True, git itself can’t prevent people from creating a mess of a commit graph.

TBH, lots of build systems mentioned here I’ve never encountered so far. But this makes it clearer that one can’t reason about how viable a “one big monorepo only” approach mighy be by just considering the capabilities of current git, coming from a “manyrepo” mindset. Likely that was the pitfall I fell into coming into this discussion.

So AFAIU, if a company had:

• frontend
• backend
• desktop apps
• mobile apps

… and all those apps would share some smaller, self developed libraries / components with the frontend and/or backend, then the “no submodules, but one big monorepo” approach would be to just put all those apps into that monorepo as well and simply reference whatever shared code there might be via relative paths, effectively tracking “latest”, or maybe some distinct “stable version folders” (not sure if that’s a thing).

Anyway, certainly never thought to go that far, because having an app that’s “mostly independant” from a codebase perspective be in it’s own repo seemed beneficial. But yeah, it seems to me this is a matter of scale and at some point the cost of not having everything in a monorepo would become too great.

Thanks!

But if not for using submodules, how can one share code between (mono-)repos, which rely on the same common “module” / library / etc.? Is it a matter of “not letting submodules usage get out of hand”, sticking to an “upper limit of submodules”, or are submodules to be avoided entirely for monorepos of a certain scale and there’s a better option?

Regarding tauri: One and a half years ago I looked into it as a potential alternative to using electron.

Back then I had to decide against it for my use case, because when the goal is that it’s a cross platform app, then one has to make sure that whatever “webview version” is used on all target OS, they all have to support the features one needs re one’s own app codebase. Back then I needed some “offscreen canvas” feature that chromium supported (hence electron), but which webkit2gtk (used on Linux) didn’t at the time.

https://tauri.app/v1/references/webview-versions/

So it’s not always easy to give a clear recommendation on using tauri over electron. One really has to get somewhat clear on what kind of “webview requirements” the resp. app will have.

But I do hope this will (or maybe already is) less of an issue in upcoming years (things are moving fast after all).

I went through setting up netdata for a sraging (in progression for a production) server not too long ago.

The netdata docs were quite clear on that fact that the default configuration is a “showcase configuration”, not a “production ready configuration”!

It’s really meant to show off all features to new users, who then can pick what they actually want. Great thing about disabling unimportant things is that one gets a lot more “history” for the same amount of storage need, cause there are simply less data points to track. Similar with adjusting the rate which it takes data points. For instance, going down from default 1s internal to 2s basically halfs the CPU requirement, even more so if one also disables the machine learning stuff.

The one thing I have to admit though is that “optimizing netdata configs” really isn’t that quickly done. There’s just a lot of stuff it provides, lots of docs reading to be done until one roughly gets a feel for configuring it (i.e. knowing what all could be disabled and how much of a difference it actually makes). Of course, there’s always a potential need for optimizations later on when one sees the actual server load in prod.

Assuming one hears their own voice in recorded form enough times, that “strange” feeling it might give at first subsides.

You didn’t mention how big those volumes are and how frequently the data changes.

Assuming it’s not that much data:

• use tar to archive each volume first, while using proper options to preserve permissions and whatever else is important for your usecase
• use restic to backup those archives
• use a proper pruning strategy to not let your backups get too big:
  • I’m not that familiar with restic, but maybe you can backup those archives separately and apply a more aggressive pruning strategy just for them
  • simply might be needed, cause deduplication (AFAIK) might not be that great with backing up archives
  • but maybe if the volume data and the resulting archive doesn’t change that often, deduplication would be sufficient even with a not so aggressive pruning strategy

Yeah, basically anything that rewrites already pushed history and is then (force-) push is bound to create problems (unless it’s a solo dev only ever coding on a single device, who uses the remote repo as a mere backup solution).

The following might be a bit hard to digest, but bear with it if your are serious about what you asked.

I am a designer but I want to expand my knowledge and learn other things, programming is something that I’ve always kind of struggled with but I’m starting to like it nowadays.

Struggling with something new to you isn’t a bad thing. What’s more important is that you perceive that struggle as interesting, cause especially in software (in the broadest sense), the struggle never really ends.

I am currently switching my way over to Linux from W11, I’ve been distro hopping and trying Ubuntu, Fedora (the one I like the most as of yet) and now I will try EndevourOS (I still am not prepared to try pure Arch imho). All this playing around on Linux made me interested in coding, using the terminal, solving problems, analyzing logs, etc.

Approaching it in a playful manner like that and trying various distros is certainly how lots of people have started their linux journey.

My main question is: where do I start? I’m not asking what “the best language is” or “which gives you the most jobs”, it’s more like I need advice on where to start with the things I want to do.

While using Linux, I’ve been copy-pasting repos, codes, commands, etc., but I sometimes want to know what do those even mean or what the hell I am even doing, I don’t want to be a copy-pasting machine without understanding what it means.

If you don’t want to become a “copy-pasting machine”, then don’t engage in mindless copy-pasting!

For instance, if you copy-paste a command like ls -lF, before running it, open man ls and:

1. search for -l (pro tip: always add a space in front of your search for arguments like this in man pages, cause it will narrow down your search better)
2. read and try to understand the description of that argument
3. repeat for -F (or any other argument there might be)
4. only now run your copy-pasted command.

