Manager asked for access to server with admin rights for a third party contractor and I questioned him... His answer?

- Your are gonna give access to anyone that needs access.

I gave. Went for a 15 days vacation.

Our server got blocked by our cloud provider because of ssh brute force attempt coming from it and the company website went offline during a big ass meeting because of that.

Made me giggle :)

I informed the CTO that one of the beta features from our Cloud Provider (that we used for free) was released to the public and now we're supposed to pay US$ 0.65 for each 1 million requests.

In our case, this means we would pay ~US$ 6.50 to support a businesses that receives literally millions in Advertising each month.

Then I was hit with "How can we reduce that cost? It's out of our budget!"

Oh, looks like we have a really small budget, so... Let me help them by announcing that I'll leave by the end of the week because I'm moving to another country \o/

I provide hosting for my clients. About 3 months ago I discovered that the hosting company that I'd been using had been swallowed up by EIG, which explained why the tech support had gone downhill.

So, I jumped to another hosting company. Same shit different company!

Apparently the fact that my browsers sit at "connecting" for up to 30 seconds, and I get a "could not connect to" message half the time while I'm trying to fucking work on a deadline is the fault of some plug-in in a WordPress installation!

Oh yeah? Why then does this shit happen when I'm working on a pure html/css site?
Why then did it start happening after they "updated" my shared server?!

Oh, but the bastards suggest that I buy Cloudflare or pay for more space!

You fuckers made my work take 3 times as long, and you made an important migration fail!

Network places make mistakes. We all do. That's cool. Fucking own up to it, talk to me like a techie, and DON'T TRY TO BLAME IT ON ME OR MY TOOLS!

Fuck you! I think I'm gonna give Google Cloud a try, and do this shit myself!

Really now?
AWS, #1 cloud provider with their #1 cloud database DynamoDB, all shiny, highly dynamic NoSQL, your data schema could change any second...

then DynamoDB errors out when one of your values is an empty string? {"foo":""} is impossible to store?

Like nobody ever saw or used empty strings a a value or what? There are tons of upvotes to fix this.

I just have to imagine the Product owner standing there: "No,no,no. They are just using it wrong if their data has empty strings as value. Won't fix!"

The internet is expensive as hell compared with salaries, we can't access to services like amazon, google cloud, gitlab, private github, Android, and a lot more because of USA sanctions (we have to do some magic and sorcery to use them), and in the other hand our government applys restrictive laws (we call it the double embargo) like that one who says that you can't host services for the country with international providers, and the only national hosting provider has a terrible, feature-less and super expensive service. But hey, we like a lot what we do!!

- Cuba

Todays best work related question.

How is the stock of ice cream in the fridge?

We are a cloud application provider ;)

You know what would be nice? Being able to Google anything to do with VPNs without having like 90% of the results being links to how-to-setup-VPN-client pages from every goddamn obscure commercial VPN provider in existance.

If I wanted to know how to setup a VPN client to work with Crazy Dave's House-o'-VPN-n'-Cloud-Hosting's paid-for service, I probably would have Googled for that, not general things like "openvpn ethernet bridging". Why am I getting so many commercial results? Either nobody sets up their own VPNs, or the VPN companies have SEO'd the keywords good and proper.

A few days ago Aruba Cloud terminated my VPS's without notice (shortly after my previous rant about email spam). The reason behind it is rather mundane - while slightly tipsy I wanted to send some traffic back to those Chinese smtp-shop assholes.

Around half an hour later I found that e1.nixmagic.com had lost its network link. I logged into the admin panel at Aruba and connected to the recovery console. In the kernel log there was a mention of the main network link being unresponsive. Apparently Aruba Cloud's automated systems had cut it off.

Shortly afterwards I got an email about the suspension, requested that I get back to them within 72 hours.. despite the email being from a noreply address. Big brain right there.

