Can we start another r/devops that isn't just people asking about how to get a DevOps job?
My impression of this community is that it's largely dominated by:
* People asking how to get a DevOps job
* People complaining that the business doesn't "Get DevOps"
* Infrastructure (acknowledging that infrastructure is an important part of DevOps)
What I was expecting when I joined this community:
* Discussion on the suitability of IaC after 10+ years and the need for CDK's or other alternatives.
* Discussion on managing microservices at scale, loosely coupled architecture's, DAPR, etc..
* Team topologies, shift towards platform engineering, and general team anti patterns
* etc.
[https://en.wikipedia.org/wiki/No\_true\_Scotsman](https://en.wikipedia.org/wiki/No_true_Scotsman)
https://redd.it/1kbcnm9
@r_devops
My impression of this community is that it's largely dominated by:
* People asking how to get a DevOps job
* People complaining that the business doesn't "Get DevOps"
* Infrastructure (acknowledging that infrastructure is an important part of DevOps)
What I was expecting when I joined this community:
* Discussion on the suitability of IaC after 10+ years and the need for CDK's or other alternatives.
* Discussion on managing microservices at scale, loosely coupled architecture's, DAPR, etc..
* Team topologies, shift towards platform engineering, and general team anti patterns
* etc.
[https://en.wikipedia.org/wiki/No\_true\_Scotsman](https://en.wikipedia.org/wiki/No_true_Scotsman)
https://redd.it/1kbcnm9
@r_devops
Kamatera Review: My Honest Experience After Trying Their Free Trial
If you’re searching for a cloud hosting provider and came across Kamatera, you’re probably wondering whether it's really worth it. I had the same question before I signed up, and now that I’ve personally used it, here’s my full Kamatera review based on real experience — including their generous 30-day free trial.
**Why I Chose Kamatera**
After trying several cloud hosting services like DigitalOcean and Vultr, I stumbled upon [Kamatera](https://www.kamatera.com/free-trial/). What immediately stood out was their **free 30-day trial**, which includes **$100 in credits** no strings attached. That was more than enough for me to test out the platform and see if it could meet my project’s needs.
As someone who runs web-based apps and occasional testing environments for clients, I was looking for:
* High-performance cloud servers
* Flexible configuration
* Easy scaling
* Reasonable pricing
* Reliable customer support
Kamatera delivered on all fronts.
**Setting Up My Cloud Server**
The onboarding process was surprisingly smooth. After a quick verification call (standard for security), I was inside the Kamatera dashboard. The interface is **clean, fast, and intuitive**, and within minutes I had launched my first cloud server.
You can choose from dozens of configurations — Linux, Windows, various data centers (they have 18+ globally), and even granular control over CPU, RAM, and storage. I spun up an Ubuntu 22.04 server in a New York data center with 2 vCPUs, 4GB RAM, and 50GB SSD — and it was **blazing fast**.
**Performance That Speaks for Itself**
Once the server was live, I installed my web application and began testing performance. I was impressed:
* **Page load speeds were consistently under 1 second**
* No downtime throughout the 30-day period
* CPU and RAM usage remained very stable, even under moderate traffic
I also ran some benchmarking tools like Apache Benchmark and GTmetrix, which showed significant improvements compared to my previous provider. For developers or startups needing **low-latency and high-availability hosting**, Kamatera is a serious contender.
**Support That Actually Helps**
Here’s where Kamatera really surprised me: their **24/7 live chat support** is excellent. I reached out twice — once for a firewall configuration question and another time for help resizing the server. Both times, I got connected with a real human in under 2 minutes, and the issue was resolved quickly.
In a world full of bots and slow ticket systems, this felt like a breath of fresh air.
**Transparent Pricing**
After my trial, I decided to stick with Kamatera — and the pricing was still reasonable. They offer **hourly and monthly billing** options, with full transparency. No hidden fees, and you can scale resources up or down anytime.
