At a former job, there was one – and only one – lady in customer service who would actually reboot and do all the basic troubleshooting steps before calling IT. If we heard from her, we knew something was legitimately broken. Oddly enough, I’m married to her now. Best decision I ever made.
They do maintain an x86 build. I haven’t used pfSense but I have used OpnSense so that’s that closest thing I have to compare it to. I think the upside and downside to RouterOS/Mikrotik is the same thing: it allows very granular control over almost everything. Maybe to a fault. It’s probably overkill for most home networks.
Set up a VPS. Create a VPN tunnel from you local network to the VPS. Use the VPS as the edge router by opening ports on the VPS firewall and routing incoming traffic on those ports through the VPN tunnel to servers on your local network.
I used to do this to get around CGNAT. I ran RouterOS in a Digital Ocean droplet and setting up a wire guard tunnel between it and my local Mikrotik router.
It will obscure your local WAN IP and give you a static IP but that’s about the only benefit. And you have to be pretty network savvy to configure it correctly.
It does not make you immune to DDoS attacks and is honestly more headache to maintain (albeit just a small headache).
I’m a [primarily] C# turned JavaScript dev. I miss C#.
I believe we call that a “fast follow”.
Instruction prompt: “You are now the CEO of this business. You’re also a narcissist with severe gambling and cocaine addictions.”
Forget taking over my job. AI is headed straight for the C suite.
Exactly.
Best software salesman I ever met was the best because he knew how to fucking listen. He worked for an electrical engineering software company. First time I ever met the guy, he flies into town to meet with my employer, his client, for the first time after taking over the account. I called him up and asked if I could buy him dinner the night before the big meeting, basically to warn him that they’re on the verge of getting fired.
Dude walks into the meeting the next day with nothing but a pen and a legal pad, introduces himself, and says something like, “I’m not happy because I’ve heard you all are not happy. I’m going to do whatever I can to fix that so I want you to tell me every single problem you’re having no matter how small you think it is.” And they let him have it for a good two hours. He took it like a champ, listened to and documented every single complaint, and made an actual effort to get fixes for the things we were upset about. He saved a $2 million a year account just by listening and making an effortto help keep the customer happy.
I guess the moral of the story is, good salespeople don’t sell products. They solve problems.
Sales: "Can we do this?
Dev: “No, we cannot.”
Sales: “Uhhhh… But I already told the customer we could.”
Dev: “That’s called lying. You lied to the customer.”
Sales: “…So you’ll have it done next week?”
Dev: “I’m going to need at least three weeks.”
Sales: “…But I already told the customer two weeks.”
Dev: Sigh
Mail servers are the one thing I refuse to self host. Years of managing enterprise email taught me that I don’t need that kind of negativity in my life
Oh, I wouldn’t if I could avoid it. The “fun” of tinkering with IT stuff in my very limited spare time vaporized many years ago. If I could pay for services that did exactly what I wanted, respected my privacy, and valued my business while charging a fair price, I would stop self-hosting tomorrow. But that’s not usually how it works.
Self hosting isn’t super high maintenance once you get everything set up but it still takes up probably 10-12 hours per month on average and I would not mind having that time back.
“Uh huh.”
This is a pretty good summary. In enterprise networking, it’s common to have the ‘DMZ’, the network for servers exposed to the internet, firewalled off from the rest of the system.
If you have a webserver, you would need two sets of ports open, often on two separate firewalls. On the WAN firewall, you would open ports 80/443 pointing to the webserver. On the system firewall, between the DMZ and LAN, you would open specific ports between the webserver and whatever internal resources it needs; a database server for example.
This helps limit the damage if a malicious actor hacks into your webserver by making sure they don’t also have unrestricted access to other parts of your system. It’s called a layered security approach.
However, someone self hosting may not have the expertise or even the hardware to set up their system like this. A VPS for public facing services, as long as it’s configured properly, can be a good alternative. It also helps if you have a dynamic WAN IP address and/or are behind CG-NAT.
Edit: maybe good to mention that securing your local network behind a VPN, even one hosted on your local network, is more secure than allowing public facing services. Yes, it means you still have to open a port. But that’s useless to a malicious actor without the encryption keys. Whereas, if you have a webserver exposed publicly, malicious actors already have some level of access to your system. More than they would if that service didn’t exist anyway. That’s not inherently bad. It comes with the territory when you’re hosting public services. It is more more risky though. And, if the exposed server is compromised, it can potentially open up the rest of your system to compromise as well. Like the original commenter said, it’s about managing risk and different network configurations have different levels of risk.
I currently work on a NodeJS/React project and apparently I’m going to have to start pasting “‘any’ is not an acceptable return or parameter type” into every damned PR because half the crazy kids who started programming in JavaScript don’t seem to get it.
For fucks sake, we have TypeScript for a reason. Use it!
Yeah, I work for one of these companies. Some senior executive quotes some stupid thing Jeff Bezos said about everything being an API and is like “This! We need to do this!”
Nevermind the fact that we’re not AWS and our business has zero overlap with theirs. Nevermind that this mindset turns every service we design into a bloated, unmaintainable nightmare. And, forget the fact that our software division is completely unprofitable due to the checks notes shitty business decisions made by senior management.
No no, we’re going to somehow solve this by latching onto whatever buzzword is all the rage right. Turns out having an MBA doesn’t mean you know shit about running a business.
Last time it was the data team.
“We’ll just modify this Elastic Search template and not tell anyone. It’ll be fine and no one will even notice .”
Wrong, dipshits! Everything was not fine and lots of people noticed.
Alright. Which jackass pushed to prod on a Friday?
Interested to see what you come up with. I manage our personal finances along with my wife’s consulting business. I switched to Quicken about a year ago. I don’t regret switching because it’s does the job better than anything else I’ve used. But I’m not 100% satisfied either and if I found a better solution, I would seriously consider it.
Fancy title for the developer that gets yelled at when the CI pipeline is broken. Also a good chance they are the one that broke it.