home.social

Search

1000 results for “Podman_io”

  1. Tecbs @[email protected] ·

    @Podman_io cada día me gusta más, sobre todo por la gran variedad de posibilidades que ofrece para ejecutar contenedores sin privilegios.

    Acabo de terminar un contenedor de Nginx sin usuario privilegiado, basado en Alpine, y todo en solo 11.5 MB.

    Sigo usando los servicios de @Codeberg como mis respaldos de git.

    #seguimosaprendiendo #podman #virtualizacion #selfhosting #autoalojado #derechoareparar #codeberg

    #seguimosaprendiendo #podman #virtualizacion #selfhosting #autoalojado #derechoareparar
  2. Fedora Project @fedora ·

    Help us test @Podman_io 6.0! Test Days will be from May 11-15. This release will bring modern networking, simplified architecture, and a cleaner configuration. :)

    How to participate: communityblog.fedoraproject.or

    #podman #fedora #cloudnative #containers #opensource #linux
  3. Bit Regurgitator @[email protected] ·

    👍 👍 👍

    #Podman #OCI #Buildah #Containers #Docker

    podman.io/blogs/2018/10/31/pod

    #podman #oci #buildah #containers #docker
  4. slamp @[email protected] ·

    @techviator
    Those 2 articles help me a lot to move from #docker to #rootless #podman
    - Controlling access to rootless Podman for users:
    redhat.com/en/blog/controlling
    - Understanding rootless podman's user namespace modes: redhat.com/en/blog/rootless-po

    /cc @Podman_io @rhatdan

    #docker #rootless #podman
  5. hankuoffroad @[email protected] ·

    Installing Antora in a Podman container for Pi server provisioned with Fedora IoT. I aim to set up my personal Docs site, also proof of concept for my work project.

    Next step is to configure Antora Playbook and site properties.

    #docs #antora #Podman #iot

    @fedora

    #docs #antora #podman #iot
  6. Fedora Project @fedora ·

    Starting tomorrow we have a series of Test Days coming for different projects. Maybe contribute with testing for the ones that pique your interest?

    * Mar 20-26: @Podman_io Desktop (for Windows and macOS as well)
    * Mar 21-26: Podman 5
    * Mar 25 - Apr 1: Fedora CoreOS
    * Mar 27: (Toolbx) @containertoolbx

    Get started: fedoramagazine.org/contribute-

    #podman #coreos #toolbx #fedoracoreos #fedora #devops
  7. Tecbs @[email protected] ·

    Al final he decidido que siempre que pueda instalaré las virtualizaciones de proxmox en @alpinelinux
    En la medida de lo posible uso @Podman_io pero no siempre es posible. Esta guía para @docker sin privilegios de root. virtualzone.de/posts/alpine-do #selfthosting #docker #podman #alpinelinux

    #selfthosting #docker #podman #alpinelinux
  8. Giulio @[email protected] ·

    Awesome 🎉 #rust #rocket #digitalocean #kubernetes 👇star my code
    github.com/giuliohome/rust-roc

    Btw podman is yet another fake #opensource #foss repository

    I stop suggesting @Podman_io
    I wasted my time with those stupid idiots.

    github.com/containers/podman/i

    I admit that @docker is the way to go to #build a #Dockerfile

    Or #containerd ctr + #kaniko !
    + #chatgpt for support 💪 instead of github useless maintainers

    All tested on #WSL #Ubuntu

    #build #dockerfile #opensource #foss #containerd #kaniko
  9. starkzarn :linux: @[email protected] ·

    New post is up, this time on #opensource #networkmonitoring with #libreNMS. More goodness with @Podman_io #quadlets, check it out!

    roguesecurity.dev/blog/librenms

    #opensource #networkmonitoring #librenms #quadlets
  10. Esparta :ruby: @[email protected] ·

    [cont] about bundle being killed after upgrading #ruby 3.4.x

    So why it worked on my coworker's machine and #GItHub actions but didn't work on #CircleCI or within a container with #Docker or @Podman_io? the answer is right in the Gemfile.lock!

    bundle tries to do their work relying on what's on Gemfile.lock, since it's kind-of a recipe to have a reliable ruby bundle. Sadly, it's not a perfect system, some decisions taken may affect the outcome.

