upvote

points

by not_kurt_godel22 hours ago |
comments
upvoteby sgc21 hours ago|
next
[-]
OMG, not the once in a lifetime viral opportunity!

You will never win this crusade, because there are too many people here who know from experience a VPS is neither expensive, nor under-performing up to millions of users a day, nor hard.

reply
upvoteby not_kurt_godel21 hours ago|
parent|
[-]
That's fine, it's not really a crusade. Just my opinion about the right infrastructure for the right use case informed by the objective reasons I gave. If doing more work with more headaches for a solution that costs more and performs worse is your jam, then power to you.
reply
upvoteby grebc15 hours ago|
parent|
[-]
You’ve written nothing objective.
reply
upvoteby not_kurt_godel14 hours ago|
parent|
[-]
Sure I have. Let me help you by recapping:

1. VPS costs more money. CDN is free for all intents and purposes.

2. VPS has worse availability even when run perfectly.

3. VPS requires more monitoring and maintenance.

4. VPS presents far greater security risk.

reply
upvoteby grebc14 hours ago|
parent|
next
[-]
You don’t need to recap your subjective experience, it’s on full display.
reply
upvoteby not_kurt_godel14 hours ago|
parent|
prev|
[-]
u/grebc if money is subjective to you, then you're free to send me some as you objectively won't miss it.
reply
upvoteby grebc13 hours ago|
parent|
[-]
Seems you have trouble reading too.
reply
upvoteby jvanderbot7 hours ago|
prev|
next
[-]
You're not wrong, but that doesn't make your argument immediately compelling. It is easy, but so is VPS. People use what they know, and switching cost requires a reason other than "this is also easy"
reply
upvoteby Mashimo14 hours ago|
prev|
next
[-]
Why would a VPS choke hosting static HTML?

For 5 EUR you get 20 TB traffic on Hetzner.

reply
upvoteby not_kurt_godel1 hours ago|
parent|
[-]
You tell me. Here's a list of maybe 15 sites it's happened to on HN in just the last month: https://hn.algolia.com/?dateRange=pastMonth&page=0&prefix=tr...
reply
upvoteby qmr21 hours ago|
prev|
next
[-]
This is a broken take for so many reasons. Also service monitoring is a thing.

https://en.wikipedia.org/wiki/The_Feeling_of_Power

reply
upvoteby not_kurt_godel21 hours ago|
parent|
[-]
I listed my reasons, feel free to provide your own. I've done enough security, ops, and oncall professionally that I have zero desire to do extra in my free time. Power to you if want to do otherwise and/or post references to "deskilling" while advocating an outdated inefficient approach to long-solved problems.
reply
upvoteby shric22 hours ago|
prev|
next
[-]
> want your site to choke during once-in-lifetime opportunities to go life-changingly viral, and like contributing to the global population malicious botnets.

You can put it behind cloudflare for free.

reply
upvoteby not_kurt_godel22 hours ago|
parent|
[-]
You can put the whole thing on CloudFlare Pages for free too. Zero reason to pay for or deal with the complexity of an unnecessary VPS.
reply
upvoteby shric22 hours ago|
parent|
[-]
Again “zero reason”. For some people it’s fun to have a VPS, that is a reason in and of itself.
reply
upvoteby not_kurt_godel21 hours ago|
parent|
[-]
Of course literally anything can be 'reasonable' if you a priori like doing it independent of its technical/functional merits. My ex-coworker liked to write literally tens of thousands of lines of extra, completely unnecessary code for fun. That was a fine reason for him personally but didn't make it any less stupid to deal with for the rest of us.
reply
upvoteby shric17 hours ago|
parent|
[-]
The key here is “coworker”. He has an obligation to do reasonable things due to being employed by someone and it affecting others.

This is completely different. When it’s a person blog and a personal VPS it’s affecting nobody but that person.

reply
upvoteby not_kurt_godel16 hours ago|
parent|
[-]
And that's A-OK for them if that person likes more work with more headaches for a solution that costs more and performs worse. (Although less OK for everyone else when their VPS gets compromised and made part of a botnet or otherwise used for cybercrime.)
reply
upvoteby vsgherzi22 hours ago|
prev|
[-]
This is a blog.... you don't need some monster machine. You can server TONS of people off the smallest Digital Ocean instance.

Many of these small VPSs can be had for less than a couple bucks a month. Tons of popular influencers run their own machines for their blog.

insinuating that it's unsafe to run your own machine is insanity. I don't understand this mindset of being scared to run your own stuff. Especially if you're doing doing it at such a large scale there's nothing wrong with doing it with nginx and a linux box on a vps. You'll learn a hell of a lot more and be fine. At the end of the day it's a computer. We've been hosting websites since the 70's. With the advant of cloud compute is easier than every to run your own.

