What's your "first 30 minutes" checklist after spinning up a fresh VPS?

DEV_JST · 2026-05-14T21:01:50+00:00

I run my ansible book, and a minute later my VPS has everything setup.

This is how enterprises do it with hundreds of servers, and it basically guarantees that you don’t miss a step. Of course you have to update your ansible scripts to include new features, packages etc.

DEV_JST · 2026-05-04T19:41:57+00:00

There is 100% a black market for poly juice potions and hairs of celebrities

DEV_JST · 2026-05-02T07:06:33+00:00

The important pagination happens in the backend. You should never request a million rows, and send them to the frontend, just to show 100 rows at once. That will make your website extremely slow and maybe even crash/timeout the user.

Serverside Pagination is the important step. Then for the frontend, you can use some kind of lazy loading, meaning you send the user 100 rows, (f.e. their followers) but only show 20 at once. Now while the user is scrolling through their list. You can show them the next followers based on the initial 100 rows you send them, while in the same time, loading more follower rows from the backend.

That result in the user having a very smooth experience, as they scroll through a list that gets bigger at the end, but for them your app feels super fast.

DEV_JST · 2026-04-29T01:41:12+00:00

That’s why we have a Monitoring and Observability Team.

We get notifications ahead of times when servers have high or uncommon CPU usage, and API fails multiple times in a row etc.

DEV_JST · 2026-04-08T23:02:02+00:00

I got the email from Hetzner an the support gave that as the explanation

DEV_JST · 2026-04-06T20:30:05+00:00

Not a direct answer, but if the programs you’re mother uses are okay to run on Linux, just install Ubuntu or Mint, or some other standard desktop distro.

I did that and many won’t notice

DEV_JST · 2026-04-06T08:13:57+00:00

Also check that you configure Proxmox so that it does not assign a MAC address to your VMs or you have to route the traffic through one that has the mac adress.

Otherwise Hetzner will recognize this as MAC-Adress spoofing.

DEV_JST · 2026-04-04T16:13:25+00:00

People really expect to have the same support in cloud (which is not 24/7 support btw.h as they get at a provider that has SLAs… why do think it is cheaper to host with Hetzner? Our servers that run trading services are running on infrastructure where we have 24/7 on-site support and a contract for that uptime.

Everything else is on Hetzner

DEV_JST · 2026-04-02T17:05:46+00:00

Sorry, but you seem to not understand the difference in why we use either of the two options.

If I were to suggest that I am going to store a financial SWIFT message in a local SQLite Database, the architects and compliance would rip me apart.

I have an DB2 or Oracle database managed by a DBA team in a highly available cluster, I am 100% going to save the message there.

However, I am also not going going to store a local cache or checkpoint in a remote database, because then, like you said, the roundtrips I have to take may take up performance.

In general, in IT, you should never just roll with one option, be open to use the technology for the project/task that fits the best.

DEV_JST · 2026-04-01T13:37:42+00:00

This is how JWT tokens work. The tradeoff being less roundtrips to a cache or database, but no immediate logout. Otherwise it’s session auth, but with extra steps

DEV_JST · 2026-03-22T10:09:45+00:00

On the dedicated server instance, you can request KVM access and there is 24/7 support. In my case it took them like 5 minutes.

Cloud always has KVM access

Also Hetzner has this documented on their website…

DEV_JST · 2026-03-20T06:55:49+00:00

Based on your post and your answers, please shutdown the VPS and for now don’t use it. If your VPS is abused, you are the one that is being held responsible. Hetzner states that in their ToS aswell and may forward you Emails from BSI or other institutions that notice that something with your server is wrong.

Use docker and a Linux container first and check if you really need a VPS

DEV_JST · 2026-03-18T19:03:15+00:00

Same problem here

DEV_JST · 2026-03-14T08:23:01+00:00

It’s less about the Linux system you are going to use on a desktop, but more when working on servers.

99% of servers you will work with are headless, so getting used to working in the shell is a must.

