Skillssome Pawn, some C (formerly) .NET (C#) since 2015 exploring ops stuff for fun
Joined devRant on 9/28/2019
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
I'm trying to improve my email setup once again and need your advice. My idea is as follows:
- 2-5 users
- 1 (sub)domain per user with a catchall
- users need to be able to also send from <any>@<subdomain>.<domain>
- costs up to 1€ per user (without domain)
- provider & server not hosted in five eyes and reasonably privacy friendly
- supports standard protocols (IMAP, SMTP)
- does not depend on me to manage it daily/weekly
- Billing/Payment for all accounts/domains at once would be nice-to-have, but not necessary
I registered a domain with wint.global the other day and I actually managed to get this to work, but unfortunately their hosting has been very underwhelming.. the server was unreachable for a few minutes yesterday not only once, but roughly once an hour, and I'd really rather be able to actually receive (and retrieve) my mail. Also their Plesk is quite slow. To be fair for their price it's more like I pay for the domain and get the hosting for free, but I digress..
I am also considering self hosting, but realistically that means running it on a VPS and keeping at secure and patched, which I'd rather outsource to a company who can afford someone to regularly read CVEs and keep things running. I don't really want to worry about maintaining servers when I'm on holiday for example and while an unpatched game server is an acceptable risk, I'd rather keep my email server on good shape.
So in the end the question is: Which provider can fulfill my email dreams?
My research so far:
1. Tutanota doesn't offer standard protocols. I get their reasons but that also makes me depended on their service/software, which I wouldn't like. Multiple domains only on the business plans.
2.With Migadu I could easily hit their limits of incoming mails if someone signs up for too many newsletters and I can't (and don't want to) micromanage that.
3. Strato: Unclear whether I can create mails for subdomains. Also I don't like the company for multiple reasons. However I can access a domains hosted there and could try...
4. united-domains: Unclear whether I can create mails for subdomains.
5. posteo: No custom domains allowed.
I'm getting tired.. *sigh*21
I finally got a promotion! I like my new responsibilities and the pay will be much more appropriate. (I was underpaid before.)
I guess I can up my headhunter wish list by a level or two...
I just noticed that my hotel room card is a simple, unprotected NFC card that has a whopping 8x8x16=1024 bit allocated. If I had another NFC tag with my I'd be tempted to copy it and play around with it a bit...13
wk257 - How did you learn to program?
GTA San Andreas Multiplayer Mod (SAMP), when I was maybe 14. Then some Java in high school. Studied Engineering and the only thing that didn't completely suck was programming (C), so I changed my field to work as a dev.2
I spent the easter weekend migrating a bare metal Windows installation to a Proxmox VE server with a Windows VM (and set up an rdp client).2
I am finally gonna learn git tomorrow (and the day after). I hope I'll still have some energy left for that after work..13
I just got a message from my company's front desk lady that someone called and asked for me and left a number for me to return the call. I've had a feeling about it and as it turns out, yes, it really was a recruiter who had the confidence* to call my company to sell me another job.7
It's Wednesday morning and I almost finished my weekly working hours.. but still had to move today's deadline.
Am I in developer hell already? A shitty project is about to come to an end (hopefully), or should I rather say: It needs to come to an end. But I am still quite lost in how to deal with it, hence procrastinating on it - making the deadline come closer and with it the realization that I'll probably have to rewrite almost everything. I'm not sure how, but I do know that the current code is a dumpster fire.
Basically what I need to do is dealing with the APIs of different payment providers/gateways (like PayPal, AmazonPay). For most cases I'll get a payment ID from the shop and need to act on it later, e.g. capture the authorized money in the case of a credit card transaction or do refunds (without user interaction, unless there is an error). Now at first I put something together where I try to abstract the payment information into two tables:
Unfortunately trying to abstract the different payment methods and to squeeze them (and their different possible stati and functions) in these tables was not very successful, it's a total mess with magic numbers, half-broken behavior and without any consideration for partial payments/captures or unfinished requests (i.e. if there is an exception before the response is dealt with, there is no indication that anything has ever been sent). Also the current amount is calculated through the history of the paymentDetails table, which basically works differently for each payment type.