Now one server wasn't yet a reason to consider this a major outage. I did have 3 edge nodes, all of which had equal duties and importance in the network. However an hour later I found that Aruba had also shut down the other 2 instances, despite those doing nothing wrong. Another hour later I found my account limited, unable to login to the admin panel. Oh and did I mention that for anything in that admin panel, you have to login to the customer area first? And that the account ID used to login there is more secure than the password? Yeah their password security is that good. Normally my passwords would be 64 random characters.. not there.

So with all my servers now gone, I immediately considered it an emergency. Aruba's employees had already left the office, and wouldn't get back to me until the next day (on-call be damned I guess?). So I had to immediately pull an all-nighter and deploy new servers elsewhere and move my DNS records to those ASAP. For that I chose Hetzner.

Now at Hetzner I was actually very pleasantly surprised at just how clean the interface was, how it puts the project front and center in everything, and just tells you "this is what this is and what it does", nothing else. Despite being a sysadmin myself, I find the hosting part of it insignificant. The project - the application that is to be hosted - that's what's important. Administration of a datacenter on the other hand is background stuff. Aruba's interface is very cluttered, on Hetzner it's super clean. Night and day difference.

Oh and the specs are better for the same price, the password security is actually decent, and the servers are already up despite me not having paid for anything yet. That's incredible if you ask me.. they actually trust a new customer to pay the bills afterwards. How about you Aruba Cloud? Oh yeah.. too much to ask for right. Even the network isn't something you can trust a long-time customer of yours with.

So everything has been set up again now, and there are some things I would like to stress about hosting providers.

You don't own the hardware. While you do have root access, you don't have hardware access at all. Remember that therefore you can't store anything on it that you can't afford to lose, have stolen, or otherwise compromised. This is something I kept in mind when I made my servers. The edge nodes do nothing but reverse proxying the services from my LXC containers at home. Therefore the edge nodes could go down, while the worker nodes still kept running. All that was necessary was a new set of reverse proxies. On the other hand, if e.g. my Gitea server were to be hosted directly on those VPS's, losing that would've been devastating. All my configs, projects, mirrors and shit are hosted there.

Also remember that your hosting provider can terminate you at any time, for any reason. Server redundancy is not enough. If you can afford multiple redundant servers, get them at different hosting providers. I've looked at Aruba Cloud's Terms of Use and this is indeed something they were legally allowed to do. Any reason, any time, no notice. They covered all their bases. Make sure you do too, and hope that you'll never need it.

Oh, right - this is a rant - Aruba Cloud you are a bunch of assholes. Kindly take a 1Gbps DDoS attack up your ass in exchange for that termination without notice, will you?

Boss: we should cut costs
Me: I could move us to a cloud provider and we would pay about a quarter of our current costs and because we could scale keep our current capacity intact.
Boss: eh, that's too risky
Me: *watches us spend $10k+/mo in unused hardware* - okay.

When the client wants to deploy a patch to their app that is hosted on the cloud, but wants to do it onsite.

Oh well, might as well visit the data center of the cloud provider

being a sheep over the last years I just recently started to overthink my software choices in terms of privacy. but hell it's far from easy!
just now I realize how dependent I am from all of these services. I mean no problem ditching Facebook for example, it's not essential to me. but what about WhatsApp and GoogleDrive? I'm using these services on a daily basis...
any advices on what software or providers to use alternatively? especially browser, messaging app, email provider and cloud service?
please keep in mind that although I am willing to bring sacrifices I by no means want to neither could live like Richard Stallman. so an argument like "sell your MacBook because macOS is spyware" is not that helpful to me - more like what can I do to increase my privacy within the boundaries given to me. I have to find some sort of compromise. so curious about your advices, stories and opinions right now!

Bad: Delete your production database
Good: Have a backup
Bad: Can't reimport it because your backup procedure uses scheme that are no longer supported for import by your cloud provider
Good: Backup are plaintext and somehow easy to parse
Bad: Spending the rest of the day writing scripts to reinsert everything.

End of the story: everything is up and running, 8hours of efforts

New twist on an old favorite.

