Devops is a meaningful term
Devops is a meaningful term
You’re out here solving impossible problems. You’re “The Fixer” from Pulp Fiction. Fools look at story points. Pros see an unsolvable story that languished for years until you came along and defeated it. A single point for you is an entire epic to other teams.
Everything is a differentiator that can be spun to your advantage. The points aren’t accurate, and you’re the only one with enough guts to step up to the plate and finally work these neglected tickets; even if it won’t “look good” on some “dashboard” - that’s not what’s important; you’re here to help the organization succeed.
If the system doesn’t make you look good, you have to make yourself look good. If you weren’t putting in the effort, it would be hard - but as you say, everyone who takes a deeper look clearly sees the odds stacked against you, and how hard you’re working / the progress you’re making; despite those odds.
Don’t let some metrics dashboard decide your worth, king!
I’m very flaky here, as rust is the big one, but I think zig and/or nim might be
Indeed, and good points. How many users do you have? I assume this isn’t just for you, and setting up multiple nfs shares with tailscale access policies isn’t feasible. SMB might be the best play. I’ll have to refresh my memory on file sharing protocols
NFS for storage, tailscale / wireguard for access control?
Vscode already supports linting yaml against a schema file. Once you start configuring your code with configuration-as-code, you’re just writing more code.
If I need to “generate” some insane config with miles of boilerplate, I would use js to build my json, which can be ported to just about anything. This would replace js in that process.
I’m not sold on the need for this.
Even with something like k8s, I’d reach for pulumi before I put another layer on top of yaml.
I use a very simple “hashing” algorithm that I can do mentally. If I want to log into a service, I “hash” its name, and that’s my password.
Every service I use has a different password, and I don’t have to remember any of them. I have no keyvault that can be stolen.
MFA is still an issue. You’ll need your recovery codes to be accessible, but encrypted.
I don’t do anything interesting. I’ve got the ten workspaces, and win+p to start stuff.
The only interesting thing is win+PrintScrn, which takes a screenshot to /tmp, and then opens it in pinta to crop.
Actually I also have win+z bound to turning off the laptop screen. That’s all I can remember
Hey! Best of luck, I’m actually going down the same road at the moment :)
I would build it yourself - it’s more fun, and is cheaper than renting over a shorter-than-you-would-think time period.
The first thing to know is whether or not you can port-forward / if your isp has you behind nat.
Exposing virtual disks is relatively straightforward, or even just storage quotas on a single disk. I’m about to jump into the wide world of zfs; I need to glue together 4+ disks into a single storage array.
If you want everyone to have a separate VM, you’ll need some kind of hypervisor underneath. Could you grant everyone a user account in a single system, and use docker for separation?
It sounds like the others will be connecting remotely - make sure you use ssh keys (not passwords) and disable root over ssh. Once ssh is exposed to the internet, you’ll see a lot of failed login attempts
JavaScript / TypeScript are famously free-form, but a number of styles (and style-enforcing tools) have emerged.
“Prettier” is the most recent. It actually parses your code into an AST and then re-prints it according to its style.
“ESLint” is the most widespread; it is more of a framework into which rules can be plugged.
I use “XO”, which is essentially a custom eslint ruleset with a few other nice things tacked on.
The best part of eslint/xo is the “—fix” command, which can auto-fix most mistakes.
Soon^tm
Optimus gets complex quick. You’ll be reading pci bus ids before you know it. Keep the wiki open, go slowly; you got this :)
lite-xl with LSP gives you most of the features of vscode (they’re both lsp) at a tiny percentage of the system resources
Time to dive into the wide world of VTTYs. I believe you’re writing to pts3’s output buffer - writing to its input buffer is a different virtual device / may be a process descriptor, I’m not sure. Look into the history of vttys and it should start to make sense.
This is pretty huge. Rust support is one of Pulumi’s most requested features. Hopefully azure follows suit.
Your network flow is from your server, to your router, to your android phone, to your router, to your chromecast. If that’s all wifi, then every frame crosses the air 4 times, and you’re doing transcoding on the phone in the middle.
Casting sucks.
Sir, you are a hero. Thank you for your service.
Now tell me where the cops hide, even when they’re not there
Networking is super simple - or at least it started out like that. Then we ran out of numbers, and had to invent nat. Then we invented ipv6, which has lots of numbers, but is unfathomably complicated.
I recommend learning about NAT / network address translation. NAT is not a stateful firewall, but acts kinda like one.
You can understand a stateful firewall by understanding the tcp handshake. TCP is hugely important. Don’t worry about fin_wait_2 and that nonsense, just get syn/synack/ack down.
People will brush off udp because it’s easier, but it’s also important.
Once you get NAT/stateful firewalls, I would look into wireguard. That’s the protocol underneath tailscale. Know that it wraps your tcp packets in an encrypted udp datagram. Then find out how tailscale sets up your wireguard connections without port forwarding - or don’t, as webrtc-style signaling is famously impossibly complicated.
Here’s what you should do - spin up all the services you want, but put them behind an nginx reverse proxy. Then put that behind a WAF. Getting those layers aligned will teach you a huge amount of useful stuff.
In general, don’t worry about hackers unless exposing a port to the internet. Then worry. Your router’s stateful firewall will do a good job until you poke holes in it.
If you want a cool side project, listen on port 20 and dump the characters that the web scanners send to you. If they don’t send anything, send a username prompt after the tcp handshake - the robots will give you the login creds that they try against weak boxes :)
I love grammars. It’s like an API or a data schema, but for a language. This would be very cool and I would love to see it!