How to fix this mess in a way that I'll still have a job by next week?
I'm trying to improve the db schema first, as I think my biggest problems are lying there. Through some research I've come across a recommendation for making payment type specific subtables (with a magic number/string in the main table to prevent having to look up all subtables). That way I can record what I send and receive without having to abstract it too much, so I'll have an acceptable transaction log. The paymentDetails table can be removed (necessary fields go to the payments table). The payments table gets multiple fields for the amount (differentiating between open, authorized, captured, processing and refunded values) and always reflects the current status.
I think I'm going in the right direction here. hm. Maybe there's some light at the end of this long, dark tunnel. Or a train. I'll have two days to find out.6
I just found a vulnerability in my companies software.
Anyone who can edit a specific config file could implant some SQL there, which would later be executed by another (unknowing) user from within the software.
The software in question is B2B and has a server-client model, but with the client directly connecting to the database for most operations - but what you can do should be regulated by the software. With this cute little exploit I managed to drop a table from my test environment - or worse: I could manipulate data, so when you realize it it's too late to simply restore a DB backup because there might have been small changes for who knows how long. If someone was to use this maliciously the damages could be easily several million Euros for some of our customers (think about a few hundred thousand orders per day being deleted/changed).
It could also potentially be used for data exfiltration by changing protection flags, though if we're talking industry espionage they would probably find other ways and exploit the OS or DB directly, given that this attack requires specific knowledge of the software. Also we don't promise to safely store your crabby patty recipe (or other super secret secrets).
The good thing is that an attack would only possible for someone with both write access to that file and insider knowledge (though that can be gained by user of the software fairly easily with some knowledge of SQL).
Well, so much for logging off early on Friday.5
To anyone suffering from chronic pain, especially lower back pain: Don't get fooled by shitty doctors. And don't expect doctors to magically heal you. If you want to stop your suffering, you need to be proactive.
What? But my herniated disc from 10 years ago... bla bla bla. So what? It's not going to get better when your only exercise is putting on your socks. Chances are 99% that your spine has shit to do with your pain. Go to a proper chronic pain therapy instead of downing opiods and getting sick notes.
Note to self: Do your sports every day you lazy bastard. Eat healthy, sleep regularly, don't stress out over every damn thing and don't forget to fucking relax!23
The perks of working for a .NET shop:
1. 130€ of credit to burn on Azure every month, so I can run some long builds there, to have VPN/proxies for free that are not easily blacklisted and whatever else I can think of. Today I set up a VM for my wife to RDP into, so she doesn't have to do her job search on her company laptop (which is the only computer she has right now).1
I had a talk with my manager about my future role in the company. I had talked with him before about my interest to dive deeper in the technical side - rather than the business side, for which we have a higher dev demand.
The outcome is that I will work more closely with the senior devs on technical improvements and also tech strategy (e.g. implementation of code reviews). I will also advise the upcoming manager of the development team (who is coming from a PM position) on technical decisions. Lastly the roadmap for the company is to work more with cloud technology (azure), which is also going to be in my new duties.
I'm looking forward to these new challenges where I can improve myself on the technical side (yay!) rather than on the business side (which bored me).2
I played around with game scripts (in C-like syntax) and even wrote my own (well, halfway) before learning some Java at school. Had a bad internship and decided to waste a few years by studying engineering, where I failed everything but programming. Before getting kicked out I exmatriculated myself then I kinda came to the conclusion of "How about doing something that seems quite natural to me?".
Warning: Might contain (be) stupid rambling.
