Having fun setting up slightly better containerization of my...

SatsAndSports

npub1zthq85gksjsjthv8h6rec2qeqs2mu0emrm9xknkhgw7hfl7csrnq6wxm56

hex

bca4d25835a99074971926ffdf4e45230d8047c9da06cf0ba5ebfafbdc5052fa

nevent

nevent1qqstefxjtq66nyr5juvjdl7lfezjxrvqglya5pk0pwj7h7hmm3g997sprpmhxue69uhhyetvv9ujuem4d36kwatvw5hx6mm9qgsp9msr6ytgfgf9mkrmapuu9qvsg9d78ua3ajntfmt580t5llvgpessuz7hk

Kind-1 (TextNote)

2026-03-25T19:23:18Z

Having fun setting up slightly better containerization of my dev environment

Using 'bwrap' (bubblewrap) so the my dev user has very little awareness of the rest of the machine. For example, it can't see all the processes that are running (just it's own processes)

Next, I'll set up a proxy on localhost to forward my LLM requests, so that I don't need to share my API key with this dev user. Eventually, I'll extend that proxy to process Cashu channel payments, to pay myself bitcoin and stress test that system.

I haven't tried them yet, but apparently 'cage' and 'weston' are good ways to allow that dev user to open a window on the display of my normal user

I wish I'd done this earlier, and I hope somebody hasn't already hacked me by getting my clanker to run exploit code! (I'm kinda tempted to get a new laptop, to be very strict about what runs on it, and from there reset all my important passwords)

Raw JSON

{
  "kind": 1,
  "id": "bca4d25835a99074971926ffdf4e45230d8047c9da06cf0ba5ebfafbdc5052fa",
  "pubkey": "12ee03d11684a125dd87be879c28190415be3f3b1eca6b4ed743bd74ffd880e6",
  "created_at": 1774466598,
  "tags": [
    [
      "alt",
      "A short note: Having fun setting up slightly better containeriza..."
    ]
  ],
  "content": "Having fun setting up slightly better containerization of my dev environment\n\nUsing 'bwrap' (bubblewrap) so the my dev user has very little awareness of the rest of the machine. For example, it can't see all the processes that are running (just it's own processes)\n\nNext, I'll set up a proxy on localhost to forward my LLM requests, so that I don't need to share my API key with this dev user. Eventually, I'll extend that proxy to process Cashu channel payments, to pay myself bitcoin and stress test that system.\n\nI haven't tried them yet, but apparently 'cage' and 'weston' are good ways to allow that dev user to open a window on the display of my normal user\n\nI wish I'd done this earlier, and I hope somebody hasn't already hacked me by getting my clanker to run exploit code! (I'm kinda tempted to get a new laptop, to be very strict about what runs on it, and from there reset all my important passwords)",
  "sig": "722ce31aa5946c44387608511fb6c951573eb4e8bed2564d48de2f4e80380adaad671b8fd914f77f4edc718ee566f882ecbd8f747d4cbdfa09ca8443e5b1057c"
}