Hacker Newsnew | past | comments | ask | show | jobs | submit | tfolbrecht's commentslogin

I usually do upstream image mirroring as part of CI. Registries are built into GitLab, AWS (ECR), GitHub, etc


There's a registry image for OCI containers that is pretty painless to set up and low maintenance, can use s3 as a storage backend.

https://hub.docker.com/_/registry

Your git provider probably also has a container registry service built in.


I use jsign and AWS KMS. It's a lot less expensive than a full on HSM or "cloud HSM" service.

There's a lot to it, and expect a ton of a back and forth emails with a CA to get an EV Cert.

Here's some example code for generating the CSR (Certificate signing request) to submit to a CA.

https://github.com/aws-samples/csr-builder-for-kms


Thank you for your efforts.

One of my favorite quotes of all time:

"’Tis an absolute and, as it were, a divine perfection, for a man to know how loyally to enjoy his being. We seek other conditions, by reason we do not understand the use of our own; and go out of ourselves, because we know not how there to reside. ’Tis to much purpose to go upon stilts, for, when upon stilts, we must yet walk with our legs; and, when seated upon the most elevated throne in the world, we are but seated upon our breech." — Michel de Montaigne, Essays, "Of Experience"

I like the contemporary translations floating around the web "even on the highest throne in the world, we still sit on our ass"


Notice that the original does not mince words : "Et au plus eslevé throne du monde, si ne sommes assis que sus notre cul".


Just to clarify this isn't my own work, I just found it online by accident.

If you wish to thank/support this project and it's creator you should check out the support page: https://hyperessays.net/support/


If this is something you’re interested in it can be reimplemented on CloudFlare workers super easily using the awssdk for s3 (R2) and with D1 as the DB.


Yes, but would be great if someone made it and is open source. Would be cool little side project, no doubt.


The source code is there - you could try to add the functionality to it :-)


I’m down, I think this is an awesome idea.


The docker registry container supports S3 as a storage backend you could use it locally

You can also `docker image save` then write the tarball to S3, then load to use.


Not with the three major browsers and NAT unfortunately.

https://developer.mozilla.org/en-US/docs/Web/API/WebRTC_API/...


JuiceFS requires a backing object store like s3/minio that it “flushes” to persist data. If you want to run it distributed it uses a few other services.

I’d use object storage if I wanted simple in the replicated, jbod disk management and access control senses of simple. If I had to use file storage I’d use boring old sftp or smb on top of zfs on a NAS


The one place I've set up button triggered runbooks was gitlab ci under scheduled jobs. Made things a lot easier for less technical people.


Link to Article

https://jalopnik.com/driving-100-miles-in-an-ev-is-now-more-...


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: