• 0 Posts
  • 23 Comments
Joined 1 year ago
cake
Cake day: July 22nd, 2023

help-circle
  • I still use DDG as my “daily driver” (I know there are better options for privacy and avoiding big tech, but I haven’t yet found anything independent that is good enough for me to switch to full time yet). I bookmarked Stract a while back, and it proved useful a few months back when Microsoft had an outage that took down Bing and by extension, Duck Duck Go. I do like Stract, their index seems to be enough larger than MoJeek (another independent search with their own index) that it gives me better results.

    Stract might not be as open as I’d like, but it’s nice to have as an option, and I’m never going to complain about having more search providers with independent indexes.






  • Not sure exactly how good this would work for your use case of all traffic, but I use autossh and ssh reverse tunneling to forward a few local ports/services from my local machine to my VPS, where I can then proxy those ports in nginx or apache on the VPS. It might take a bit of extra configuration to go this route, but it’s been reliable for years for me. Wireguard is probably the “newer, right way” to do what I’m doing, but personally I find using ssh tunnels a bit simpler to wrap my head around and manage.

    Technically wireguard would have a touch less latency, but most of the latency will be due to the round trip distance between you and your VPS and the difference in protocols is comparatively negligible.



  • I think that my skepticism and desire to have docker get out of my way, has more to do with already knowing the underlying mechanics, being used to managing services before docker was a thing, and then docker coming along and saying “just learn docker instead.” Which is fine, if it didn’t mean not only an entire shift from what I already know, but a separation from it, with extra networking and docker configuration to fuss with. If I wasn’t already used to managing servers pre-docker, then yeah, I totally get it.


  • That’s a big reason I actively avoid docker on my servers, I don’t like running a dozen instances of my database software, and considering how much work it would take to go through and configure each docker container to use an external database, to me it’s just as easy to learn to configure each piece of software for yourself and know what’s going on under the hood, rather than relying on a bunch of defaults made by whoever made the docker image.

    I hope a good amount of my issues with docker have been solved since I last seriously tried to use docker (which was back when they were literally giving away free tee shirts to get people to try it). But the times I’ve peeked at it since, to me it seems that docker gets in the way more often than it solves problems.

    I don’t mean to yuck other people’s yum though, so if you like docker, and it works for you, don’t let me stop you from enjoying it. I just can’t justify the overhead for myself (both at the system resource level, and personal time level of inserting an additional layer of configuration between me and my software).



  • I’ve dabbled with some monitoring tools in the past, but never really stuck with anything proper for very long. I usually notice issues myself. I self-host my own custom new-tab page that I use across all my devices and between that, Nextcloud clients, and my home-assistant reverse proxy on the same vps, when I do have unexpected downtime, I usually notice within a few minutes.

    Other than that I run fail2ban, and have my vps configured to send me a text message/notification whenever someone successfully logs in to a shell via ssh, just in case.

    Based on the logs over the years, most bots that try to login try with usernames like admin or root, I have root login disabled for ssh, and the one account that can be used over ssh has a non-obvious username that would also have to be guessed before an attacker could even try passwords, and fail2ban does a good job of blocking ips that fail after a few tries.

    If I used containers, I would probably want a way to monitor them, but I personally dislike containers (for myself, I’m not here to “yuck” anyone’s “yum”) and deliberately avoid them.



  • I’d even go further and say that if you are using a “high level” language that requires you to re-invent the wheel for simple things (for example JS not having built in functions to shuffle an array or, clamp an number to a range) are indications of poor language design that have lead to the prevalence of all the bloated JS frameworks like jQuery. Obviously I don’t think every language should have a Python-tier standard library, but I’d really like to not have to download half a language from every site I visit because every site uses jQuery for a lot of things that come standard in better languages.



  • Not saying there aren’t any benefits to docker, migration to a different host distro and dependency conflicts are the big two. But for me they are kinda the only two, I find for what I do it’s just as easy to write a shell script that downloads and unpacks software, and copies my own config files into place than it is to deal with basically doing the same thing, but with docker. I could use ansible or something similar for that, but for me, shell scripts are easier to manage.

    Don’t get me wrong, docker has its place. I just find that it gets in my way with it’s own quirks almost as much as it helps in other areas, especially for web apps like Nextcloud that are already just a single folder under the web root and a database.

    One additional benefit I get from not using docker, is that I can do more with a lower-powered server, since I’m not running multiple instances of PHP and nginx across multiple containers.


  • I’ve been self-hosting since before docker and containers were a thing, and even though Nextcloud kinda pushes their container images these days, I still refuse to use them, and use the community archive releases or web installer when reconfiguring my system or setting up a new system to migrate to. Maybe it’s just Nextcloud and the other software I use, or maybe it’s just that I’m not really trying to build scalable server infrastructure with a lot of users, but I generally find that docker causes more problems than it solves, and it does my head in when I see projects that recommend containers as the primary suggested install method.

    Totally agree with your assessment of the plugins/apps systems. Feels like you need to stick to official “apps” and hope they don’t get abandoned to have anything close to a good experience because even minor updates can break all the 3rd party apps because of a compatibility check, where you end up waiting for the app developer to release an “update” that only changes the version compatibility number.




  • Moved my personal site off of WordPress around 5 years ago because, for my single-user purposes it was resource heavy compared to a static site generator like Hugo or Pelican. I also had quite a lot of spam traffic, even with anti-spam plugins, and eventually I just disabled comments outright and the new user registration page. Admittedly, I was never that active with it, so I’m fully willing to accept that it could have been a me problem.

    I also recall the general security of WordPress being a concern around that time, mostly because it was a popular target, so a big part of me moving to a static site generator was just to avoid having to constantly get on and update WordPress for security patches, when I only posted on the blog a few times a year at most.

    Fediverse support has me considering returning to WordPress, but I’m curious how much upkeep running your own instance is these days.