1. 1

    Great takeaways from this article. I would love to see some of the listed follow-up articles on this topic, especially:

    • DNS. If it’s not in the terraform directory we made before under Route53, it must be somewhere else. We gotta manage that like we manage a server because users logging into the DNS control panel and changing something can cripple the business.
    • Kubernetes. Should you use it? Are there other options? If you are using it now, what do you need to know about it?
    • Migrating to managed services. If your company is running its own databases or baking its own AMIs, now might be a great time to revisit that decision.
    1. 3

      What is stopping the community from building a net new (fully compatible) web browser at this point?

      I would love to hear from those who have the relevant experience (Chromium/Firefox developers, hobbyist browser developers).

      I see the answer to this come up often enough, that the endeavour is simply too big to try and make a new one at this point. I think if it’s worth it, then the amount of effort shouldn’t stop people from at least attempting to build something better.

      I’m intentionally being naive here with the hopes to spark some discussion.

      1. 4

        Rendering basic HTML is easy enough. Ensuring complex modern webapps like Google Docs work performantly is multiple orders of magnitude harder. Even Microsoft with all its corporate backing struggled to get the old Edge engine to run competitively.

        1. 3

          I’m curious what makes it orders of magnitude harder? Is it the amount of moving pieces? Is it the complexity of a specific piece needed to make modern web apps work? Maybe existing browser code bases are difficult to understand as a point of reference for someone starting out?

          1. 5

            A good way to understand the complexity of modern browsers is to look at standards that Mozilla is evaluating for support.

            You’ve got 127 standards from “new but slightly different notification APIs” to “enabling NFC, MIDI I/O, and raw USB access from the browser”. Now, obviously lots of these standards will never get implemented - but these are the ones that were important enough for someone to look at and consider.

        2. 3

          Drew DeVault goes through some of the challenges here. Short version: enormous complexity.

        1. 41

          I self host Bitwarden. Before that we’ve been thru Enpass and 1Password but nothing felt as secure. Just be sure to back up data regularly in either case!

          The reason for going down self hosted solution was primarily privacy. The only drawback is that we can’t snyc without VPN (which we do not mind at all).

          1. 7

            I use pass as my standard password manger, but I’m thinking about switching to bitwarden, largely so that I can access passwords on my phone. I’m actually currently running self-hosted bitwarden-rs myself, although my instance only has a single test password in it so far. The main thing I’m concerned about is having access to my passwords if my self-hosted webserver goes down for whatever reason. I haven’t figured out if bitwarden-rs provides a convenient way to do this .

            1. 8

              I use bitwarden-rs. I have found that you generally have access to passwords on already-sync’d clients if the server is down. Sometimes, either due to elapsed time, or because the client has tried some operation that requires access to the server, the client will insist on a connection to the server before it will proceed. I haven’t yet cared enough to run this down; my existing clients are give access just fine for short server outages, and that’s the case I care about. (i.e. I never have to go fix a server in order to log in to something. I have had to go fix a server in order to set up a new browser, as you might expect.)

              1. 6

                If you’d like to stick with pass, you might want to take a look at the apps. For me, using the Android app with Syncthing is working very well. I especially like it because I only sync a subset of my passwords which are on the “phone” directory, these are configured to be encrypted with my GPG key as well as another created specifically for my phone.

                This adds the syncthing dependency, which I didn’t mind because I was using it already for other data, so it was very easy to configure. However, you can also synchronize using Git (at least on Android).

                1. 8

                  I use pass + git + GPG on my computers and Password Store (git built-in) + OpenKeychain on Android. The git repository is served from my server at home. No need for Syncthing, but in order to update any passwords I require being on my home network, however that is infrequent.

                  1. 3

                    You can use Syncthing in combination with git, by replacing the .git directory with a .git file with contents gitdir: /path/to/.git. Then the git index will be excluded from Syncthing sync. You get the best of both worlds.

                    1. 1

                      I use syncthing to sync my bare git repos, and push to them from other folders on my macbine. Works pretty well.

                2. 2

                  I don’t have access to home network/VPN on my laptop for at least 8 hours a day and no issues so far. Just note that you can’t save new passwords without a connection.

                  1. 1

                    I use VPN for editing. Access is OK with a cached version.

                1. 4

                  I’ve been looking for a reason get more hands on with Nix and this article is a great showcase of how easy it is to setup an environment. Time to figure out how nixos-infect works,

                  This script wipes out the targeted host’s root filesystem when it runs to completion.

                  Is there a benefit from running NixOS vs. Ubuntu + Nix? Is the latter even possible?

                  1. 5

                    NixOS lets you undo system upgrades. Ubuntu + Nix lets you roll back software but you don’t get the deep system integration like my post describes.

                  1. 1

                    I just finished reading One Man’s Wilderness by Sam Keith about a man who travels to backcountry Alaska and builds himself a cabin using all natural materials and hand tools.

                    Up next is The Moon Is a Harsh Mistress by Robert Heinlein, been meaning to read this one for some time.

                    1. 2

                      I recently (well, around a year ago) read The Moon… for the first time. It’s surprisingly fresh for its age.

                      If you want a “modern” take on the “libertarian moon” trope, look for Ian MacDonald’s recent Luna trilogy. http://gerikson.com/blog/books/read/Twice-on-a-Harsh-Moon.html

                    1. 3

                      Taking a moment to breathe and get organized with the much needed holiday break. Today, I started playing around with GitHub projects by creating a project to better document my laptop setup: https://github.com/users/nerditup/projects/1

                      1. 7

                        I really enjoyed this perspective of deploying a “real” website. This speaks volumes about the lobsters community and why I’m happy to be a part of it.

                        I’ve shared roadmap.sh and learnenough.com with a friend of mine who is in a similar position as you were when you started this project, thank you for sharing!