As a developer, sometimes you hammer away on some useless solo side project for a few weeks. Maybe a small game, a web interface for your home-built storage server, or an app to turn your living room lights on an off.

I often see these posts and graphs here about motivation, about a desire to conceive perfection. You want to create a self-hosted Spotify clone "but better", or you set out to make the best todo app for iOS ever written.

These rants and memes often highlight how you start with this incredible drive, how your code is perfectly clean when you begin. Then it all oscillates between states of panic and surprise, sweat, tears and euphoria, an end in a disillusioned stare at the tangled mess you created, to gather dust forever in some private repository.

Writing a physics engine from scratch was harder than you expected. You needed a lot of ugly code to get your admin panel working in Safari. Some other shiny idea came along, and you decided to bite, even though you feel a burning guilt about the ever growing pile of unfinished failures.

All I want to say is:

No time was lost.

This is how senior developers are born. You strengthen your brain, the calluses on your mind provide you with perseverance to solve problems. Even if (no, *especially* if) you gave up on your project.

Eventually, giving up is good, it's a sign of wisdom an flexibility to focus on the broader domain again.

One of the things I love about failures is how varied they tend to be, how they force you to start seeing overarching patterns.

You don't notice the things you take back from your failures, they slip back sticking to you, undetected.

You get intuitions for strengths and weaknesses in patterns. Whenever you're matching two sparse ordered indexed lists, there's this corner of your brain lighting up on how to do it efficiently. You realize it's not the ORMs which suck, it's the fundamental object-relational impedance mismatch existing in all languages which causes problems, and you feel your fingers tingling whenever you encounter its effects in the future, ready to dive in ever so slightly deeper.

You notice you can suddenly solve completely abstract data problems using the pathfinding logic from your failed game. You realize you can use vector calculations from your physics engine to compare similarities in psychological behavior. You never understood trigonometry in high school, but while building a a deficient robotic Arduino abomination it suddenly started making sense.

You're building intuitions, continuously. These intuitions are grooves which become deeper each time you encounter fundamental patterns. The more variation in environments and topics you expose yourself to, the more permanent these associations become.

Failure is inconsequential, failure even deserves respect, failure builds intuition about patterns. Every single epiphany about similarity in patterns is an incredible victory.

Please, for the love of code...

Start and fail as many projects as you can.

Me and co-worker, working with firebase.

Co-worker: Hey man, I need the private key for the server.

Me: Why?

Co-worker: I need to put it in the client so that I can authenticate.

Me: No.

Co-worker: But this guide tells me ...

Me: No

Co-worker: ... that I need it to create tokens so I can log in.

Me: ... No.

Co-worker: But the guide..

Me: If the guide would ask you to kill yourself, would you?

Co-worker: No but..

*I walk over*

Me: This isn't even related to what we are doing. You can see it in the title.

Me: Did you read the title of this post?

Co-worker: No.

Forgot the password of the private key used to login to all my vpn servers.

Now I’ve got to generate a new one and deploy it everywhere again through this shitty control panel for every server fucking manually.

🤬

*goes to the local town hall to get my new ID*

A week ago:
Clerk: Sorry sir, our systems don't work anymore, we can't process your request!
Me: Epic. Is there any sysadmin in here that can fix this pronto?
C: No it's a centrally managed system. It's managed by the people in ${another town}.
M (thinking): Well how about you fucking call them then, fucking user. Screaming blood and fire when nothing is wrong server-side but doing nothing when there is. Fucking amazing, useless piece of shit.

One week later, i.e. today:
M: Hey, I'd like to renew my ID card. I've got this announcement document here and my current ID card.
C: Oh no I don't need the announcement document. I need your PIN and PUK code letter.
M (thinking): What the fuck do you need that for.. isn't that shit supposed to be my private information..?
*gives PIN and PUK part of the letter*
C: Alright, to register your new ID card, please enter your PUK and then your PIN in this card reader here twice.
M: Sure, but I'd like to change both afterwards. After all they're written on this piece of paper and I'm not sure that just destroying that will be enough.
C: Sure sure you can change them. Please authenticate with the codes written on the paper.
*Authenticates*
C: So you'd like to change your codes, right?
M: Yeah but I'd like to change it at home. You know, because I can't know for sure that this PC here is secure, the card reader has a wired connection to your PC (making it vulnerable to keyloggers) and so on.
C: Impossible. You can't change your PIN at home. (What about the PUK?!)
M: But I've done that several times with my Digipass for my previous passport.. it is possible and I've done it myself.
C: Tut tut, impossible. I know it's impossible and therefore it is.
M (thinking): Thanks for confirming that I really shouldn't enter my personal PIN on your fucking PC, incompetent bitch.
M: Alright, I'll just keep this PIN, try at home and if it's really impossible because the system changed to remove this functionality (which I highly doubt, that'd be really retarded), I'll come back later.
(Just to get rid of this old stupid woman's ignorance essentially.)
C: Sure sure...
Me: I'd also like to register as an organ donor. Where can I do that?
C: That'd be over there. *points to the other room in the town hall*

FUCKING THANK YOU LORDS OF THE WICKED RAVEN AND THE LIBERATED TUX, TO GET ME AWAY FROM THAT STUPID FUCKING BITCH!!!

.. anyway. I've got my new ID and I'm an official organ donor now 🙂

Product sending an email: Can I confirm feature A is all set for its release on April 30th?

Me: ... what? no that feature is going out with Feature B, that was pushed back to June because of the server issue.

Product: No, the release plan document says April 30th for this.

Me: ... theres 6 copies of this doc now. Someone is after deleting my comments saying "releasing with Feature B". Oh look heres a link to another doc that says this. See Feb14th "Will go out with Feature B". This is because they are touching the same code, we can't separate them now without re-writing it.

*Me to myself*: Ha product are going to hate this, their shitty processes have finally caught up with them.

*next day*

Other manager: So heres my plan for the app release x, y, z.

*Me to myself*: ... his plan? this is my app, I mange this. What the hell is this?

*reads email thread*

*Me to myself*: ... oh so product really didn't like my reply, took me off the thread, sent a response to all the other managers asking for alternatives, CC'ing upper management. The same upper management I had a private conversation with yesterday about how shit our product team are.

*cracks knuckles*

I'm going to enjoy writing this reply.

Holy crap.. The intern just pushed the private key to his own VPS to the firmwide git server...

The 2014's called, they want their private server back!

Source: CommitStrip

Fuck my life...

Okay, so I’m working on a web app with a small group... the app is basically a lead generator for new business in another country. We just need contact details cause they’re a fucker to buy.

Step 1: prototype to the investors, working with the ceo to make this thing look shiny AF.

Goes well as fuck.

CEO: “when can we get this out?”

Me: “it’s basically done mate, get your guys to look at it and we can talk about marketing”

Que a shower of 10 or so bellends with senior in their title going into a room and coming out with:

Bellends: “so on this page we want the user to confirm and accept the contract”

Me: “cool, makes some sense, that’s what it’s already doing.”

Bellends: “afterwards we want to show them the price and have them put in their banking details.”

Me: “Wait, you what when?”

Bellends: “Yeah, well Jenny says we should have as few clicks as possible to get to the final stage and have the customer accept.”

Me: “Jenny’s on fucking crack, moving the contract formation phase to after the contract acceptance stage is not an option”

Bellends: “Oh it’s okay, Andy in legal said that would be okay”

Me: “Andy’s a fucking moron, tell him that online contract formation laws were updated 2014/2015 and you can’t do that anymore”

Bellends: “No, andy’s legal, surely he knows”

Bellends: “We want all of this above the fold”

Me: “OH FUCKING SUCK A DICK YOU ABSOLUTE BAND OF FUCKWADS... which one of you, which one hasn’t looked at a website this millennia!?”

Needless to say I ignored all their shit, got the lead generator out and told the CEO those ten people are certifiably fucking useless.

Bonus round; recent, but “it has to be on internal infrastructure”

“Why? It’s a mobile app sending rest calls to a third party saas.”

“It just has to, we have this thing called the private cloud and w”

“Wait... you what son, priv 🤦🏼‍♂️ private what mate?”

“Private cloud”

“You... you mean a server rack?”

“Nah we spent £2mn on it, it’s brilliant”

“Hahahaha you fucking dick, you blew £2mn on server infra with fuckall to put on it!?”

“No, no it’s the private cloud”

“Fucking idiot, aye son, where’s the fucking bean stalk you prick!?”

“It has to go on internal infr”

“Shut up, that won’t work”

Following a conversation with a fellow devRanter this came to my mind ago, happened a year or two ago I think.

Was searching for an online note taking app which also provided open source end to end encryption.

After searching for a while I found something that looked alright (do not remember the URL/site too badly). They used pretty good open source JS crypto libraries so it seemed very good!

Then I noticed that the site itself did NOT ran SSL (putting the https:// in front of the site name resulted in site not found or something similar).

Went to the Q/A section because that's really weird.

Saw the answer to that question:

"Since the notes are end to end encrypted client side anyways, we don't see the point in adding SSL. It's secure enough this way".

😵

I emailed them right away explaing that any party inbetween their server(s) and the browser could do anything with the request (includingt the cryptographic JS code) so they should start going onto SSL very very fast.

Too badly I never received a reply.

People, if you ever work with client side crypto, ALWAYS use SSL. Also with valid certs!

The NSA for example has this thing known as the 'Quantum Insert' attack which they can deploy worldwide which basically is an attack where they detect requests being made to servers and reply quickly with their own version of that code which is very probably backdoored.

This attack cannot be performed if you use SSL! (of course only if they don't have your private keys but lets assume that for now)
Luckily Fox-IT (formerly Dutch cyber security company) wrote a Snort (Intrustion Detection System) module for detecting this attack.

