• 1 Post
  • 20 Comments
Joined 3 months ago
cake
Cake day: July 9th, 2024

help-circle
  • S_S@lemy.lolOPtoSelfhosted@lemmy.worldtupd 0.6 - small bugfix
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    2 months ago

    It is obviously about that since no good arguments are really made for anything else. There is just a constant nonsense talk why to use git and git platforms. Developers seems to have got stuck in some mindset that everything needs to version controlled all the time, if you make a change or at least a couple you gotta have to make a git commit, or otherwise most of the benefits are lost anyway, but of course I don’t really know how much of developers you really are. I don’t care what the industry standard is for public development, I’m not making public development, I’m only making a public release here. Are you really saying that using a VCS isn’t a pain in the ass? I do it because I most and when someone pays me to do it. Everyone is acting like it is just a natural piece in the workflow of any software project, I strongly disagree. It is in the way and causing extra job in every step on the way (or is everyone using a auto-commiter or a full blown CI/CD system for everything?). But that is the point when you develop something in group or for money, it has strong benefits then. Here I have time to develop it linearly and in my own pace and do all the testing I need. I don’t need git as a CTRL+Z tool or as a unfinished feature branch tool. My text editor alone got me covered, I’ve trusted it with my life for over 10 years. I couldn’t be happier and more productive with it than I already am. It might be simple to use git, but it is still extra, and in this case unnecessary extra. It literally doesn’t give me anything. Why would I also setup a git provider account, even if it is one time, ssh keys are made in a split second but you got to manage them as well, add them to the provider website and take them with you where you want to develop. I got all that setup on private instances, I fully manage myself, I know exactly how everything of that works.

    It is a fact that most software skip unit tests and functional tests, I don’t believe it is good and neither do I brag about that I don’t have that yet. This project doesn’t need to be exposed to the public internet at all. You can run them perfectly fine in a own VLAN or something. I’m not saying anyone should run anything they aren’t fully trusting. I would much rather be discussing design decisions or security concerns than why I’m not using git or have any unit tests yet. I know exactly how sensitive it is for software to run in someones infrastructure, and tools that could alter and manage that, and protect the traffic between the node and the endpoint. But then give something real critical of that and refer to the code or design and not just good practices. I know they are good and useful, but it is not everything. What matters is the code in the end. Don’t run if you can’t trust it because its lacking automated testing then. I don’t care if I’m the only one ever using it, I created it for myself and it is solving a whole lof of issues no other tool or solution comes close to. I’m sharing it if anyone else is looking for something like this and maybe wants to just take a look on how I solved it when developing their own tools. I’m more than happy to help with setting it up or answering any questions related to it or the things it does



  • S_S@lemy.lolOPtoSelfhosted@lemmy.worldtupd 0.6 - small bugfix
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    2 months ago

    No problem, your thoughts are welcomed

    I mainly developed it for myself, and sharing it if others want to do what ever they want to do with it, took many hours to just put together all the readmes and examples and cleaning up the code, I understand everyone wants me to release it on some git platform, but I didn’t develop it using any cvs at all and don’t plan to do that either



  • S_S@lemy.lolOPtoSelfhosted@lemmy.worldtupd 0.6 - small bugfix
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    2 months ago

    Sure it might creates some hurdles for potential contributors, and cause some discomfort for users

    For the user case I believe downloading the archive or even the diff text and applying it is quite straight forward, there isn’t any more steps in that than if it was in a repo, it is another way of pulling the code, I’m pretty used to handle software this way anyway, but most people aren’t, I even doubt people would have pulled the SVN URL if I had released it on SourceForge for example, they would have downloaded the source archive from the website, so I don’t believe that the fact that I don’t upload it to a git/svn service makes it much harder for a user

    It is a lot more work to setup a git repo, create an account somewhere, manage ssh keys, setting up configs, making commits, pushing code etc for me

    Offers changes back to me is more a me problem, if you create a git repo and send me the patches or URL I can figure the rest out, anyone doing that can still benefit from my diff files as they can be applied to a git repository as well, or they could create two repositories (or branches), one with just my changes and one with theirs mixed in, and get full three way merge as well

    For the easily checking what has changed it is quite the same thing, there is an extra step unfortunately

    For the relying and trusting me all I can offer is the transparency, I don’t believe many people would notice when a project get forced pushed either, some developers might use the same directory every time to make a pull, and then it would tell them there’s a mismatch, but it is a legit concern nonetheless

    I think using git solves that a bit, you would notice if something was forced pushed, as the auto-updating would fail with an error, but applying patches would also fail the same way, but that is of course a manual operation, having it in a SVN repo feels like it would produce the same problem also

    SVN is probably as much of obfuscating as these files because git is what everyone uses, so it is more a problem of not using git than not using a (D)VCS I believe