Isn’t this tedious? Yes, especially when you start out and don’t know most of the arguments of all those commands you are pasting. But that’s a solid approach to prevent yourself from becoming a mindless “copy-pasting machine”.

BTW: If you don’t yet know how to search man pages, use your preferred search engine and search for “linux man page reading”.

If the man page isn’t enough, extend your search online.

I think my objective is to end up doing Cybersecurity because, for me, it’s one of the most interesting topics.

Now I don’t know what makes you think cyber security is the answer for you or what makes it that very interesting compared to all the other software related topics out there. In a sense, the less far you are in your journey, the less certain you should feel about where your journey should lead you in the end. Rather stay open to course corrections along the way as you discover more and more things.

I’ve read that it’s better to start with Computer Science and then I can go with Cybersecurity or if I change, I could go with Soft. Eng., etc

You write that, but…

Just want to make it clear though, I will be doing everything myself, as I don’t have any money to go to a college/university, so if anyone has free resources, I would highly appreciate it.

…this kind of makes the above obsolete, cause you seemingly aren’t planning to go to a college/university.

I don’t want to just make websites or apps,

But this might actually be a pretty good bet for you coming from “I am a designer but I want to expand my knowledge and learn other things, programming …”.

And I’m not sure what you mean by “just make websites or apps”. That in itself can be a vast challenge depending on what you are creating.

and I think I don’t want to do IT (the kind of IT where you just help other people fix their computers),

Fair enough.

I do struggle with mathematics but if it’s something I need to do to learn these things then I’ll do it.

You see, I’m not a cyber security expert, but I know for a fact that part of cyber security is the whole topic around cryptography, which certainly relies quite heavily on mathematics. Just look at something like RSA. You are bound to encounter lots of information of that kind when you’re trying to make cyber security your career.

It’s good that you have willingness to learn. But considering you haven’t gone to college / university yet, you haven’t really seen quite yet what “real struggle in math” actually looks like (speaking as someone that has a master’s degree in an engineering related topic).

Likely there’s various areas of cyber security that won’t require you to go too heavily on mathematics, but then again, I really wouldn’t wanna bet on this when it’s about making cyber security your career.

I also would like to learn how to use/build servers.

That’s just too random of a remark. It’s as if you were asking about “how to become a professional power lifter”, but then added “Oh BTW, I’d also would like to learn MMA.”. It’s just too unrelated and would require a distinct investment in learning and practicing.

“how to use/build servers” can mean oh so much:

• using APIs in a frontend web dev context:
  • likely the most tame interpretation of “use servers”
• doing server administration, network administration, DevOps, etc.:
  • each one of those is something people make careers out of

A comment like that just screams “I’m a total beginner” and makes it less likely that people will take the time to write you a meaningful answer(likely why you haven’t received a reply in over a week). But being a “total beginner” is fine, cause after all, for anything that anyone of use can do well, we all were a total beginner at some point.

But I hope you understand that your goal of getting into cyber security is already a big challenge. Can you learn a bit about using/building servers? Sure, you always can learn new things. But all of that requires time. Not just weeks, but potentially many months or couple years to get good at (depends a lot on your starting point and existing experience around tech and software in general).

TL;DR: Where do I start if I want to learn programming and potentially end in cybersecurity? Would computer science be a good decision? Should I learn any specific coding language?

TL;DR: Start by learning python. It’s a solid scripting language to know, esp. if you have some initial interest in cyber security. Furthermore it’s a very common programming language to get started.

Follow some free, guided python tutorials. For instance: https://realpython.com/learning-paths/ Just spend the needed time (might take weeks or even months, depending on your current knowledge) learning about programming basics with it.

And for cyber security related learning:

https://tryhackme.com/

If only tried it a bit some years ago, but it certainly seems like a decent option for some initial, playful learning about some cyber security topics. But try doing the most basic tutorial or course they offer first and build up from there.

IMO a “start small and build up from there” approach is your best option overall in general.

And maybe the best habit to build: Keep seeking out information! Don’t just “blindly copy/paste”, but look up what it does. Do that for everything. It will take time, but that simply is the price you pay for learning new things.

Great explanation indeed!

I was missing this part from my understanding:

The certificate correctly identifies the website (e.g., when the browser visits “https://example.com”, the received certificate is properly for “example.com” and not some other entity).

In a sense it all comes down to a CA (e.g let’s encrypt) not giving out certificates for your domain, so that only your server has a valid certificate for your domain and not also some attacker.

But that itself requires domain verification to be secure (robust against MITM attacks), which apparently it wasn’t for the longest time.

Just recently there was a post about ACME-CAA, which addresses this issue (when configured). Great article on it here: https://www.devever.net/~hl/acme-caa-live

20 mph (32 km/h) on a regular bike is doable, but yeah, usually that involves a very “flat” road or even a road that has a slight decline. And as you’ve said, maintaining it (e.g. for more than 10 seconds) is a whole different story.

Furthermore, it also requires a certain fitness level and “bodily involvement”. The thing that still catches me off guard at times is how relaxed some people on ebikes look while going that fast. Whatever kind of judgement I could make in the past on how fast someone is approaching based on how much they “visually excert themselves” (e.g. hunching forward or even standing up) kind of has become meaningless with ebikes.