Anyways, Always use SSL if you do anything at all with crypto/sensitive data! Actually, always use it but at the very LEAST really do it when you process the mentioned above!

"Microsoft should not need to buy github, the platform itself should be ran by a non profit org like wikipedia or linux."

Add a herp a derp at the end. It will probably make it sound less stupid or hypocritical.

Seriously though, how many of you mecos actually pay for shit? Eh? How many of you donate to your fav Linux distros or web platforms?

Lets say that the entire devrant base did :) pretty sweet eh? There are still 28 million developers on fucking github.....now how many of those contribute to help account for server costs etc? How many actually use private paid repos etc?

And without adds and shit? This ain't Facebook!!

It makes sense. I am glad they did... and fuck you I would too.

I will see what happens before I put on my (disgusting) Richard Stallman Hat.

I just can't understand what will lead an so called Software Company, that provides for my local government by the way, to use an cloud sever (AWS ec2 instance) like it were an bare metal machine.

They have it working, non-stop, for over 4 years or so. Just one instance. Running MySQL, PostgreSQL, Apache, PHP and an f* Tomcat server with no less than 10 HUGE apps deployed. I just can't believe this instance is still up.

By the way, they don't do backups, most of the data is on the ephemeral storage, they use just one private key for every dev, no CI, no testing. Deployment are nightmares using scp to upload the .war...

But still, they are running several several apps for things like registering citizen complaints that comes in by hot lines. The system is incredibly slow as they use just hibernate without query optimizations to lookup and search things (n+1 query problems).

They didn't even bother to get a proper domain. They use an IP address and expose the port for tomcat directly. No reverse proxy here! (No ssl too)

I've been out of this company for two years now, it was my first work as a developer, but they needed help for an app that I worked on during my time there. I was really surprised to see that everything still the same. Even the old private key that they emailed me (?!?!?!?!) back then still worked. All the passwords still the same too.

I have some good rants from the time I was there, and about the general level of the developers in my region. But I'll leave them for later!

Is it just me or this whole shit is crazy af?

I was working as a contractor for a client who just got enough funding to hire a full-time dev. I lovingly referred to him as "Mr. Koolaid" because he was obsessed with whatever the newest hotness was and cried constantly about how the 3-year-old code-base didn't use The Next Big Thing(tm). This was my first interaction with him:

Mr. Koolaid: I'd like access to the github repository. My username is xxxx.

Me: We currently aren't hosting the code on github. If you send me your public ssh key, I'll get you access to the private server.

Mr. Koolaid: I'd like to access the github repository.

Me: It's not on github; send me your public key and I'll get you access.

Mr. Koolaid: Can we skype real quick? You don't need my public key to grant me access to the github repo.

*Mr. Koolaid proceeds to forward me github's documentation on adding users to an organization and the documentation for adding users to a private repo. The email is written in a very passive-aggressive tone.*

ಠ_ಠ

Worst WTF dev experience? The login process from hell to a well-fortified dev environment at a client's site.
I assume a noob admin found a list of security tips and just went like "all of the above!".

You boot a Linux VM, necessary to connect to their VPN. Why necessary? Because 1) their VPN is so restrictive it has no internet access 2) the VPN connection prevents *your local PC* from accessing the internet as well. Coworkers have been seen bringing in their private laptops just to be able to google stuff.
So you connect via Cisco AnyConnect proprietary bullshit. A standard VPN client won't work. Their system sends you a one-time key via SMS as your password.

Once on their VPN, you start a remote desktop session to their internal "hopping server", which is a Windows server. After logging in with your Windows user credentials, you start a Windows Remote Desktop session *on that hopping server* to *another* Windows server, where you login with yet another set of Windows user credentials. For all these logins you have 30 seconds, otherwise back to step 1.
On that server you open a browser to access their JIRA, GitLab, etc or SSH into the actual dev machines - which AGAIN need yet another set of credentials.

So in total: VM -> VPN + RDP inside VM -> RDP #2 -> Browser/SSH/... -> Final system to work on
Input lag of one to multiple seconds. It was fucking unusable.

Now, the servers were very disconnect-happy to prevent anything "fishy" going on. Sitting at my desk at my company, connected to my company's wifi, was apparently fishy enough to kick me out every 5 to 20 minutes. And that meant starting from step 1 inside the VM again. So, never forget to plugin your network cable.

There's a special place in hell for this admin. And if there isn't, I'll PERSONALLY make the devil create one. Even now that I'm not even working on this any more.

It's enough. I have to quit my job.

December last year I've started working for a company doing finance. Since it was a serious-sounding field, I tought I'd be better off than with my previous employer. Which was kinda the family-agency where you can do pretty much anything you want without any real concequences, nor structures. I liked it, but the professionalism was missing.

Turns out, they do operate more professionally, but the intern mood and commitment is awful. They all pretty much bash on eachother. And the root cause of this and why it will stay like this is simply the Project Lead.

The plan was that I was positioned as glue between Design/UX and Backend to then make the best Frontend for the situation. Since that is somewhat new and has the most potential to get better. Beside, this is what the customer sees everyday.

After just two months, an retrospective and a hell lot of communication with co-workers, I've decided that there is no other way other than to leave.

I had a weekly productivity of 60h+ (work and private, sometimes up to 80h). I had no problems with that, I was happy to work, but since working in this company, my weekly productivity dropped to 25~30h. Not only can I not work for a whole proper work-week, this time still includes private projects. So in hindsight, I efficiently work less than 20h for my actual job.

The Product lead just wants feature on top of feature, our customers don't want to pay concepts, but also won't give us exact specifications on what they want.
Refactoring is forbidden since we get to many issues/bugs on a daily basis so we won't get time.
An re-design is forbidden because that would mean that all Screens have to be re-designed.
The product should be responsive, but none of the components feel finished on Desktop - don't talk about mobile, it doesn't exist.
The Designer next to me has to make 200+ Screens for Desktop and Mobile JUST so we can change the primary colors for an potential new customer, nothing more. Remember that we don't have responsiveness? Guess what, that should be purposely included on the Designs (and it looks awful).
I may hate PHP, but I can still work with it. But not here, this is worse then any ecommerce. I have to fix legacy backend code that has no test coverage. But I haven't touched php for 4 years, letalone wrote sql (I hate it). There should be no reason whatsoever to let me do this kind of work, as FRONTEND ARCHITECT.

After an (short) analysis of the Frontend, I conclude that it is required to be rewritten to 90%. There have been no performance checks for the Client/UI, therefor not only the components behave badly, but the whole system is slow as FUCK! Back in my days I wrote jQuery, but even that shit was faster than the architecuture of this React Multi-instance app. Nothing is shared, most of the AppState correlate to other instances.

The Backend. Oh boy. Not only do we use an shitty outated open-source project with tons of XSS possibillities as base, no we clone that shit and COPY OUR SOURCES ON TOP. But since these people also don't want to write SQL, they tought using Symfony as base on top of the base would be an good idea.
Generally speaking (and done right), this is true. but not then there will be no time and not properly checked. As I said I'm working on Legacy code. And the more I look into it, the more Bugs I find. Nothing too bad, but it's still a bad sign why the webservices are buggy in general. And therefor, the buggyness has to travel into the frontend.

And now the last goodies:
- Composer itself is commited to the repo (the fucking .phar!)
- Deployments never work and every release is done manually
- We commit an "_TRASH" folder
- There is an secret ongoing refactoring in the root of the Project called "_REFACTORING" (right, no branches)
- I cannot test locally, nor have just the Frontend locally connected to the Staging webservices
- I am required to upload my sources I write to an in-house server that get's shared with the other coworkers
- This is the only Linux server here and all of the permissions are fucked up
- We don't have versions, nor builds, we use the current Date as build number, but nothing simple to read, nonono. It's has to be an german Date, with only numbers and has always to end with "00"
- They take security "super serious" but disable the abillity to unlock your device with your fingerprint sensor ON PURPOSE

My brain hurts, maybe I'll post more on this shit fucking cuntfuck company. Sorry to be rude, but this triggers me sooo much!

So one year ago I was working at this company from the US, me being in Europe, which automatically implies there is several hours of timezone difference.

The eng. manager decided we would have a release tomorrow (decision was made one month earlier), and stuff was being prepped up to make that happen.

In the US the workday was about lunch time and in EU it was one hour before finishing. The manager gets us in a meeting and asks me and another dude to do some testing that would take several hours to do. This testing could have been done several days or weeks earlier.

40 minutes after that meeting I get a private message from the PM asking for the status of the test...

Me: aaa.. well I started it and will continue tomorrow

Manager: wait what? we have launch tomorrow, this testing has to be done by tomorrow

Me: it's the end of the workday here, I got personal errands that I have to attend to

Manager: uhm ok ... I see...

I was just messaging something in the public chat right before calling it a day and the manager writes "thanks for the input, your day is over now", completely out of context to the conversation I was having with whomever.

There was no question of "can you stay extra hours and do this?", there was no "hey, I know your day is over we will pay you premium hours with this amount as according to our contract, could you do this now as we have release tomorrow?" ..no ..just .. "do it!". I automatically assumed that ..hey, maybe he wants to do this during and after the live launch (and yes I do admit my mistake of not asking just to be clear, but I assumed the manager knows that there is a timezone difference ..like it's a no brainer).

I can not tell you the heat sensation I had after that last reply from the manager ... it was completely uncalled for, and unreasonable.

I mean why not make a pre-launch phase where you put stuff on the staging server, and perform all the necessary tests and then when you get all the green lights from testing you then proceed with the actual deploy? ...no ... mention this like right at the end of the day before the launch....

And another thing that scratched my neuronal cortex is, how does he know exactly how long the tests would take?

Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂

It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.

So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).

So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.

Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.

So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.

Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?

Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.

Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.

So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.

Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.

