Details
-
AboutDevSecOps
-
Skillslinux, debian, servers, python, shell, bash
-
Location/dev/null
Joined devRant on 7/21/2018
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
DO NOT EXPORT GPG KEYS _TEMPORARILY_ AND ASSUME THAT THEY'LL BE IN THE ORIGINAL LOCATION AFTER EXPORT!
I learnt this lesson the hard way.
I had to use a GPG key from my personal keyring on a different machine ( that I control ). This was a temporary one-time operation so I thought I might be a smart-ass and do the decryption on the fly.
So, the idiotic me directly piped the output : `gpg --export-secret-key | scp ...`. Very cool ( at the time ). Everything worked as expected. I was happy. I went to bed.
In the morning, I had to use the same key on the original machine for the normal purpose I'd use it for and guess what greeted me? - *No secret key*
*me exclaims* : What the actual f**k?!
More than half a day of researching on the internet and various trials-and-errors ( I didn't even do any work for my employer ), I finally gave up trying to retrieve / recover the lost secret key that was never written to a file.
Well, to be fair, it was imported into a temporary keyring on the second machine, but that was deleted immediately after use. Because I *thought* that the original secret key was still in my original keyring.
More idiotic was the fact that I'd been completely ignorant of the option called `--list-secret-keys` even after using GPG for many years now. My test to confirm whether the key was still in place was `--list-keys` which even now lists the user ID. Alas, now without a secret key to do anything meaningful really.
Here I am, with my face in my hands, shaking my head and almost crying.5 -
I can't stop laughing at the irony of this post : https://freenode.net/news/...
in fact, all posts from rasengan on the freenode "news" site are laughable. If you want a good weekend laugh, you should subscribe to the site.
I rarely read freenode's news because it was mostly only technical update posts that wasn't too relevant to me. But now, this person is using an IRC network's news site as their personal ranting space and probably want to pass them off as "news".
oh, and apparently, they have too many designations that they need to use a new one with every new post.12 -
That feeling when you mess up and you need to add a new commit and mention in the commit message that the previous commit ( that you created ) was a mistake.
I'd be happy to do the same thing if it was someone else's mess up.2 -
techie 1 : hey, can you give me access to X?
techie 2 : the credentials should be in the password manager repository
t1 : oh, but I don't have access to the password manager
t2 : I see your key A1B2C3D4 listed in the recipients of the file
t1 : but I lost that key :(
t2 : okay, give me your new key then.
t1 : I have my personal key uploaded to my server
t1 : can you try fetching it?
t1 : it should work with web key directory ( WKD )
t2 : okay
t2 : no record according to https://keyserver.ubuntu.com
t1 : the keyserver is personal-domain.com
t1 : try this `gpg --no-default-keyring --keyring /tmp/gpg-$$ --auto-key-locate clear,wkd --locate-keys username@personal-domain.com`
t2 : that didn't work. apparently some problem with my dirmgr `Looking for drmgr ...` and it quit
t1 : do you have `dirmngr` installed?
t2 : I have it installed `dirmngr is already the newest version (2.2.27-2)`
t2 : `gpg: waiting for the dirmngr to come up ... (5)` . this is the problem. I guess
t1 : maybe your gpg agent is stuck between states.
t1 : I don't recall the command to restart the GPG agent, but restarting the agent should probably fix it.
t1 : `gpg-connect-agent reloadagent /bye`
source : https://superuser.com/a/1183544
t1 : *uploads ASCII-armored key file*
t1 : but please don't use this permanently; this is a temporary key
t2 : ok
t2 : *uploads signed password file*
t1 : thanks
t2 : cool
*5 minutes later*
t1 : hey, I have forgotten the password to the key I sent you :(
t2 : okay
...
t2 : fall back to SSH public key encryption?
t1 : is that even possible?
t2 : Stack Overflow says its possible
t1 : * does a web search too *
t1 : source?
t2 : https://superuser.com/questions/...
t2 : lets try it out
t1 : okay
t2 : is this your key? *sends link to gitlab.com/username.keys*
t1 : yes, please use the ED25519 key.
t1 : the second one is my old 4096-bit RSA key...
t1 : which I lost
...
t1 : wait, you can't use the ED25519 key
t2 : why not?
t1 : apparently, ED25519 key is not supported
t1 : I was trying out the steps from the answer and I hit this error :
`do_convert_to_pkcs8: unsupported key type ED25519`
t2 : :facepalm: now what
t1 : :shrug:
...
t1 : *uploads ASCII-armored key file*
t1 : I'm sure of the password for this key
t1 : I use it everyday
t2 : *uploads signed password file*
*1 minute later*
t1 : finally... I have decrypted the file and gotten the password.
t1 : now attempting to login
t1 : I'm in!