If you need a cost-effective yet powerful alternative to AWS, Azure, or GCP — Kamatera is well worth considering.
**Final Verdict: Is Kamatera Worth It?**
Absolutely. Based on my hands-on experience, I can confidently say Kamatera offers:
* Fast and customizable cloud servers
* An easy-to-use platform
* Fantastic support
* Fair pricing
* And a risk-free trial
Whether you're a developer, startup founder, or even running a small business — Kamatera gives you the flexibility and performance you need.
**Try it for yourself with their** [**30-day free trial**](https://www.kamatera.com/free-trial/) and see the difference.
https://redd.it/1kbd6al
@r_devops
If you’re searching for a cloud hosting provider and came across Kamatera, you’re probably wondering whether it's really worth it. I had the same question before I signed up, and now that I’ve personally used it, here’s my full Kamatera review based on real experience — including their generous 30-day free trial.
**Why I Chose Kamatera**
After trying several cloud hosting services like DigitalOcean and Vultr, I stumbled upon [Kamatera](https://www.kamatera.com/free-trial/). What immediately stood out was their **free 30-day trial**, which includes **$100 in credits** no strings attached. That was more than enough for me to test out the platform and see if it could meet my project’s needs.
As someone who runs web-based apps and occasional testing environments for clients, I was looking for:
* High-performance cloud servers
* Flexible configuration
* Easy scaling
* Reasonable pricing
* Reliable customer support
Kamatera delivered on all fronts.
**Setting Up My Cloud Server**
The onboarding process was surprisingly smooth. After a quick verification call (standard for security), I was inside the Kamatera dashboard. The interface is **clean, fast, and intuitive**, and within minutes I had launched my first cloud server.
You can choose from dozens of configurations — Linux, Windows, various data centers (they have 18+ globally), and even granular control over CPU, RAM, and storage. I spun up an Ubuntu 22.04 server in a New York data center with 2 vCPUs, 4GB RAM, and 50GB SSD — and it was **blazing fast**.
**Performance That Speaks for Itself**
Once the server was live, I installed my web application and began testing performance. I was impressed:
* **Page load speeds were consistently under 1 second**
* No downtime throughout the 30-day period
* CPU and RAM usage remained very stable, even under moderate traffic
I also ran some benchmarking tools like Apache Benchmark and GTmetrix, which showed significant improvements compared to my previous provider. For developers or startups needing **low-latency and high-availability hosting**, Kamatera is a serious contender.
**Support That Actually Helps**
Here’s where Kamatera really surprised me: their **24/7 live chat support** is excellent. I reached out twice — once for a firewall configuration question and another time for help resizing the server. Both times, I got connected with a real human in under 2 minutes, and the issue was resolved quickly.
In a world full of bots and slow ticket systems, this felt like a breath of fresh air.
**Transparent Pricing**
After my trial, I decided to stick with Kamatera — and the pricing was still reasonable. They offer **hourly and monthly billing** options, with full transparency. No hidden fees, and you can scale resources up or down anytime.
If you need a cost-effective yet powerful alternative to AWS, Azure, or GCP — Kamatera is well worth considering.
**Final Verdict: Is Kamatera Worth It?**
Absolutely. Based on my hands-on experience, I can confidently say Kamatera offers:
* Fast and customizable cloud servers
* An easy-to-use platform
* Fantastic support
* Fair pricing
* And a risk-free trial
Whether you're a developer, startup founder, or even running a small business — Kamatera gives you the flexibility and performance you need.
**Try it for yourself with their** [**30-day free trial**](https://www.kamatera.com/free-trial/) and see the difference.
https://redd.it/1kbd6al
@r_devops
Kamatera
30- Days Free Trial
Sign up for 30 days of free cloud services on Kamatera. Try out our fast, flexible cloud platform with a $100 credit.
Do you actually know where the name Ansible comes from?
I found out in a very natural way. While reading “The left hand of darkness” (1969!) by Ursula K. LeGuin I stumbled upon it and then researched where it comes from.