Fucking cloud providers always trying to steal your shit and spy on your things, fucking prying eyes. That's why i've decided to go back hosting my own private cloud from home. Running on some very energy efficient shit: dual core intel atom cpu (so slow that it can't fucking run windows normally), 16gb of ram, because why the fuck not? and 1tb 2.5"hdd, along with unlimited data - 100/100 Mbit/s internet connection with a server response time less than 95ms just to backup my shitty Iphone selfies and cat pics, host some very important files and regularly back up my contacts. This shit runs CentOS, Nginx, https, bitch! This platform is more trustworthy than your shitty dropbox or whatever other shit they offer you. I can choose whether i back-up my shit from local network or over internetz, Costing me no more than 25€ annually(just to keep the machine on 24/7/365).

!rant
Just managed to set up a laravel development server in my raspberry, with a fully functioning private git repo!

(Not having a CS degree nor working in IT... I am very happy with this!)

I shared public IP of a server to a fellow software engineer. He has ssh login access to that server.

He needs private IP of the same server to run some script.

He is asking me for private IP. Did he really graduate in computer science ?

BTW, his development machine is a Linux machine.

FML.

It's finally happened. I've used my mail servers for about a year to give out different email addresses on my domain to things I sign up for online, and only used my "actual" email address that received all this email for the whole domain but the single one that I used outbound for private communications.

This worked well for a long time as I could see when spam comes in, where it came from by looking at the email address I designated it. Each company's email would be sent not only from an email address that they choose, but also to an email address that I choose. It allowed me to easily determine where there were problems. For example, on Freenode IRC my vhost happened to make my username@host there a valid email address. It eventually got blacklisted due to too much incoming spam as crawlers started detecting it. Another one was "nickname"@my.domain as I posted it a few times here. Got crawled as well. But it allowed me to easily blacklist each.

I'd never thought my actual outbound email address, my real one, to get crawled though. That would require the mail server of a company I explicitly communicated with to get hacked. But today that happened. I wonder whose it is, but I can't tell.

Time to make my outgoing email bound to a designated email address as well. I want to know which companies this happens to, even if they don't disclose it.

School sucks.
Paying quiet a lot of money(not having that much) to a private school that used to impress me two years ago.
Now I can see all the hidden crap:
- Project work is graded after written lines

- "Do this project with scrum" Got two hours in the room with scrum board in a whole semester

- Exams are pushed if the teacher is to lazy to deal with bad results. A 3 ( or C ) became best grade.

- They could not find a teacher for OS & Networks. So instead of 1 semester Server architecture we got 5 days.. 1 of them for exam (exam = final grade)

- Guy took part with us during the 5 days. "How did you do that?!? Doesn't work on my PC I think" - half year later he is the new Network teacher

- Surpassingly he sucks at that, being half a week ahead of his lessons by googling shit together. Can't answer a single question beyond that..

Once he created a multiple choice exam. Questions in a word document online, answers on paper. Not just that he never blocked the internet during the exam, he also publicly uploaded the document a week ahead. Securing it with a 5 letter password... Somehow we all passed that one with a pretty good average.

Besides there a some teachers who are actually really good.

Hey there!

So during my internship I learned a lot about Linux, Docker and servers and I recently switched from a shared hosting to my own VPS. On this VPS I currently have one nginx server running that serves a static ReactJs application. This is temponarily, I SFTP-ed the build files to the server and added a config file for ssl, ciphers and dhparams. I plan to change it later to a nextjs application with a ci/di pipeline etc. I also added a 'runuser' that owns the /srv/web directory in which the webserver files are located. Ssh has passwords disabled and my private keys have passphrases.

Now that I it's been running for a few days I noticed a lot of requests from botnets that tried to access phpmyadmin and adminpanels on my server which gave me quite a scare. Luckily my website does not have a backend and I would never expose phpmyadmin like that if I did have it.

Now my question is:
Do you guys know any good articles or have tips and tricks for securing my server and future projects? Are there any good practices that I should absolutely read and follow? (Like not exposing server details etc., php version, rate limiting). I really want to move forward with my quest for knowledge and feel like I should have a good basis when it comes to managing a server, especially with the current privacy laws in place.

Thanks in advance for enduring my rant and infodump 😅

Finally finished setting up my private Git Repo.

First tried to install Gitlab, tried 2 hours to fix it. Holy shit the configs were a shit piece. Ended up at the end with a 502 error.

Fucking hate Gitlab, go die you piece of shit for dedicated servers.

Removed it and installed Gogs. Had 25 Minutes to set it up completly and I'm happy with it. ✌️

Dont won't to spent 7$ on private Repos for Github, when I have my own high power dedicated Server 😜

Should’ve posted this after it happened, but it requires a bit of background anyway.

There’s this guy that oversees our OpenStack environment. My team often make jokes and groan about him in private because he’s so overbearing. A few months back, he had to take us to our data center to show us our new racks, and he kept saying stupid stuff like “you break this and it costs me $30,000” as if he owns everything. He’s just... one of THOSE people. Always speaks in such a condescending way. We make jokes that he is our “best friend”.

Our company is shifting most of our products to the cloud in response to the coronavirus (trying to make it an opportunity for “innovation”). This has involved some structural and responsibility changes in our department, and long story short, I’m now heading the OpenStack environment alongside other projects.

This means going through grueling 1-on-1 meetings with our “best friend”. It’s not too bad, I can be pretty patient with people, so I didn’t mind too much at first. Then a few things happened.

1. He sent a shared folder that he owned containing info related to the environments. Several documents were outdated and incomplete, so I downloaded them, corrected them, and then uploaded the documents to my teams file share, as I was supposed to since we now own the projects.

2. Several files were missing, and when I asked about them, he said “Oh, did you refresh the browser?”. I told him no, that I downloaded them locally and republished them to my teams server, because he was supposed to hand everything off to us at once. He says “Well, silly, how are you going to get updates if you’re looking at them locally?” and kind of chuckles at me like I’m stupid.

3. He insists on training me how to remote into one of the servers to check on cluster space, which in itself is fine. I understand others wanting to make sure things will be done right by the people who come after them. But he tells me to download SuperPutty. I tell him, “oh no, that’s alright. I don’t need putty”. He says “oh cool, what tool do you use for ssh?”. I answer him “Just Git. If I want to I can use a CentOs bash terminal too, because we have WSL installed”. He responds “You can’t ssh through Git”.
I was actually a little shocked. I didn’t know if he was serious or not so I was silent for a few seconds before hesitantly saying “yes you can”. He says “this is news to me” and I so I tell him “every single one of our build jobs fetches code from Git with ssh” and he seemed genuinely shocked and surprised by that.... so then it occurs to me to show him that you can ssh in Powershell and that REALLY blew his mind. He would not shut up about it for several minutes. I was amused until it just got annoying.

Needless to say, my team had been previously teasing me about having to work with him, so they found it hilarious when I told them afterwards.

I took this contract and made the suggestion that we backup to the cloud and create a private repo on GIT. Client said no, local should be fine, they don't want someone stealing their code. I said okay fine.
AC just went out in the server room and they apparently had a leak from the AC to the power supply which they happened to put on top of the rack servers and switches. I'm surprised that place didn't catch fire, might be to early to call it.
All this on a Friday and we were 2 weeks away from launch party.
Not my fault, I clearly said we backup to cloud and use GIT on private repo.

First rant!

The first time I got in touch with programming was when I was about 14 years old. I started a private server for a game called Maplestory (yeah you know it, I know you do) and had one of the most popular servers.
Topping all the rankings of best servers, getting lots and lots of traffic...
Anyway, I started modding the game and implement new features and quests. Right until my father saw our bandwidth. Because the server was running on my computer in my own bedroom 24/7 and blowing nice hot air in my room.
Our bandwidth limit was reached in just a couple days in to the next billing cycle and had to shut everything down from that point. And this happened a few times.
I was devastated shutting it down but learned so much from it. And it introduced me to programming.

Up till now, I'm almost graduating in computer science, already have 2 companies that are willing to hire me, and probably even going to work with my dad on a huge app soon

Diary of an insane lead dev: day 447

pdf thumbnails that the app generates are now in S3 instead of saved on disk.

when they were on disk, we would read them from disk into a stream and then create a stream response to the client that would then render the stream in the UI (hey, I didn't write it, I just had to support it)

one of my lazy ass junior devs jumps on modifying it before I can; his solution is to retrieve the file from the cloud now, convert the stream into a base64 encoded string, and then shove that string into an already bloated viewmodel coming from the server to be rendered in the UI.

i'm like "why on earth are you doing that? did you even test the result of this and notice that rendering those thumbnails now takes 3 times as long???"

jr: "I mean, it works doesn't it?"

seriously, if the image file is already hosted on the cloud, and you can programmatically determine its URL, why wouldn't you just throw that in the src attribute in your html tag and call it a day? why would you possibly think that the extra overhead of retrieving and converting the file before passing it off to the UI in an even larger payload than before would result in a good user experience for the client???

it took me all of 30 seconds to google and find out that AWS SDK has a method to GetPreSignedURL on a private file uploaded to s3 and you can set when it expires, and the application is dead at the end of the year.

JFC. I hate trying to reason with these fuckheads by saying "you are paid for you brain, fucking USE IT" because, clearly these code monkeys do not have brains.

Since we are using the same password on all our servers (both QA and Production environment) my team somehow decided that it would be easier to copy the private SSH key for to ALL servers and add the public key to the authorized.keys file.

This way we SSH without password and easily add it to new servers, it also means that anyone who gets into one server can get to all of them.

I wasn't a fan of the same password on all servers, but this private key copying is just going against basic security principles.

Do they want rogue connections? Because that's how you get them.