So I got my new toy and want to play around with it. Just in case I have to return it I first want to make a full disk backup, so I try to boot clonezilla. I press the power button and mash F2, F8, F9 - and it boots straight into the windows setup. Nope, not what I wanted. Try again. And again. Eventually I look it up and apparently I have to hammer the ESC key to get where I want to. Alright, now it works. Boot from USB. Failed. Try again. Failed. Check the BIOS, disable secure boot, reboot. I need to type 4 digits to confirm disabling secure boot. Alright. Reboot, try again, failed. Secure boot is on again. Wtf? After some more infuriating tries I see that NumLock is disabled. AAAARGH. BIOS: Enable NumLock on boot, disable secure boot, enable legacy boot. Input the 4 digits - works! Try to boot from USB: Failed! Grab another USB stick, did the clonezilla image, try again: Finally! It! Works!
Format disk, install Qubes OS. Success!2
I will soon move to Belgium for a few months due to my wife's job and I will go back to Germany once in a while for a few weeks. Of course I'll need a computer and I can't take my tower back and forth all the time, thus I'll need something more mobile. Since most notebooks <1000€ are shit and I'll also need at least two external monitors, I went for a small (USFF) PC instead; for about 350€ I got a HP ProDesk 400 G5 with a i5-9500T, 8 GB RAM (to be upgraded), 256 GB NVME (also to be upgraded), B360 chipset. I would have liked a Ryzen, but then I could only get the predecessor with a 2400GE...
Hopefully Linux (Qubes OS in particular) will work fine.20
Which privacy-respecting email provider can you recommend? It seems that the following three are the best options:
- tutanota (0€ / 12€)
- posteo (12€)
- mailbox.org (12€)
Do you have any experience with them?
What do you think about a hosted email service with your own domain?20
Have you considered that we might just have to stay at home because the batteries of the surveillance pigeons have to be changed? 🧐8
I just got sent an email after registering an account at a webshop which contained my username and password.. *sigh*12
»The European Commission has revealed it is considering a ban on the use of facial recognition in public areas for up to five years.
Regulators want time to work out how to prevent the technology being abused.«
RAM buying advice needed!
I wanna upgrade from my measly 8GB to 32GB and I'm a bit lost at which RAM to buy. Just the cheapest or is there more to consider? Some cheap options are (due to an offer):
(per 16GB module)
57,99€ DDR4-3200 CL16 Ballistix Sport LT
56,99€ DDR4-3000 CL15 Corsair Vengeance LPX
52,99€ DDR4-3000 CL15 Ballistix Sport LT
46,99€ DDR4-3000 CL16 G.SKILL Aegis
45,99€ DDR4-2400 CL16 Ballistix Sport LT
43,99€ DDR4-2400 CL15 G.SKILL Aegis
(for the latter three I'd need to buy something else to get over 50€)
My hardware can only run at 2400 MHz (MS-7A74 + i5-7500), but the price difference is quite low and I'd be prepared for a (not yet planned) upgrade.13
While planning my (personal) server I just seem to pile up more and more things to do/consider. Basically, for now I just want to have rclone, nextcloud and jellyfin, plus some usenet stuff later on. But I want to have the whole installation and configuration automated as far as possible, since I'll at first it will run in a test environment and needs to be migrated to another server at a point, possibly even another OS. So I suppose that means docker, docker-compose and Chef (any better options?). I want SSL: Traefik. User management / auth? RADIUS, LDAP. SSO? keycloak. I also need to deal with virtual hosts. And probably much more..
Since I just have basic Linux knowledge and have no real experience with any of the other technologies, I feel a bit lost. I just got to the abovementioned software due to some ddg research. I don't mind digging deep, I want to learn (which is half the reason for this project), but it's not easy to the the best way to set this up.11
I finally managed to get my Wireguard setup to work in both ways! Beforehand I could ping from A to B, but not the other way around.
A network 10.1.0.0/16
B network 10.2.0.0/16
(both actually use multiple /24 subnets, but I reserve a /16 for each site for the sake of simplicity)
Lots of fiddling later this is my configuration:
A interface 10.1.199.1/32
A allowedIPs 10.2.0.0/16
B interface 10.2.199.1/32
B allowed IPs 10.1.0.0/16
ping from 10.1.1.1 to 10.2.1.1 => 172ms
ping from 10.2.1.1 to 10.1.1.1 => 172ms
it works, yay! now to add more sites...2