It is a rather important device in LeGuins “Hainish cycle”, used for intergalactic communication (and therefor stabilizing the vast expanse of the Hainish territory).
I love nerdom so much.
https://redd.it/1kbdgj9
@r_devops
I found out in a very natural way. While reading “The left hand of darkness” (1969!) by Ursula K. LeGuin I stumbled upon it and then researched where it comes from.
It is a rather important device in LeGuins “Hainish cycle”, used for intergalactic communication (and therefor stabilizing the vast expanse of the Hainish territory).
I love nerdom so much.
https://redd.it/1kbdgj9
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Expose home server with Rathole tunnel and Traefik
I wrote a straightforward guide for everyone who wants to experiment with self-hosting websites from home but is unable to because of the lack of a public, static IP address. The reality is that most consumer-grade IPv4 addresses are behind CGNAT, and IPv6 is still not widely adopted.
Code is also included, you can run everything and have your home server available online in less than 30 minutes, whether it is a virtual machine, an LXC container in Proxmox, or a Raspberry Pi - anywhere you can run Docker.
I used Rathole for tunneling due to performance reasons and Docker for flexibility and reusability. Traefik runs on the local network, so your home server is tunnel-agnostic.
Here is the link to the article:
https://nemanjamitic.com/blog/2025-04-29-rathole-traefik-home-server
Have you done something similar yourself, did you take a different tools and approaches? I would love to hear your feedback.
https://redd.it/1kbfjws
@r_devops
I wrote a straightforward guide for everyone who wants to experiment with self-hosting websites from home but is unable to because of the lack of a public, static IP address. The reality is that most consumer-grade IPv4 addresses are behind CGNAT, and IPv6 is still not widely adopted.
Code is also included, you can run everything and have your home server available online in less than 30 minutes, whether it is a virtual machine, an LXC container in Proxmox, or a Raspberry Pi - anywhere you can run Docker.
I used Rathole for tunneling due to performance reasons and Docker for flexibility and reusability. Traefik runs on the local network, so your home server is tunnel-agnostic.
Here is the link to the article:
https://nemanjamitic.com/blog/2025-04-29-rathole-traefik-home-server
Have you done something similar yourself, did you take a different tools and approaches? I would love to hear your feedback.
https://redd.it/1kbfjws
@r_devops
Nemanjamitic
Expose home server with Rathole tunnel and Traefik - Nemanja Mitic
Bypass CGNAT permanently and host websites from home.
Built a fun Java-based app with Blue-Green deployment strategy on kubernetes
I finished a fun Java app on EKS with full Blue-Green deployments that is automated end-to-end using Jenkins & Terraform, It feels like magic, but with more YAML and less sleep...
Code, Diagram, YAML, and deployment drama live here: GitHub Repo
Stack:
Infra: Terraform
CI/CD: Jenkins (Maven, SonarQube, Trivy, Docker, ECR)
Kubernetes: EKS + raw manifests
Deployment: Blue-Green with auto health checks & rollback
DB: MySQL (shared)
Security: SonarQube & Trivy scans
Traffic: LB with auto-switching
Logging: Not in this project yet
Pipeline runs all the way from Git to prod with zero manual steps. Super satisfying! :)
I'm eager to learn from your experiences and insights! Thanks in advance for your feedback :)
https://redd.it/1kbgihq
@r_devops
I finished a fun Java app on EKS with full Blue-Green deployments that is automated end-to-end using Jenkins & Terraform, It feels like magic, but with more YAML and less sleep...
Code, Diagram, YAML, and deployment drama live here: GitHub Repo
Stack:
Infra: Terraform
CI/CD: Jenkins (Maven, SonarQube, Trivy, Docker, ECR)
Kubernetes: EKS + raw manifests
Deployment: Blue-Green with auto health checks & rollback
DB: MySQL (shared)
Security: SonarQube & Trivy scans
Traffic: LB with auto-switching
Logging: Not in this project yet
Pipeline runs all the way from Git to prod with zero manual steps. Super satisfying! :)
I'm eager to learn from your experiences and insights! Thanks in advance for your feedback :)
https://redd.it/1kbgihq
@r_devops
GitHub
GitHub - Ammb305/blue-green-prod-deployment
Contribute to Ammb305/blue-green-prod-deployment development by creating an account on GitHub.
