboot of the webcam appears to have forced the data to be sent to the new proper docker address and on to Youtube.
Unfortunately I tried changing the stream key for Youtube before trying the webcam reboot which creates a new youtube URL, so I'll have to update my YouTube embed codes but oh well, it is worth having success with docker!
I feel much more comfortable working with docker now and understand the build/run workflow more now so I can start customizing my Dockerfile and be confident that I’m not going to miss anything.
Now I should be able to redirect all of my streams off of #footiMac and onto the slightly newer #imac2014 OR... most importantly, anywhere I have this docker container!
Woot!
Thank you everyone who gave tips and pointers along the way.
#learning #askmastodon
stream: https://www.youtube.com/live/WpbMTI9D6hI

I don't know what to think at this point:
```
FROM docker.io/ubuntu:24.04
RUN --network=none echo "hello world"
```
See that `--network=none`? It fixed my problem... but WHY? I mean, why do I need to enforce that for a simple `echo` call? 🫠

WinBoat - Run Windows Apps on Linux with Seamless Integration
https://www.winboat.app/
Windows via Docker, kenn ich schon (https://open…

Testing Tugtainer on my Docker server, a service that checks for available updates for your containers. So far, so good. It has a nice and easy interface. #selfhosting

@… @… yes, I run a bunch of Discoursen (via Docker) and it's superb, but I wouldn't consider myself an authority on 'securing' it - there're lots of levels of security to consider (digital stacks have lots of layers as you know). …

Finished my little tutorial as I got docker running on my 2014 macOS Ventura era iMac and then added some nginx-rtmp containers.
#docker #nginx #mac #Apple #iMac #webcams #rtmp #tutorial
https://chrisalemany.ca/2025/11/05/using-docker-and-nginx-rtmp-to-setup-a-streaming-forward-and-overlay-on-an-imac/

I upgraded my mastodon docker installation from 4.4.6 to 4.5.0-beta.1. Now I'm on 4.4.7 🤔
#mastoadmin

🎯 Real-world validation through extended #CCBench testing with human evaluators completing multi-turn tasks in isolated #Docker containers across frontend development, tool building, data analysis, testing & algorithms
🔧 Near parity with

The easiest way to install chatmail server is a small project written by a single person, meanwhile the #deltachat official server installation process is cluster of unintelligible documentation and a docker image that need multiple commands to setup properly.
How does that one dev build a better hosting experience than a company?

I'm trying to figure out how #tailscale funnels work. I have two different docker containers on the same machine running on different ports. I have one up and running and that works fine. But I want to add another service on the same machine. Is it possible to have a funnel to listen to more than one port?

WTF #Docker? (It's most likely me fucking up somewhere tho.)

BTW #docker #dockerdown

I read about a major update of #jellyfin and that one should do this planned with some care.
So I sat down, prepared for an update full of hassles, debugging, restoring, ...
> docker down / pull / validate / up / done
Took me about 5-10 min.
Very well done Jellyfin!
----

Jellyfin 10.11.0 | Jellyfin
We are pleased to bring you Jellyfin 10.11.0, our new stable release. This is probably one of, if not the, biggest and most impactful releases we've done yet, with some massive backend changes to improve performance and long-term expandability and maintainability. This release has been a long time coming, with over 6 months of development and another 6 months of RC testing, throwing our planned 6-month release schedule completely out of whack, but we definitely think the results are worth it - …

self hosted Renovate is nice, but
# docker system prune
[...]
Total reclaimed space: 21.87GB

Optimization techniques for SQL ML queries: A performance analysis of real-time feature computation in OpenMLDB
Mashkhal A. Sidiq, Aras A. Salih, Samrand M. Hassan
https://arxiv.org/abs/2509.15529