...
t2 : I think this should be in an XKCD joke
t2 : Two tech guys sharing password.
t1 : I know a better place for it - devRant.com
t1 : if you haven't been there before; don't go there now.
t1 : go on a Friday evening; by the time you get out of it, it'll be Monday.
t1 : and you'll thank me for a _weekend well spent_
t2 : hehe.. okay.8 -
almost end of working day... jobless...
me : *running `uptime` on a server*
*for no reason* : runs `uptime --pretty`
interesting output... ( that I have seen so many times on my personal machine because I have `uptime` aliased to `uptime --pretty` )
*thinks to self* : didn't we create that program that computed a similar output? Wonder if the code is similar...
*brain gets excited about the source code of `uptime`*
goes hunting for the source code of `uptime`... finds it... ( wasn't too hard anyway )
now here I am comparing my code with the source code of `uptime`
what a way to end the day... 🤦 FML!1 -
I had to import some resources into infrastructure-as-code ( IaC ) for a new project. I found the right tool for the job and started working on it.
But I had a lot of resources to import. I decided to use the API of the source provider and transform them into the configuration format required for the IaC tool.
After spending a good half of a day scripting with a combination of `jq` and `yq` and another bunch of tools, I finally completed the import yesterday.
Today, I had to refer to the documentation of the IaC tool for something else and I found that there was a built-in command for pulling resources from the target to the source ( basically what I did with my script ). 🤦
( I hope my manager doesn't find out that I 'wasted' half a day when I could have completed the job within around an hour )
Lesson learnt the hard way ( again ) : READ THE F**KING MANUAL even if it may seem trivial.
*thought to self* : YTF won't you learn this simple thing after so many incidents? RTFM! -
Why does devRant show I have 6 unread notifications?
I cleared the cache. Even downloaded the mobile app to check whether it was only a problem with the web-app.
No, that number is still there. The mobile app claims it is the comments section. I scrolled down to 2019 ( no, I haven't been all that active ) and still no unread notifications.
Why didn't you think of putting up an 'unread tab' when you were creating all those tabs on the mobile app? Please add an unread tab 🙏
Also, the read and unread markers in the dark mode could have a little more darker contrast difference in the dark mode. I don't know about light mode, because I don't use it ( but I could check once I get notifications from this rant; I'm turning light mode on for a brief while to check this )
I haven't had unread-anxiety before, but I guess I have it now ( not really though )23 -
why am I feeling so guilty about this? should I be feeling guilty about this?
PS : this is not a support request. I genuinely feel bad about writing that piece of code and sense something is wrong somewhere, but I cannot figure out what. I stared at the screen for quite a while before giving up.
maybe it might reveal itself to me when I continue staring at it tomorrow.12 -
developer makes a "missed-a-semicolon"-kind of mistake that brings your non-production infrastructure down.
manager goes crazy. rallies the whole team into a meeting to find "whom to hold accountable for this stupid mistake" ( read : whom should I blame? ).
spend 1-hour to investigate the problem. send out another developer to fix the problem.
... continue digging ...
( with every step in the software development lifecycle handbook; the only step missing was to pull the handbook itself out )
finds that the developer followed the development process well ( no hoops jumped ).
the error was missed during the code review because the reviewer didn't actually "review" the code, but reported that they had "reviewed and merged" the code
get asked why we're all spending time trying to fix a problem that occurred in a non-production environment. apparently, now it is about figuring out the root cause so that it doesn't happen in production.
we're ALL now staring at the SAME pull request. now the manager is suddenly more mad because the developer used brackets to indicate the pseudo-path where the change occurred.
"WHY WOULD YOU WASTE 30-SECONDS PUTTING ALL THOSE BRACES? YOU'RE ALREADY ON A BRANCH!"
PS : the reason I didn't quote any of the manager's words until the end was because they were screaming all along, so, I'd have to type in ALL CAPS-case. I'm a CAPS-case-hater by-default ( except for the singular use of "I" ( eye; indicating myself ) )
WTF? I mean, walk your temper off first ( I don't mean literally, right now; for now, consider it a figure of speech. I wish I could ask you to do it literally; but no, I'm not that much of a sadist just yet ). Then come back and decide what you actually want to be pissed about. Then think more; about whether you want to kill everyone else's productivity by rallying the entire team ( OK, I'm exaggerating, it's a small team of 4 people; excluding the manager ) to look at an issue that happened in a non-production environment.
At the end of the week, you're still going to come back and say we're behind schedule because we didn't get any work done.
