Posts by JakeMS

Yup.

My business's online side strictly sets only cookies necessary for operation of the store, there's no analytics, ads, or third party cookies set in any form.

This is great because it means there's no tracking cookies at all. Thus, our cookie notice is a simple one liner "This website uses cookies to ensure you get the best experience on our website. Privacy Policy(link)" - with a single button "got it". So, no ridiculous long scary menu's asking what cookies to set.

The privacy policy lists all of the 6 possibly set cookies, which the website uses to configure itself:

PHPSESSID, language, currency, cnotify (got it button), display (grid/list product view, set if changed by user), customer (hashed customer ID, if logged in).

Other than that, no other cookies will be set at any time.. it makes complying with cookie law so much easier :-D.

But we're just a small family run retail business, so we don't need all the tracking or other junk that the big stores/businesses need.

Since we also only collect data strictly necessary to deliver items to the customer and process the transaction.. yup.. GDPR was a walk in the park too, pretty much all of the security requirements it requested were already implemented, users already had the ability to delete their accounts or view the data we held, and we don't sell customer data, nor share it with "partners". It took me about a week to sort a couple of minor legal bits out to ensure compliance with our third party payments provider (stripe).

Heck, even our in-store layaway system only collects their name and phone number as standard. An optional email address can be provided to match the account to an online account if they would like to be able to manage their layaway via our website (make payments, view etc, but must be activated in-store).

(Yes, all databases are encrypted, with proper security during communications between our custom in-store epos system and dedicated servers)

All in all, doing it yourself carefully, and only adding/using stuff you actually need saves a whole heap of legal stuff and expenses.

Added extra: TTFB around 115-180ms, page fully loaded in around 500ms-1s depending on amount of product images and internet speed ofc.

Sometimes, less is better.

Re: Clumsy while sleeping

Yeah.. it's things like this why I don't sleep on aeroplanes.

Pre-covid I had a nice 19 hour flight from England to Japan, and ofc, the same back to England (with a brief stop in Dubai, around 1 hr or so both ways).

Me being me, stayed awake the whole time with no sleep for both flights because on a flight there's two things I don't trust:

1) Other passengers, who are these people sat next to you? What do you know about them? When you're flying alone like I do, the answer is "I don't know them". - So I don't want to lose my phone or other possessions while asleep... as such no sleep for me... just use my phone until I land (Yes.. I buy the in flight internet access, with VPN active ofc).

2) If you do drop something while asleep - By the time you notice it could be too late to recover it.

Almost every flight I've been on there's been another passenger saying "Hey, I lost my phone where is it?!" after waking.. usually it's found on the floor or under a seat.. but still, if you didn't check? Just thought it's in your bag?

And ofc and by the time feeding time comes I want my damn food because I'm hungry.. usually by feeding time I'm light headed and feeling faint on a long flight (food always fixes that)... so unlike other passengers who sleep right through it then complain there's no food, I need my food.

So imo, it's better to simply not sleep on aeroplanes, you get all the food and keep your stuff.

Oh, and last tip.. only drink the bottled water on an aircraft, about half way through the flight switch to juices... You don't want to know why...

Initially, CentOS was a completely independent distro, which is when most of us started using it - it wasn't owned by Redhat or any other company. It was entirely community managed. Only in the last few years did it become company owned.

Re: Wow

Ah, SUSE. I always forget that one.

I just did a preliminary search (at 3am), according to their documentation, OpenSUSE has a 36 month lifespan between major upgrades. That's a decent amount of time - but I'm worried how well their upgrades would work? Often distro's require complete reinstallation when a new version is released.

Graphics drivers etc are no issue as we're talking about servers here, so the no gui, setup once and maintain type) - That and our EPOS/Desktop systems recently got upgraded to ryzen with amd graphics - I don't miss nvidia :P

Now, Debian on the other hand has upto 5 years with their LTS:

https://wiki.debian.org/LTS

That's still no where near the old, now discontinued CentOS 10 year life span, but it's still a fair amount of time with enough time to plan upgrades as usually, our upgrade is renting a newer replacement dedicated server, setting that one up with the new OS and testing etc, then switching the traffic to it and dropping the old one (Mostly this was done because upgrading between CentOS major versions always required a reinstall).

With that said, 36 months is still 3 years. So it's not an overly short time either and could be do-able. But it does feel short, our servers are usually rented on a 2-year minimum term so we get discounts :P

Thus our absolute minimum expected OS installed time is 2.5 years (allowing time for switching), but we tend to try to keep the servers and OS running longer if we can.

From a Desktop point of view, I'd be interested in OpenSUSE. Sadly not so much for a sever at this time.

But, while we're on SUSE, let's not forget SLES. Out of the SUSE's, SLES would probably be the best candidate next to RHEL or CentOS. But we're a small family run retail business and with everything that happened this year, it's probably out of our budget (last time I checked, it was subscription like RHEL?) - Do Novell still own SUSE?

For the most part I'm just dumping my thoughts here - I'm not an expert in SUSE (any of them) so my information could be incorrect or just straight up wrong.

If I'm wrong, please feel free to correct me with the right information and I'll be happy to take another look into SUSE :-).

Re: Wow

Yeah.. I didn't evaluate the entire OS based on one tool.. I said "so far so good" and that I liked/appreciated the better network management (so far, it's better than having to kill off NetworkManager and deal with the mostly borked network daemon in modern Fedora.).

On systems where the network configuration is never expected to change (aka, IPs never changing, gateways not moving, no wifi etc) NetworkManager is simply not necessary, a simple network config file will suffice. In fact for us, it's preferable the network dies outright instead of changing config to reconnect automatically - because there is no valid reason the network should change, and if it does, I need to know, killing the connection is acceptable in that case.

As for SSH, used it for years - will continue to do so. Shorewall, ditto - the previous systems were already using those.

PHP again, required due to existing projects.

The tools I use, with the exception of the network management, were evaluated with the previous OS's and are being used appropriately for the systems at hand.

It's entirely possible that something else might pop up and change my mind. But until then "so far so good".

I've also researched the lifespans of the distro, and the upgrade paths - they seem acceptable for our usage.

The real test will be the KVM host that's already running C8.. the guests are easy to switch OS.. the host itself not so much.

Re: Wow

Thanks for the replies :)

I think we'll go Debian, I'm somewhat familiar with it since our EPOS system runs Debian already.

I threw our development server from C8 to Deb10 this morning, just to see how it worked. I LOVE the old config way of networking. Up to C8 I was still clinging to the old sysconfig network files.

Current Fedora outright drops that ability it seems in favour of nmcli (or gui).. Which I really dislike. Call me old fashioned but I prefer to just edit a bunch of text config files, I find it faster and I'm used to it. I've been doing it that way since before networkmanager even existed.

So I've already fallen in love with Debians network config method, it was super easy to setup multiple IPs on the interface and the vpn.

Firewall was pretty much exactly the same config (shorewall).

Again, ssh and keys easy as pie (as always, same old thing)

PHP is a little different, but I had to use surb repo, who claims to be the official Debian packager.. I've yet to verify that claim.

That's as far as I got before I headed out to work lol.

But.. so far so good.

Re: About time..

Waterfox sounds good in its features and original goal, but I'm a little paranoid about the fact it is now owned by System1, a US advertising company. I'd be worried about it starting to collect data (even if it isn't) - So for me that feels the same as Chrome (privacy wise).