$category = 'Story';

Holy shit it finally worked I finally got a private server up and running for an old game, after countless forum posts and broken links (note the form isn't that active anymore since 2010)

After finding a working server source you also need a client with the same version

Even though this was a pet project, it feels good to finally complete it. I might even try to build some custom stuff into it

The WTF moment when I realized that the main production DB server was configured with **dynamic** private IP. After maintenance upgrade and reboot the rest of environment stopped. When I explained to sys admin what caused the production breakdown hi still did not get that :/

Alright... how the FUCK is an IP address considered personal data by GDPR????

Fucking boomers don't even know what an IP is. Guess what, every website you've ever been to has your IP! It's in your router, your fucking ISP's registry, and in every DNS server within 1000 miles of you!

Imagine thinking your IP gives up private information, god, just fuck me, I hate all of it, idiotic fools fumbling around with shit they don't understand.

...WKO making every developer's life a living nightmare because fucking GOOGLE FONTS stores a copy of your IP for their stupid analytics. You know what? Just don't use the internet either, that needs your IP too. In fact, don't pay taxes either, the tax office has a copy of your address, that's pretty personal information if you ask me! Just live in the woods and survive with the wolves.

I already know the future 'resolution' to this one - store fonts locally, resolve this dangerous "issue"... "waaaahhh fullStackClown! the site is slower now!!!"

...an infinite circle of clownshipness continues...

tune in next week as the world continues to approach it's circus fate!

2017 has ended and I want to throw this fucking rock of anger with it out of the Window.

I will tell you how my last 3 to 4 years as private IT Guy (IT Dumpster) for everything was.

My Gaming Community:
It was so fucking retarded that I would like to punch everyone there in the face over a thousand times.

Seriously there are over 60 People in that Community and they take every shit for granted and only cry about everything.

I'm Paying since 4 Years over 60 € for our Server every month. Some people donated some small bucks over the time and in the end it was around 150 € Donations over 4 years.

Im thankful for the Donations, but these people really think that they can demand for this Donations private Gameservers for over years for free or think that they now own the Servers. WTF?? FUCK YOU!!

Im managing 2 Linux Server with Web, MySQL, Voice and Gameserver. What did 1 guy donate? 10 € for 4 years, thats around 15% for just a month. You would get our Teamspeak for 7 Days for that price idiots!!

I did all the damn Webdev and am now writing a App in Kotlin for Android man!!

Since last everybody in the Community gets on my nerves, because they are so ignorant and dont appreciate the work of others 😡.

My Association where I support the hole IT with a friend:

We decided in the commitee that we would take on major changes in our infrastructure.

We need to finish the barebone concept in the end of January 18.
Early December 17 I wrote my friend, that we need to have a meeting and plan everything.

Well, now I mostly designed the roadmap by myself and didnt receive any reply from my friend 💀.

I really dont understand why the shit always sticks at me and I need to finish it.

I really love to code something, install or repair PC's with joy or manage Server but the people around me are in my free time like poison and they take out my fun for it.

The only fun and enjoyable IT Part for me is at my fulltime job. Thats the only good place left for me as Safe Heaven and the people there really appreciate my knowledge and work I do.

@localhost My setup! The laptop is on private WiFi that is unmonitored. There's a desktop tower behind the monitors that is wired into the unmonitored network as a server running Linux. it's decent but could be better. and I need more stickers

In today's episode of kidding on SystemD, we have a surprise guest star appearance - Apache Foundation HTTPD server, or as we in the Debian ecosystem call it, the Apache webserver!

So, imagine a situation like this - Its friday afternoon, you have just migrated a bunch of web domains under a new, up to date, system. Everything works just fine, until... You try to generate SSL certificates from Lets Encrypt.

Such a mundane task, done more than a thousand times already... Yet... No matter what you do, nothing works. Apache just returns a HTTP status code 403 - Forbidden.

Of course, what many folk would think of first when it came to a 403 error is - Ooooh, a permission issue somewhere in the directory structure!

So you check it... And re-check it to make sure... And even switch over to the user the webserver runs under, yet... You can access the challenge just fine, what the hell!

So you go deeper... And enable the most verbose level of logging apache is capable of - Trace8. That tells you... Not a whole lot more... Apparently, the webserver was unable to find file specified? But... Its right there, you can see it!

So you go another step deeper and start tracing the process' system calls to see exactly where it calls stat/lstat on the file, and you see that it... Calls lstat and... It... Returns -1? What the hell#2!

So, you compile a custom binary that calls lstat on the first argument given and prints out everything it returns... And... It works fine!

Until now, I chose to omit one important detail that might have given away the issue to the more knowledgeable right away. Our webservers have the URL /.well-known/acme-challenge/, used for ACME challenges, aliased somewhere else on the filesystem - To /tmp/challenges.

See the issue already?

Some *bleep* over at the Debian Package Maintainer group decided that Apache could save very sensitive data into /tmp, so, it would be for the best if they changed something that worked for decades, and enabled a SystemD service unit option "PrivateTmp" for the webserver, by default.

What it does is that, anytime a process started with this option enabled writes to /tmp/*, the call gets hijacked or something, and actually makes the write to a private /tmp/something/tmp/ directory, where something... Appeared as a completely random name, with the "apache2.service" glued at the end.

That was also the only reason why I managed fix this issue - On the umpteenth time of checking the directory structure, I noticed a "systemd-private-foobarbas-apache2.service-cookie42" directory there... That contained nothing but a "tmp" directory with 777 as its permission, owned by the process' user and group.

Overriding that unit file option finally fixed the issue completely.

I have just one question - Why? Why change something that worked for decades? I understand that, in case you save something into /tmp, it may be read by 3rd parties or programs, but I am of the opinion that, if you did that, its only and only your fault if you wrote sensitive data into the temporary directory.

And as far as I am aware, by default, Apache does not actually write anything even remotely sensitive into /tmp, so...

Why. WHY!
I wasted 4 hours of my life debugging this! Only to find out its just another SystemD-enabled "feature" now!

And as much as I love kidding on SystemD, this time, I see it more as a fault of the package maintainers, because... I found no default apache2/httpd service file in the apache repo mirror... So...

Is it a good idea to use Github or have a private local Git Server? I’ve heard Github now let’s people make private repositories for free so I was thinking of that but idk. What do you guys use?

Not really a rant and not very random. More like a very short story.

So I didn't write any rant regarding the whole Microsoft GitHub topic. I don't like to judge stuff quickly. I participated in few threads though.

Another thing is I also don't use GitHub very much apart from giving 🌟 to repos as a bookmark. Have one hobby project there. That's all. So I don't worry that much. I'm that selfish and self concerned. :3

I was first introduced to version control system by learning how to use tortoisesvn around 2008. We had a group project and one of the guys was an experienced and amazing programmer unlike the rest of us. He was doing commercial projects while we were at our 1st and 2nd year. Uni had svn repo server. He taught us about tortoisesvn. He also had Basecamp and taught us how to use it as well. So that's how I learned the benefits of using versioning tools and project management tools. On side note, our uni didn't teach any of those in detail :3

After that project, I was hooked to use versioning tools. So until school kicked me out, I was able to use their svn server. When I was on my own, I had to ask Google for help. I found a new world. There are still free svn services that I can use with certain limited functions. That's not the new world; I found people saying how git is better than svn in various ways. It was around 2010,2011.

At first I was a bit reluctant to touch git because of all the commands in terminal approach. But then I found that there is tortoisegit. I still thank tortoisesvn creator for that. I'm a sucker for GUI tools. So then I also have to pick which git servers to use. Hell yeah, self hosted gitlab is the way to go man. Well that's what the internet said. So I listened. I got it up and running after numerous trial and error. I used it briefly. Then I came back to my country on 2012-2013; the land of kilobytes per minute (yes not second, minute).

My country's internet was improved only after 2016. So from 2013 to 2016, I did my best not to rely on internet. I wasn't able to afford a server at my less than 10 people, 12ft*50ft office. So I had to find alternative to gitlab which preferably run on windows. Found bonobo and it was alright. It worked. Well had crazy moments here and there when the PC running Bonobo got virus and stuff. But we managed. We survived. Then finally multi national Telecom corporates came to our country.

We got cheaper and faster mobile data, broadband and fiber plans. Finally I can visit pornhub ... sorry github. Github is good. I like it. But that doesn't mean I should share my ugly mutated projects to the rest of the world. I could keep using Bonobo but it has risks. So I had to think for an alternative. I remembered that gitlab didn't have cloud hosting service when I checked them out in the past. So I just looked into Bitbucket and happy with their free plans of 5 users and unlimited private repos. I am very very cheap and broke.

That's why I said I don't really care that much about the whole M$GitHub topic at the beginning. However due to that topic, I have visited GitLab website again and found out they have cloud hosting now and their free plan is unlimited users and unlimited repos. So hell yeah. Sorry BB. I am gonna move to cheaper and wider land.

TL;DR : I am gonna move to GitLab because of their free plan.

As of late I'm creating private game servers on my local network in my free time for fun / relaxing

I've already running:
a World of Warcraft vanilla;
Travian version 3;

And I am currently working on a conquer online private server, but getting the right client for it is the hard part...

>Gets assigned to this private Game server's project
>Boss wants me to improve the anti advertisement chat
> k
> Looks at old code
> Code is replacing unicode characters to latin ones that look similar which are being used for advertising
> lol'd who tf developed this
> regex101, building a regex query with endless of possibilities (would look something like this) /((L|\|_|I_)(O|0|\[\]|\(\))(L|\|_|_))/gi to detect lol
> Adds alot of similar looking unicode characters to assure that it will find something
> Works really well in the dev version
> Server open hour
> 30 players
> All chat at the same time
> CPU 100%
> BOSS NEVER TOLD ME TO MAKE IT EFFICIENT

Dev Diary Entry #56
Dear diary, the part of the website that allows users to post their own articles - based on an robust rights system - through a rich text editor, is done! It has a revision system and everything. Now to work on a secure way for them to upload images and use these in their articles, as I don't allow links to external images on the site.