Background:
- TeamA provides a service internal to the company.
- That service is made accessible to a cloud environment, also has a requirement to be made available to machines on the local network so you can develop against it.
- Company is too cheap/stupid to get a s2s vpn to their cloud provider.
- Company also only hosts production in the cloud, so all other dev is done locally, or on production non-similar infra, local dev is podman.
- They accomplish service connectivity by use of an inordinately complicated edge gateway/router/firewall/message translator/ouija board/julienne fry maker, also controlled by said service team.

Scenario:
Me: "Hey, we're cool with signing requests using an x509 cert. That said, doing so requires different code than connecting to an unsecured endpoint. Please make this service accessible to developer machines and lower environments on the internal network so we can, you know, develop."
TeamA: "The service should be accessible to [cloud ip range]"
Me: "Yes, that's a production range. We need to be able to test the signing code without testing in production"
TeamA: "Can you mock the data?"
Me: "The code we are testing is relating to auth, not business logic"
TeamA: "What are you trying to do?"
Me: "We are trying to test the code that uses the x509 you provide to connect to the service"
TeamA: "Can you deploy to the cloud"
Me: "Again, no, the cloud is only production per policy, all lower environments are in the local data center"
TeamA: "can you try connecting to the gateway?"
Me: "Yes, we have, it's not accessible, it only has public DNS, and only allows [cloud ip range]"
TeamA: "it work when we try it"
Me: "Can you please supply repro steps so we can adjust our process"
TeamA: "Yes, log into the gateway and try issuing the call from there"
Me: (╯°□°)╯︵ ┻━┻

tl;dr: Works on my server

The amount of energy spent to just write ‘Hi’ and click a send button is so big that we should consider banning of sending hi messages.

Instead of just saying “Hi!” we are now using analog to digital preprocessors that convert it to bunch of 0 and 1 to send it over communication layer and deliver it to other human being that will convert it from digital to analog by reading it but that is simple.

By sending message using phone we also:
- save it to local phone
- convert it to couple protocols
- transmit it over air so make connection to internet provider services that would generate logs on this provider as well as whole routing table before it gets to the target person
- save it on messaging provider disk
- probably be processed by filters by provider, sometimes be reviewed or listened by third parties and also processed in bulk by artificial intelligence algorithms
- finally delivered to target phone and saved there where that person would just change this text to their inner voice and save it
- sometimes encrypted and decrypted
- sometimes saved on provider
- sometimes saved on phone manufacturer cloud backup
- don’t get me started on people involved to keep this infrastructure in place for you just to say hi

There are also some indirect infinite possibilities of actions for example:
- emit sound and light that can lead to walking from one room to other
- the floor in your house is destroyed cause of it so you need to renovate your floor
- sound can expose your position and kill you if you’re hiding from attacker
- sound can wake you up so you wake up in different hours
- it can stop you from having sex or even lead to divorce as a result simple hi can destroy your life
- can get you fired
- can prevent from suicide and as a result you can make technology to destroy humans

and I can write about sound and light all day but that’s not the point, the point is that every invention makes life more complicated, maybe it saves time but does it really matter ?

I can say that every invention we made didn’t make world simpler. The world is growing with complexity instead.

It’s just because most of those inventions lead to computer that didn’t make our world simpler but made it more complicated.

Fun fact: Many cloud provider will provide you free credits if you register without adding a payment method or using their services and wait for one or two days.

Our help desk person set up our software in a virtual machine on some cloud provider and you know how they give you a drive labeled temporary with a text file in warning you how the files will get deleted? Well for some reason they put the database files on that drive.

Luckily the server was for a small internal project and restarted a few days in so the users didn't loose too much work.

Status: Got off hour+ long call with provider teir2 tech support because their "sync service" isn't syncing. "It's all cloud controlled" they tell me. Whatever.

It does have the ability to install a Windows service to do the needful! 🎉

However the program that does the actual syncing is the "launcher" application, and the service's only job is to tell the launcher to run. 🤦‍♂️

Their assumption is that there will be a user that gets smacked in the face with a UAC prompt when they first log in and just shrug it away. Which is the Launcher application.

