"Hey, Root, someone screwed up and now all of our prod servers are running this useless query constantly. I know I already changed your priorities six times in the past three weeks, but: Go fix it! This is higher priority! We already took some guesses at how and supplied the necessary code changes in the ticket, so this shouldn't take you long. Remember, HIGH PRIORITY!"

1. I have no idea how to reproduce it.
2. They have no idea how to reproduce it.
3. The server log doesn't include queries.
4. The application log doesn't include queries.
5. The tooling intercepts and strips out some log entries the legendary devs considered useless. (Tangent: It also now requires a tool to read the logs because log entries are now long json blobs instead of plain text.)
6. The codebase uses different loggers like everywhere, uses a custom logger by default, and often overwrites that custom logger with the default logger some levels in. gg
7. The fixes shown in the ticket are pretty lame. (I've fixed these already, and added one they missed.)
8. I'm sick and tired and burned out and just can't bring myself to care. I'm only doing this so i don't get fired.
9. Why not have the person who screwed this up fix it? Did they quit? I mean, I wouldn't blame them.

Why must everything this company does be so infuriatingly complicated?

> Root struggles with her ticket
> Boss struggles too
> Also: random thoughts about this job

I've been sick lately, and it's the kind of sick where I'm exhausted all day, every day (infuriatingly, except at night). While tired, I can't think, so I can't really work, but I'm during my probationary period at work, so I've still been doing my best -- which, honestly, is pretty shit right now.

My current project involves legal agreements, and changing agent authorization methods (written, telephone recording, or letting the user click a link). Each of these, and depending on the type of transaction, requires a different legal agreement. And the logic and structure surrounding these is intricate and confusing to follow. I've been struggling through this and the project's ever-expanding scope for weeks, and specifically the agreements logic for the past few days. I've felt embarrassed and guilty for making so little progress, and that (and a bunch of other things) are making me depressed.

Today, I finally gave up and asked my boss for help. We had an hour and a half call where we worked through it together (at 6pm...). Despite having written quite a bit of the code and tests, he was often saying things like "How is this not working? This doesn't make any sense." So I don't feel quite so bad now.

I knew the code was complex and sprawling and unintuitive, but seeing one of its authors struggling too was really cathartic.

On an unrelated note, I asked the most senior dev (a Macintosh Lisa dev) why everything was using strings instead of symbols (in Rails) since symbols are much faster. That got him looking into the benchmarks, and he found that symbols are about twice as fast (for his minimal test, anyway), and he suggested we switch to those. His word is gold; mine is ignorable. kind of annoying. but anyway, he further went into optimizing the lookup of a giant array of strings, and discovered bsearch. (it's a divide-and-conquer lookup). and here I am wondering why they didn't implement it that way to begin with. 🙄

I don't think I'm learning much here, except how to work with a "mature" codebase. To take a page from @Rutee07, I think "mature" here means the same as in porn: not something you ever want ot see or think about.

I mean, I'm learning other things, too, like how to delegate methods from one model to another, but I have yet to see why you would want to. Every use of it I've explored thus far has just complicated things, like delegating methods on a child of a 1:n relation to the parent. Which child? How does that work? No bloody clue! but it does, somehow, after I copy/pasted a bunch of esoteric legacy bs and fussed with it enough.

I feel like once I get a good grasp of the various payment wrappers, verification/anti-fraud integration, and per-business fraud rules I'll have learned most of what they can offer. Specifically those because I had written a baby version of them at a previous job (Hell), and was trying to architect exactly what this company already has built.

I like a few things about this company. I like my boss. I like the remote work. I like the code reviews. I like the pay. I like the office and some socializing twice a year.

But I don't like the codebase. at all. and I don't have any friends here. My boss is friendly, but he's not a friend. I feel like my last boss (both bosses) were, or could have been if I was more social. But here? I feel alone. I'm assigned work, and my boss is friendly when talking about work, but that's all he's there for. Out of the two female devs I work with, one basically just ignores me, and the other only ever talks about work in ways I can barely understand, and she's a little pushy, and just... really irritating. The "senior" devs (in quotes because they're honestly not amazing) just don't have time, which i understand. but at the same time... i don't have *anyone* to talk to. It really sucks.

