Software engineering is a broad spectrum where we can move up and down its abstraction ladder. Using off-the-shelf tools and even third-party providers is fine. I don't have to do everything from scratch - after all, I didn't write my own text editor. I'm also happy to download prepacked and preconfigured software on my Linux distro instead of compiling and adding them to PATH manually.
I could, I just choose not to and direct my interests elsewhere. Those interests can change over time too. One day someone with Tailscale can decide to explore Wireguard. Similarly, someone who runs their own mail server might decide to move to a hosted solution and do something else. That's perfectly fine.
To me, this freedom of choice in software engineering is not disheartening. It's liberating and exciting.
That is a strawman though, and I am not sure why all replies assume extremes all the time.
Nobody said do everything from scratch. The point is: basic networking (port forwarding, WireGuard) should not be beyond someone's capability as a software engineer.
"I use apt instead of compiling" is a time tradeoff. "I can't configure a VPN" is a skill gap. These are not equivalent.
If you choose convenience for whatever reasons, that is completely fine.
"I can't configure a VPN" and "I don't want to configure a VPN" are 2 entirely different things. Mind you I have no idea how complex tailscale setup is in comparison.
I'm in the middle of setting up my own homeserver. Still deciding on what/if I want to expose to the internet and not just local network and while setting everything up and tinkering is part of the fun for me. I get some people just want results that they can rely on. Tailscale, while not a perfect option, is still an option and if they're fine with the risk profile I can understand sacrificing some security for it.
- SSH with key-only auth, exposed directly. This has worked for decades. Consider non-standard port to reduce log noise (not security, just quieter logs), fail2ban if you want
- Access internal services via SSH tunnels or just work on the box directly
- If exposing HTTP(S): reverse proxy (nginx/caddy) with TLS, rate limiting
- Databases, admin panels, monitoring - access via SSH, not public (ideally)
You do not need a VPN layer if you are comfortable with SSH. It has been battle-tested longer than most alternatives.
The fun part of tinkering is also learning what is actually necessary vs. cargo-culted advice. You will find most "security hardening" guides are overkill for a homeserver with sensible defaults.
WireGuard is ~10 lines of config and wg genkey. Calling that "network engineering" is a stretch.
The siloing of basic infrastructure knowledge into "not my discipline" is part of the problem. Software gets deployed somewhere: understanding ports, keys, and routing at a basic level is not specialized knowledge.
Honestly, if 10 lines of config is "network engineering", then the bar for software engineering has dropped considerably.
I am probably in the camp where I've found myself ovewhelmed with the amount of information about networks and I'm an alleged software engineer (without formal training in CS albeit).
The 10 loc is not a valid measure.
`sudo rm -rf /` is a 1 line of code. It's not the lines that are hard to wrap your brain around, it's the implication of the lines that really what we are talking about.
The rm -rf comparison is a bit dramatic. WireGuard's config is conceptually simple: your key, peer's key, endpoint, what IPs route through the tunnel. The "implications" are minimal. It is a point-to-point encrypted tunnel.
Being overwhelmed by networking basics is worth addressing regardless. It comes up constantly: debugging connectivity, deployments, understanding why your app cannot reach a database. 30 minutes with the WireGuard docs would demystify it. The concepts are genuinely simple and worth 30 minutes to understand as it applies far beyond VPNs.
I have become pragmatic too. I do not tinker for the sake of it anymore. But there is a difference between choosing convenience and lacking foundational knowledge. One is a time tradeoff, the other is a gap that will bite you eventually.
And with LLMs, learning the basics is easier than ever. You can ask questions, get explanations, work through examples interactively. There is less excuse now to outsource or postpone foundational knowledge, not more[1].
At some point it is just wanting the benefits without the investment. That is not pragmatism, it is hoping the gaps never matter. They usually do.
[1] You can ask an LLM to do all of that for you and make it help you understand under less than 10 minutes!
I do agree on that using LLMs to demistify, learn and explore is better alternative than handing it off to go rouge on, is a better advice. That's how I used it last weekend and I think that's what I would advocate the usage instead of just letting YourFavouriteAI be the sys admin.