The sync service is not capable of running the sync application without a desktop session I guess?

MOTHERTRUCKERS do you understand what the point of a Windows Service is?!?

I tried relating this situation to how Windows Update works: It will update whenever the fuck it wants without the user doing anything because of the Service, and you only configure the service with the Control Panel/Settings App. You don't need the Control Panel/Settings App running in order for Windows Update to work, but it's there for status info and configuration.

Anyways, this software does not do that. It apparently *requires* both the service AND the launcher program running in order to work. Not work properly, to work *at all*.

Anyways, It's installed on a computer that's not normally logged into, but is always on (where other "always needs to be running" programs live). Normally the hackaround would be to launch the program via Scheduled Task.

This program apparently does not want to run as a scheduled task, or the Task Scheduler is being stupid and can't figure out "Hey, it's time to run this program. Do it!". Naturally it runs if told manually.

The fact that I'm even doing this at all is stupid, but even more infuriating is that it's just not working unattended. You know, what the service should be doing. But no, the service runs happily all alone, doing nothing of note, while Task Scheduler sucks its stick running OneDrive installer but not the launcher program.

Pluckin' donuts...

Which cloud hosting provider do you use or prefer and why?

I've been using Digital Ocean for two years, but I'm thinking about switching to AWS or Google, because two friends of mine recommended them. For me, at least AWS, feels way more complicated than DO. But if they are clearly better, I will switch. What's your recommendation, if you have any?

Thanks a lot!

Kubernetes question:
So far I've created two pods, mongo & Go
Exposed those pods using services

Their IP is 10.x.x.x and accessible from my machine only (virtual lan I'm guessing only known to host), but my machine's network ip is 192.x.x.x therefore, not accessible from outside world and to do so I need to put nginx in front to receive requests and route them internally.

Is there a way in kubernetes to make it work like nginx in terms of:

Kubernetes listen to port 80 (for example) route based on received url. As you know in enginx we define a server block with server domain_name.tld

Anything similar in kubernetes? I've cheked ingress-nginx controller, and also saw LoadBalancer but that requires a cloud provider.

If anyone can also give an example it would be great, so far examples I checked ended up screwing my setup and had to reset kubectl to get things back working

Why Evil Corp did not have its servers on a cloud provider?

(This question is about any big corporation with a whole bunch of servers. I quoted Evil Corp because the question came thinking about it.)

What is the cheapest and closest to "decent" cloud computing provider you've come across? I'm currently using scaleway ARMs -- all thanks to someone posting scaleway's name and comparing server prices to a cup of morning coffee :) . It's OK, really can't complain (although it's somewhat silly to sync ssh keys on-boot only IMO). Is there anything cheaper with no less quality?

I don't have any experience with cloud providers and I need to get a server for a project.
The website will be up for 3 weeks, access will probably be very uneven, the total user count is somewhat below 2000.
The site will probably be quite interactive and real-time, content may be changing every few seconds for an hour and then remain unchanged for days. I will also need either SSE or websockets for this reason.
What should I consider when selecting a cloud providers? Do you have a good one? My ideal provider would scale resources according to traffic like I've heard AWS does, but I want to hear your opinion first especially considering I know very little about how server load works.

So I wanted to do a quick test before going to dinner and now I'm stuck on waiting for this f*cking cloud provider to start my container.

"Provisioning 20 minutes" WHAT THE HELL!? After 20 (TWENTY) minutes my container still hasn't started!?

Is it a joke? Is some sysadmin spying on me and making me wait on purpose? What the f*

Tomorrow i have to go into the office and work for 8 hours for $0/hour, building a project that includes backend in java, bash scripting, ci/cd and building the whole devops infrastructure and deploying that backend on cloud provider through terraform docker kubernetes, aside from being tested in theory for those 8 hours in-person,

all of this as a form of 1 technical interview after which they will decide if they move forward with me or reject me.

Do you think this is fair?