Dev Diary Entry #57
Dear diary, today I finally finished the image uploading feature for my website, and I have secured it as well as I can.

First, I check filesize and filetype client-side (for user convenience), then I check the same things serverside, and only allow images in certain formats to be uploaded.

Next, I completely disregard the original filename (and extension) of the image and generate UUIDs for them instead, and use fileinfo/mimetype to determine extension. I then recreate the image serverside, either in original dimensions or downsized if too large, and store the new image (and its thumbnail) in a non-shared, private folder outside the webpage root, inaccessible to other users, and add an image entry in my database that contains the file path, user who uploaded it, all that jazz.

I then serve the image to the users through a server-side script instead of allowing them direct access to the image. Great success. What could possibly go horribly wrong?

Dev Diary Entry #58
Dear diary, I am contemplating scrapping the idea of allowing users to upload images, text, comments or any other contents to the website, since I do not have the capacity to implement the copyright-filter that will probably soon become a requirement in the EU... :(

Wat to do, wat to do...

It all started with an undelivereable e-mail.

New manager (soon-to-be boss) walks into admin guy's office and complains about an e-mail he sent to a customer being rejected by the recipient's mail server. I can hear parts of the conversation from my office across the floor.

Recipient uses the spamcop.net blacklist and our mail was rejected since it came from an IP address known to be sending mails to their spamtrap.

Admin guy wants to verify the claim by trying to find out our static public IPv4 address, to compare it to the blacklisted one from the notification.
For half an hour boss and him are trying to find the correct login credentials for the telco's customer-self-care web interface.
Eventually they call telco's support to get new credentials, it turned out during the VoIP migration about six months ago we got new credentials that were apparently not noted anywhere.

Eventually admin guy can log in, and wonders why he can't see any static IP address listed there, calls support again. Turns out we were not even using a static IP address anymore since the VoIP change. Now it's not like we would be hosting any services that need to be publicly accessible, nor would all users send their e-mail via a local server (at least my machine is already configured to talk directly to the telco's smtp, but this was supposedly different in the good ol' days, so I'm not sure whether it still applies to some users).

In any case, the e-mail issue seems completely forgotten by now: Admin guy wants his static ip address back, negotiates with telco support.
The change will require new PPPoE credentials for the VDSL line, he apparently received them over the phone(?) and should update them in the CPE after they had disabled the login for the dynamic address. Obviously something went wrong, admin guy meanwhile having to use his private phone to call support, claims the credentials would be reverted immediately when he changed them in the CPE Web UI.

Now I'm not exactly sure why, there's two scenarios I could imagine:
- Maybe telco would use TR-069/CWMP to remotely provision the credentials which are not updated in their system, thus overwriting CPE to the old ones and don't allow for manual changes, or
- Maybe just a browser issue. The CPE's login page is not even rendered correctly in my browser, but then again I'm the only one at the company using Firefox Private Mode with Ghostery, so it can't be reproduced on another machine. At least viewing the login/status page works with IE11 though, no idea how badly-written the config stuff itself might be.

Many hours pass, I enjoy not being annoyed by incoming phone calls for the rest of the day. Boss is slightly less happy, no internet and no incoming calls.

Next morning, windows would ask me to classify this new network as public/work/private - apparently someone tried factory-resetting the CPE. Or did they even get a replacement!? Still no internet though.
Hours later, everything finally back to normal, no idea what exactly happened - but we have our old static IPv4 address back, still wondering what we need it for.

Oh, and the blacklisted IP address was just the telco's mail server, of course. They end up on the spamcop list every once in a while.

tl;dr: if you're running a business in Germany that needs e-mail, just don't send it via the big magenta monopoly - you would end up sharing the same mail servers with tons of small businesses that might not employ the most qualified people for securing their stuff, so they will naturally be pwned and abused for spam every once in a while, having your mailservers blacklisted.

I'm waiting for the day when the next e-mail will be blocked and manager / boss eventually wonder how the 24-hours-outage did not even fix aynything in the end...

Programmers are everywhere. I found professional Programmers in unrelated hobby groups twice.

Even my boyfriend had JAVA coding experience to build some private server following online tutorials.

Any other Screeps players here?

for the people running into a "Screeps is not defined":
Screeps is a MMO RTS where you code your "army" to do stuff in Javascript (a la NodeJS).
Code how your harvesters should behave, how your soldiers should behave, how your builders should behave etc. etc.

So far, it is quite a fun game, tho my (Intel Nehalem based) laptop has issues handling it (thanks to a awfully slow GPU...) so it's difficult to play for me at the moment (I'm on holiday, my home PC is a LOT faster).
It costs about 15 euro on steam, and if you're into this stuff, it's well worth it.
Just make sure you finish the tutorial first... I didn't and I regretted it when I bought the game (it's a huge pain in the buttocks to get started if you don't understand the API and such).

Currently just playing on my own localhosted private server to discover how the game works and such, but will be setting up a public server later down the road to play with others.
Tho it would be nice if Screeps would allow for "team-based" gameplay as well so it'll be slightly harder for early players to bully the newer ones.

We are upgrading to nodejs 8 late, because no one is tracking versions. I had to rage a prove war with everyone that we must upgrade because node 6 is ended lts. This week i have to argue with one of the admins that the build server should be updated also (jenkins). And his problem is that our private jenkins server is not used only by our company, but other companies under our group. In my mind the only question is who decides our or other company project is important to build nor6maly. And why we should care ..
Every fucking time its a war against stagnant and/or lazy people.

There are always days when everything related to school projects seems to hate me. In example we have to create a tunnel from our own computers to access uni's private server and suddenly mine stopped working. Me and my classmate were trying to figure it out for 1,5 hour and even our teacher didnt understand the hell was happening and in the end we found out that even tho we deleted the faulty line from host file the firefox still had it in its cache

Experiences of owning a private server with JFK!

Dropping a prod db: 1
Misplacing passwords: 3
Config errors: Over 9'000
fail2ban banned me: 2
Not reading the docs first since: Forever
Setting up a sever again because I fucked up: 4
Formating the wrong USB stick, which had needed data: 1
Resetting lost DB root password: 2
Server crashes due to insufficient psu: 3
Not knowing the firewall is enabled again, so near to nothing works: 2

I am SOOO fucking sick of being asked if our website and gaming servers are going to be GDPR compliant. All these game owners in a panic changing everything they do just to conform to this law.

Fuck GDPR. In all reality COME AT ME BITCH. The EU wants to grow a pair of balls and act like the world internet police? Bring it the FUCK on. You can't even stop pirating in your own country, so how the FUCK are you going to regulate and enforce this law on HUNDREDS of THOUSANDS of servers, when your punk ass government can't even shutdown a single torrenting website.

Give me a fucking break, and shame on you pussies for allowing it. All you people running around scared acting like your private gaming servers are important. I give a shit less how much work you put into your server. I have put more work than most anyone else, but you don't see me trying to act self important as if my gaming server is some fortune 500 company.

Your server isn't important and neither are you. The government doesn't give a shit about your server so can we all just stop acting like this fucking matters. NO ONE FUCKING CARES ABOUT YOUR SERVER.

NO ONE is going to come and sue you for not complying. GDPR is for business, and anyone that wants to argue no look it says right here it applies to all is a fucking MORON. Do you idiots stop and think or do you just believe everything typed out on paper.

THEY CANT ENFORCE THIS ON EVERYONE. They don't have the resources. So use your fucking heads and stop being so fucking scared of a law that has no resources to stop you. THEY CAN"T DO ANYTHING. EU and whoever made their polices, I DARE them to try and touch my server, I WANT them to start something with me, just so I can show the rest of the world why the Internet is still the wild west and why they have no power over me.

You think pirate bay is the only one who knows how to hide their server? You think pirate bay is the only one who keeps backups of their server to be able to re release in an instant somewhere else in the world? Bitch get real this is the internet, a place where a 5 year old can buy hand grenades from the Red Silk Road, and you wanna talk to me about your privacy? Go fuck yourself.

It's not my problem some douche bag went onto a site that used his personal information in the wrong manner. So how about you do what everyone else does and browse ANONYMOUSLY. But no it would be to easy for governments to make their own citizens responsible. Instead they have to hold all of YOUR hands, because you people are to stupid to protect yourself.

Wake the fuck up world, and stop being a bunch of whining little brats who cry for the government to bubble wrap your world so you can live safer. Natural selection is long overdue for a lot of morons still breathing air.

When you are bored and you don't know what to do :D. Starts an SSH Connection in your Private Home Server to change the settings of all installed Service

Spent hours synthesizing few novel ideas on Notepad, and then did Ctrl-A, Ctrl-X so I could just paste it in my private blog. The blog wouldn't respond, ssh'd into the server to troubleshoot, and then realized my habitual use of Ctrl-C destroyed that very content I spent hours on. Only realized this after I got the blog back up running again. X-( I should start getting into habit of using VSCode or Gvim more.

Anyone here that have tried GoodCrypto Private Server?

Have a question about my career:

So far my career out of uni has been like this:

8 months in first place working as C# .NET dev, creating native desktop apps for windows. job was shitty, was not getting any best practices skills so I left.

12 months in 2nd place working as android dev in a startup. was working all alone and had to rebuilt my app up to 5-6 times to learn best practices. startup didnt care about android app at all so I left and now doing just some small freelance work for them.

3 months in new startup as android dev.Today I was told that its decided to focus on iOS and do all marketing (also uplift of new design) only on iOS. basically for next 3-4 months they don't plan to do much on android side. they saw that I showed some interest in backend and now they are asking me to talk with two other senior guys about starting with some small tasks for me on backend.

