I was hacked years ago. I was hosting a test instance of a phpbb for a local club. Work blocked SSH, so I opened up telnet. They either got in from telnet or a php flaw and installed password sniffers and replaced some tools (ps, top) with tools that would hide the sniffer service they installed.

After that, I changed my model. My time lab is for learning and having fun. I’m going to make mistakes and leave something exposed or vulnerable and hackers are going to get in. Under this new model, I need to be able to restore the system easily after a breach. I have a local backup and a remote backup and I have build scripts (ansible) so that I can restore the system if I need to. I’ve had to do this twice. Once from my own mistake and one from hardware failure.

Same. I have spent way more time troubleshooting a pipeline than it saves. I like the idea of automation but laziness prevails.

For my own curiosity, how do you perform a build? Is it all done in pipelines, kicked off on change? Do you execute the whole infra build each time you release an update?

As others have said, a traditional off site backup will work. How do you plan to perform a restore, though? If you need the self hosted source repo, it won’t be available until the infrastructure is stood to creating another circular dependency.

I’m still in the early stages of exploring this, too. My solution is to run a local filesystem git clone of the “main” repo and execute it with a Taskfile that builds a docker image from which it can execute the ansible infrastructure build. It is somewhat manual but I have performed a full rebuild a few times after some Big Mistakes.

After breaking “prod” many times, I have a Dev (local machine), Test (small VM) and Prod (big VM). My test is just less RAM and space and I need to spin down certain K8s things to spin up others, but it’s a close mirror of Prod, just less.

I can’t speak to the quality outlook, but from what I understand about enshittification, it typically requires a self-serving entity like a corporation whose interests are not in alignment with its customers/consumers/userbase. In some of Mr. Doctrow’s writings, he indicates that federating cans be a “circuit breaker” for enshittification.

In a well federated platform, when one node begins to act counter to its users, the users can easily move nodes/instances. This is one of the reasons why there needed to be a law to allow phone number portability. Email is similar, but only if you own your own domain. Look for Cory Doctrow’s writings on BlueSky for more examples.

Check out the overlay filesystem. I’m using it for one pi and have had the same SD card for years. I don’t know if it’ll work for pinole, but may get you thinking in a new direction.

There was a time when central banks didn’t exist. The half that doesn’t like them can go back to that time and trade two chickens and a goat for a wagon or whatever. Go do your *coin with whomever and be happy about it.

I’d love to see nothing but PeerTube links in the fediverse. YouTube has become almost unusable for me.

I’m in the same boat, but one day I just stopped talking and started listening, mostly as a social experiment on myself. Now everyone thinks that I’m really smart. It tears me up inside sometimes, but I like the outcome.

“Even a fool is thought wise if he keeps silent, and discerning if he holds his tongue.”

Thanks for the feedback. I plan to do some reading on NFSv4 domain mapping this weekend.

That’s my favorite book of all time.

Can you elaborate on your last sentence? Is the US more or less trustworthy than alternatives?

This type of thing happened to me twice. I stopped giving directly and now only donate to charities which vet the recipient and distribute. I’m not paying for someone’s drug or alcohol addiction. I also donate my time.

It’s working as designed. The sac is the mud flap, right?

The joke here is that he has no idea who this girl is and yet he still signed her key. This is dangerous, because he is vouching for her identity. If he is mistaken, this could result in a serious loss of credibility on his part.

https://www.explainxkcd.com/wiki/index.php/364:_Responsible_Behavior

ExplainXKCD…because I’m not smart.