(edited to be less mean)

reply
upvoteby not_kurt_godel21 hours ago|
parent|
[-]
We have had something vastly better than an individual computer since idk, the mid 90s, called a CDN.

I guess if you want to call being informed about the online threat landscape "scared", that's your perogative. For me, it's common sense to avoid completely unnecessary threat vectors to my digital infrastructure, but power to you if you like dealing with extra maintenance overhead and constantly wondering whether you're providing free cryptomining to some random international criminal.

reply
upvoteby vsgherzi21 hours ago|
parent|
[-]
There's threats on the internet, so don't spin up servers? Idk am I reading into that unfairly? That seems pretty fear mongering to me. Lots of engineering goes into making things safe for engineers to build on. Of course you can also just use squarespace and not worry about it at all. Perhaps my security posture is just not as intense as yours but I'm really just not super concerned my blog is going to get pwned. If it does then I get to learn some interesting things.

I'm also not sure that I really need a CDN for a simple blog . I'm not going to benefit from the caching as it's not video or images.

reply
upvoteby not_kurt_godel21 hours ago|
parent|
[-]
Servers are work, including security overhead, so yes, don't spin them up if there is an alternative solution that is superior in every way except for not being able to churn digital butter.
reply
upvoteby vsgherzi20 hours ago|
parent|
next
[-]
Yknow unfortunately I just don't think we're going to see eye to eye on this one. I really don't mind that small amount work and I enjoy owning and operating the entire stack. That dosen't really seem like your cup of tea.

The flexibility and learning is more important for me. For example I want to aggregate HN comments and lobste.rs comments and inject that into the HTML before serving. (on the server side so no CORS or other additions)

I was considering adding additional metrics to see who is hitting the server and how at the reverse proxy level.

This is all stuff I can't really do on a github pages blog.

I see what you're saying if you want set and forget that's fine, but like I said above it's a tradeoff.

The one server I have just has 80 and 443 open with nginx. I expect it to run indefinitely with little maintenance.

reply
upvoteby not_kurt_godel20 hours ago|
parent|
[-]
I mean, obviously we're not gonna see eye-to-eye if you're talking about a non-static, non-hugo site, which was the subject of my comment.

I've owned and operated enough stacks e2e both personally and professionally to have gotten over the novelty. The less shit that can go wrong, the better. I sleep better at night not wondering whether any of the constant stream of IPs in my fail2ban log is wielding a yet-to-be-CVE'd zero-day, or finding out that my site has been down for 6 weeks because of some fucking stupid bug in the latest kernel patch or whatever.

reply
upvoteby jadedragon94216 hours ago|
parent|
next
[-]
Sorry to jump in... But why are you ssh'ing into your hosts over the open net? Why not tailscale? Why not wireguard?
reply
upvoteby MrDOS12 hours ago|
parent|
next
[-]
Assuming password authentication is disabled, why wouldn't you SSH into your hosts over the open net? Why Tailscale? Why Wireguard?
reply
upvoteby not_kurt_godel15 hours ago|
parent|
prev|
[-]
Great question...the answer is I don't, because I don't have any web hosting servers, or even persistent app servers for that matter. I've built 99% serverless for 10 years now and it has been glorious. Will never go back to managing individual hosts ever again if I can help it.
reply
upvoteby vsgherzi14 hours ago|
parent|
prev|
[-]
Good luck with that! I’ll enjoy my servers :)
reply
upvoteby mx7zysuj4xew7 hours ago|
parent|
prev|
[-]
Sounds to me that you're giving bullshit excuses because you lack the skills to run a basic httpd
reply
upvoteby not_kurt_godel2 hours ago|
parent|
[-]
Lol, I have years of experience managing/being oncall for business-critical production hosts that generated thousands of dollars of revenue per minute. While I don't profess to be a particularly skilled sysadmin, I will say the worst incident I was responsible for over those years was a minor 30-minute brownout that cost about $5k in lost revenue. So sure, you can call me a bullshitter if that makes you happy, as long as you're OK with me calling you a bullshitter for understating the cost, risk, effort and complexity of running an Internet-facing server properly, especially compared with the enormous advantages of using a CDN for static content.
reply
upvoteby RedCinnabar2 minutes ago|
parent|
[-]
You literally claimed that running a VPS is a threat because someone could break in and mine crypto. This is only possible if your machine is misconfigured due to lack of skill. So yes, you’re either a bullshitter or a AWS/Cloudflare shill. Either way, your opinion doesn’t reflect reality.
reply