SST vs Pulumi for CGP + Python + React?
I'm traditionally a frontend dev but doing everything now I've joined a tiny startup. We're using GCP, Python and React.
I set everything up with Terraform. It's working but I only have my local dev environment and production. To do a release I have to manually build docker images, update the Terraform config and run `terraform apply`.
I want to have PR branches built automatically when I push up changes, and production deployed when I merge to master.
I'd also love code completion and type safety in my infrastructure as code. Even though the backend is Python I’d rather use TypeScript for this as I know it better.
It seems like SST and Pulumi are the options for upgrading my set up? Is there a big difference between them? I know SST is built on Pulumi, but not sure how different the features / DX is?
https://redd.it/1kbiqay
@r_devops
I'm traditionally a frontend dev but doing everything now I've joined a tiny startup. We're using GCP, Python and React.
I set everything up with Terraform. It's working but I only have my local dev environment and production. To do a release I have to manually build docker images, update the Terraform config and run `terraform apply`.
I want to have PR branches built automatically when I push up changes, and production deployed when I merge to master.
I'd also love code completion and type safety in my infrastructure as code. Even though the backend is Python I’d rather use TypeScript for this as I know it better.
It seems like SST and Pulumi are the options for upgrading my set up? Is there a big difference between them? I know SST is built on Pulumi, but not sure how different the features / DX is?
https://redd.it/1kbiqay
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
What’s the value of kagent?
Read TLDR today and saw the part about the new kagent project: https://kagent.dev/docs/examples/documentation
I’ve written scripts to interrogate metrics before and do actions, what’s the actual value of this to us folks in dev/ops, and what would I actually need AI to know about my cluster that a script couldn’t already figure out itself?
https://redd.it/1kbk5vi
@r_devops
Read TLDR today and saw the part about the new kagent project: https://kagent.dev/docs/examples/documentation
I’ve written scripts to interrogate metrics before and do actions, what’s the actual value of this to us folks in dev/ops, and what would I actually need AI to know about my cluster that a script couldn’t already figure out itself?
https://redd.it/1kbk5vi
@r_devops
kagent.dev
Using documentation in your agents
See an example of a kagent agent built to help with documentation-related tasks.
What networking questions should a fresher DevOps engineer expect in interviews?
Hey folks,
I'm preparing for DevOps engineer interviews as a fresher and want to get a solid grasp on the networking side of things. I understand that networking is a key skill for DevOps, but I’m not sure what kind of questions are commonly asked at the entry level.
Could anyone share the typical networking topics or specific questions that I should prepare for? Things like DNS, HTTP, ports, firewalls, etc.?
Any tips, resources, or personal interview experiences would be super helpful!
https://redd.it/1kbk2a2
@r_devops
Hey folks,
I'm preparing for DevOps engineer interviews as a fresher and want to get a solid grasp on the networking side of things. I understand that networking is a key skill for DevOps, but I’m not sure what kind of questions are commonly asked at the entry level.
Could anyone share the typical networking topics or specific questions that I should prepare for? Things like DNS, HTTP, ports, firewalls, etc.?
Any tips, resources, or personal interview experiences would be super helpful!
https://redd.it/1kbk2a2
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Cut FAT/SAT Reporting Time by 95%: How GHS Accelerated Production with Skedler
Discover how Green Hydrogen Systems automated FAT/SAT reports from Grafana without coding, screenshots, or expensive upgrades.
Read More
https://redd.it/1kbmavc
@r_devops
Discover how Green Hydrogen Systems automated FAT/SAT reports from Grafana without coding, screenshots, or expensive upgrades.
