Yep.

It’s like they wanna get bought to compete with GitHub or something.

They’re moving fast and breaking things. And bloating their product in the process. In the last 24 months they paid over $1M to a single bug bounty hunter who basically took them to the cleaners.

But totally agree. It’s the best UX, best product for home lab or even small enterprise use if you’ve got someone to get it tuned appropriately.

While I agree, out of the box the configs ARE NOT for home lab use.

Why this matters –

I’m gonna start a company that creates cheap life saving products called “Chris”

I know a guy who was holding onto basically every variation of [state][marijuana reference].[tld] back in like 2015. Guarantee he made bank on that investment.

Traefik’s configs are a little less cumbersome if you’re managing a lot of services.

I have a .com for like $19.99 but pay to have my info redacted from whois stuff, an email address, all cones to like $42.99

I have a bullshit domain with some nonsense tld and domain name that I pay $0.99/yr for that’s on a vps I pay like $150/yr for all told (it’s doing stuff).

All told I keep it below $20/month.

I highly recommend it to anyone getting into self hosting, sysadmin stuff, cybersecurity, devops, etc.

It’s headaches, but once it’s working, you will have ridiculously valuable experience for any org.

I might be misunderstanding this concept but it seems like extra work, or a recipe for an insecure mess that could become difficult to maintain.

I run elk stack and log basically everything which has created a centralized point for observability. This lets me granularly investigate and thereby control the state of all of my networks services.

It’s a little ram hungry, but I’ve got some overhead.

https://crt.sh/

When a CA issues an SSL/TLS certificate, they’re required to submit it to public CT logs (append-only, cryptographically verifiable ledgers). This was designed to detect misissued or malicious certificates.

Red and Blue team alike use this resource (crt.sh) to enumerate subdomains.

Lesson learned: The panic you felt sucked. It was thankfully $7 to resolve. Next time it might not be.

Back up your stuff 3 times, in at least two places. 🙂

You got two options. Both suck.

1. Call support. Have fun. I’d rather rip out my eyeballs in this scenario because you’re not a paying customer. You will get the shit-tier service, will likely be hung up on, and reexplain the situation to 3+ individuals over the course of 4 hours and ultimately get nothing done.

2. Resubscribe. Finish the job. The odds of your accounts db being wiped are kinda slim. Sucks because you do what you explicitly sought to avoid: pay Microsoft.

I recently looked at my emails spam filters and my goodness. I’ve built a monstrosity over a few decades here.

Idk of any good series but techno Tim has a great video on using cloudflare and traefik to get wildcard letsencrypt ssls for your docker services.

https://youtu.be/n1vOfdz5Nm8

I think the bulk of users are running discarded junk and raspberry pis.

That was me, I built a ~$5k rig and now some of what I’m doing is just nonsense of a typical self hoster, so the point is somewhat valid, but even those like me mostly started out with discarded junk and raspberry pis.

Docker used to scare me until I tackled a project that required me to use it. Then I realized I learned it without knowing I’d learned it.

Are the two servers on the same LAN? Did you update all configs for the new servers address?

Is the docker container spinning up and running, or failing and exiting?

Run docker ps, it’ll tell you how long your containers have been running or if they exited.

If everything is running then it’s most likely network, and I’d need to know how it is you used to access it on the old server (web address? Ip?)

If it’s not running then you get to dig through error logs to get to the next step 🤓

What do you mean “doesn’t have the same way”?

My first method eliminates waiting to see if your students code runs fast enough. Unless complexity is part of the assignment, I’d still say go for the hash.

It’s also less work for the professor/grader.

I mean just for the love of God don’t spin up something on your company’s infrastructure that accepts file uploads.

Just don’t.

If you’re reading this and going “well, it’s just internal,” or “well, it doesn’t do much it just accepts this exact file type.” My god. Ask your CISA. And if they’re okay with it, cool. That’s on them.

Unless your whole business is transferring files, don’t. And even then… Don’t.

And if you’re still confused, the answer is to use another company’s infrastructure for this. Use Azure. Use AWS. Use Google cloud or even g suites. Don’t accept that liability. Let the trillionaires do it.