Yes. Containers are awesome in that they let you use an application inside a sandbox, but beyond that you can deploy it anywhere.

If you’re in the sysadmin world you should not only embrace Docker but I’d recommend learning k8s, too, if you still enjoy those things.

Which is funny because I’m the other way around. I’ll try doing something with the CLI but if it’s like a calculation or something and I can’t figure it out with awk, etc, I’ll defer to a spreadsheet.

For anyone doing this, set up your spending and budget alerts and actions. It’s possible to accidentally fuck something up and end up with an aws bill that’ll suck, but this will give you some measure of protection from that in case you accidentally misconfigure something.

I’ve always been curious how people who give away software for a living make that living. I have a few OSS projects but I make my living other ways, those OSS projects are hobbies and my living takes precedence every time because I like to eat food and buy things.

Like they can sell support, but I have never paid for a solution. They can sell packaged solutions, but I can compile it myself. They can survive on donations but, while I have donated to a lot of FOSS projects, I imagine most people don’t donate.

It’s been so long since X broke that most people won’t know what you mean by xorg.conf

Yeah my server is an i5 using an onboard GPU so it’s nothing crazy but it’s got 80TB of drive space, so I optimize for what I put my money into.

Hell, sometimes it’s even easier to copy the data to my gaming rig, transcode it, and rsync it back. If I’m done playing for the night and about to go to bed and I have like a TV show or something I know has to be transcoded, I’ll just queue up a job and let it run while I’m sleeping and script it so it rsyncs everything back when it’s done transcoding.

Admittedly the server on which it’s running is pretty beefy and I don’t let it transcode. I’ve got enough disk space that if something spends time transcoding I just optimize it to a new version of the file.

By bandwidth I was speaking in terms of network only, but if you were to run it on a simple server that didn’t do any transcoding it might be ok.

If I’m just using them as a glorified small Linux box it could work pretty well. If you’re going to host services that don’t require a ton of bandwidth you don’t need a hard line or anything. Hell my Plex server is using WiFi (802.11ax but still) and it delivers 4K just fine.

Simple doesn’t mean well done. Badly written code can be simple but still bad

Raising Skinny Elephants Is Utterly Boring.

It can be done remotely, even over SSH by writing to /proc/sysrq-trigger

Ok brb putting a bunch of shit into that wiki to build my botnet

Wait have the arch twats adopted the “rtfm” of old?

Some sick fuck out there kept the files

2Gbps symmetric fiber, $70/month, flyover state. Could go up to 5Gbps for another like $20. No data caps. I may never move again.

I can’t edit Word documents for shit lol. I edit everything using Markdown (the same formatting used here) because I don’t have to think about it.

That said every job can get stressful now and again, and this line of work is no different, but most days it’s just work. Make this change, make this thing do something else, kill this thing that’s costing money and everyone stopped using last year without telling anyone, etc. Typical things.

Computers communicate across networks using ports. Port 22 is a commonly used remote administration port called ssh. Bots go around probing computers with an open port 22 hoping to find badly secured or outside misconfigured ssh servers to turn them into bots and crypto miners, etc.

Your own Lemmy instance.

It’s not uncommon for people to try using it as their sole authentication so that wouldn’t be a surprise. But for it’s purpose, it’s perfect.

It is and it isn’t. It prevents random scans from opening 22 and attempting to authenticate, that’s basically the entire purpose. You still need good authentication after because you’re right, it’s not a security measure, it’s just a way to keep your logs useful and to keep botnets from beating the hell out of 22.

By “good authentication” I mean a key pair based authentication. That is impossible to brute force. If you use a password on 22 you shouldn’t open it at all and you should rethink allowing any remote access.

Put another way: You’re the doorman at a speak easy. You can answer the little window with “what’s the password?” to every jack ass that approaches, and you’d be asking all the time. But if they don’t know they have to knock “shave and a haircut” first, your job gets a lot easier and you’re dealing with a lot fewer nuisance password promptings.

You can also use it to blacklist. If someone tries to hit 22 without knocking you can blacklist that IP entirely because you know it’s nuisance.

If you do want to open 22, and there are plenty of good reasons to want to, just implement something called port knocking and you can do it safely.

Note with this you still need good authentication. That means no passwords, key based auth only.