Don't get bullied by your cloud provider. You CAN negotiate your contract with them, and you should.

serious question: in what FUCKING case would i need to use DevOps engineering and custom backend custom frontend AWS azure gcp cloud providers etc if all that bullshit can be avoided and the same performant software can be crafted in 1 single framework -- nextjs?????

all of that bullshit looks like WAY overengineered, marketing-bloated BULLSHIT so bozos can buy more yachts off ur fucking dumbass cloud provider usage.

how is nextjs so powerful that u dont need any of those shits?

beyond me

the only time i see all of this overengineered shit makes sense is if u work on a large corporation software such as bank

then sure.

but chances are if u freelance or build ur own side project

ur NOT gonna fucking need to overengineer all of that cowshit

i literally had to take a step back for several weeks to unbrainwash myself by jeff bozos megacorp

and realize all these megacorps lure u into bullshit

keep it fucking simple you fucking fags and stop feeding the money hungry corps

u dont need a fucking gigazillion complexity software

I love it when context gets lost in company chat when there are multiple conversations going on at the same time.

> we just got our cloud provider bill for feb, half of what it was last month.
> sounds like a missing environment variable. looking into it

Spend weeks porting everything to Docker and automating deployments so we can be cloud provider agnostic...

Hosting providers all want long term contracts.

There is this local cloud service provider I used to like, since the promise was "it's from Africa" woi, they don't know shit. We tell then to open port 8888 ssh and 8899 since firewall is configured on their side, they close all ports then you can't ssh into the server. They take another 2 hours to fix that. Later on we change our ports and then tell them to change some ports, they open and close all ports (we discovered again because we were locked out again and had to d an nmap to see what was happening). Apparently the staff we we're talking to didn't know much about configuring servers only the senior management knew (I think to cut down costs), then we tell then to terminate services but they decide to bill us for another month (bullying) and gave us a warning letter from their lawyer for not paying for that month and since we are a small startup, we can't afford a court case which will drain us cash so we had to pay for shitty service and some month arr angry

Which Cloud provider (AWS, Azure, Google,...) do you work with and why?

I've started to get more into the TOR idea over the last couple of weeks.

I know I'm way to "non protective" of my privacy but changing would mean I'd have to break many habits and stop using things I'm used to.

A couple years back (I guess it was in like 8th grade or so) I had a presentation in German (my first language) for an extra mark. It was about tor. In the process of researching all of it I learned quite a lot about it. All of this knowledge has stuck to me the whole time, unused.

Fast forward to today, I've finally decided to use the couple of bitcoins I have (like 15€ or so) from my home mining experiment to rent a vps for a tor relay. First, I was lucky enough to find a service provider that accepts bitcoin for a 3€. They advertised "Fair use Traffic", later found out, after committing for three months since I was like "yeah... will be fine", in the customer panel there is a graph that shows me that I have used x% of 1.5 TB... I guess the customer support will get an email from me asking what "Fair use" exactly means... But that's fine... Oh... And ipv6 wasn't a thing to be found...

To wrap it up... I've now got a 2 weeks old little tor relay <3

(I didn't wanted to put it on my main vps where I have 200mbit guaranteed at unlimited for 5€ a month since that's where I have my mail server running and a hidden service for my next cloud)

- Get comfortable with Angular 10, at least to the point where it's not too far skill-wise from Vue 3.
- Getting better at using Terraform, AWS and GitLab, and possibly picking up another cloud provider (like DigitalOcean, Linode or Vultr).
- Being used to the C4 model and being less uncertain about how I can model software systems even if I end up switching from (C4-)PlantUML to Structurizr.
- Progressing on some OSS projects, namely like All Contributors and other side projects I've put on hold.
- Getting a new laptop (when I know which one would suit me more).

TLDR
Apparently if you delete your google account as an only admin of a workplace by just clicking remove account on expired subscription screen when you are on document page you not only loose access to google workplace but also you can create new workplace google account using same domain and email immediately and it’s fresh google domain account without domain verification and with everything wiped off from your old account. So you don’t have access to anything but on the other side there is possibility to use gmail as spam hub if google fucked ip something in their dns verification and once verified and after that expired domain gets bought again it stays verified.

