Because untrustworthy websites can piggyback on the brand name.

"Download ffmpeg here: sudo bash -c ..."

And then the installation script from our malicious site installs ffmpeg just fine, plus some stuff you have no idea about. And you never know that you've just been hacked.

Can you repeat this mental exercise for every other installation method you can think of? e.g. distributing deb/rpm files, distributing AppImages, asking users to add your custom repository and signing key?

(Yes I know that the last one has built-in benefits for automatic updates but that's not going to protect you on initial installation and its benefits can be replicated in a more portable way in any other auto-update mechanism with a similar amount of effort)

((And if you have the patience to set up a custom repository, you can simplify initial installation process using a "curl|bash" script))

If you get your install instructions from an untrustworthy website, there’s nothing preventing them from telling you to use a third-party apt repository or ppa that gives you a malicious version of the thing.

There’s not really a difference between curl piped to bash, and installing packages from a third-party package repository that the distro maintainers have no involvement in with.

Wow, super cool. When I finally scrolled through it and the buy me a coffee link showed, I simply thought “take my money!” :D

Edit: just tried it for serving a fastapi. It's fantastic. Instant TLS via Let's Encrypt. There may be other webservers that are equally easy, but this one is certainly easier than Apache or ngninx, which I used so far. Love it.

--

Reach out to the guys at Kamal. They wrote their own reverse proxy because they thought Traefik was too complex, but they might be super happy about yours if Ferron is more powerful yet easy to configure because it might solve more of Kamal’s problems.

Not affiliated with Kamal at all, just an idea.

They wrote their proxy because the declarative configuration of the existing proxies does not fit into their deployment flow.

Thank you so much! I want to put a line from your comment on Ferron's website as social proof. :)

Absolutely, go for it. Feel free to use my real name if you want to: https://linkedin.com/in/tcwalther

I previously founded and sold an AI startup to Spotify; that doesn't actually make me smarter than the average HN user (mostly just more lucky) but it probably looks nice on a social proof section.

I finally started migrating our app from Heroku to Hetzner. Started by moving Postgres, and boy, what a difference in performance. I pay 1/5th of what I previously paid, and performance is through the roof. Like, as if we had rewritten our Rails app in Rust (metaphorically speaking). I know that in theory you get much more from managed postgres than a simple self-managed server, but I have pgbouncer and Wal-G set up, and it really seems like it's not that hard to manage that instance. Most of all, we were really hitting performance limits on Heroku, not theoretical "what if the server goes down" but real ones that users could tell every day.

Will move the app server itself next (basic Rails). Really wish I had done the move earlier. Hetzner is like cheating for indie devs.

>. I pay 1/5th of what I previousl,,,

For now?

Why for now? I see zero reason why that should change.

It's not like Heroku was zero maintenance. I often ran into resource limits. I did a fair amount of optimisation on jemalloc to make sure Rails didn't run into Heroku's ridiculously low RAM limits because of loading too many ActiveRecord objects. Yeah, sure, I should probably paginate better, but now I have so much RAM it literally doesn't matter.

Heroku also regularly asked me to schedule DB maintenance. Before I paid for the expensive DB, that meant the connection string could also change, which meant I had to redeploy my AI workers (i.e. background jobs that need a GPU) that were hosted outside of Heroku. Now it still warns me that the connection string would change, but it somehow didn't anymore. Ah well. All problems of the past.

The solution in Heroku was always to throw more money at it, and the increments were quite serious. With Hetzner, I now have massively overprovisioned servers that cost a fraction.

Because the server types you get for the price of a single Heroku dyno are incredibly beefy. And suddenly you need a lot less dynos. Which is quite important if you start managing them yourself.

There are internal reasons as well. Letting go of people can be highly disruptive and create uncertainty in your team. It’s a very unpleasant job that can also go wrong, especially if you have to fire loads.

Then there’s the perverse incentive that bigger teams usually equals a promotion. So if you’re the honest manager who manages a tight team and fires people, you won’t get promoted as often.

Top management knows this, of course. To sidestep these misaligned incentives a company-wide one-time layoff is really effective.

I absolutely love the idea of Zed, and I'm regularly giving it a go. Typing in Zed really feels better than VSCode. It's hard to describe, but impossible to discard once you've used it for a short while.

Unfortunately, there's a bunch of small things still holding me back. Proper file drag & drop for one, the ability to listen to audio files inside the editor, and even a bunch of extensions, in particular one that shows a spectrogram for an audio file.

Maybe my biggest gripe is that Python support is still better in VSCode. Clicking on definitions is faster and more reliable.

I have to ask because I just can't wrap my head around it, what does 'ability to listen to audio files inside the editor' mean for a text editor?

In vscode you can click on various assets, like images or audio files, and then view them right inside vscode. If you work with datasets, the ability to inspect them is crucial.

Yes ofc I can use Finder instead but in vscode I just cmd+p.

The reason it's faster is largely because it doesn't have all those little quality of life features and extension ecosystem. It's easyish to make software perform well if it doesn't do all that much. If you take base vscode, no extensions, and just do raw text editing, it's hard for me to tell the difference between vscode, zed, or any other editor.

When vscode was released, Sublime was faster - and it stayed faster. But that wasn't enough to stop the rise of vscode.

Free Palestine. There, I said it. Although I think it's a rather dumb slogan, and doesn't even remotely do the situation justice.

Seriously though, the notion that free speech is impaired in Germany is completely ridiculous and just a massive hoax. Compare this with the situation in the USA where the same people - like Vance who brazenly attacked Germany for an alleged lack of free speech - were super quick to demand a cancellation of Kimmel, because "you can't say that!"

We have laws against hate speech, and they may not be perfect, but they have a reason - we simply don't want to tolerate something like the Nazis shouting "burn the jews" in the name of free speech. Calling for violence does not have to be protected by speaking your mind. That's completely silly.

But the idea that Germany is anything but a completely free country is ridiculous. Some of the shit that people say (AfD, BSW) drives me nuts, but well, it's a free country.

Germany has a pretty consistent climate. Doesn't really matter where you live. Of course, that's an oversimplification, but if you're new to Germany and wonder "oh, what's the weather going to be here?", the answer pretty much is "similar to the rest of the country".

You could then look at a map of France and think, ah, similarly sized country, probably also has a consistent climate, but that's not true. Southern France is very different from Northern France. But Germany's climate is pretty uniform.

I moved from Hamburg (north) to close to Munic (south) and the difference is huge. I can see the blue sky, for example! So much better here.