this post was submitted on 21 Jul 2025
449 points (98.5% liked)

memes

21955 readers
1797 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/Ads/AI SlopNo advertisements or spam. This is an instance rule and the only way to live. We also consider AI slop to be spam in this community and is subject to removal.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

founded 3 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] qjkxbmwvz@startrek.website 113 points 1 year ago (2 children)

go2rtc, a camera streaming tool that's useful for security cameras, at least has some humor in their choice


port 1984, of course.

[–] dejected_warp_core@lemmy.world 31 points 1 year ago

Okay, that's pretty good.

[–] muntedcrocodile@hilariouschaos.com 14 points 11 months ago

Whatever dev came up with that was probably very proud.

[–] 30p87@feddit.org 30 points 1 year ago (3 children)

Unix sockets all the way. The only open ports for web traffic should be the reverse proxy (so nginx).

[–] passepartout@feddit.org 16 points 1 year ago* (last edited 1 year ago)

Or Caddy (simpler than and imho spiritual successor to nginx).

Or Traefik (has loads of convenient middlewares for reverse proxy stuff).

Or Apache (if it is somehow better suited to your use case).

[–] marduk@lemmy.sdf.org 8 points 1 year ago (3 children)
[–] floquant@lemmy.dbzer0.com 2 points 11 months ago

haproxy is awesome

[–] hperrin@lemmy.ca 1 points 11 months ago

Haproxy is great, but setup is hard. It’s more for load balancing than being an easy reverse proxy.

load more comments (1 replies)
[–] x00z@lemmy.world 3 points 1 year ago

I use docker ports but only allow the loopback like this: 127.0.0.1:11551:80

And then serve that app with the reverse proxy.

[–] whyrat@lemmy.world 29 points 1 year ago

Doesn't matter; we'll map it to whatever the environment needs in the docker-compose.yaml.

[–] afk_strats@lemmy.world 26 points 1 year ago (1 children)
[–] Mora@pawb.social 25 points 11 months ago (2 children)

As long as it is configurable, ideally via env, I dont care about the port.

This could be important for restricted Kubernetes clusters (or certain Gluetun configs). Don't be Nextcloud with their default port of 80 in their Apache image with only hacky ways to change that. God, I hate Nextcloud. They are truly becoming the next Wordpress.

[–] kassiopaea@lemmy.blahaj.zone 5 points 11 months ago (1 children)

Vaulwarden does this and I'm really frustrated that I have to cap_add NET_BIND_SERVICE in my rootless setup just to make my password server run.

[–] gray@pawb.social 1 points 11 months ago (1 children)

Are you sure you need that? I just added a —user to the docker run and it started just fine on port 80 in the container.

[–] kassiopaea@lemmy.blahaj.zone 1 points 11 months ago

I'm using podman, and I don't like the practice of unnecessarily setting UIDs. NET_BIND_SERVICE is exactly the flag it needs to set port 80 and it doesn't potentially complicate accessing the files for maintenance. Does your system have SELinux? If not, that might be why you don't need it lol.

[–] Jakeroxs@sh.itjust.works 4 points 11 months ago (1 children)

The docker image you just set the port like any other program.

[–] Mora@pawb.social 2 points 11 months ago* (last edited 11 months ago) (1 children)

Unless I am missing some obvious setting: Restricted Kubernetes doesnt work like that. You have to run the container with a non-root UID (usually something upwards of a million). Non-root users however can't reserve ports below 1025. Nextcloud builds on the default php-apache image which comes with the default apache ports.conf (Listen 80).

So now this has to be overwritten either by making a custom build (which may require creating a custom build pipeline) or by mounting a new config file (e.g. via ConfigMap) else it wont start. Both are an additional update risk which now has to be documented and checked before updating in addition to changes from the normal nextcloud changelog.

Similiar issues probably appear with rootless docker/podman unless you add extra capabilities, which is not possible in restricted kubernetes settings.

[–] Jakeroxs@sh.itjust.works 2 points 11 months ago (7 children)

I know nothing about k8s, just started with a homelab using primarily docker in an Ubuntu LXC in proxmox and have been using the nextcloud image via docker compose on a different port by simply editing the compose to outwardly point to a different port, inside the docker container my understanding is it all still uses port 80, thereby causing no further issues with the application.

load more comments (7 replies)
[–] Vanilla_PuddinFudge@infosec.pub 22 points 1 year ago* (last edited 1 year ago)

adds a one to it

next app...

ports:
 - 8081:8081

Ughhhhh

[–] atomicbocks@sh.itjust.works 20 points 1 year ago (1 children)

Psh, we choose 443 and you know it! Just don’t ask me if we correctly enabled HTTPS…

[–] BakedCatboy@lemmy.ml 8 points 1 year ago (1 children)

Back in the day I home hosted shit using http over 443 because my ISP blocked 80 inbound but not 443. It was a little weird but it worked lmao.

[–] marcos@lemmy.world 8 points 1 year ago

I run ssh over 443 because every network out there seems to block non-http ports.

[–] PeriodicallyPedantic@lemmy.ca 13 points 11 months ago (1 children)

I mean, if you're serving over http, that is the port for it

[–] ShouldIHaveFun@sh.itjust.works 13 points 11 months ago (1 children)
[–] PeriodicallyPedantic@lemmy.ca 9 points 11 months ago (1 children)
[–] Glitterbomb@lemmy.world 12 points 11 months ago (1 children)

We apparently could have been using 8008 this entire time for the same thing and we haven't and I'm a little sour now.

[–] ftbd@feddit.org 12 points 11 months ago (2 children)

Me & the boys serving http on the boob port

[–] RagingRobot@lemmy.world 3 points 11 months ago

I'd suckle that server

[–] hperrin@lemmy.ca 3 points 11 months ago

I prefer the secure version, boobs.

[–] kibiz0r@midwest.social 12 points 1 year ago

Call me crazy, but I like default ports to look like default ports. If I want it to stick around, I’ll pick a port on my own.

[–] Epzillon@lemmy.world 11 points 1 year ago (1 children)

Imagine using 8081 while 8080 is free. Truly criminal

[–] lars@lemmy.sdf.org 2 points 11 months ago

You also see a fair bit of 8001 iirc

[–] napkin2020@sh.itjust.works 8 points 1 year ago
[–] RagingRobot@lemmy.world 8 points 11 months ago (2 children)
[–] brejela@lemmy.world 2 points 11 months ago

4200 or 10420 too

[–] hperrin@lemmy.ca 7 points 11 months ago* (last edited 11 months ago)

That’s because 8080 is the official unprivileged alternative port for 80, the HTTP port. Web developers are usually using HTTP, so this makes perfect sense. If it supports HTTPS, then 8443, though that one isn’t official.

I run a few open source server projects, and they usually default to 8080 for this reason. I have one that uses 8888, and that’s only because it’s meant for temporary ad-hoc servers.

I’m working on an SFTP server, and it will use 2222, because that’s the most common unprivileged alternative port. There is no official alternative for SSH.

[–] zaphod@sopuli.xyz 5 points 1 year ago (1 children)
[–] jaschen306@sh.itjust.works 5 points 1 year ago (1 children)

Arg, my Synology servers are down. Thanks.

[–] zaphod@sopuli.xyz 4 points 1 year ago
[–] CrackedLinuxISO@lemmy.dbzer0.com 5 points 11 months ago

Everyone out here acting like they don't use 9001

[–] Taleya@aussie.zone 3 points 11 months ago

Can't use 80 or 8080? Lets use 12380!

[–] Empricorn@feddit.nl 1 points 11 months ago
load more comments
view more: next ›