Read More
https://redd.it/1kbmavc
@r_devops
Skedler
Green Hydrogen Systems Automates FAT/SAT Reporting from Grafana with Skedler
Green Hydrogen Systems automates FAT/SAT reporting from Grafana with Skedler. Enhance reporting efficiency, accuracy, and save time by seamlessly integrating Skedler for automated reporting solutions.
Are there any services for AI-Agents to setup Webhooks?
I used low/no-Code platforms where I'd setup a webhook to trigger an agent, or for an agent to send something forward, but it's always me who has to set it up in the browser. Why not let the agent do that by itself as well? I haven't seen it much (maybe there is, I just haven't seen) which it is surprising since Mcp servers (which are just agent-focused APIs) are all the rage right now
https://redd.it/1kbnz7u
@r_devops
I used low/no-Code platforms where I'd setup a webhook to trigger an agent, or for an agent to send something forward, but it's always me who has to set it up in the browser. Why not let the agent do that by itself as well? I haven't seen it much (maybe there is, I just haven't seen) which it is surprising since Mcp servers (which are just agent-focused APIs) are all the rage right now
https://redd.it/1kbnz7u
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Calling all founders - Help validate an early stage idea - helping AI developers go from fine tuned AI model to product in minutes
We’re working on a platform thats kind of like Stripe for AI APIs. You’ve fine-tuned a model. Maybe deployed it on Hugging Face or RunPod.
But turning it into a usable, secure, and paid API? That’s the real struggle.
Wrap your model with a secure endpoint
Add metering, auth, rate limits
Set your pricing
We handle usage tracking, billing, and payouts
It takes weeks to go from fine-tuned model to monetization. We are trying to solve this.
We’re validating interest right now. Would love your input: **https://forms.gle/GaSDYUh5p6C8QvXcA**
Takes 60 seconds — early access if you want in.
We will not use the survey for commercial purposes. We are just trying to validate an idea. Thanks!
https://redd.it/1kbqa5b
@r_devops
We’re working on a platform thats kind of like Stripe for AI APIs. You’ve fine-tuned a model. Maybe deployed it on Hugging Face or RunPod.
But turning it into a usable, secure, and paid API? That’s the real struggle.
Wrap your model with a secure endpoint
Add metering, auth, rate limits
Set your pricing
We handle usage tracking, billing, and payouts
It takes weeks to go from fine-tuned model to monetization. We are trying to solve this.
We’re validating interest right now. Would love your input: **https://forms.gle/GaSDYUh5p6C8QvXcA**
Takes 60 seconds — early access if you want in.
We will not use the survey for commercial purposes. We are just trying to validate an idea. Thanks!
https://redd.it/1kbqa5b
@r_devops
Google Docs
Stripe for AI Models
We’re building a Stripe-style platform that helps you deploy and monetize your models as APIs in minutes.
No infra setup. Built-in billing. Usage dashboards.
We’d love your feedback — just 60 seconds:
No infra setup. Built-in billing. Usage dashboards.
We’d love your feedback — just 60 seconds:
Spinnaker in 2025
Views of people who are using it. Pros / cons
Open-source alternatives
Paid alternatives
TIA
https://redd.it/1kbq7yr
@r_devops
Views of people who are using it. Pros / cons
Open-source alternatives
Paid alternatives
TIA
https://redd.it/1kbq7yr
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Security Tool (hardening) with Ansible remediation
Hello guys!
I work on Squirrel Servers Manager, the open-source monitoring & configuration management platform some of you might know from here or Github.
I am starting starting to build a lightweight security feature for self-hosted / on-prem Linux boxes.
The idea: scan your servers over SSH, spot common config issues or weak points (CIS-style stuff), and suggest ready-to-run Ansible playbooks to fix them. No agents, no magic — just faster, cleaner hardening. Think about it like a lightweight "Ansible Lockdown" with an UI.