Optimization techniques for SQL+ML queries: A performance analysis of real-time feature computation in OpenMLDB
In this study, we optimize SQL+ML queries on top of OpenMLDB, an open-source database that seamlessly integrates offline and online feature computations. The work used feature-rich synthetic dataset experiments in Docker, which acted like production environments that processed 100 to 500 records per batch and 6 to 12 requests per batch in parallel. Efforts have been concentrated in the areas of better query plans, cached execution plans, parallel processing, and resource management. The experim…

Enhancing CTAO Monitoring and Alarm Subsystems in Distributed Environments Using ServiMon
Kevin Munari, Alessandro Costa, Federico Incardona, Emilio Mastriani, Sebastiano Spinello, Stefano Germani, Pietro Bruno
https://arxiv.org/abs/2509.16366

Enhancing CTAO Monitoring and Alarm Subsystems in Distributed Environments Using ServiMon
ServiMon is a scalable data collection and auditing pipeline designed for service-oriented, cost-efficient quality control in distributed environments, including the CTAO monitoring, logging, and alarm subsystems. Developed within a Docker-based architecture, it leverages cloud-native technologies and distributed computing principles to enhance system observability and reliability. At its core, ServiMon integrates key technologies such as Prometheus, Grafana, Kafka, and Cassandra. Prometheus se…

Quadlet to taka cudowna rzecz...

Rozwiązuje to odwieczny problem, czy instalować wszystko bez kontenerów i ogarnąć systemd, czy bawić się w docker compose, czy pisać serwisy uruchamiające kontener...

Z qadlet'em opisujemy kontenery, sieci, wolumeny w systemd i normalnie kontrolujemy przez systemctl, journalctl itd - cudowne. Bardzo ładnie się to spina z Ansible.

#devops…

working for a large corporation sometimes reminds me of the GDR. We had western TV and thus knew what's technically possible. Yet we didn't had the latest tech available or there were restrictions to use certain tech. Trying to talk to Atlassian Cloud with an MCP server that by default runs inside a Docker container is such a problem. Theoretically easy, practically a whole lot of workarounds required. Can't use Docker Desktop, Apple Containers would start, but the connection to …

We're seeing trouble with Grist on Firefox 145. Looks to be a Firefox bug. If you can hold off upgrading Firefox, do, the problem is already understood and should be fixed in their next release
https://github.com/gristlabs/grist-core/issues/1944#issuecomment-3…

JS errors on Firefox 145 · Issue #1944 · gristlabs/grist-core
Describe the current behavior Self hosted grist on docker, I have built an order management system on grist with custom widget to connect to thrid party apis. Everything have been working well befo...

I may have spent too much time setting up Glance homepage server in a container on my NAS. I really don't need most of these widgets. I was eyeballing the Docker container monitor, but setting it up has been a pain.
Maybe I'll find a use for it.

bam! Docker Mission Accomplished!
🫡
All webcam streams have been redirected from a single nginx process on #footiMac (which is also, of course, running this very mastodon #selfhost!) to their own docker containers on another iMac using Docker CLI/Colima.
I can already 'feel' the difference in response time for footiMac and posting/updating on mastodon! Yay!
#docker #nginx #mac #footiMac #imac2014 #learning #askmastodon

@…
In my house it’s on Saturday mornings and if something breaks, I end up spending the day fixing it. Your idea sounds better so at least you know what to expect on Saturday lol.
Side note, I run ForgeJo as well but haven’t used it in a while. Do you run yours in a VM or Docker container?

A Software-Defined Radio Testbed for Distributed LiDAR Point Cloud Sharing with IEEE 802.11p in V2V Networks
Mario Hernandez, Elijah Bryce, Peter Stubberud, Ebrahim Saberinia, Brendan Morris
https://arxiv.org/abs/2509.14523

A Software-Defined Radio Testbed for Distributed LiDAR Point Cloud Sharing with IEEE 802.11p in V2V Networks
We present a Software Defined Radio (SDR)-based IEEE 802.11p testbed for distributed Vehicle-to-Vehicle (V2V) communication. The platform bridges the gap between network simulation and deployment by providing a modular codebase configured for cost-effective ADALM-Pluto SDRs. Any device capable of running a Docker with ROS, executing Matlab and interface with a Pluto via USB can act as a communication node. To demonstrate collaborative sensing, we share LiDAR point clouds between nodes and fuse …