    Yea finding it is hard, there are a lot of other benefits with centralized social development platforms, but there was also a time before all that started, I think this community in particular is about not giving up to centralized platforms

    If I ever stop the development, die, go rouge, get hacked or anything else I hope the community figures that out on their own and solves the problem then, anyone who wants should download the text diff files and/or the tar.gz files and take a few different checksums of them so they do not change maliciously at least


  • S_S@lemy.lolOPtoSelfhosted@lemmy.worldtupd 0.6 - small bugfix
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    2 months ago

    Yes I know it is built in into the package management in golang and other languages, I’m pulling things into my project that way

    I know it is free also and that I can have private repos, it is one of the first tools I also install on dev machines

    But I don’t see how that means I always have to use git or any other VCS for every project I make, it is a good tool, but why do I have to use it if it doesn’t help me?


  • S_S@lemy.lolOPtoSelfhosted@lemmy.worldtupd 0.6 - small bugfix
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    3
    ·
    2 months ago

    I’ve done a lot of testing, not skipping that, writing automated tests are a whole different thing however, it is not as straight forward and is very often skipped for a large amount of projects to be honest

    Git was made to handle the sheer amount of commits and people contributing to the linux kernel, the first versions of linux is just Linus uploading the code to a FTP, git is just a tool for Linus to patch his local git tree in a fast way with all the patches he gets from different channels and manage a large public repository

    Unlike Linus I’m not planning to be of control of a public development process for my software, so a VCS doesn’t make much sense in my opinion

    Before git it was far from standard to use a source control system on small projects that weren’t about to be a public development process anyway, while it is a gold standard for source control today, I don’t think one have to use source control on every software project, like it used to be


  • S_S@lemy.lolOPtoSelfhosted@lemmy.worldtupd 0.6 - small bugfix
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    2 months ago

    Thanks

    I just don’t think I need to use one on every one of my projects, it didn’t add any (or enough) value to me for this project for bringing in another tool into the development or release process

    For me this isn’t controversial to skip either, I’m using (and even contributing some to) software all the time with just using folder archives without needing to use any repo tools, historically a lot of software development haven’t need it as well


  • S_S@lemy.lolOPtoSelfhosted@lemmy.worldtupd 0.6 - small bugfix
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    3
    ·
    2 months ago

    I totally agree it is no different than a random untrusted git repo, so I believe no additional trust is gained if I uploaded it to any of them

    I think version control this way is totally fine, every commit in the linux kernel is mailed as a text diff on the different mailing lists

    As of trusting this or any security related software I believe you have to ultimately read and understand the software you are using, or someone you trust has to do it, I can’t do that, I can only answer questions as they arrive

    I also agree unit tests are probably a good idea for those reasons as well, I don’t have any right now but I’m open to do them some time or receive patches with them

    I like your feedback, thanks for it





  • Yes you definitely can, first you either got to have a DNS resolver or change the systems hosts files so they can lookup the dns address correctly

    If the dns address “pterodactyl.example.com” points at the machine directly you still have to use the port of the pterodactyl dashboard You can also get a reverse proxy listening on port 443 (if you wan to use https, which I assume is the goal) on that machine or another machine which proxies the name “pterodactyl.example.com” to the right port

    The next part is to get a certificate, you can either create a self-signed root CA and install the root cert on each system, or you have to get it with an ACME client using a dns-01 challange (since “pterodactyl.example.com” is not resolvable from the outside)

    Then put the certificate either on the pterodactyl dashboard itself or the reverse proxy, there are also several reverse proxies that can fetch and reload the cert automatically, for example Caddy can do this with dns plugins

    If you want I can help you with the configuration, I’ve done much of the same thing already


  • Do you have a VPS or server with its own IPv4 address outside your home?

    If you want I can maybe help you with configuring my new tool/service to replace Cloudflare Tunnels

    But it depends on how you use it also, if you want to explain that send me a reply or a private message and I can answer if I think it is possible and give you the basic configuration for it, or check out the project and its sources I posted here


  • Absolutely, I would also be skeptic, it’s why I made it fully inspectable before any download

    It is hard to summarize that exactly, I think it’s a more dynamic and configurable and minimal way to manage tunnels and simple proxies for me, in the readmes and the examples it says and shows what it supports more in detail

    Believe me I also had the same problem, and still has, but nothing is a one fits all for these things

    Thanks for the comment and questions





  • I never said anyone should trust anything, in fact I believe no one should trust me, that is why there are no binaries included, just raw sources to examine and compile yourself

    I’m fully aware of that he also created git, over a decade after, and it has nothing to do with the trusting of Linux, in fact Linux huge size and interest was the reason he created git, it was well trusted long before git, so your point is garbage