Before I go too far and spend too many weekends on it :-), I’d love your input:
Biggest security frustrations/needs right now?
How do you handle server hardening today?
On hardening - what’s the most annoying part? Keeping track of benchmark? Writing fixes? Testing safely?
Would a workflow like this save you time or just add noise?
If you’re curious to try it early or have opinions, I’d love to hear from you here or by DM.
Thanks, and fire away with critique, war stories, or “this already exists, go look at X”! — Manu
https://redd.it/1kbjx53
@r_devops
Hello guys!
I work on Squirrel Servers Manager, the open-source monitoring & configuration management platform some of you might know from here or Github.
I am starting starting to build a lightweight security feature for self-hosted / on-prem Linux boxes.
The idea: scan your servers over SSH, spot common config issues or weak points (CIS-style stuff), and suggest ready-to-run Ansible playbooks to fix them. No agents, no magic — just faster, cleaner hardening. Think about it like a lightweight "Ansible Lockdown" with an UI.
Before I go too far and spend too many weekends on it :-), I’d love your input:
Biggest security frustrations/needs right now?
How do you handle server hardening today?
On hardening - what’s the most annoying part? Keeping track of benchmark? Writing fixes? Testing safely?
Would a workflow like this save you time or just add noise?
ssh-key ➜ scan (CIS-ish checks + top CVEs) ➜ get a ranked list & matching Ansible/YAML snippets ➜ approve / tweak / run ➜ success/fail ping after 30 minIf you’re curious to try it early or have opinions, I’d love to hear from you here or by DM.
Thanks, and fire away with critique, war stories, or “this already exists, go look at X”! — Manu
https://redd.it/1kbjx53
@r_devops
SquirrelServersManager
SSM | Squirrel Servers Manager
A user-friendly, UI/UX focused server & configuration management tool, powered by Ansible & Docker
How to SSH from RHEL6 to RHEL9?
It seems SHA-1 is no longer accepted by default in RHEL9 and RSA keys of any length are no longer accepted. I'm in the process of migrating some RHEL6 servers to RHEL9 and it seems the OpenSSH versions are too different for any ssh keys to be compatible. I've tried various key types and cant manage to make a connection. Cant find a common key/method.
It seems my options are to use a jump box which I'd rather not do or use a legacy option in RHEL9 and lower it's security.
Any other options?
https://redd.it/1kbwhdq
@r_devops
It seems SHA-1 is no longer accepted by default in RHEL9 and RSA keys of any length are no longer accepted. I'm in the process of migrating some RHEL6 servers to RHEL9 and it seems the OpenSSH versions are too different for any ssh keys to be compatible. I've tried various key types and cant manage to make a connection. Cant find a common key/method.
It seems my options are to use a jump box which I'd rather not do or use a legacy option in RHEL9 and lower it's security.
Any other options?
https://redd.it/1kbwhdq
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Saw lots of comments that Jenkins is not worth it. Why and if not then what??
I looking to enter devops and just completed jenkins. But iam worried looking at all those comments. And also what other helpful tip you would give. Thank you 🙏
https://redd.it/1kc0vvk
@r_devops
I looking to enter devops and just completed jenkins. But iam worried looking at all those comments. And also what other helpful tip you would give. Thank you 🙏
https://redd.it/1kc0vvk
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Switching to devops
I am a fronte end engineer with 3 year of experience wanting to switch into devops .What should I learn and how should I learn to transition smoothly into Devops.
https://redd.it/1kc2lco
@r_devops
I am a fronte end engineer with 3 year of experience wanting to switch into devops .What should I learn and how should I learn to transition smoothly into Devops.