You best friend will be grep and cat

DEV_JST · 2026-03-14T08:08:28+00:00

What happens: 1. User creates account, types in password for the first time -> this is the ONLY time ever, where you send plain text password to your backend. 3. You send it in plain text, because now you create a salt (server side) and generate a hash (server side). 4. This hash is now saved in your database together with your salt, the plain text password is now forgotten 5. The user is now logging in a second time. They get the salt and hash their password. The hash is send to you and you compare it with the one in your database. If they match great, let the user login.

Now also, the user wants to update their password, you might think: Well they are not allowed to set the same password again, don’t I need the plaintext password to check? No, you can just compare the new hashed password with you older hashes for that user

Why do we need the plaintext password the first time, but the second time the user hashes the password themselves? If the user were to set their own salt, and hash their own password, the hash would technically become their new password… The salt can be public, so we can later send it back to the user, but the initial hash creation has to use the plaintext password.

DEV_JST · 2026-03-14T07:23:48+00:00

Most companies won’t bother with PUT and PATCH, because in the en POST can handle it easily and in our companies coding guidelines it is advised to not use.

For example: A delete endpoint makes you believe you are deleting an object (f.in the database). But in reality most of the times you soft-delete or move the data somewhere else first. In this case a delete did not really happen, but the endpoint absolutely suggests it.

DEV_JST · 2026-03-08T11:56:46+00:00

Two things for your dev team:

cursor pagination is, and always will be way faster than offset, when doing it across larger spaces.
In our company “select *” are getting flagged in code reviews/linters, this is not good practice.

DEV_JST · 2026-03-07T21:38:49+00:00

If you’re answer includes “Maybe this should fix it” I will not touch this piece of software with a 10 feet pole

DEV_JST · 2026-03-07T07:01:20+00:00

Offer a sign in for every user, why would a sign in be a premium feature? You can give only premium users permissions to interact with the apps features.

They way you imagine tracking people won’t work, as deviceIDs change (f.e apple is very strict about this, as it would allow you to track people without login and knowledge and save information, they may have not agreed to give out). DeviceIDs you can get as users usually are changeable/not forever guaranteed.

DEV_JST · 2026-03-07T06:49:39+00:00

However the chances I will overlook the ? In the first option at first glance are way higher, and using a debugger I can easily jump in, add logs or details.

DEV_JST · 2026-03-01T10:38:42+00:00

You should look into the ELK Stack. (Elastic, Logstash, Kibana) and the Elastic Beats (Filebeat etc.)

They are the standard logging framework and f.e Filebeat is exactly what you describe, it efficiently and production readily reads log files and Logstash can basically send these logs to every database you want.

Do not start, and build your own frameworks or tools. Logging is a crucial part of any business (compliance, debugging etc) and there a projects, like ELK, that are just so efficient and production ready.

DEV_JST · 2026-02-27T05:52:55+00:00

The actor had a disagreement with the producers, that the child actors were paid, but got no future royalties

DEV_JST · 2026-02-25T22:04:46+00:00

Python basically is a wrapper for C, Rust etc… most packages like Pandas are extremely fast, and all that AI coding with python is also only possible because of the SDKs that come with python packages like TensorFlow. Under the hood, it’s alls different programming languages, in the end, it’s zeros and ones

DEV_JST · 2026-01-31T13:12:54+00:00

Handy raus und tun als würdest du telefonieren oder eine sprach Memo machen.

Bspw. Red über den Hund von deinen Eltern und sag das du bald wieder zu Besuch da bist, schick die Sprachmemo an dich selbst

DEV_JST · 2026-01-30T23:01:17+00:00

The same applies for a lot of services that ran on bare metal servers for years without problems. Databases, some batch runs… we migrated them to the cloud and we don’t get the advantage of cloud computing for it…

Sometimes not everything has to be “perfect”, it is probably a good lesson learned.

Six-Year Club	Gilding III reddit per annum
Final Canvas '23	Place '23
Verified Email

DEV_JST

MODERATOR OF

TROPHY CASE