Well, here's 4 hours of our time consumed away by you.
This manager also has a habit of saying, "getting on X's case". Even if it is a discussion ( and not a debate ). What is that supposed to mean? Did X commit such a grave crime that they need to be condemned to hell?
I miss my old organization where there was a strict no-blame policy. Their strategy was, "OK, we have an issue, let's fix it and move on."
I've gotten involved ( not caused it ) in even bigger issues ( like an almost-data-breach ) and nobody ever pointed a finger at another person.
Even though we all knew who caused the issue. Some even went beyond and defended the person. Like, "Them. No, that's not possible. They won't do such dumb mistakes. They're very thorough with their work."
No one even talked about the person behind their back either ( at least I wasn't involved in any such conversation ). Even later, after the whole issue had settled down. I don't think people brought it up later either ( though it was kind of a hush-hush need-to-know event )
Now I realize the other unsaid-advantage of the no-blame policy. You don't lose 4 hours of your so-called "quarantine productivity". We're already short on productivity. Please don't add anymore. 🙏11 -
Damn it! today I learnt that GitHub has a tool called Hub - "an extension to command-line git that helps you do everyday GitHub tasks without ever leaving the terminal".
It's been around for 10 years.
And here I was clicking on the link that was sent by the remote after every push to open a pull request 🤦♂️
It even comes with vim syntax support for pull requests.
I'm never leaving the terminal to do things on the GitHub web interface anymore1 -
Is 'Ikea Programming' a thing?
If it isn't yet, we should make it a thing - for those people who call themselves "programmers" after copy-pasting a few lines of code from stack-overflow ( or elsewhere ) and gets it working.
And then claims, "It works right? Don't touch it."
I'm going to start using it already.
( but it wouldn't be any fun to call someone names over video conferencing. that's the fun of going to an 'office'. I guess I'm missing it now. )
PS : the long conversation screenshot is only for context, but the highlighted part should be sufficient to get what I'm talking about.question ikea programming copy-paste not programmers we should totally make it a thing copy-paste programmers3 -
Wife ( working from home; to husband ) : how many whistles did the pressure cooker blow?
Husband : How am I supposed to know? I don't know!
Manager ( on Skype ) : Three! I heard three whistles!5 -
It's weird that devRant, being a developer-centric platform, doesn't support `preformatted text`.
I just want to put `code` in backticks and stupid code snippets in triple backticks.
I think it's high time we adopted markdown. Can someone please take this issue #27 up from 2017? It's 2020 FFS!
https://github.com/devRant/devRant/...6 -
How do you transfer text from one machine ( laptop ) to another ( phone ) with no common tools ( Firefox Send spat out a long string of characters that I had no way of transferring either ) on either? Basically a clipboard sync.
There used to be this online notepad at notepad.cc, but that tool is gone away now.
How do you do it hacker-style? `wall`!
- SSH into the same same server from both machines ( this also assumes you have Termux or some equivalent tool for your phone )
- use `wall` to broadcast message from source
- copy broadcast at destination
- done31 -
I started reading this rant ( https://devrant.com/rants/2449971/... ) by @ddit because when I started reading it I could relate to it, but the further he explained, the lesser relatable it got.
( I started typing this as a comment and now I'm posting this as a rant because I have a very big opinion that wouldn't fit into the character limit for a comment )
I've been thinking about the same problem myself recently but I have very different opinion from yours.
I'm a hard-core linux fan boy - GUI or no GUI ( my opinion might be biased to some extent ). Windows is just shit! It's useless for anything. It's for n00bs. And it's only recently that it even started getting close to power usage.
Windows is good at gaming only because it was the first platform to support gaming outside of video game consoles. Just like it got all of the share of 'computer' viruses ( seesh, you have to be explicit about viruses these days ) because it was the most widely used OS. I think if MacOS invested enough in it, it could easily outperform Windows in terms of gaming performance. They've got both the hardware and the software under their control. It's just that they prefer to focus on 'professionals' rather than gamers.
I agree that the linux GUI world is not that great ( but I think it's slowly getting better ). The non-GUI world compensates for that limitation.
I'm a terminal freak. I use the TTY ( console mode, not a VTE ) even when I have a GUI running ( only for web browsing because TUI browsers can't handle javascript well and we all know what the web is made of today - no more hacking with CSS to do your bidding )
I've been thinking of getting a Mac to do all the basic things that you'd want to do on the internet.
My list :
linux - everything ( hacking power user style )
macOS - normal use ( browsing, streaming, social media, etc )
windows - none actually, but I'll give in for gaming because most games are only supported on Windows.
Phew, I needed another 750-1500 characters to finish my reply.16 -
I found out that apache had built-in support ( via a module - mod_md ) for automatic TLS certificate management with Let's Encrypt since October 2017.
Bloody Hell! Why didn't I hear of this sooner?
So, I ran off into my cloud to set up this so-called ManagedDomain ( mod_md ).
Found the module in the package repositories, installed it and started testing it out.
I started writing IfModule conditions under mod_ssl so that I wouldn't have to overwrite my existing TLS configurations ( which was already issued by Let's Encrypt via certbot, by the way ).
After a whole night of twisting and turning with the configurations, it turns out that the module in the package repositories were built for ACMEv1 and that API has been dead for as long as the module has been around.
I had noticed that the module was 'experimental', but I still hoped that they had the packaged the module.
Finally, I cozied back up with certbot. At least, until this so-called mod_md becomes stable and mainstream.
I hope certbot doesn't make a fuss. I'm sure, it got offended that I was trying to cheat it with mod_md.4 -
I finally got around to setting up my own cloud with nextcloud on my own dedicated server.
Just setting up Nextcloud alone was not really the challenge ( I've set up at least 2 Nextcloud instances in the past ).
The actual challenge was to install /e/ OS on my mobile phone and get it to work with my Nextcloud instance.
It's not all performant, buttery-smooth or super-fast yet, but for a one-person / user-cloud, I think it should be just fine.
There's still room for improvement in terms of server-side performance, but it's working fine with the basics at least.
I need to figure / iron out some issues like social federation via ActivityPub not working, Nextcloud SMS not syncing up my SMS, Mail app crashing because I used a self-hosted Nextcloud instance, etc; but those are things I could work on slowly, in the course of time.
No, the server is not physically controlled by me, yet ( it's a dedicated box server though. Still, hosted and physically controlled by a provider ).
I intend on setting up another 'replica' on a RaspberryPi which I will then make primary, connecting to the internet via DynamicDNS.
I'll probably keep the server as a fallback / backup server just in case my home server loses connectivity.
Taking back control from Big Tech is something I intend on pursuing actively this year. I've had the idea in my head for too long that it has started to fester.
This is only a first step, of many, that needs to follow, in order for me to take control back from Big Tech.
Yes, there still is some room for improvement, but I think for now ‒
Mission Accomplished!🤘3 -
Colleague put this up on their team's channel today :
" I'll be working from home today, ad hoc task is in review, will be opening a PR for backend changes [ ... ], yesterday was mainly spent on setting up gcp on my local and fixes towards gcp deployment. "
Wait, what? did you just set up the entire GCP on your local [machine]? I wouldn't mind giving you a whole week off if you needed it; if I were your manager.3 -
Oh, I've pulled a lot of all-nighters. I love doing hackathons. I find myself most productive when I work on something in a single stretch. I have ADD that way. If I leave a project mid-way, that's probably the last time I'll be working on it; unless someone comes to me and reminds me about it.
Other than attending organized hackathons, I go on personal hackathons. When I'm in the mood to code something up in my free time, I just find some stupid, random idea to code and code it up overnight. (Oh, I have a very long list of projects that I can complete over the weekend)
Other times, I'll just be in the mood as I'm working on something and then lose track of time (and other bodily calls like hunger) as I finish it.
If my weekend looks very peaceful without any distractions, I put my hand in my project bowl and pull something up to finish it off over the weekend.1 -
Team Lead (not my team, thankfully) sends outs a team-wide message (in their exact words):
"please DM me with the task link if you are adding any new tasks in Jira. This is to make sure that i am aware of any ad-hoc task coming up in the jira queue and also to make sure that all the task are following a common template."
Interpretation : "I'm just too lazy to look at each jira issue after the last one that I followed up on (which is my job BTW). So I'll add some extra work for you to explain everything to me on DM"
Way to go for killing productivity. ¯\_(ツ)_/¯
Thankfully, this is not my team. If they were my team lead, I'd be super furious. I'd even report it to upper management. I'd even offer to do their job and let them do mine. I think their job just got so easy if everyone was to go report to him like that.3 -
My terminal (Tilix) didn't have a header bar for a quite a while now. I had grown to live without it even though I missed looking at the terminal title to figure where I was.
Today I my hand accidentally hit F11 and I was in for a surprise. I actually exclaimed aloud in the office.
I waited to test, confirm and verify that the header bar itself was not a bug before I facepalmed myself -
junior developer raises an issue saying that there's an application deployment error on one of their dev clusters.
sysadmin asks them to go back and look at the error logs and come back with the problem.
they come back saying, "No space left on device"
sysadmin takes a look at server. finds this :5