I'm not happy here.
I miss my last job.

But the reason I left that one is because this job allows me to move and work remotely. I got a counter-offer from them exactly matching my current job, sans the code reviews. but we haven't moved yet. and if I leave and go back there without having moved, it'll look like i just abandoned them. and that's the last thing I want them to think.

So, I'm stuck here for awhile.
not that it's a bad thing, but i'm feeling overwhelmed and stressed. and it's just not a good fit. but maybe I'll actually start learning things. and I suppose that's also why I took the job.

So, ever onward, I guess.
It would just be nice if I could take some of the happy along with me.

Rant #1:
Why everyone and their toy cars gotta be jumping on the bed when I’m trying to sleep?

Rant #2:
For months now, I get bleary eyed and tired every time I look at work. Focusing and being productive is almost impossible. I’m cheery and alert, then sit down, open my editor, and find I can’t focus. Moments later I feel like I need a nap.

Rant #3:
I get interrupted an average of every 3-5 minutes, basically every day, all day long. The more this happens, the more tired and angry I become. I often have to resort to yelling, throwing toys that appear on my desk/keyboard, and blasting loud music I don’t want to hear through noise canceling headphones.

—————

Is it any wonder I can’t focus or think or do anything but feel like I’m falling asleep? Is it any wonder I’m perpetually angry and frustrated?

I can sort of fix the interruptions by locking myself away in my monster’s room. But I’m still so tired and bleary and can’t focus. I don’t know what to do, or even what I can do. Vacation didn’t help. Another would doubtlessly be just as effective, and certainly wouldn’t improve my boss’s view of my performance.

Ugh.

Tired, sick, brain foggy, cold.

I’m trying to finish my last few specs and it totally isn’t going well.

My PM also promised me he would get the change requests for this ticket to me by today so I could work on them — as we’re moving this Friday. He did not. He made the same promise last week. Bloody useless.

Oh well.
I let him know that I wouldn’t be able to finish the feature in time if he didn’t get back to me, so... week off? :D

As if packing and moving and driving is downtime.

I do need to figure out this last spec, though. I rewrote the entire feature, and broke functionality specific to some client, and apparently it’s tricky and extremely fragile. I have no idea how it was working before, and the only person I have to ask is... grumpy and overly busy, and hasn’t looked at any of it in years. Yay!

I might just go to bed.

Okay so my brother in law has a laptop that is... To put it mildly, chockful of viruses of all sort, as it's an old machine still running w7 while still being online and an av about 7 years out of date.

So my bro in law (let's just call him my bro) asked me to install an adblock.

As I launched chrome and went to install it, how ever, the addon page said something like "Cannot install, chrome is managed by your company" - wtf?

Also, the out of date AV couldn't even be updated as its main service just wouldn't start.

Okay, something fishy going on... Uninstalled the old av, downloaded malware bytes and went to scan the whole pc.

Before I went to bed, it'd already found >150 detections. Though as the computer is so old, the progress was slow.

Thinking it would have enough time over night, I went to bed... Only to find out the next morning... It BSoD'd over night, and so none of the finds were removed.

Uuugh! Okay, so... Scanning out of a live booted linux it is I thought! Little did I know how much it'd infuriate me!

Looking through google, I found several live rescue images from popular AV brands. But:
1 - Kaspersky Sys Rescue -- Doesn't even support non-EFI systems

2 - Eset SysRescue -- Doesn't mount the system drive, terminal emulator is X64 while the CPU of the laptop is X86 meaning I cannot run that. Doesn't provide any info on username and passwords, had to dig around the image from the laptop I used to burn it to the USB drive to find the user was, in fact, called eset and had an empty password. Root had pass set but not in the image shadow file, so no idea really. Couldn't sudo as the eset user, except for the terminal emulator, which crashes thanks to the architecture mismatch.
3 - avast - live usb / cd cannot be downloaded from web, has to be installed through avast, which I really didn't want to install on my laptop just to make a rescue flash drive
4 - comodo - didn't even boot due to architecture mismatch

Fuck it! Sick and tired of this, I'm downloading Debian with XFCE. Switched to a tty1 after kernel loads, killed lightdm and Xserver to minimize usb drive reads, downloaded clamav (which got stuck on man-db update. After 20 minutes... I just killed it from a second tty, and the install finished successfully)

A definitions update, short manual skimover, and finally, got scanning!

