It's a fun exercise but I don't see it as useful for most things I run.

xxx/znc 25.4MB xxx/oidentd 10.6MB

this is based on alpine and at most I could save 30MB total. Not worth the effort for me.

by just apt-get installig irssi, those 'few files' are even shared with other applications, making the whole thing even smaller and without the docker overhead.

Wonder if you could go smaller if you used debian:stable-slim and used exim-daemon-light. Also dropping SUID if you don’t absolutely need it.

What's the intention behind deletion of the Moscow timezone?

I'm curious what makes you think "multiple instances" when you see this? You realise operating systems have been able to run multiple processes for decades, I assume? And you probably think nothing of running multiple shells, web browsers etc? None of this has anything to do with Docker.

I've noticed a lot of people seem to think Docker is some dark art technology when it's really just an amalgamation of various things that you can do anyway.

Incidentally, when I was on dial up and before I had a home network (just one family PC) I started to learn networking by running things like IRC servers (unrealircd to be specific) and multiple clients locally (including eggies). I was really talking to myself in every sense. Was quite fun to give myself ops etc.

Absolutely!

The replies talking about portability are wild, my irssi instance started on a Pentium 90, and is running on an AMD EPYC the two commands it actually took were:

1) scp

2) dpkg --set-selections

Reminds me of the "But I Don't Want To Cure Cancer. I Want To Turn People Into Dinosaurs" meme[1]

They don't want to apt install, they want to use docker :-)

[1] https://knowyourmeme.com/memes/but-i-dont-want-to-cure-cance...

It's not absurd. First of all I've been using immutable Linux for 3 years so running Irssi in a container makes the most sense. Of course I'd probably just run it inside a distrobox container instead. And also I've been using a shell server for irssi for many years so it's not that relevant.

But secondly, containerization, despite its vulnerabilities through the years, does add a layer of security to applications. And we must not forget that irc clients have been exploited in the past. Remember the old adage, never irc as root.

For my homelab: portable state. I don't use this image specifically but I use many others.

I put docker-compose files in ~/configdata/_docker/

The docker-compose files always mount volumes inside the ~/configdata/ directory. So let's say irssi has a config directory to mount I'd mount it to ~/configdata/irssi/config/

Then I can just run a daily backup on ~/configdata/ using duplicati or whatever differential backup tool of your choice and be able to restore application state, easily move it to another server, etc.

And then after that turn it back into a binary that starts it up as a firecracker microvm! Lol, I mean it's kinda crazy yeah, but I the isolation is pretty good/cool.

https://bottlefire.dev/

I run a ton of apps like this.

Look at it the other way. Why muck up my OS with a bunch of tiny apps? Who knows what version I’ll pull in my repo today. Chances are good it’s outdated with weird patches.

The docker image is built by the devs. All the proper dependencies are baked into the image. It’s going to run exactly as intended every time, no surprises.

And I can pick up the docker file and my configs and run it exactly the same on any OS.

I can see a use running in a Kubernetes cluster or something. Not really sure why you would but I'm sure someone, somewhere has found it useful before.

What I'm confused about is why it's notable enough to be on the front page of HN. If you needed this and you use K8s you could trivially write this Dockerfile yourself.

Better yet, apt install weechat!

I ran irssi for years. I agree... Maybe being paranoid about security?

Maintainers had a project where they ran everything in containers. The project had helped docker itself and the ecosystem by allowing some interesting software to be containerized.

Poor mans abstraction. Docker swarm makes a cheap node pool from random hardware. Compose makes all your apps and config live in git.

You don't _need_ docker, but if you are already set up for it then it's a boon. Adding an app for me to be very available across a fleet of hardware with ceph backed storage is a one-liner.

Came here to ask why you'd want to run an app in docker. Genuinely don't get it. Sure the app doesn't touch the host system so there's isolation there, but the extra overhead doesn't seem justified to me. I'm not docker expert, so correct me if I'm wrong, but isn't this running a striped down version of Linux to run the app? Lighter than a full VM but... Yeah I don't get it.

I can guess a reason: persistence of your IRC server connection(s), across device sessions, and maybe switchable between devices. Without using an IRC bouncer.

So this this would a turnkey way to run this somewhere centralized and persistent, and then you connect to it however you connect to that Docker container (e.g., SSH, remote desktop of some kind).

Of course, a non-Docker way to achieve simple persistence would be to just run a character-terminal IRC client in an SSH-able shell account (or VPS or AWS EC2), inside a `screen` or `tmux` session that can be detached and reattached when SSH-ing in from whatever devices.

(Persistence of your IRC server connections means things like you can see what you missed in scrollback, you aren't being noisy in your channels with join and part messages, you preserve your channel operator status and other channel modes without relying on bots, and you aren't leaking so much info about your movements in real time to random crazy people who hang out in Internet chat rooms.)

(Also, early on, if your leet channels attracted trolls, remaining connected meant that whatever automated countermeasures your client had could help defend the channel. Also, the more people who had channel operator status, the harder it would be for an attacker who, say, "netsplit" to hack ops, to de-op them all, before a remaining op's scripts detected the mass-deop attack, and took out the attacker. Also, your persistence bouncer or shell account obscured your real IP address, so if an attacker targeted your client's IP addr but not your home addr, such as with a protocol or flood attack, you could more likely get back on quickly. Trolls were often annoying, but it was also cyberpunk satisfying when your channel made short work of them.)

[dead]

My production k8s cluster doesn't have apt. Now I can deploy this!

I remember interviewing for an internship at about that time and they told me to help answer questions on their IRC.

Is there no dockerized irc server that exists or are you thinking about something else here?