• 0 Posts
  • 44 Comments
Joined 2 years ago
cake
Cake day: June 9th, 2023

help-circle
  • Eh, I wouldn’t go about ‘the self-hosted admins didn’t do anything!’. There never really was a time when the majority (or even a meaningiful minority) of users hosted their own email.

    In the beginning, you got your email address from your school or your ISP, and it changed whenever you left/changed providers, so the initial “free” email came from the likes of Hotmail (which rapidly became Microsoft), Yahoo (which was uh, Yahoo), and offerings from the big ISPs of the era, like AOL and whatnot.

    You still had school and ISP email, but it just rapidly fell out of fashion because your Hotmail/Yahoo/AOL email never changed regardless of what ISP you used or whatever, so it was legitimately a better solution.

    And then Google came along with Gmail and it was so much better than every other offering that they effectively ate the whole damn market by default because all the people who were providing the free webmail at that time didn’t do a damn thing to improve until after Google had already “won”.

    So if you want to be mad, this is firmly Microsoft and Yahoo’s fault for being lazy fucks.




  • They’re not wrong in that most people aren’t suited to or should be running what is effectively public services for other people from some surplus Dell R410 they found on eBay for $40.

    That said, it’s all a matter of degree: I don’t host critical infra for people (password managers, file sharing, etc.) where the data loss is catastrophic, but more things that if it explodes for an afternoon, everyone can just deal with it. I absolutely do not want to be The Guy who lost important data through an oversight on an upgrade or just plain bad luck.

    But, on the other hand, the SLA on my Plex server is ‘if it works, cool, if not I’ll fix it when I can’ and that’s been wildly popular I haven’t had any real issues, because my friends and family aren’t utter dicks about it and overly entitled, but YMMV.

    TL;DR: self-hosting for others is fine, as long as the other people understand that it’s not always going to be incredibly reliable, and you don’t ever present something that puts them at risk of catastrophic loss, unless you’ve got actual experience in providing those service and can do proper backups, HA, and are willing to sacrifice your Friday evening for no money.







  • The answer for your question is ‘no’.

    You’re never going to reduce power usage substantially by swapping PSUs, because there’s just not enough efficiency gains to be had even if a Pico PSU was more efficient which they really aren’t.

    You say the hardware is ‘nothing too different’ but you mention ddr4 vs 3, which makes me think the Dell is a generation or few older which could easily impact power draw by 10w.



  • Yeah, I just mentioned it because OCI is kinda wonky and requires some static routing stuff in the iptables on the host to have the platform work as intended (which, as far as I’m aware, no other hyperscaler does), which strikes me as really really lazy engineering, but I’m just a simple computer janitor so maybe I’m wrong there.

    The most infuriating thing at my last job was people sending in a ticket freaked out that their database was stolen and ransomed, and us going ‘Well, we sent you 15 emails over the last 3 months telling you that you had the database open and improperly secured, so what exactly are you wanting us to do now?’



  • That’s not really the right approach on OCI, unfortunately: if you just flush the rules you also break a lot of their management plane.

    You’d want to modify the /etc/iptables/rules.v4 and rules.v6 files to add any rules you want to load on boot (and, of course, if you just flush the rules without saving them, then it won’t persist and a reboot will break things, again).

    It’s an arguable benefit: I’m a fan of having the security policies AND iptables sitting between me and doing something stupid, but I also spent most of the last decade dealing with literally thousands and thousands of compromised hosts that just whoopsie oopsed redis/jenkins/their database/a ftp service in a publicly accessible state, got hacked, then had the customer come crying to us asking why we didn’t keep them from blowing their foot off - which, basically, is what the OCI defaults do.


  • If you go old PC and use it for Jellyfin, you probably want hardware that can do accelerated video transcoding so you probably want to aim for 8th gen or newer Intel CPUs (with integrated graphics), because that gets you 10bit h265 transcoding, which I’d say is probably the bare minimum you should aim for these days.

    Granted that’s 5 or 6-year-old hardware, so it’s hardly new, but it took me a bit to figure out why in the world the transcoding performance and quality sucked and what’s supported where and at what gen of hardware is… hilariously unclear.






  • I think that’s likely to cover common uses outside of just ‘for the lulz’.

    The for the lulz resonates a lot with me - though I know that a decade of dealing with a lot of these types assuredly biases me to at least some degree - because it’s easy enough to do what they’re doing now AFTER you figure out how you’re going to monetize it and signups this aggressive and so widespread doesn’t really make sense to me.

    In my experience with content moderation/fraud/abuse work, I found that you’d often have a very slow trickle of accounts sign up over weeks/months/and, in one situation, years, and THEN they’d all break bad and you’d have entire servers and instances all light on fire at once and result in a mess that’ll take a very long time to clean up.

    If you have 5,000 users that signed up all at once you can literally just delete all those rows from the database and probably not impact too many real people vs. if you have 5,000 users sign up over 6 months then you have the data dispersed in good data and now have much more of an involved spelunking expedition to embark on. I also found that it was typically done in waves as well, so you can’t do a single clean and go ‘well all the accounts that weren’t doing thing must be okay’ because eh, maybe not.

    And, also, there’s a lot of hand-wringing about developer and instance politics from various blog posts, “news” sources, the fediverse, traditional social media and so on from all sides of the spectrum, and while I’d never claim to be a centrist or even remotely moderate, the more embedded in one extreme or another you find yourself you can start justifying doing all sorts of stupid shit, and a DDoS (which, quelle surprise is ongoing right now) is SO trivial to do when there’s not a whole lot of preventative measures in place that don’t require a bunch of squabbling internet humans to cooperate and work together to block signups, clean up the mess that’s already there, and work with each other on mitigation tools that do things everyone agrees with.