Well I luckily migrated my gmail to other provider 3 years ago and I lost nothing important there but lol.

You can easily lock out yourself from your domain.

I opened ticket using some questionnaire and by adding another dns txt record to my domain to claim access to workplace admin page and let’s see what they do.

If they ever respond to that ticket and how long it will take to get it resolved.

This is good test to see if google is still a people’s company or an evil corporation.

I was using workplace as long as it was free from days of google app engine and begging of cloud revolution. I remember at best times I could chat with google support employee about spam I got from domain registered on google servers and he was processing ticket for me.

Google Cloud will beat AWS as the leading cloud service provider in 2 years. Bank this post!

So I've been using Duet on my iPad Pro for a couple years now (lets me use it as an external monitor via Lightning cable) and without issue. Shit, I've been quite happy with it. Then the other day, whilst hooked up to my work laptop, there was a power fluctuation that caused my laptop to stop sending power to connected devices. Which is fine - I have it plugged into a surge protector so these fluctuations shouldn't matter. After a few seconds the laptop resumed normal operation and my connected devices were up and running again.

But the iPad Pro, for some reason, went into an infinite boot loop sequence. It reboots, gets to the white Apple logo, then reboots again.

In the end, after putting the iPad into recovery mode and running Apple's update in iTunes (as they recommend), it proceeds to wipe all my data. Without warning. I lost more than a couple of years of notes, illustrations and photos. All in one fucking swoop.

To be clear, you get 2 options in iTunes when performing a device update:

1. UPDATE - will not mess with your data, will just update the OS (in this case iPadOS)
2. RESTORE - will delete everything, basically a factory reset

I clicked UPDATE. After the first attempt, it still kept bootlooping. So I did it again, I made sure I clicked UPDATE because I had not yet backed up my data. It then proceeds to do a RESTORE even though I clicked UPDATE.

Why, Apple? WHY.

After a solemn weekend lamenting my lost data, I've come a conclusion: fuck you Apple for designing very shitty software. I mean, why can't I access my device data over a cabled connection in the event I can't boot into the OS? If you need some form of authentication to keep out thieves, surely the mutltiple times you ask me to log in with my Apple ID on iTunes upon connecting the damn thing is more than sufficient?! You keep spouting that you have a secure boot chain and shit, surely it can verify a legitimate user using authenticated hardware without having to boot into the device OS?

And on the subject of backing up my data, you really only have 2 manual options here. Either (a) open iTunes, select your device, select the installed app, then selectively download the files onto my system; or (b) do a full device backup. Neither of those procedures is time-efficient nor straightforward. And if you want to do option b wirelessly, it can only be on iCloud. Which is bullshit. And you can't even access the files in the device backup - you can only get to them by restoring to your device. Even MORE bullshit.

Conversely, on my Android phone I can automate backups of individual apps, directories or files to my cloud provider of choice, or even to an external microSD card. I can schedule when the backups happen. I can access my files ANYTIME.

I got the iPad Pro because I wanted the best drawing experience, and Apple Pencil at the time was really the best you could get. But I see now it's not worth compromise of having shitty software. I mean, It's already 2021 but these dated piles of excrement that are iOS and iPadOS still act like it's 2011; they need to be seriously reviewed and re-engineered, because eventually they're going to end up as nothing but all UI fluff to hide these extremely glaring problems.

Has anyone had any experience with OVH? Are they as good of a hosting provider as five year old forum posts say they are? Specifically looking at their VPS Cloud RAM

Can anyone recommend cheap Windows-based hosting, ideally to run a couple of Umbraco instances for personal projects? I'm currently looking at the Cloud One Tier of asphostportal.com which has some good reviews, but if anyone knows of a better/cheaper hosting provider that'd be super helpful 😁

Was watching OITNB at home when boss called sounded urgent about SSL not working on one of our subdomains. We use a paid cloud app for some of our reports which. So the subdomain is a CNAME to the providers app subdomain. Recently there was an upgrade at our hosting but it shouldn't be related.

