HackerTrans
TopNewTrendsCommentsPastAskShowJobs

curiousdeadcat

no profile record

comments

curiousdeadcat
·2 years ago·discuss
[flagged]
curiousdeadcat
·2 years ago·discuss
K8s grinds my gears, and yet, I'd rather debug it than, or beholden to, AWS or Azure, every day of the week
curiousdeadcat
·2 years ago·discuss
I've been following Theia for years (hi GitPod people), though mostly lost interest when vscode started being browser accessible, and back when they were using that old UI stack.

But I'm confused, how does this compare with code-server, or openvscode-server?

I use the latter in a web browser to do fully remote dev on my beefy machine hooked up to Google Fiber.

It kind of seems like this isn't something I need to consider, unless I wanted to ship my own custom white-labeled IDE. (Which... Nah, and why?)
curiousdeadcat
·2 years ago·discuss
HN. Very free market. Except Apple. The cognitive dissonance, and entitlement is crazy.

Even funnier after years of "Apple knows best". God forbid anyone buy an Android phone. No, apparently folks would rather force their abuser to be slightly nicer and then stay in that toxic relationship.
curiousdeadcat
·2 years ago·discuss
Yeah, it's crazy there's no other options, like a platform that openly allows sideloading. Its terrible that were all forced to buy Apple products, especially when this behavior from them is just so surprising.

/s in case.
curiousdeadcat
·2 years ago·discuss
Time to re-read "Fall, or Dodge in Hell".

I feel it might be more unsettling than when I read it ~5 years ago.
curiousdeadcat
·2 years ago·discuss
Its not black magic. Its yet another one-off nat hole punch implementation. Absolutely no reason to even think of this when tailscale exists.
curiousdeadcat
·2 years ago·discuss
Nickel feels like my end game for this kind of thing.
curiousdeadcat
·2 years ago·discuss
Asymmetric keys mean you can you can have per-dev or per-team keys and allow one team to rotate them and resign them for all other consumers. I don't know how you'd do that with symmetric keys. This is an important feature of sops, imo.

It also means I can do things like seal them to a key that is stored in KeyVault and then allow the transparent retrieval of that key at runtime on Instances that have been given an identity with access.

This means that production secrets are sealed in place and only openable by effectively authenticated workloads.

And if you use sops-nix, this becomes a "setup once and never think about it ever again, ever" kind of operation.
curiousdeadcat
·2 years ago·discuss
How about Mozilla figure out wtf is going on with their builds being language specific and it basically being impossible to convert Spanish Firefox to English Firefox. Absolutely baffling. (No really, changing the spell check language doesn't change the spell check language and you can only side-load non-official English spell check packs in the Spanish build. Its one of those things where so many wrong decisions had to be made, and leaves users out to dry.

Or, at the very least, don't do the same stupid crap every other site does, aka: sniff my geo-ip and then opaquely serve me a specialized build without my knowledge. Just another thing on the list of reasons why i don't bother being a Firefox advocate anymore. There's so many basics not accounted for.
curiousdeadcat
·2 years ago·discuss
I got so excited, but it doesn't seem to support multiple keys and seems overly eager to encourage people to leave a valuable key lying around on disk.

So if a single dev machine is compromised, all of your prod secrets are exposed?

I wish this were closer to sops with support for gpg and or ssh keys. Because sops is a great idea locked in a questionable codebase.