https://redd.it/1kc2lco
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
DevOps vs Machine Learning (NOT A POST RE HOW TO GET A DEVOPS JOB)
hi
i am still an undergrad student having done a few internships in ml and 1 in devops. initially i was the most inclined towards building a career in ml, but i have noticed a sharp increase in the competition in ml jobs especially in the last year or so which made me rethink about my decision in going towards ml and rn im considering a shift to the devops side, considering how ml is an ever-expanding domain (devops is too but at least its not as much as ml because of the math behind everything imo)
whats your take on it? ive heard people saying theres less competition in devops, at least than in ml. correct me if im wrong, and any suggestions or a personal opinion is welcome, thanks
https://redd.it/1kc6rh4
@r_devops
hi
i am still an undergrad student having done a few internships in ml and 1 in devops. initially i was the most inclined towards building a career in ml, but i have noticed a sharp increase in the competition in ml jobs especially in the last year or so which made me rethink about my decision in going towards ml and rn im considering a shift to the devops side, considering how ml is an ever-expanding domain (devops is too but at least its not as much as ml because of the math behind everything imo)
whats your take on it? ive heard people saying theres less competition in devops, at least than in ml. correct me if im wrong, and any suggestions or a personal opinion is welcome, thanks
https://redd.it/1kc6rh4
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
I built a PagerDuty docs AI, LMK what you think!
Hi everyone,
I gave a custom LLM access to all PagerDuty dev center docs(https://developer.pagerduty.com/docs/introduction) to answer technical questions for people using PagerDuty: https://demo.kapa.ai/widget/pagerduty
Any other technical info you think would be helpful to add to the knowledge base?
Would love to hear your thoughts on it!
https://redd.it/1kc8o6c
@r_devops
Hi everyone,
I gave a custom LLM access to all PagerDuty dev center docs(https://developer.pagerduty.com/docs/introduction) to answer technical questions for people using PagerDuty: https://demo.kapa.ai/widget/pagerduty
Any other technical info you think would be helpful to add to the knowledge base?
Would love to hear your thoughts on it!
https://redd.it/1kc8o6c
@r_devops
Should you whitelist known cookies in the WAF?
So recently we had an outage due to a cookie value for a third party monitoring system falling foul of a WAF Rule.
This was tested in QA environment and it didn't trigger the WAF (cookie value was different in qa) so it never was raised as an issue.
This got me thinking that maybe we should whitelist all known cookies but obviously that opens the door to attack via the whitelisted cookie.
On the one hand it's unlikely that a random attacker would stumble upon the right cookie but what about the users? and also, it's not like we use obscure tech, so somebody might try some sort of drive by attack with known cookies.
It seems like a bad idea to whitelist, to say nothing that we were actually not aware of the change, so we wouldn't have been able to whitelist it (though we could put a process in place for to be notified)
So, do you whitelist known cookies in your WAF?
why?
why not?
How do you ensure that cookies do not trigger WAF rules in production?
https://redd.it/1kc8v1c
@r_devops
So recently we had an outage due to a cookie value for a third party monitoring system falling foul of a WAF Rule.
This was tested in QA environment and it didn't trigger the WAF (cookie value was different in qa) so it never was raised as an issue.
This got me thinking that maybe we should whitelist all known cookies but obviously that opens the door to attack via the whitelisted cookie.
On the one hand it's unlikely that a random attacker would stumble upon the right cookie but what about the users? and also, it's not like we use obscure tech, so somebody might try some sort of drive by attack with known cookies.
It seems like a bad idea to whitelist, to say nothing that we were actually not aware of the change, so we wouldn't have been able to whitelist it (though we could put a process in place for to be notified)
So, do you whitelist known cookies in your WAF?
why?
why not?
How do you ensure that cookies do not trigger WAF rules in production?
https://redd.it/1kc8v1c
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
No job, no cloud..? Made this storage tool out of spite
Hey folks,
After not getting placed during the campus placement season, I was just sitting and messing around with some ideas I’d shelved earlier. Ended up building something over the past couple weekends — it’s called Sietch Vault.
Basically, it’s a decentralized file syncing tool that works without the internet — over LAN, USB drives. I made it mainly out of curiosity, and also frustration with how everything these days relies on cloud infra you don’t control.
