Firewall-ed myself out of my own server
by Muneeb AwanHaven't owned my own server before :D got excited and started setting up.
20 mins playing with it, I wanted to make the server secure. Thought of adding a firewall and adding an HTTPS certificate, read and joined together some articles and ended up locking myself out :D unable to SSH into the server :P
THE PANIC .. THE HORROR!
Haven't had cold sweats in a while, for quite sometime there was all out panic! xD
Fixed it by doing the following:
- From Hetzner entered rescue menu, wiped and booted the server again.
- From rescue menu reset the root password
- Opened their terminal and logged in as root user
- Echo'ed the SSH key for my system
- Logged in to the server from the system and setup the server again
This time setting up the server following these docs (in order):
After almost 4 hours finally done, and super happy that this happened. Got to learn so many new things :D and the range of emotions and adrenaline rush was just epic!
-
5
Server admin work is great for having cold sweats. And expletive riddled bargaining to some tech deity.
Good job getting it fixed. Sometimes just sticking with it is half the battle.
-
1
Hahaha, yes in between the panic attacks I did start negotiating with the higher power to solve it xD
Thank you, and you are right persistence was the key to getting over this hurdle :)
-
-
4
Nice you choose Hetzner. I use Hetzner for already three years and love their services!
-
3
Setting up your first self-hosted service is a fantastic rush. It was of those "SWE bucket list items" for me. Not as great as first PR to prod, but definitely up there 🎉. Congrats!
-
1
Thank you! :D
-
-
2
This is why I touch sysadmin as little as possible.
If it ain't broke, don't try to fix it!
-
1
Hahaha, lesson learned the hard way! :D
-
-
2
These things happen :)
The important thing is you learn from it.
-
1
Haha yes, I dont think I will ever be able to forget! :D
-
-
2
Awesome that you're sharing failures. There should be more of this. Everyone feels like an impostor while bootstrapping a startup, so this is super useful to a lot of people.
-
1
You are right, sharing this story has made me realise that there are others that have been in a similar situation.
All of the comments here are a huge confidence booster 🙌
-
-
2
You can not make it until you break it. Keep up learning 👍
-
1
Thank you 💪
-
-
2
Great work getting yourself out of this one, Muneeb. As a self-taught side-project hacker I've plonked myself into holes like this so many times I've lost count. It's comforting to know I'm not the only one groping in the dark sometimes!
-
1
Thank you :)
You are right, this is all part of the learning curve :D
Haha, felt a little embarrassed sharing this post but it feels good to know that I am not alone here! 🙌
-
-
2
Pretty sure I locked myself out once too. Super easy to mess things up when working with firewalls. Great learning experience, however.
-
1
Absolutely right! :D learning wise it was fun .. emotionally, it was really chaotic xD
-
-
2
Lol, I've been there, freaked out, and done that. That's also what drove me to store the setup of my VPSs in Ansible config files.
-
1
Haha, it is good to know that I am not the only one :D
Ooh that is smart! I will look into that .. do share if you have any docs related to that, I am an amateur here :D
-
1
I started here: https://www.youtube.com/watch?v=3RiVKs8GHYQ&list=PLT98CRl2KxKEUHie1m24-wkyHpEsa4Y70&ab_channel=LearnLinuxTV
I wanted to have a way to not worry about any obscure configuration I had done, and the only way to achieve was through a configuration management tool such as Ansible / Chef / Terraform, where you define the configuration as code, and then apply them to the target server(s): Nginx installation, Firewall, Docker set up, new SSL certificate, you name it.
-
1
THIS IS AWESOME!!
Thank you so much for sharing 😊
I'll reach out to you in case I need help.
-
-
-
-
1
It's to wise to create some Ansible playbooks to make the provisioning process repeatable. Just in case you get locked out again!
-
1
You are right .. I wish I had known this before
-
-
1
next time use caddy
-
1
I did not know about that! I will try it out as well
But I don't think I would have been able to learn so many new things if I hadn't run into this issue :P
Thank you for sharing :D
-
-
-
1
hello 👋
-
-
1
This comment was deleted 3 years ago.