Our backend is mainly using python. Also backend guys will be pretty busy for next few months because they will have to deliver many new features in next few upcoming months. I've talked with one of them and he said that this is a bad idea to force frontend to start working on backend. However I feel that he's sort of gateekeping and probably just doesn't want to help me with getting up to speed.

In my defense, my knowledge doesn't end with C# .NET desktop apps and native mobile apps for android.

I have hobbie projects (gameservers) where I worked on websites (php,html,css,javascript,mysql) and also was taking care of a java based gameserver which is hosted in a linux vps.

Also I've had a small hosting "company" where with available tools I've managed to automate VPS(virtual private server) ordering, web hosting ordering and domain ordering. Basically I owned a dedicated server and did everything using whmcs, cpanel and proxmox virtualization.

I trust myself in learning this backend stuff and doing whats required, however I learned everything by myself and I won't follow all of these best practices.

Should I accept more responsibility on backend or should I continue focusing on android?

~rant
I think we need to change way how websites deliver themselves to its users. This HTML CSS JS clusterfuck is just a huge PITA in the ass.

What is a website?
It's an application where users find, communicate or share information, can buy or sell their penis pumps and loads of shady stuff.
Why must a website (the delivered application) be split into multiple languages/scripts and lots of HTTP requests?
In my opinion, PWA is a start to make us look at websites more like apps as we are used to on the machine, but they don't solve the mess.
Per my experience, many people working on websites regularly confuse what's executed on the server and what is on the client. They send data to the client via XHR, for example full DB tables of private data, just to then filter it in their beloved Array.filter function.
You can tell those people again and again and this is why I start thinking that the Web, as we know it, needs a big change.

fellow dev thought he was being clever, hiding his private ssh keys inside image files on a public web server...

Trying to setup a staging server boss says just use AWS, system admin doesn't like that thought because it doesn't involve him so waited all day for 3 VM's and still not ready... All I need is 3 blank CoreOS VMs nothing fancy like even doing the cloud config no. Anyone else has colleagues scared of moving out of the private high maintenance servers in the basement?

!Dev

I soon will start working from home. meaning I won't have to waste 4 hours a day busing back and forth from the office.

I think with that free time I might start trying to organize my life, I have hundreds of 'read later' and 'useful' bookmarks across 3 computers, too many browsers, and countless bookmark folders. I also have notes in 7 channels on a private discord server.

I think with the free time I might actually clean up that massive mess and using my server I didn't have last time I worked from home, actually figure out a method that'll help keep it from getting this bad again.

Anyone know private/encrypted p2p network drive app (best would be opensource) between devices in the internet, with multiple user support, invite only ?

It should work behind nat so need use some 3rd party hole punching server for handshakes.

Let’s say I got a movie I want to share with my friend but instead of him downloading it, I would stream it directly from my device and my friend would open it using ex vlc.

Same with other files, on computer can be mounted as network drive.
Or small app with drag drop or cli to add / remove shared directories.

Can be raspberry pi device.

Thinking more, it should work like vpn network but with tunnels between computers.

Can it be done using ipfs ?

I have just slept for a minimum of 5 hours. It is 7:47 PM atm.
Why?
We have had a damn stressful day today.
We have had a programming test, but it really was rather an exam.
Normally, you get 30 minutes for a test and 45 minutes for an exam.

In this "test" we have had to explain what 'extends' does and name a few advantages of why one should use it.
Check.
Read 3 separate texts and write the program code on paper. It was about 1 super class and 1 sub class with a test class in Java.
Check.
Task 3: Create the UML diagram of the code from above. *internally: From above? He probably means my code since there is no other code there. *Checks time*. I have about 3 minutes left. Fuck my life.*
Draws the boxes. Put the class names in each of them. A private attribute for the super class.
Teacher: Last minute!
Draw the arrow starting starting from the sub class to the super class.
Put my name on each written paper. And mentally done for the day. Couldn't finish the last task. Task 3.
During this "test", I heard the frustrations of my classmates. Seemed like everyone was pretty much pissed.
After a short discussion with the teacher who also happens to be the physics professor of a university nearby.
[If you are reading this, I hope that something bad happens to you]
The next course was about computer systems. Remember my recent rant about DNS, dhcp, ftp, web server and samba on ubuntu?
We have had the task to do the screenshots of the consoles where you proof that you have dhcp activated on win7 machine etc. Seemed ok to me. I would have been done in 10 minutes, if I would be doing this relaxed. Now the teacher tells us to change the domain names to <surnameOfEachStudent>.edu.
I was like: That's fine.
Create a new user for the samba server. Read and write directories. Change the config.
Me: That should be easy.
Create new DNS entries in the configs.
Change the IPv6 address area to 192.168.x.100-200/24 only for the dhcp server.
Change the web server's default page. Write your own text into it.
You will have 1 hour and 30 minutes of time for it.
Dumbo -ANGRY-CLIENT-: Aye. Let us first start screenshotting the default page. Oh, it says that we should access it with the domain name. I don't have that much time. Let us be creative and fake it, legally.
Changes the title element so that it looks like it has been accessed via domain name. Deletes the url and writes the domain name without pressing Enter. Screenshot. Done. Ok, let us move to the next target.
Dhcp: Change lease time. Change IP address area. Subnet mask. Router. DNS. Broadcast. Optional domain name. Save.
Switches to win7.
ipconfig /release
ipconfig /renew
Holy shit it does not work!
After changing the configs on ubuntu for a legit 30 minutes: Maybe I should change the ip of the ubuntu virtual machine itself. *me asking my old self: why did not you do that in the first place, ass hole?!*
Same previous commands on win7 console. Does not work. Hmmm...
Where could be the problem?
Check the IP of the ubuntu server once again. Fml. Ubuntu did not save when I clicked on the save button the first time I have changed it. Click on save button 10 times to make sure it really is saved now lol.
Same old procedure on win7.
Alright. Dhcp works. Screenshot.
Checks time. 40 minutes left.
DNS:It is your turn. Checks bind9 configs. sudo nano db.reverse.edu.
sudo nano db.<mysurname>.edu.
Alright. All set. It should work now.
Ping win7 from ubuntu and vice versa. Works. Ping domain name on windows 7 vm. Does not work.
Oh, I forgot to restart the bind9 server on ubuntu.
sudo service bind stop
" " " start
Check DNS server IP on win7. It looks fine.
It still doesn't work. Fuck it. I have only 20 minutes left. Samba. Let us do this!
10 minutes in. No result. I don't remember why. I already forgot why I have done for it. It was a very stressful day.
Let us try DNS again.
Oh shit. I forgot the resolver!
sudo nano /etc/resolv.conf
The previous edits are gone. Dumb me. It says it in the comments. Why did not I care about it. Fuck it.6 minutes left. Open a yt video real quick. Changes the config file. Saves it. Restarts DNS and dhcp. Closes the terminal and opens a new one. The changes do not affect them until you reopen them. That's why.
Change to win7.
Ping works. How about nsloopup.
Does not work.
Teacher: 2 minutes left!
Fuck it.
Saves the word document with the images in it. Export as pdf. Tries to access the directories of the school samba server. Does not work. It was not my fault tho. Our school server is in general very slow. It feels like they are not maintained and left alone like this in the dust from the 90s.
Friend gets the permission to put his document on a USB and give the USB to the teacher.
Sneaky me: Hey xyz, can you give me your USB real quick?
Him: sure.
Gets bombed with "do you want to format the USB?" pop-ups 10 times. Fml. Skips in a fast way.
Transfers the pdf. Plug it out. Give it back.
After this we have had to give a presentation in politics. I am done.

I really like helping other learn how to use a programming language or solve problems on general. I often go out of my way and stop working on my hobby projects, just to help someone.

Thag being said, I'm no prgramming god. I myself am striving to become a better programmer.
I make mistakes, I can't always help you, I am still learning, but I only have good intentions. And you are by no means obligated to follow my advice. Quite the contrary, fight me, try to prove me wrong or say point out possible flaws. THINK ABOUT WHAT I TELL YOU. DON'T JUST BLINDLY FOLLOW MY ADVICE AND BITCH ON ME LATER.

This happens rather often and I can see why you want to blame me. And I can't deny that part of this is also my fault.
Situations like these don't really tilt me.

But today someone had the fucking nerve to pop a file into the chat and get mad at me for sugvesting a cleaner, shorter and more efficient solution. LIKE I DON'T FUCKING CARE THAT IT TOOK YOU A WHOLE DAY TO IMPLEMENT SOMETHING I CAN DO BETTER IN MINUTES, I JUST WANT TO HELP YOU.
But the best thing I get afterwards: "But you told me to do it like that" BITCH WHAT!?
I have chat logs telling me loud and clear that the concept we never talked about before in private nor on a public server (bless discord's search function). And I will not accept your lousy excuse of having me cobfused with someone. You disrespected me greatly, you put words in my mouth, just to justify your pity anger, when I'm trying to help you?!

Get crucified and put on a shooting range!

I offer you out of pure goodwill. Something you'd normally have to pay for. And this is the treatment I get in return?
Just rm -rf your disastrous, dd -if=/dev/urandom your harddrive and sod off!

I've been working for a company since last year. I was very enthusiastic and happy because that company always boasted about being the leader of cloud solutions in my country and I was really interested in everything related to the cloud computing world . However, after one year, my current task is updating stupid fucking private products that no one knows on fucking old windows server.....

So I was looking into phone app development again (as you do) and I'm working on a simple QoL app for me and my SO that will help us automate some home management and finances stuff. Naturally I delved down the rabbit hole deep and wanted to have push notifications so we don't have to check the app periodically to know when certain things happen... Oh boy... Why is mobile development so convoluted, especially if you don't want to rely on Google Services...

