1. 6

    Why put the link behind an url shortener?

    1. 2

      Because it’s been submitted before: https://lobste.rs/s/hirkhr/ultimate_personal_security_checklist

      OP is a spammer and I regret inviting them. @pushcx, please review.

      1. 0

        It’s not been submitted before- this is a different post, check the link first. The last one was Security Checklist This is Privacy-respecting software :) - but yes, same GitHub accounts

      2. 2

        I flagged the domain as a url shortener so it can’t be used again.

        1. 1

          Tracking, I guess? I’m not sure why else it would be done in this case..

          1. 1

            yeah that’s what I assumed but since the link about privacy, I thought I asked OP first :)

            1. 1

              There’s no tracking on git.io URL’s, it just makes them shorter, because this is a link to a file in a repo it was quite long. Sorry, won’t shorten again

            2. 1

              I used the URL shortner to just make it shorter, since it is a file in a mono-repo the path is crazy long. No malicious intentions, and I didn’t intend to hurt or spam anyone.

              It’s not for tracking (git.io claims not to track clicks), and it’s not because it’s spam, and it’s not because it’s been posted before (the previous post was a security checklist, this is a list of privacy-respecting software)

            1. 1

              Enjoyed reading this! Do you find that it’s worth it to run/maintain your own personal infrastructure? The various apps and sites I’ve built and maintain are on cloud providers, which has been really great from a plug ‘n play point of view. I’m interested in setting up something like what you’ve described, at least for the sake of learning about the tools and getting the chance to implement some of my own tooling, but feel like it might be more trouble than it’s worth.

              1. 3

                I’m glad to hear you enjoyed it :)

                If it’s worth it, I don’t know I guess it depends on your priority. I think it boils down to my personality. I hate to rely on people and to feel I owe someone so I don’t really use some random orgs services. I did it in the past and I’m glad that when something is broken, I can go and fix it myself (of course to an extent). I don’t like (nor trust) companies (as you can see with the joke about google killing their services). I tend to be paranoid security wise, I think about surely way too many threats (while being reasonable, i.e. the NSA is not one of them). Therefore, hosting my own stuff is not really a choice ;)

                And to be honest, part of it is also it really helps getting a job (as I work as a sysadmin/devops/SRE/whatever the current trend names it).

                I do enjoy doing it but it’s not 100% pleasure. I guess it’s like cooking: I don’t always enjoy it, but I feel like I have to, and most of the time, I enjoy the result!

                Scratch your own itch and try to have fun while doing so!

                1. 1

                  Makes sense! I think this would be a really cool project for after I graduate and have more free time (which is soon thank goodness)!

              1. 1

                Great read! Very interesting.

                I found a minor typo in a link (Machines section - automated link) its https://chown.me/blog/upgrading-openbsd-with-ansible.html - No captial A in ansible ;)

                What Firewall are you using on your APU2? *sense, ipfire?

                1. 5

                  I initially wrote “ansible” everywhere then I thought a capital was better so I use sed like a hammer :D Thanks!

                  On the apu2, I run OpenBSD as well. A few years ago I ran OpenBSD for everything but hosting mastodon was too complicated (I don’t know well the Ruby ecosystem). I have some Ubuntu because containers make easy to host stuff. Most of the stuff still run on OpenBSD because I know the system well and being an OpenBSD developer I follow quite closely the project.

                  I would still recommend for anyone to run OpenBSD on a router since it’s quite easy as PacketFilter is fucking awesome.

                  1. 1

                    Well, I guessed that. OpenBSD is great for that. I have a a APU2 at home waiting for me to finish it.

                    Did you just install a plain OpenBSD and configured everything? OPNsense and pfsense are both based on OpenBSD. Right know I have OPNsense installed.

                    1. 4


                      • OPNsense and pfSense are both based on FreeBSD.
                      • OPNsense is a fork of pfSense, which in turn is a fork of the good old m0n0wall (which was also based on FreeBSD).
                      • Deciso/OPNsense is working on a version that is based on HardenedBSD, which in turn is also based on FreeBSD. It should come out very soon[1].

                      So FreeBSD all the way with these routing/firewall operating systems ;).

                      I use OPNsense since it came out on my APU2 (and later APU3 for another rack) and I can really recommend it! It’s very user friendly, easy to install and rather complete. I also really like you can use LibreSSL instead of OpenSSL. I also use OpenBSD on another router (like the author) and that also works rock solid/stable for years now. The BSD’s are great for firewalls/routing in my opinion.

                      [1] https://opnsense.org/about/road-map/

                      1. 1

                        Alright! My bad :D

                        I also really like OPNsense. I just have to figure out some stuff with my ISP and then I am ready to go

                1. 1

                  Company: Vade Secure
                  Company site: https://www.vadesecure.com
                  Position(s): DevOps, sysadmin, SRE (whatever you called it ;))
                  Location: France (Hem, Paris), Canada (Montreal, Vancouver) or Japan (Tokyo)
                  Description: From our website:

                  Vade Secure is a global leader in predictive email defense, protecting 600 million mailboxes in 76 countries. We help MSPs and SMBs protect their Office 365 users from advanced email threats, including phishing, spear phishing, and malware.

                  While we have a bunch of openings, I’m mostly looking for some new coworkers in my Ops team. If you know emails and how to administrate a server, reach out to me? :)
                  The opening’s pdf is available at https://box.vadesecure.com/index.php/s/iRFqWbXdrmbdwMc
                  Contact: lobstershr@chown.me