Errar es humano. Propagar errores automáticamente es #devops

https://vsis.online/

  • 2 Posts
  • 33 Comments
Joined 1 year ago
cake
Cake day: June 18th, 2023

help-circle












  • Some security tips:

    Firewall should block everything by default, and you start allowing incoming and outgoing connections when you need them or if something fails.

    Disable passwords and root access in ssh daemon.

    Use fail2ban or something similar to block bots failing to log-in.

    Use random long passwords for everything (eg: like databases). And put then in a password manager. If you can remember the database password, it’s not strong enough. If you can remember the admin password for a public web service, it’s weak.

    Don’t repeat the passwords. Everything should have its own random long password.

    .env files and files with secrets should be readable only by its service user. Chmod them to 400.

    Monitor logs from time to time to see if something funny is happening.









  • Pros:

    • No single entity that have all control.
    • No entity profits from it, so you are not a product.
    • Related to above: No trackers, no ads, no spyware, etc.

    Cons:

    • It is run by volunteers: bad uptimes, slower progress, slower fixes, etc.
    • Some volunteer may give up and delete the instance. It happened to my first Lemmy account (nothing against you, stux)
    • No market-driven decisions means sometimes instances defederate each other for purely ideological reasons. Sometimes very childishly. (again, nothing against stux)
    • Lots of fedidrama.

    Welcome to Lemmy. Hope you enjoy it.