It seems that the most accepted way of doing this is Firebase (FCM). Well me being me, I refuse to use google services for this and I prefer self hosted solutions (for data privacy reasons) which eliminates most products out there.

It also didn't help that my framework of choice is Flutter/Dart, because fuck Android Studio and the insane buggy XML stuff and fuck Android and it's constantly changing APIs...

Well In the end I decided on a rather simple solution and self hosted an AMQP service (RabbitMQ in my case, as I have some experience with it already) and implemented a foreground service in android platform specific code on top of my flutter project to kickstart it and made my phone a queue listener... This now means I can push notifications from my server to the Messaging Queue and it will be pushed into my App automatically!

One thing I found out on this journey was that Android now kills most background services and enforces foreground services to have a visible notification in the status drawer... which I actually approve of. It's a bit annoying that you can start a reliable background service, but I'm absolutely on-board with long running processes started by my apps are constantly visible...

Long story short, I love reinventing all the wheels, especially if it's for free and private... And I also went to sleep at 2AM again because this took longer that I'd like to tune... but it works, and it's google free...

I'm thinking of trying to package this up as a flutter module later, but first I want to do testing on battery life and the general life cycle of the service. RabbitMQ says they have the client library optimized for long-lasting connections and it should be just using a tcp socket, which should pretty much be what all the push notification services are doing anyway. I'm also not completely satisfied with how the permanent notification looks.. it isn't collapsible like some of the other ones from other apps and it's about 2 lines high instead of single line... which is something quite annoying and I'm struggling to find any relevant docs on how this is done other than possible making a custom Notification Style... but I just can't believe that everyone is doing that.. there must be a built-in somewhere -_-... Ugh Android is hell...

Anyway, if any android devs here have some hints, tips and tricks on how to handle this type of background/foreground process stuff and I'm doing something wrong let me know, cause googling this shit is a nightmare too!

Anyone out here started their programming interest by creating moding/ creating their own private WoW servers back in the day? Or any thing of such nature ?

Mine interest was sparked by screwing around with mangos private wow server source. Way back in the day haha.

Interesting project lined up for today!

I'll be installing a security system, one camera connected to a DVR pointing at a front door triggering a buzzer and sending a video feed to a monitor in a ground floor room at the other side of the house.

But it's my dads house so I'm going to have fun with it and install a wired Cat5 network an Isolated offline router and build in some "smart home" features from scratch, all running on a Local Area Network.

I've built a private home server package for media and storage using Apache and I want to add as many features to the house as I can, maybe even install an extra camera pointing towards the sky (every home should have a sky cam lol).

I can take my time with this project over the next several weeks and I was wondering what would you add to this project?

Outlook protection is shit!
Microsoft is blocking our company mail server AND even my private one for a couple of days now for no reason.
Every other mailing black list has nothing to complain but Microsoft: "You want to send a very important mail to your customer? Nope!"
And
"Yeah, now you tried to use your private server to fool me. Haha, nope! You didn't think I would block IPs randomly, did you?"

Fuck Microsoft! Fuck Outlook protection! Fuck hotmail!

Besides Owncloud and Gitlab, what's your favorite open source project to self-host on your own private server?

I'm finally going on vacation, which is good, but I already know there will be many stupid people writing me endless private messages about them being banned or their server not working correctly BECAUSE OF THEIR OWN SCRIPTS and they will spam me like they usually do although I WRITE THEM I'm out of the office but they don't care since they don't have other things to do than COMPLAINING ALL DAY.

Geez okay, I got to calm down, I'm on vacation, don't want *that* to ruin my mood.

It was stupid to ban all those people for breaking the rules today though, should have waited another week, so guess this one is on me.

Lets say you used a dating app. It explicitly told you "please do not share any personally identifiable information when chatting with any boy/girl with this dating app because your chat will be stored and processed in our server to improve the recommendation algorithm of potential dates and autocompleting your flirty talk to increase your successful rate." at the beginning of the app, but you didn't read carefully and clicked "agree". After a while, you noticed the dating app already stored all your private chat in their server for machine learning.

Although legally I believe that dating app would still be GDPR compliant,
the question is, will you continue using that dating app or not?

#bonfiretalk

Why did you want to become a programmer? Spending alot of my Teenage years on online games I always had a fascination for those 1337 haxxors that just appeared, did some awesome neverseen stuff and sometimes suddenly disappeared, never came back and became urban legends ("I heard h4xor1337 got caught by the FBI"..."I heard he was a CIA Hacker".."He was from Russia").. I started universe, picked some C/C++ Tutorials and 3 years later I am a freelancing Android developer . Today I am Downloading the source code of that old mmorpg (which is still played by alot of people , especially in the private Server scene) to practice my C++

The it manager said that the site on my private vps where we are using a small tool as reference, is a security issue and what if it may be hacked... Well, from this point of perspective all the websites shall be switched off. The tool lovered the problem resolution from 30 to 2 minutes.. I have asked for on premise server before but noone gave a shit so I hosted on my private vps. I wont give it back for free, its a sure thing. Soon they will start to get the complains that its offline because the customer is using it for debugging too. I feel like IT and dev is really moving appart. They act as bunch of pathetic jelous guys who couldn't learn programming and ended up in installing windows on machines...

I'm kinda amazed at how simple it is to host my private git server on my raspberry pi. That being said I couldn't get it to work well as an access point with hostapd. Therefore pushing and pulling while on my home wifi works like a charm, but doing this in public requires ethernet. Having an Ethernet run from outside my backpack really does make me look like some hacker terrorist person, especially in NYC

AWS Contractor

I've been putting a web application together that I'm looking to have published on AWS. Not having too much experience with AWS, I am looking to hire a contractor. I've had a number of quotes from different AWS admin's ranging from $40 an hour to $200 an hour, from 1-days worth of work to 2-months worth of work!

I'm not really sure what to make of it or to whom to trust. I believe they’re using my ignorance to overcharge me. I've listed my requirements below, could you guys use your professional experiences to let me know what you think is reasonable charge and where best I could find someone to help me.

My application is a US shopping website where people can set up an online shop and upload their products and maintain an inventory of the items.

This is what I’m looking for setup and configuration with the following two areas:

1) AWS SYSTEMS…

* AIM - Set up my server admin users.

* EC2 - Web Hosting.

* RDS - Fast DB.

* SES - To send emails.

* S3 Buckets - Uploaded image hosting.

Route 53 - I don’t know but someone said I should have this.

* Elastic Load Balancing - For, well, load balancing.

2) SCRIPTS…

* A script that would back up the database once a day and save it to a private S3 Bucket.

* A script that will run once a day that calls an internal API, and POST a query to it.

* A script that runs once every 90 days, to refresh the SSL using ZeroSSL.com

Is there anything that I've missed such as security systems, firewalls, auto scaling and CDNs?

The quotes that I've received arranged from $320 to $64,000. I know I am being abused because of my ignorance. I would never overcharge someone because the customer doesn't know the efforts of the work. I hope someone here can help to understand the efforts needed and can tell me the true cost.

Thank you

Using grafana together with tinc+promotheus, has been a blast.

Initially I wanted to get into ELK with Kibana and all that, but that required 8G of ram, the instructions to get it running in the open source "mode" was nearly non-existent, together with all the ready docker compose stacks out there simply not working or the images being broken.

I'm sure I could've managed around most of those issues, but the fact it is as hungry as gitlab, made it a literal no-go for the usual server resources my clients host or my own scaled down server recently.

Thankfully I remembered that there's grafana and me having experimented some time ago with tinc, so I can have very lightweight beat'esque prometheus agents deployed listening on tinc local net only, with the typical nginx auth and some whitelists to all of the servers I host and all those of my clients.

The dashboard creation was especially great in grafana (tbf promotheus does actually most of it), literally what I always wanted out of those "complicated" solutions, that do it all, but have no proper query language, complex documentation, heavy collectors with no properly named data points, expensive resource runtimes, ..

with grafana I can just easily put dashboards into folders, create users to look only at certain stats or even dashboards (opened up some interesting contracts actually, because now I can also offer proper monitoring for all things delivered), easily drag and drop around stuff to fit more information (most others fix you to a small 3x2 grid, a too big grid for a TV or simply non resizable tiles, making that one counter take up an entire row) and resize to my hearts desire

tinc of course allows me to easily create private networks that are resistant to failure across any region and the routing is done for me, so I don't have to run around it all that much either

P.S: a damn tiny fly went into one of my now 4 monitors and died right in the middle, because I thought it's just some dirt and I pressed it in while trying to wipe it off, so that monitor now serves as the top most on a vesa mount

The only way I can edit Puppet config files is by git. And the only way I can git pull/push/commit/etc is generating a ssh key with a private key and give my public key to my supervisor to the git server (wherever that may be).

Because I'm on Windows 10 and screwed up my installers, I completely forgot to backup my ssh keys before resetting it. FML

You know what really grinds my gears? Products that have no right of linking your data to an online platform.

Case and point: Password Managers. Nearly all of them work only with an account on a given service, have the passwords stored on their servers and so on and so forth. There is 0 transparency and for that matter 0 security. I found my choice, though it infuriates me terribly.

Another thing are budget managers. The switch for YNAB from local to on servers really annoys me. They should have no business in storing my very private data on their server. I don't understand people using it either.

For someone not deep-into-security, can someone tell me why "encrypted"/"non-compromised" communication is hard?

Wouldn't a private server that holds conversation in-memory (imagine Dictionary holding U2U GUID-GUID list of 'msg' objs) suffice?
Incoming IP info is disregarded and nothing gets written on-disk ever

Need to erase everything? just reboot the server, it's all in memory anyway

To avoid man-in-the-middle, pre-handshake check cert integrity by exposing the certificate-fingerprint by another endpoint, if the fingerprints match, proceed to switch to websocket
Wouldn't this be wayyyy more secure for actual anti-establishment talks than all the fancy probably-backdoored software that exists today? .-.

