this post was submitted on 13 Jun 2024
1260 points (98.8% liked)

linuxmemes

20686 readers
849 users here now

I use Arch btw

Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
[email protected]
[email protected]
1260
I am the outwitter! (lemmy.world)
submitted 3 months ago by [email protected] to c/[email protected]
104 comments fedilink hide all child comments
 

Couldn’t find anything with less pixels, please save to disk and remove resolution yourself ❤️

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 65 points 3 months ago (17 children)

Still faster than snaps /s

[–] [email protected] 56 points 3 months ago (16 children)

I had a problem and then I tried to solve it by installing a snap package. Now I have two problems.

[–] [email protected] 15 points 3 months ago (14 children)

I was doing a group project in college where we had a Linux server running some of our custom software. I asked a group mate who worked in IT to self-sign some certs so we could get https up and running for our next sprint demo.

He installed a fucking snap package to do it via certbot. On fucking RHEL. And that server was not hosting an internet-accessible service. And he didn’t know why I lost my mind.

[–] [email protected] 6 points 3 months ago* (last edited 3 months ago) (1 children)

Not sure why you were enabling HTTPS for a project that was not hosting an internet-accessible service, really. By which I assume you mean the service doesn't have a publicly accessible web based UI or API component. What were you trying to access and how? The only scenario I could think of for this would be that your custom software relies on HTTPS for secure communication within its own internal network (such as on a VPN) to send sensitive data back and forth between services. In which case that feels like overkill for a college course, since you shouldn't have any genuinely sensitive data that you need to secure if it's just for testing and demonstration.

[–] [email protected] 7 points 3 months ago* (last edited 3 months ago) (1 children)

It was a project requirement, PHI was processed by it, so yes, it needed a secure connection. I now realize I should have used mutual auth, but hey, I only learned about that after that project

We never sent actual data to it (the actually sensitive data used for training never left a secure VM), but the point of the course was to act like we were. Plus, setting up an nginx reverse proxy is simple, setting it up and getting certs from some ssl commands is a 10 minute task that appeases the project manager/professor with minimal effort.

load more comments (12 replies)
load more comments (13 replies)
load more comments (13 replies)