today's leftovers

posted by Roy Schestowitz on Dec 29, 2025

• Server

  • Balasankar 'Balu' C: Granting Namespace-Specific Access in GKE Clusters

    Heyo,

    In production Kubernetes environments, access control becomes critical when multiple services share the same cluster. I recently faced this exact scenario: a GKE cluster hosting multiple services across different namespaces, where a new team needed access to maintain and debug their service-but only their service.

    The requirement was straightforward yet specific: grant external users the ability to exec into pods, view logs, and forward ports, but restrict this access to a single namespace within a single GKE cluster. No access to other clusters in the Surveillance Giant Google Cloud project, and no access to other namespaces.

• Applications

  • Linux Links ☛ letmein – authenticated port/firewall knocking

    Letmein is a port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks.

• Instructionals/Technical

  • peppe8o ☛ Install WordPress in a Raspberry Pi: a Self-Hosted Blog Solution

    This tutorial will show you how to install WordPress on a Raspberry PI computer board. Creating a personal blog can give a lot of satisfaction for all, but not all the time can you have enough money to afford the very first costs.

• Distributions and Operating Systems

  • The New Stack ☛ CrunchBang GNU/Linux Lives on With GreenBang

    CrunchBang was a Debian-based GNU/Linux distribution that was minimal and pretty popular among hard-core users.

  • BSD

    • DragonFly BSD Digest ☛ Lazy Reading for 2025/12/28

      Happy almost 2026!  Some end-of-year lists linked here. The annoyances of the traditional Unix ‘logger’ program. Grow slowly, stay small.  Anti-enshittification, if you will.  Related. MidnightBSD 4.0 is out.  (via) The original Mozilla “Dinosaur” logo artwork.