Hell it's easy enough that someone could make it go live in a few days, keep it up accessible if you know the IP and port to communicate and close-and-delete when done

I decided to use Docker Compose on a tiny project that essentially consists of an API and a Caddy server that serves static files and proxies to the API, all of this running on an EC2 t1-nano. I made this admittedly odd choice because I wanted to learn Compose and simultaneously forego figuring out why the node-gyp bindings for sqlite3 refuse to build on EC2 even though it builds just fine on my machine.

I am storing secrets in .env which is committed into the private GH repo. Just now I came across a rant that described the same security practice and it sounded pretty bad from an outside perspective so I decided to research alternatives.

Apparently professional methods for storing secrets generally have higher system requirements than a t1-nano. I'm not looking for a complex service orchestration system, I'm not trying to run an enterprise on this poor little cloud-based raspberry pi. I just want to move my secrets out of the Git repo,

Any tips?

Gah, I just received this Ubuntu 18.04 VM with 8 cores and 8 gigs of ram, and since it'll be a production server both serving public and "private" networks (yes, shout at me, but projects won't be about hosting sensitive information, I wouldn't put all that on one server), and I'm struggling between my options.

Docker, or not docker?

The server's main use is to host our growing blog and install Varnish, which will hog some ram after a while. I use Laradock for my dev projets, it's really easy to develop with it, but I am unsure if it fits a production environment with performance, security and traffic load in mind :(

I read Docker has stability issues (in 2016-2017), and can bring the machine down with it, I don't know if I should just install the software (nginx, apache, percona/mysql/maria) without "containerizing" it and go for it

I'm lost xD

What keyboard macros do you guys use when you have programmable function keys?

Also a funny little story that I just remembered. My brother used to have a key that would type his password cause he was THAT fucking lazy. He was writing an NPC for a private Ragnarok Online server that I was testing with a couple people. Apparently he had hit that function key in the middle of an announcement command.

So basically, everything went as planned, but then while announcing an event, it would announce his password to THE ENTIRE SERVER. Lucky for him, there were only three of us online at the time, and we told him as soon as it happened.

Things that I learned today (15-07-20):
Suppose you have a hosted zone (both private and public) i.e. y.test.com. in AWS r53. and you created r53 DNS record in the public host zone sample1.y.test.com and if you will try to reach this DNS from ec2 you will not be able to. it will give you an error that DNS does not exist but out of ec2, it will work.
To make it work, you have to create the same record in a private hosted zone. Then only you can connect from within an EC2 instance.
So apparently EC2 always looks for the DNS for your registered name server in private hosted zone.

There should be a fail-safe, if it's not in the private hosted zone, it should look in public as well. (idk)

Maybe it was silly of me to not knowing this in the first place. ( wasted good amount of time)

I was trying to set up my own "cloud" for iot experiments. I planned to use Intel Edison with mqtt broker (using mosca) and a node js app for providing API for mobiles and browser. And also to do other book keeping.

I spent the half day trying figure how to expose these servers to internet.

I configured ddns in noip.com and ddns settings configured to it in my router.
Port forwarded to the local server services I needed.

And then tested. Worked perfectly on any device in my router connected network. Tested on mobile network. Bam! It fucking doesn't work.

Then connected another router.
Double port forwarded. Again worked perfectly on router network. And failed on mobile.
Tested if ddns is right. Did nslookup it was fine as fuck.
Then disabled port forwarding. Did dmz. Nope. Nadda. No luck.

Then scratched my head so hard that I lost more already losing hairs.

Then remembered about router hardware firewall. Disabled it.
Tested
And there it didn't work.
My dreams shattered like a fucking deer hit by car on highway.
Didn't work.
Then I see the IP pointing to my router in nslookup. Its 172.20.xx.xx. Its a fucking private IP.

My Asshole ISP is running another private network behind firewall. Which I fucking can't port forward
Now I think how much of a noob and idiot I am. Fuck this shit. Fuck all of these shit.
I am going for SaaS option for mqtt broker.
(Or help me?)
Once again.
Asshole ISP.
Fuck your firewall.
(PS: I had test the next day. FML)

What is your experience; Is GitHub worth (feature-wise) the 7$/month in the basic plan?

I am currently running my own GitLab on an Odroid because I need unlimited private repos for freelance work. This basically works great, but updating GitLab and fixing "server" issues emerged to be quite a lot of work. Also, I prefer the GitHub UI over the new GitLab one and GitLab is (may be due to my low-spec Odroid) terribly slow for me.

On the other hand, it gives me ultimate freedom on groups, repo-permissions, client-accounts for bug-tracking, ...

How much freedom does the GitHub "Developer"-option offer? Is someone using it for freelance projects and has some experience to share? Thanks in advance!

I wonder if there is any technical issues that prohibit the creation of open source websites.
By "web sites" I do not consider CMS like Drupal or word press, but rather entire end web site sources.

In fact anything (frontend, backend) except database content that contain user data and credentials.

Not for reusability purposes like CMSs, but simply for transparency and community development purposes, like almost any open source end application.

I agree that a web server is much more exposed than a classic desktop app, as it has lots of targetable private data and internet public access. But for some non-critical purpose this seems to be affordable in exchange of better code review, allowing a community to help improve a tool it uses, and better (not perfect though) transparency (which is an increasingly relevant question nowadays, mainly towards personal data usage).

Started messing around with a game called Runescape, as any other game it had a private server community which was quite big back in 2009ish.Learned alot of java there and some mysql.

So as a personal project for work I decided to start data logging facility variables, it's something that we might need to pickup at some point in the future so decided to take the initiative since I'm the new guy.
I setup some basic current loop sensors are things like gas line pressures for bulk nitrogen and compressed air but decided to go with a more advanced system for logging the temperature and humidity in the labs. These sensors come with 'software' it's a web site you host internally. Cool so I just need to build a simple web server to run these PoE sensors. No big deal right, it's just an IIS service. Months after ordering Server 2019 though SSC I get 4 activation codes 2 MAK and 2 KMS. I won the lottery now i just have to download the server 2019 retail ISO and... Won't take the keys. Back to purchasing, "oh I can download that for you, what key is yours". Um... I dunno you sent me 4 Can I just get the link, "well you have to have a login". Ok what building are you in I'll drive over with a USB key (hoping there on the same campus), "the download keeps stopping, I'll contact the IT service in your building". a week later I get an install ISO and still no one knows that key is mine. Local IT service suggests it's probably a MAK key since I originally got a quote for a retail copy and we don't run a KMS server on the network I'm using for testing. We'll doesn't windows reject all 4 keys then proceed to register with a non-existent KMS server on the network I'm using for testing. Great so now this server that is supposed to connected to a private network for the sensors and use the second NIC for an internet connection has to be connected to the old network that I'm using for testing because that's where the KMS server seems to be. Ok no big deal the old network has internet except the powers that be want to migrate everything to the new more secure network but I still need to be connected to the KMS server because they sent me the wrong key. So I'm up to three network cards and some of my basic sensors are running on yet another network and I want to migrate the management software to this hardware to have all my data logging in one system. I had to label the Ethernet ports so I could hand over the hardware for certification and security scans.

So at this point I have my system running with a couple sensors setup with static IP's because I haven't had time to setup the DNS for the private network the sensors run on. Local IT goes to install McAfee and can't because it isn't compatible with anything after 1809 or later, I get a message back that " we only support up to 1709" I point out that it's server 2019, "Oh yeah, let me ask about that" a bunch of back and forth ensues and finally Local IT get's a version of McAfee that will install, runs security scan again i get a message back. " There are two high risk issues on your server", my blood pressure is getting high as well. The risks there looking at McAfee versions are out of date and windows Defender is disabled (because of McAfee).

There's a low risk issue as well, something relating to the DNS service I didn't fully setup. I tell local IT just disable it for now, then think we'll heck I'll remote in and do it. Nope can't remote into my server, oh they renamed it well that's lot going to stay that way but whatever oh here's the IP they assigned it, nope cant remote in no privileges. Ok so I run up three flights of stairs to local IT before they leave for the day log into my server yup RDP is enabled, odd but whatever let's delete the DNS role for now, nope you don't have admin privileges. Now I'm really getting displeased, I can;t have admin privileges on the network you want me to use to support the service on a system you can't support and I'm supposed to believe you can migrate the life safety systems you want us to move. I'm using my system to prove that the 2FA system works, at this rate I'm going to have 2FA access to a completely worthless broken system in a few years. good thing I rebuilt the whole server in a VM I'm planning to deploy before I get the official one back. I'm skipping a lot of the ridiculous back and forth conversations because the more I think about it the more irritated I get.

What's the simplest way to deploy a small node project to a private root server, possibly dockerized?

I feel like there are thousands of possibilities nowadays, like Ansible and so on. But is there something more in the the KISS way? Apart from just hacking a bash script together of course, it should be portable (and work on windows too).

Playing Minecraft 1.12.1 on my private server, everything going fine. Time for lunch, I close the game and come back later.
Restart the game, try to connect to my server again:
"Failed to connect to server
java.lang.NullPointerException: group"
Won't connect anymore now.

WTF is wrong with you???

For people who use an email provider that's not Google/Microsoft/proprietary-steal-yo'-data. What are y'all's thoughts on it? Are there good open source or proprietary but private(not sell your data to China/US/Uncle greg from the market) ones? Excluding the obvious "just host your own email server".

Dabbled in primary school on Microsoft Front Page, but actually programming would have been the WoW private server scene. Started on C++, got confused, tried LUA, loved it, came back to C++ was still confused but could get things done. And then the story goes on and on.

Windows why do I need to explicitly tell you in a firewall rule to allow port 80 to allow someone in the same NAT as me which is set to a private network to access the web server?