Boss: Hey, there is an error prompt when I visit our reporting site with https
Me: That's cos we never installed any SSL cert for that subdomain.
Boss: Well it worked before and you will need to get it fixed.
Me: Wait.. It worked before? How is that possible? We've never set it up and the subdomain is a CNAME pointing to another site which we don't own. The cert will have to load from their server and we have not done any setup with them.
Boss: I'm very sure it worked before the hosting upgrades. All along our customers has been accessing with https.
Me: Okay.... That's something new because and I am pretty SURE the last I checked, the app provider doesn't allow that yet.
* meanwhile I when to search the app provider docs and it says not able to support multiple SSL yet for CNAME
Me: Look, it says so here in the docs.
Boss: Ok, can you try to fix it as its important for the users to not see that error. It has been working all along.
Me: Hmmmm... I'll get back to you.

How do I fix something that didn't exist / broken?? How did it work before??

I know it can be possible to install the cert on the cloud provider end but we haven't done this before. And their support docs says feature not available yet.

Was it magic?? Am I missing something?? Anyway, I've sent an email to the provider's support team and telling them "it worked before"

I dunno why but I'm sold by AWS and how anyone may start off on the right note when starting a "startup" project. A lot of IT folks I know have vouched for it as well. Maybe because I'm engineering graduate and I have put the costs and maintainability on top of the checklist. I even plan to take the SAA certification since it was also surveyed as one of top paying IT certs to get. But mostly I care about the stuff I can learn and rely on its ecosystem. Tell me something I should be wary about this cloud provider. Coz maybe I'm just too "sold" by the hype.

I'd like to hear opinions from experienced devs/software architects... Referencing my two previous rants, the imposter's has been strong today. And I really don't know how to feel about the possible solution I've come up with... Adding the new feature as a microservice for an otherwise monolithic application 🙄 is that a sane idea?

The thing is I need to have a subscription type event-driven mechanism and since we're listening to service bus messages from another cloud provider, I apparently can't just have a serverless function to do the job, so unless there's a better option, I need a microservice with the subscription that can then invoke a serverless function to actually do what needs to be done. That's my idea, but I'm far from sure this is the best way...

I finally got around to setting up my own cloud with nextcloud on my own dedicated server.

Just setting up Nextcloud alone was not really the challenge ( I've set up at least 2 Nextcloud instances in the past ).
The actual challenge was to install /e/ OS on my mobile phone and get it to work with my Nextcloud instance.

It's not all performant, buttery-smooth or super-fast yet, but for a one-person / user-cloud, I think it should be just fine.

There's still room for improvement in terms of server-side performance, but it's working fine with the basics at least.
I need to figure / iron out some issues like social federation via ActivityPub not working, Nextcloud SMS not syncing up my SMS, Mail app crashing because I used a self-hosted Nextcloud instance, etc; but those are things I could work on slowly, in the course of time.

No, the server is not physically controlled by me, yet ( it's a dedicated box server though. Still, hosted and physically controlled by a provider ).

I intend on setting up another 'replica' on a RaspberryPi which I will then make primary, connecting to the internet via DynamicDNS.
I'll probably keep the server as a fallback / backup server just in case my home server loses connectivity.

Taking back control from Big Tech is something I intend on pursuing actively this year. I've had the idea in my head for too long that it has started to fester.

This is only a first step, of many, that needs to follow, in order for me to take control back from Big Tech.

Yes, there still is some room for improvement, but I think for now ‒
Mission Accomplished!🤘

which is the best cloud provider for a complete beginner (user/dev) in terms of community support, employer preference and user-friendliness?

i know that understanding the tech and concepts behind it matters more than getting familiarized with a specific platform, but i'm looking to build a more diverse profile and have noticed many positions asking for AWS/Azure experience.

since i'll be starting from scratch, any provider with easy-to-follow documentation, online help and certifications that don't leave you broke (would have to pay myself, earn very less as a student from a third-world country, parents/current employer can't support) would work.