A consulate doesn’t have the same protections a embassy have, but I think that ICE doesn’t have any authority to enter.

I just like hating on Google :3

Using anything that utilizes the blink engine is immoral.

You’re pretty :3

I don’t know much about ip routing, but userns=keep-id id determined based on what podman is run as. For example, I run podman as user 1000 on the host, so if I do keep-id the user in the container will map to the same id. This often messes with things as the container require it is root inside it’s own context. It seems you are running podman as root, meaning that keep-id will map the container user to the actual root id, givintthe container essentially root access. Normally the container user is mapped to a random id on the host, like 653477, not 0. It’s unsafe to map the containers id to root as they would be unbounded if they managed to escape. I would recommend doing systemctl cat on the different services to see what the .container file expands to.

When it comes to the networking I think that you need to create a podman network with internal set to true. I believe that this restricts internet access. Then you would need to only let these services communicate with gluetun.

I don’t know if this was any help, but it’s all I’ve managed to learn from doing it myself.

Here are some liks I found:
https://lists.podman.io/archives/list/podman@lists.podman.io/thread/NKVFO4JQO5JLYKWXHHODC2WHQRG7A2KO/
https://docs.podman.io/en/v4.6.1/markdown/options/userns.container.html

I like that you can see the wheel missing in panel 2 and 3

Based.

Look, I don’t like in the us, but if you feel safe enough that you can make the call to not protect yourself, be my guest. But there are many in theus that isn’t as safe as you.

Have the trump admin demanded that people get ids? How is thos “giving in”?

Of course they still can, they can also dome you the moment they see you. But there is a higher chance of surviving if you have identification. Why would you actively argue against doing something that can, at worst, do nothing and, at best, help you? And no, that is not the only thing that might help.

Still doing the or nothing argument. ICE has actively deported us citizens. These people might have had a better chance of arguing at the moment if they’d had this identification. Are you also arguing against vaccines because they don’t make you bulletproof?

Ah, so you are trying to get people killed.

Are you actively encouraging people to not seek protections against a fascist regime just because it wouldn’t be 100% effective?

Yeah, but you’re at least a little more likely to survive.

Now this makes you smile.

I don’t like hamas, they have done some pretty heinous stuff, but it was Israel who destroyed every other peaceful groups, so it’s the only option Palestine has left to flight back.

But it wasn’t finances though, it was hardware…

Wasn’t this except for white peiple because of the grandfather clause?

Why do ai peeps got to make these strange names for essentially just giving more text to an llm. It’s not MCP, it’s just searching an online database for more text. RAG is just searching a local database for more text, but fancier. There is functionally no difference between an “ai agent” and the ai you talk to.

Blocking a dns request is like removing a phonenumber from a phonebook. You can still call that number, you just need another phonebook to find it.