My problem is not just networking knowledge. I genuinely faced issues with open source tools. Troubleshooting in the days of terrible search is also a major annoyance. Sometimes, it's just the case that some of the tools have evolved and the same commands don't work as did for someone in 2020 in some obscure forum. I remember those days of tinkering with linux and open source where you'd rely on a Samaritan (bless their soul) who said they'd go home and check up and update you.
Claude suggested me Tailscale too, but I'm glad we're having this conversation (thanks for the tips btw), so that we don't follow hallucinations or bad advice by similarly trained agents. I'm cautiously positive, but I think there's still a case to go self hosted with AI assistance. I found myself looking at possibilities rather than fearing dead ends and time black holes.
I am glad that it is useful to you! The "terrible search + outdated forum posts" problem is real for sure. LLMs genuinely help there by synthesizing across versions and explaining what changed.
I would say that self-hosting with AI assistance is the right approach. Use it to understand, not to blindly execute. Trust me, it is not much of a deal and you will be happy to have gone with this route afterwards!
Good luck with the setup. If you have any questions, let me know, I am always happy to help.
That made me think - are there any depictions of Markdown in movies and tv shows? I've seen a fair share of C, Java, HTML, and (in newer works) JavaScript and Python. And Perl in The Social Network.
> no publicly available data that would demonstrate adherence to the rule.
What kind of data would satisfy you? I imagine any data coming directly from YC would be untrustworthy and third-party data would be incomplete (say, it wouldn't catch content removed before it's published).
Is there a similar data set for other private platforms?
On the other hand, #1 makes it extremely difficult (if not impossible at all) to have a decent UI automation on Wayland. Sure, you can still do it if you're not leaving the terminal or a web browser, but anything else (including Electron apps) is a no-go. All the existing tools are written for X11.
The last time I looked into it, I found out I would have to deal with each compositor separately. On top of that, the target apps would have to be written with the new API in mind.
> Companies like SunCulture (who used to be a customer of ours) started maintaining all their customers on spreadsheets. But with high volume low-value sales, you need to have good software to manage this.
That's pretty interesting. Can you tell us more what kind of problems your software solved and how you convinced them to move from the spreadsheets?
I tried something similar (in another industry) and it's a mixed bag. Companies often straight up refuse to move past the spreadsheets even though it creates a significant backlog on their side.
Happy to oblige. Basically we digitized a company from spreadsheets or paper to ERP. We'd introduce accounting software, stock management software, help desk software. But the biggest thing you need is some kind of "Loan Account Management Software" which is the center piece.
This centerpiece tracks the outstanding loan amount that each customer has. It sutomatically sends payment reminder SMS messages a few days before payments are due. It connects to the hardware with internet-of-things to turn it off if payments aren't made. It connects to the bank to ensure payments are there, and confirms when payments are made. Really fun software to build with many different parts.
There were SaaS providers for this. In the beginning (2015) there was only 1 player, Angaza (Reed Hastings mentioned in the article is one of their sales guys). Nowadays there are a handful; PaygOps, BBoX pulse (not sure if that still exists), and a few smaller ones. They charge like $2-$7 per device managed on the platform.
Convincing customer to take this up was not hard at all. You pretty much needed it to run your operations on anything more than 100 customers, and as the above article shows, scale had big advantages. Moreover; if you could show to investors that you had the software infrastructure scale, they were significantly likely to give money. It was boom time until corona hit. Everyone was expecting 30% YoY growth like until 2019, but then everything stagnated. Many companies went bankrupt and a lot of consolidation happened in the distributor market. Companies saved money on their software first, and we called it a day.
In the manufacturing industry where I am now, I fully agree with the mixed bag. Companies are old, with many old people, they stay small and don't necessarily need to scale or "grow forever". They are conservative and happy with the way things are.
I could, I just choose not to and direct my interests elsewhere. Those interests can change over time too. One day someone with Tailscale can decide to explore Wireguard. Similarly, someone who runs their own mail server might decide to move to a hosted solution and do something else. That's perfectly fine.
To me, this freedom of choice in software engineering is not disheartening. It's liberating and exciting.
reply