DevOps dude, self-hoster, space nerd.

  • 2 Posts
  • 70 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle
  • You like deploying infrastructure, probably in a cloud environment, but you don’t want to push a bunch of buttons in their web interface, so you use Terraform to declaratively define the things you want, and it goes and builds them for you. Super useful for when you need to build resources often, to detect and correct config drift, and get started down the path of Infrastructure as Code.






  • I wouldn’t want to host anything on Windows unless you have to, or you want to learn more about Active Directory / Exchange / etc to help with a day job (assuming your day job is sysadmin / IT). Even then I’d do that inside Windows VMs on a Linux / ESXi host.

    I personally wouldn’t (and don’t) host authoritative servers externally to the internet. I do split-horizon DNS, so that my internal BIND server handles my LAN, but I have outside DNS handled by someone that has an ACME (Let’s Encrypt) module, so that I can do wildcart certs.

    One thing to look into as you spin up services at home would be some sort of VPN like Tailscale, WireGuard, or even something like Cloudflare Tunnel so that you’re not exposing services directly to the internet if you don’t absolutely have to. I believe some of these projects/products let you specify DNS servers so that when your phone (for example) is connected to the VPN, it uses your home DNS servers instead of public ones.

    Your very own self-hosting legend is about to unfold! A world of dreams and adventures with self-hosting awaits!




  • I’ve actually done this for a Microsoft owned IP before. Someone was Wordpress-scanning a particularly fragile application of one of my clients (which was not Wordpress) which was causing it to fall over. The scan stopped within an hour of sending the abuse email.

    Edit to add: I used to work in a NOC for a tier 1 ISP. We had an “abuse department” (a couple people) that investigated these and opened tickets with the NOC. I’ve emailed customers and disconnected circuits as a result of abuse emails, so I wouldn’t say they’re totally useless, but I’m sure it depends on the company involved.



  • I’ve got a 1972 VW Super Beetle that I’ll never get rid of. It’s not really a desirable version or year of the Beetle, but my dad, grandpa, and I restored it when I was 9. My grandpa died in 2020 and he worked on cars his whole life. It’s cool to have a physical thing that he made possible using a lifetime of skills. Plus, my kid is getting old enough to work on it with me, and I think it’s awesome to have 4 generations of my family wrenching on it.










  • rs5th@lemmy.scottlabs.iotoChat@beehaw.orgTest Post
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    If anyone else has made it this far and are thinking “ah balls, I’m using ingress-nginx”, here’s the ingress annotation for you!

    nginx.ingress.kubernetes.io/configuration-snippet: |
                if ($http_accept = "application/activity+json") {
                  set $proxy_upstream_name "lemmy-lemmy-8536";
                }
                if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
                  set $proxy_upstream_name "lemmy-lemmy-8536";
                }
                if ($request_method = POST) {
                  set $proxy_upstream_name "lemmy-lemmy-8536";
                }
    
    

  • rs5th@lemmy.scottlabs.iotoChat@beehaw.orgTest Post
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    Here’s a cronjob to clean up the useless activity table every day:

    
    apiVersion: batch/v1beta1
    kind: CronJob
    metadata:
      name: postgresql-cleanup
      namespace: lemmy
    spec:
      schedule: "0 0 * * *"
      jobTemplate:
        spec:
          template:
            spec:
              containers:
              - name: postgres-cleanup
                image: postgres:alpine
                command: ["psql", "--host=postgresql", "--dbname=postgres", "--username=postgres", "--command=DELETE FROM activity WHERE published < NOW() - INTERVAL '1 day';"]
                env:
                - name: PGPASSWORD
                  valueFrom:
                    secretKeyRef:
                      name: postgresql
                      key: postgres-password
              backoffLimit: 0
              ttlSecondsAfterFinished: 3600