It’s open source and still kinda rough, but would really appreciate thoughts from anyone here — whether it's useful, dumb, broken, or something worth polishing further.
Project link: https://sietch.nilaysharan.in
GitHub: https://github.com/SubstantialCattle5/Sietch
https://preview.redd.it/ev65386qs3ye1.png?width=2527&format=png&auto=webp&s=c93d19a789a7b989428507913e181d896dc05c56
Would love any kind of feedback — design, tech, or even just "bro why" 😅
https://redd.it/1kcbav4
@r_devops
Hey folks,
After not getting placed during the campus placement season, I was just sitting and messing around with some ideas I’d shelved earlier. Ended up building something over the past couple weekends — it’s called Sietch Vault.
Basically, it’s a decentralized file syncing tool that works without the internet — over LAN, USB drives. I made it mainly out of curiosity, and also frustration with how everything these days relies on cloud infra you don’t control.
It’s open source and still kinda rough, but would really appreciate thoughts from anyone here — whether it's useful, dumb, broken, or something worth polishing further.
Project link: https://sietch.nilaysharan.in
GitHub: https://github.com/SubstantialCattle5/Sietch
https://preview.redd.it/ev65386qs3ye1.png?width=2527&format=png&auto=webp&s=c93d19a789a7b989428507913e181d896dc05c56
Would love any kind of feedback — design, tech, or even just "bro why" 😅
https://redd.it/1kcbav4
@r_devops
sietch.nilaysharan.in
Home
A secure, nomadic file system for harsh, disconnected environments.
A simple, self-hosted Sentry alternative you can install in 5 minutes (with just one command!)
Hey folks 👋
I got fed up with monthly bills and SaaS lock-in, and I needed a better way to track errors in my apps, so I built Telebugs. It’s an error tracker you pay for once, host yourself, and actually own. It took me 3.5 months of solo Rails work, and I’m really happy with the results.
It’s compatible with Sentry SDKs, so it probably supports your language or framework of choice.
It’s built for people who just want something that works without the headache. Setup is dead simple: one command and you’re rolling in 5 minutes. It automatically sets up your server with an SSL certificate. All you need to do is specify the domain you want it to run on.
It catches your errors, keeps everything on your machine, and doesn’t bug you with upsells or surprise fees.
**Tech stack:**
* Rails 8 + Hotwire + TailwindCSS
* SQLite (yep)
* Runs in a single Docker container
* Compatible with Sentry SDKs
* Push + email alerts (needs to be enabled explicitly)
* Rule-based data cleanup
* No analytics, no third-party calls
Happy to answer any questions here, or over email. Cheers!
[https://telebugs.com/](https://telebugs.com/)
https://redd.it/1kcc8qg
@r_devops
Hey folks 👋
I got fed up with monthly bills and SaaS lock-in, and I needed a better way to track errors in my apps, so I built Telebugs. It’s an error tracker you pay for once, host yourself, and actually own. It took me 3.5 months of solo Rails work, and I’m really happy with the results.
It’s compatible with Sentry SDKs, so it probably supports your language or framework of choice.
It’s built for people who just want something that works without the headache. Setup is dead simple: one command and you’re rolling in 5 minutes. It automatically sets up your server with an SSL certificate. All you need to do is specify the domain you want it to run on.
It catches your errors, keeps everything on your machine, and doesn’t bug you with upsells or surprise fees.
**Tech stack:**
* Rails 8 + Hotwire + TailwindCSS
* SQLite (yep)
* Runs in a single Docker container
* Compatible with Sentry SDKs
* Push + email alerts (needs to be enabled explicitly)
* Rule-based data cleanup
* No analytics, no third-party calls
Happy to answer any questions here, or over email. Cheers!
[https://telebugs.com/](https://telebugs.com/)
https://redd.it/1kcc8qg
@r_devops
Telebugs
Telebugs is a privacy-friendly self-hosted error tracking tool. Track errors and exceptions in your apps, get instant notifications, and keep data secure.