Only... It's taking forever and not printing anything. Stracing the clamscan command showed it was... Loading the virus definitions lol... Okay, it's doing its thing, I can finally go have dinner

Man I didn't know x86 support got so weak in the couple years I haven't used Linux on a laptop lol.

Try to finish some of the projects I've started in 2018. Right now I have a todo list text file, along with multiple written lists (the written ones are more focused on a single project normally).

-Finish the startpage I've been doing off and on for at least a month now. I ended up making a lot of it command based (just need to write the scripts for the commands..). I had a little config menu but I just got tired of it and the text box is autofocus anyways, so I figured I'd make it command focused.

-Nice little root safety script as I call it. I've made very stupid mistakes as root before. I once made a typo and ran "chmod --recursive 644 /" while half asleep. I believe I was trying to run that on the current directory I was in, but as you know, the . and / are right next to each other. Basically the script would see what you're doing and echo "you're about to do x, are you sure that's what you want to do?". Something I know I could knock out in a day, but I've been putting it off for at least a year now.

-Compiling notification. I saw something similar once a few years ago, and it was so fucking cool. I remember it being a Mac, and it had a notification that would basically tell you how many files and shit you had left to compile if you were building something. Kinda want to build something for polybar.

-FUCKING RUBBER DUCK DEBUGGING TO THE EXTREME! This one was inspired by a comment someone made once months ago. Might have been here, or reddit, or in real life, not sure. Basically a big ass fucking rubber duck with LEDs in it that will like glow red if your code wouldn't compile (I think Visual Studio has like an automatic error detecting thing in there?? Maybe something similar if I can figure that out). Honestly not sure how the fuck I'd do this one, but I love the idea and I really want to fucking do it

There's more shit. These are just the main ones I want to attempt sometime in the near future.

I've been wondering about renting a new VPS to get all my websites sorted out again. I am tired of shared hosting and I am able to manage it as I've been in the past.

With so many great people here, I was trying to put together some of the best practices and resources on how to handle the setup and configuration of a new machine, and I hope this post may help someone while trying to gather the best know-how in the comments. Don't be scared by the lengthy post, please.

The following tips are mainly from @Condor, @Noob, @Linuxxx and some other were gathered in the webz. Thanks for @Linux for recommending me Vultr VPS. I would appreciate further feedback from the community on how to improve this and/or change anything that may seem incorrect or should be done in better way.

1. Clean install CentOS 7 or Ubuntu (I am used to both, do you recommend more? Why?)
2. Install existing updates
3. Disable root login
4. Disable password for ssh
5. RSA key login with strong passwords/passphrases
6. Set correct locale and correct timezone (if different from default)
7. Close all ports
8. Disable and delete unneeded services
9. Install CSF
10. Install knockd (is it worth it at all? Isn't it security through obscurity?)
11. Install Fail2Ban (worth to install side by side with CSF? If not, why?)
12. Install ufw firewall (or keep with CSF/Fail2Ban? Why?)
13. Install rkhunter
14. Install anti-rootkit software (side by side with rkhunter?) (SELinux or AppArmor? Why?)
15. Enable Nginx/CSF rate limiting against SYN attacks
16. For a server to be public, is an IDS / IPS recommended? If so, which and why?
17. Log Injection Attacks in Application Layer - I should keep an eye on them. Is there any tool to help scanning?

If I want to have a server that serves multiple websites, would you add/change anything to the following?
18. Install Docker and manage separate instances with a Dockerfile powered base image with the following? Or should I keep all the servers in one main installation?
19. Install Nginx
20. Install PHP-FPM
21. Install PHP7
22. Install Memcached
23. Install MariaDB
24. Install phpMyAdmin (On specific port? Any recommendations here?)

I am sorry if this is somewhat lengthy, but I hope it may get better and be a good starting guide for a new server setup (eventually become a repo). Feel free to contribute in the comments.