Elena Rossini ⁂
@_elena@mastodon.social  ·  activity timestamp last week

Dear Fedi friends,

I've been a little quiet on this account because I'd been pouring all my energy into setting up a new VPS as a testing ground to learn #Docker.

I need to become proficient in Docker ASAP in order to move my Ghost CLI site there (if I want it to federate).

The past 48 hours have been a real rollercoaster ride, as you could read on my GoToSocial account @elena.

Please beware of #OVH! They terminated my VPS without any notice: https://aseachange.com/@elena/statuses/01K35V57PPWH29969DSTC1117A 😵‍💫

#MySoCalledSudoLife
edhaswell
@edhaswell@ohai.social replied  ·  activity timestamp last week
@_elena

Would it be possible to do your initial testing/learning in a VM on your laptop or desktop, then move to a vps later?

I'm doing testing right now of semi-automated disaster recovery/migration in a vm on my laptop, of a web app currently on a vps. If something goes wrong or I want to start over, I just delete the vm and clone a new one that's prepped with the OS and login I want. It's wonderfully easy compared to the old days of doing it on a dedicated machine.

@elena
Number6 :syncthing:
@number6@fosstodon.org replied  ·  activity timestamp last week
@_elena @elena

I set up my first docker/VPS site a few months ago on Racknerd. They have some great backdoor prices ($12 for a year).

Did you have something installed in docker yet? Docker can override your firewall settings with some firewall setups! Ouch! So if your docker instance is running without say login set up, someone could be abusing it.

The other thing is, I used Cloudflare to do the dns routing to help prevent DOS.
Renaud Chaput
@renchap@oisaur.com replied  ·  activity timestamp last week
@_elena I do not know exactly what happened here, but if your opened your Docker daemon to everyone (0.0.0.0 without setting up a firewall), your VPS has very likely be accessed by bad actors that are scanning the internet for this, and used for bad stuff (which OVH detects and block).

I can not really blame OVH's reaction here, except maybe that communication could have been better. It is expected for providers to shutdown VPSs that are actively abused / hacked.

@elena
Elena Rossini ⁂
@_elena@mastodon.social replied  ·  activity timestamp last week
@renchap yes I would have expected a different protocol in place, like: stopping the VPS and giving me a warning.

I got none of that. The attack occurred last night at 11pm & I got an email from them in the morning saying they had deleted the VPS and I couldn't be refunded for the 6 months I had paid (I only used it for a day).

For the record, I had followed Docker's instructions to "use TLS to protect the Docker daemon socket" but I must have missed something... oh well, I learned my lesson
abhijith
@abhijith@cowcornerfeeds.co.in replied  ·  activity timestamp last week

I had a similar experience with Hetzner. The company that I worked in used to host vps mostly in DO but we had one instance in Hetzner for disaater recovery. We had one payment failure because of a change in rule by our country's central bank and they deleted the vps. Annoying thing is they were after us to make the payment but didn't tell the vps had been wiped off irrecoverably at any point.

CC: @elena@aseachange.com
Mx Autumn :blobcatpumpkin:
@carbontwelve@notacult.social replied  ·  activity timestamp last week
@_elena @stefan @elena many years ago my first experience of Docker was with though documentation and while I got it working I didn’t understand why or how and mostly avoided it.

In the past year I’ve come to enjoy using it, now actually understanding it and being able to containerise things from scratch. Not sure if the documentation has improved or I’m more experienced overall now but it mostly makes sense after an intense month of banging my head against it and using it daily.