• 0 Posts
  • 8 Comments
Joined 5 months ago
cake
Cake day: June 23rd, 2024

help-circle
  • I was also with a provider that didn’t offer API access for the longest time. When they then increased prices, I switched, now paying a third of their asking price per year at a very good provider.

    I guess migrating is difficult if the provider doesn’t offer a mechanism to either dump the DNS to a file or perform a zone transfer (the later being part of the standard).

    Can only recommend INWX for domains, though my personal requirements aren’t the highest.



  • Also wildcard certificates are more difficult to do automated with let’s encrypt.

    They are trivial with a non-garbage domain provider.

    If you want EV certificates (where the cert company actually calls you up and verifies you’re the company you claim to be) you also need to go the paid route

    The process however isn’t as secure as one might think: https://cyberscoop.com/easy-fake-extended-validation-certificates-research-shows/

    In my experience trustworthyness of certs is not an issue with LE. I sometimes check websites certs and of I see they’re LE I’m more like “Good for them”

    Basically, am LE cert says “we were able to verify that the operator of this service you’re attempting to use controls (parts of) the domain it claims to be part of”. Nothing more or less. Which in most cases is enough so that you can secure the connection. It’s possibly even a stronger guarantee than some sketchy cert providers provided in the past which was like “we were able to verify that someone sent us money”.



  • Also game servers because they’re generally very easy to host at home, and due to generally high RAM and storage needs paying for hosting can be quite pricey.

    Really?

    I thought this was more the case with flexible providers like DigitalOcean. My current provider charges 5,36€ per month for 4 cores (though I assume this corresponds rather to 2 SMT-enabled cores), 6 GB of RAM and a 400 GB SSD. It offers better latency for most players (obviously not for myself) and in most cases has been sufficient regarding performance.


  • Ah, ACLs, had the pleasure of working with these again last weeks.

    It gets really curious when even the Arch wiki doesn’t really know what’s going on (talking about mask and effective permissions):

    The factual accuracy of this article or section is disputed.

    Reason: The original note about the --mask option (which was taken from setfacl(1)) was determined as inaccurate, but the new note does not seem correct either. See the talk page for details.

    From trying, I can confirm that the info presented further down is wrong.

    Once you read what it actually does and why it’s the way it is, it makes more sense - not that I remember it now - but at least there was a coherent design decision behind it