    4/5

    #ruby #github #circleci #docker
  11. bignose @bignose ·

    Congratulations! are an excellent technology, useful for many things as you've discovered.

    Be warned, though, that is not necessarily the best system for containers. It is IMO too dependent on a centralised unaccountable registry of images.

    Look into podman.io/ for a more accountable, open, approach to containers. It's designed for the so it's compatible with your Docker configuration files.

    @Aminorjourney

    #containers #docker #podman #freesoftware #opencontainerinitiative
  12. Podman_io @Podman_io ·

    We just held our last Cabal meeting. Have no fear, we are replacing that every other month meeting with weekly meetings on Mondays and Thursdays! Catch up with the last Cabal meeting here: youtube.com/watch?v=drwPTQj-dy0

    #podman #opensource
  13. Podman_io @Podman_io ·

    The @devconf_us
    CfP has been extended until April 22, 2024. The conference will happen in person in Boston, MA, on Aug 14->16, 2024. CFP: pretalx.com/devconf-us-2024/cfp Questions? Contact: [email protected].

    #definefuture
  14. Podman_io @Podman_io ·

    The @devconf_us CfP is now open! The conference will happen in person on Aug 14->16, 2024, in Boston, MA. CFP: pretalx.com/devconf-us-2024/cfp Questions? Contact: [email protected].

    #definefuture
  15. 🪑Jeffrey Sabarese ♫ @[email protected] ·

    Not exactly sure what if this app has a split personality, but it doesn't hiccup.
    A multi-utility for [ sys admin ] remote / dev types. It works. So. What's the catch?

    “access entire server infrastructure from local machine. works on top of installed command-line programs; does not require any setup on remote; integrates with tools such as text/code editors, terminals, shells, command-line tools...
    - SSH connections, config files, and tunnels
    - **Kubernetes clusters, pods, and containers**
    - **Docker, Podman, and LXD** container instances located on any host ”

    #SSHclient #desktop #terminal #ftpclient #xpipe #whatisit

    Oddly, i recall discovering as offered-up by Win 11 to play a media file.

    xpipe.io/

    #sshclient #desktop #terminal #ftpclient #xpipe #whatisit
  16. Michael Jack @[email protected] ·

    I have a domain at simply.com with a few services running on a server at home.

    Previously I used Caddy with subdomains registered with my hosting provider's DNS panel, and ports 80 and 443 opened to the public internet. Anybody could access my services from the outside.

    I've now changed to using WireGuard and a custom build of Caddy with a wildcard certificate for my domain. Pi-hole handles DNS for subdomains, e.g. cloud.example.com for Nextcloud.

    I'm using podman system quadlets for Pi-hole and Caddy (both use privileged ports), and podman secrets for sensitive data.

    In /etc/containers/systemd/caddy, I have 3 files:

    Containerfile
    --------------------
    FROM docker.io/caddy:builder AS builder

    RUN xcaddy build --with github.com/caddy-dns/simplydotcom

    FROM docker.io/caddy:latest

    COPY --from=builder /usr/bin/caddy /usr/bin/caddy
    --------------------

    caddy.build
    ------------------
    [Build]
    ImageTag=localhost/caddy
    SetWorkingDirectory=unit
    ------------------

    caddy.container
    -------------------------
    [Unit]
    Description=Caddy container
    After=network-online.target

    [Container]
    AutoUpdate=registry
    ContainerName=caddy
    Image=caddy.build
    Secret=simply_account_name,type=env,target=SIMPLY_ACCOUNT_NAME
    Secret=simply_api_key,type=env,target=SIMPLY_API_KEY
    Volume=/srv/containers/caddy/conf:/etc/caddy:Z
    Volume=/srv/containers/caddy/data:/data:Z
    PublishPort=443:443

    [Install]
    WantedBy=default.target
    -------------------------

    The Caddyfile is stored in /srv/containers/caddy/conf/:

    Caddyfile
    ---------------
    *.example.com {
    tls {
    dns simplydotcom {env.SIMPLY_ACCOUNT_NAME} {env.SIMPLY_API_KEY}
    }

    @caddy host caddy.example.com
    handle @caddy {
    respond "Hello World!"
    }
    }
    ---------------

    See Caddy documentation for more on wildcard certificates.

    caddyserver.com/docs/caddyfile

    EDIT: changed TOKEN to KEY in Caddyfile

    #selfhosting #homelab #podman #caddy

    #selfhosting #homelab #podman #caddy
  17. Hacker News @[email protected] ·

    Podman rootless containers and the Copy Fail exploit

    garrido.io/notes/podman-rootle

    #HackerNews #Podman #rootless #containers #Copy #Fail #exploit #cybersecurity #containerization #tech #news

    #hackernews #podman #rootless #containers #copy #fail
  18. Hacker News @[email protected] ·

    Podman rootless containers and the Copy Fail exploit

    garrido.io/notes/podman-rootle

    #HackerNews #Podman #rootless #containers #Copy #Fail #exploit #cybersecurity #containerization #tech #news

    #hackernews #podman #rootless #containers #copy #fail
  19. Hacker News @[email protected] ·

    Podman rootless containers and the Copy Fail exploit

    garrido.io/notes/podman-rootle

    #HackerNews #Podman #rootless #containers #Copy #Fail #exploit #cybersecurity #containerization #tech #news

    #hackernews #podman #rootless #containers #copy #fail
  20. Hacker News @[email protected] ·

    Podman rootless containers and the Copy Fail exploit

    garrido.io/notes/podman-rootle

    #HackerNews #Podman #rootless #containers #Copy #Fail #exploit #cybersecurity #containerization #tech #news

    #news #tech #containerization #cybersecurity #exploit #fail
  21. Hacker News @[email protected] ·

    Podman rootless containers and the Copy Fail exploit

    garrido.io/notes/podman-rootle

    #HackerNews #Podman #rootless #containers #Copy #Fail #exploit #cybersecurity #containerization #tech #news

    #hackernews #podman #rootless #containers #copy #fail
  22. Seth Grover @[email protected] ·
    CW: Release notes for v25.09.0 of Malcolm, a powerful, easily deployable network traffic analysis tool suite for network security monitoring

    Malcolm v25.09.0 includes new features and available customizations, improvements to Threat Intelligence, component version updates, and several important bug fixes.

    github.com/idaholab/Malcolm/co

    • ✨ Features and enhancements
      • improve Modbus register tracking with new modbus_detailed.log (cisagov/Malcolm#762)
      • add non-LVM option(s) for Malcolm/Hedgehog Linux ISO installers (cisagov/Malcolm#725)
      • allow configuring default search time frame for OpenSearch Dashboards (cisagov/Malcolm#724)
      • allow customizing maximum upload file size (cisagov/Malcolm#769)
      • add Arkime capture statistics to the Packet Capture Statistics dashboard (cisagov/Malcolm#703)
      • integrate Validated Architecture Design Review (VADR) dashboards (cisagov/Malcolm#780)
      • Threat Intelligence improvements
        • support Google Threat Intelligence feed for building Zeek intel source (cisagov/Malcolm#758)
        • renamed Zeek Intelligence dashboard to Threat Intelligence and improved it
        • links from context menu items in Arkime and Dashboards (like reference URLs for IOCs) now ask the user before navigating to external sites
      • Added icons with links to "ready" and "ingest statistics" APIs to landing page
      • Include tx-rx-secure.sh in files packaged by malcolm_appliance_packager.sh
    • ✅ Component version updates
    • 🐛 Bug fixes
      • Python code handling X-Forwarded- headers should do case insensitive lookup (cisagov/Malcolm#764)
      • uploaded PCAPs that result in no filename-derived tags erroneously end up with internal tags on them (cisagov/Malcolm#774)
      • installer option for encrypted storage are not marking secondary data/artifact storage for encryption (cisagov/Malcolm#779)
      • Malcolm/Hedgehog Linux ISO-installed environments' auditd service fails to start (cisagov/Malcolm#761)
      • Failed shard query error on Overview dashboard (cisagov/Malcolm#754)
    • 🧹 Code and project maintenance
      • refactor GitHub build actions for Malcolm Docker images to reduce duplication (cisagov/Malcolm#717)
    • 📄 Configuration changes (in environment variables in ./config/) for Malcolm and in control_vars.conf for Hedgehog Linux. The Malcolm control script (e.g., ./scripts/status, ./scripts/start, etc.) should take care of creating new variables and migrating existing ones as needed based on the rules in ./config/env-var-actions.yml.
      • Malcolm
        • PCAP_UPLOAD_MAX_FILE_GB added to upload-common.env to allow configuring maximum PCAP upload size (cisagov/Malcolm#769)
        • DASHBOARDS_TIMEPICKER_FROM and DASHBOARDS_TIMEPICKER_TO added to dashboards-helper.env to allow configuring default search time frame for OpenSearch Dashboards (cisagov/Malcolm#724)

    Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻‍♀️.

    Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.

    Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

    As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

    #Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL

    #malcolm #hedgehoglinux #zeek #arkime #netbox #opensearch
  23. Seth Grover @[email protected] ·
    CW: Release notes for v25.04.1 of Malcolm, a powerful, easily deployable network traffic analysis tool suite for network security monitoring

    Malcolm v25.04.1 contains new features and improvements, component version updates, bug fixes, and other great stuff.

    For these notes, I'm lumping v25.04.0 and v25.04.1 together, as v25.04.1 was released only two days after v25.04.0 in order to update Arkime to v5.6.4 which mitigates newly-discovered remote code execution (RCE) vulnerabilities.

    github.com/idaholab/Malcolm/co

    • ✨ Features and enhancements

      • add option to use external NetBox instance (cisagov/Malcolm#597)
      • add -q/--quiet option for start/restart (cisagov/Malcolm#656)
      • handle non-HTTPS arkime case (cisagov/Malcolm#629)

      • lots of improvements to control.py and install.py for Kubernetes deployment

        • improved start/stop/wipe control script behavior
        • allow providing resource requests in manifests via YML file and command-line argument
        ...
        Kubernetes:
          -n, --namespace <string>
                                Kubernetes namespace
          --skip-persistent-volume-checks [SKIPPERVOLCHECKS]
                                Skip checks for PersistentVolumes/PersistentVolumeClaims in manifests (only for "start" operation with Kubernetes)
          --no-capture-pods [NOCAPTUREPODSSTART]
                                Do not deploy pods for traffic live capture/analysis (only for "start" operation with Kubernetes)
          --no-capabilities [NOCAPABILITIES]
                                Do not specify modifications to container capabilities (only for "start" operation with Kubernetes)
          --inject-resources [INJECTRESOURCES]
                                Inject container resources from kubernetes-container-resources.yml (only for "start" operation with Kubernetes)
          --image-source <string>
                                Source for container images (e.g., "ghcr.io/idaholab/malcolm"; only for "start" operation with Kubernetes)
          --image-tag <string>  Tag for container images (e.g., "25.04.0"; only for "start" operation with Kubernetes)
          --delete-namespace [DELETENAMESPACE]
                                Delete Kubernetes namespace (only for "wipe" operation with Kubernetes)
        ...

      • improvements to Malcolm's vanilla Kubernetes manifests

        • lowered the amount of storage for the persistent volumes in the AWS EFS example
        • replaced name label with app label for deployments in accordance with best practices

      • improve links on landing page for NetBox and auth to accurately reflect what Malcolm is using

      • added more smarts to the NGINX startup script to dynamically set up upstreams that may or may not exist based on enabled or disabled Malcolm features

      • fixed a minor issue in the script setting up Zeek intelligence updates where it would remove its own lockfile

    • ✅ Component version updates

      • Alpine Linux v3.21
      • Arkime v5.6.4 to resolve RCE vulnerabilities, as described below in the #announcements channel on the Arkime slack: * possible to bypass forced expressions for some API calls * direct access to OpenSearch/Elasticsearch could be used to create session documents that hang viewer or have viewer execute code * since Arkime 5.1.0 any arkimeUser user could create OpenSearch/Elasticsearch documents in any index that viewer had access to
      • Keycloak v26.2
      • NetBox v4.2.8
      • netbox-initializers v4.2.0
      • netbox-topology v4.2.1
      • Fluent Bit to v4.0.1

