semi

You can sign git commits using SSH keys, including the one you use to connect to GitHub/GitLab/Codeberg. These sites also support verifying the signature.

German soldiers can refuse orders under certain conditions (e.g. if they against human dignity)

I prefer KeePass over Bitwarden because it is just a simple database file, less that can go wrong (no server component).

I am the original author of the Rust library for decrypting and modifying KeePass databases.. The current best implementation of KeePass, KeePassXC, is written in C++, so there could theoretically be security-relevant memory corruption bugs in it (though the developers of the project are excellent and I don't think it is super likely). Rust is a language that does not have that class of issues by design, so I thought it would be interesting to see how far I could get. So far, I am still having fun and adding features bit by bit, and it is quite cool to me to be able to write one codebase that deploys to Windows, Linux, MacOS, Android (potentially iOS), and any modern web browser.

Our son is fortunately very relaxed, he eats and sleeps a lot so I can get some coding done while he is sleeping. Germany has decent parental leave, so my partner and I are both not working the first two months of his life.

Thanks! Our son is a bit less than a month old. The wife, our son, and https://omnikee.github.io/ are three different projects 😂

I'm taking care of a newborn and doing some FOSS work, so that project has been deprioritized for now 😅

This is exciting. My only request here is: whenever it works please release a standalone wasm file somewhere (anywhere). So many projects either require building the wasm themselves, or instead of releasing a .wasm, they release a JS wrapper that auto-loads the wasm/wasm-imports. Its a pain to try to extract the wasm out of those projects.

What I am doing is to create a omnikee-lib crate within the project that will get compiled to WASM, not just plain keepass, because I need additional adapter methods to interface with the web part of the application. I don't have the bandwidth to turn keepass into a general WASM package that could be npm installed at the moment. As I am dogfooding the crate, I might get to a point where I know what a good JS interface for it would be, though, and the omnikee-lib crate could become the official WASM interface for keepass.

sweet! I sent you the invite.

Currently, SSH key management is not supported, but it would probably be possible to implement the SSH agent protocol in the Rust part of the application. I see that russh has a SSH agent server implementation. Let me know if you are interested in contributing such a feature - I am currently working on exposing all the custom entry fields in the UI, so the project ~~would almost be ready.~~ edit: would be ready to add that feature now

thanks for your interest! I have sent you a response with an invite link.

I am administering several other docker servers and a k8s cluster from the command line, so I'm well aware what I'm missing 😀 - in this case, I was hoping for a higher wife approval factor, which is at least partially there.

Thanks for the portainer on unraid tip. I set up portainer itself yesterday but will have to get around to migrating the 30 or so already deployed containers to it.

Since it doesn't come installed by default on a fresh system, my guess would be that you won't break anything fundamental, but this is pure speculation.

Yeah, I'm currently running unraid on it because I wanted a hands-off maintenance experience.

While it's nice to get started, I'm really missing even intermediate Docker features such as support for compose files (so that there is some grouping of main services with the database instance that supports it, etc). Still, it's been working reliably for the year that I've had it.

Edit: I have tried the Docker Compose Manger plugin but didn't find the experience an improvement because of the way the YAML editing works

Is keeping the servers where they currently are (or with a friend) an option? Then you could just VPN into it from abroad.

If that isn't an option, I'm currently running a homebuilt NAS off an Intel N100 Mini-ITX mainboard and I'm impressed with how many services it can run simultaneously, including Quick Sync Video for hardware transcoding.