It appears that the latest version of Portainer has a significant bug that prevents access to the local server environment, meaning you cannot manage your containers.
Until the developers fix the problem, the temporary solution is to use version 2.20.2.
https://github.com/portainer/portainer

Gave up on Apple Containers for the time being. Just too unpredictable and unmanageable networking.
Was mainly using it to run a local Pihole container to filter out ads. Was recommended to use Podman as a drop-in replacement because I can't use Docker Desktop. But Podman uses a VM to host the containers and that VM does already bind on Port 53 for its container DNS resolution. So ended up using a small VM with UTM virtualisation app that runs the Pihole container in an Alpine Li…

Zweiter Versuch mit Winboat heute. Am Freitag hatte ich das schon mal versucht, aber Bazzite scheint keine gute Grundlage für Winboat zu sein wegen der Docker-Abhängigkeit.
Heute dann mal auf Fedora Workstation. Die Voraussetzungen sind "leicht" zu erfüllen. Ich würde das immer noch keinem Windows-Umsteiger zumuten wollen, aber es geht. So recht will mir noch nicht in den Sinn, warum der Betrieb der KVM in einen Dockercontainer gesperrt werden muss, aber jut, nehmen wir's…

One does not simply use rootless … me with a rootless Podman walks into Mordor of CI and docker build anyway.
Just kidding! Rootless Podman containers, quadlets and systemd are truly amazing in 2025.
https://vyskocil.me/blog/ci-setup-which-never-worked/

Ci Setup Which Never Worked
In an earlier post about giving up Kubernetes, I wrote that my server is a plain old virtual machine pet. While this works pretty well for a static web server use case, I wanted to explore ways how to automate this blog. This is a story about how I failed. I am writing this because I did my best to make it work, but it turned out its impossible At the same time it has a some good hints about user systemd, quadlets, rootless podman and what I managed to get working.

Exploring and Exploiting the Resource Isolation Attack Surface of WebAssembly Containers
Zhaofeng Yu (Harbin Institute of Technology), Dongyang Zhan (Harbin Institute of Technology), Lin Ye (Harbin Institute of Technology), Haining Yu (Harbin Institute of Technology), Hongli Zhang (Harbin Institute of Technology), Zhihong Tian (Guangzhou University)
https://

Exploring and Exploiting the Resource Isolation Attack Surface of WebAssembly Containers
Recently, the WebAssembly (or Wasm) technology has been rapidly evolving, with many runtimes actively under development, providing cross-platform secure sandboxes for Wasm modules to run as portable containers. Compared with Docker, which isolates applications at the operating system level, Wasm runtimes provide more security mechanisms, such as linear memory, type checking, and protected call stacks. Although Wasm is designed with security in mind and considered to be a more secure container r…

Next project - Logseq in docker to have self hosted notes in a system close to Obsidian.md

Time to figure out why, lets starts with a: docker system prune:

I turned on debug mode for nginx and it seems to be making the connection to Youtube and sends data so I am really at a loss as to what is going wrong!! #docker #mac #nginx #colima #rtmp #youtube #containerizeit

Well that clearly didn't clear the build cache, should have made it a: docker system prune -a --volumes

Unsloth now has a #Docker image! #ai
#Train #LLM locally with no setup: just run the image and go…

📊 Risk assessment: For most use cases (server admin, development, non-sensitive data), the practical risk is low. Your Docker logs and configs likely won't be
valuable in 15 years. However, healthcare, finance, and government sectors should act now.
⚙️ Quick fix: Suppress the warning by adding LogLevel ERROR to ~/.ssh/config for specific hosts. Better solution: Enable post-quantum key exchange on your SSH