    • 🐛 Bug fixes

      • API tokens created in NetBox still require authentication through NGINX reverse proxy (cisagov/Malcolm#383)
      • adjust Logstash health check so K8s liveness probe doesn't kill it (cisagov/Malcolm#630)
      • be more resilient in zeekctl status checks in zeekdeploy.sh (cisagov/Malcolm#652)
      • in deployments with multiple zeek-live containers, each container's restarting causes the others to restart zeek (cisagov/Malcolm#651)

    • 🧹 Code and project maintenance

    Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻‍♀️.

    Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.

    Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

    As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

    #Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov

    #announcements #malcolm #hedgehoglinux #zeek #arkime #netbox
  24. Seth Grover @[email protected] ·
    CW: Release notes for v24.10.1 of Malcolm, a powerful, easily deployable network traffic analysis tool suite for network security monitoring

    Malcolm had two smaller releases in October rather than one larger one at the end of the month, so I've taken the liberty of combining the highlights of both releases here for your reading pleasure. As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.

    Malcolm v24.10.1 contains minor improvements, a few component version updates, a fix for a few regression bugs, and a fair amount of code cleanup.

    Malcolm is a powerful, easily deployable network traffic analysis tool suite for network security monitoring.

    Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker, Podman, and Kubernetes. Check out the Quick Start guide for examples on how to get up and running.

    Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.

    v24.09.0...v24.10.1

    • ✨ Features and enhancements
      • Update AWS AMI build scripts and demo setup scripts to use Amazon Linux 2023 instead of Amazon Linux 2 (#591)
      • Add support for websocket.log (#593)
      • Add a "readiness" API that can be used to determine if various Malcolm services are ready (#598)
      • Enable Zeek's parsing of HTTP server and client header names as zeek.http.client_header_names and zeek.http.server_header_names
      • Some documentation improvements
      • Build improvement: fall back to alternative Zeek .deb download URL (#585)
      • Build improvement: limit threads for spicy build processes during Zeek package installation (#571)
    • ✅ Component version updates
    • 🐛 Bug fixes
      • Fix OpenSearch anomaly detection default detectors not being created (regression, #596)
      • Fix broken dashboards regression from v24.09.0 (regression, #588)
      • Fix Zeek-extracted files not getting saved to correct location for live Zeek capture (#590)
      • Fix for building Hedgehog Linux for Raspberry Pi 4 on an M2 MacBook
    • ⚙️ Configuration changes in environment variables
      • Malcolm
        • ZEEK_JA4SSH_PACKET_COUNT (with a default of 200) has been added to ./config/zeek.env, which can be used to set logging interval number of packets for ja4ssh.log (#508)
      • Hedgehog Linux
        • ZEEK_JA4SSH_PACKET_COUNT has been added to control_vars.conf for the same purpose as described above
    • 🧹 Code and project maintenance
      • Examine distro hardening, fix and update documentation as needed for Malcolm and Hedgehog Linux ISO-installed environments (#328)
      • Refactoring and code cleanup in the Logstash Zeek pipeline (#592)
      • Logstash container initialization code now automatically ensures that the Zeek TSV log parsing filters (dissect and split filters) in these files are looking for TAB characters (i.e., automatically replace spaces with tabs in these filter files in case the author forgot to do so) (#592)
      • Did some code cleanup in the ./shared/bin directory, mostly moving things that were specific to either the Malcolm or Hedgehog Installer ISO environments out of shared and into their respective locations for the ISO installer build.
      • When doing the aquasecurity/trivy-action action, use TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db to try to fall back to an alternative official location for the vulnerability database if the first one fails. Also, pin this action to the v0.28.0 release rather than setting it to master.
      • As it's used pretty ubiquitously in shared scripts by many of the Malcolm containers, the jq utility is now installed across the board during the container image build.
      • Added a script to gather GitHub API metrics for Malcolm downloads (#594)
      • Bumped maximum field limit in OpenSearch templates from 5000 to 6000

    #Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov

    #malcolm #hedgehoglinux #zeek #arkime #netbox #opensearch
  25. Václav Vančura @[email protected] ·

    Two new high contrast themes shipped in @podmandesktop 1.27 – hc-light and hc-dark.

    Most of the work wasn't the themes. It was ripping out hardcoded colors and replacing them with semantic tokens, so buttons, progress bars, and spinners stop fighting on theme switch. The spinner now respects prefers-reduced-motion too.

    A11y work is invisible when it's done right. Probably why it slips.

    Read more: podman-desktop.io/blog/podman-

    #Accessibility #A11y #PodmanDesktop #DesignSystems #HighContrast

    #accessibility #a11y #podmandesktop #designsystems #highcontrast
  26. Václav Vančura @[email protected] ·

    Two new high contrast themes shipped in @podmandesktop 1.27 – hc-light and hc-dark.

    Most of the work wasn't the themes. It was ripping out hardcoded colors and replacing them with semantic tokens, so buttons, progress bars, and spinners stop fighting on theme switch. The spinner now respects prefers-reduced-motion too.

    A11y work is invisible when it's done right. Probably why it slips.

    Read more: podman-desktop.io/blog/podman-

    #Accessibility #A11y #PodmanDesktop #DesignSystems #HighContrast

    #accessibility #a11y #podmandesktop #designsystems #highcontrast
  27. Václav Vančura @[email protected] ·

    Two new high contrast themes shipped in @podmandesktop 1.27 – hc-light and hc-dark.

    Most of the work wasn't the themes. It was ripping out hardcoded colors and replacing them with semantic tokens, so buttons, progress bars, and spinners stop fighting on theme switch. The spinner now respects prefers-reduced-motion too.

    A11y work is invisible when it's done right. Probably why it slips.

    Read more: podman-desktop.io/blog/podman-

    #Accessibility #A11y #PodmanDesktop #DesignSystems #HighContrast

    #accessibility #a11y #podmandesktop #designsystems #highcontrast
  28. Václav Vančura @[email protected] ·

    Two new high contrast themes shipped in @podmandesktop 1.27 – hc-light and hc-dark.

    Most of the work wasn't the themes. It was ripping out hardcoded colors and replacing them with semantic tokens, so buttons, progress bars, and spinners stop fighting on theme switch. The spinner now respects prefers-reduced-motion too.

    A11y work is invisible when it's done right. Probably why it slips.

    Read more: podman-desktop.io/blog/podman-

    #Accessibility #A11y #PodmanDesktop #DesignSystems #HighContrast

    #highcontrast #designsystems #podmandesktop #a11y #accessibility
  29. Václav Vančura @[email protected] ·

    Two new high contrast themes shipped in @podmandesktop 1.27 – hc-light and hc-dark.

    Most of the work wasn't the themes. It was ripping out hardcoded colors and replacing them with semantic tokens, so buttons, progress bars, and spinners stop fighting on theme switch. The spinner now respects prefers-reduced-motion too.

    A11y work is invisible when it's done right. Probably why it slips.

    Read more: podman-desktop.io/blog/podman-

    #Accessibility #A11y #PodmanDesktop #DesignSystems #HighContrast

    #accessibility #a11y #podmandesktop #designsystems #highcontrast
  30. Graham Perrin @[email protected] ·

    RE: mastodon.social/@lobsters/1162

    daemonless – <daemonless.io/> @ahze

    ― a collection of FreeBSD-native OCI images that run directly on the FreeBSD kernel. It combines the power and security of Jails with the modern container ecosystem—compatible with Podman, AppJail, or any OCI-compliant runtime. No Linux virtual machines or overhead required.

    #OCI #FreeBSD #jails #containers #PodMan #AppJail #Linux

    ― via <reddit.com/r/selfhosted/commen> (2025),<reddit.com/r/freebsd/comments/> (March 2026), and Lobsters.

    #oci #freebsd #jails #containers #podman #appjail
Next page