Perfect Server: v19

This is the latest iteration of my perfect server. I am building this in order to consolidate and deprecate previous server inventory. Also, it includes many new best-practices which should further secure this new server. This has been updated to reflect the requirements of Debian 9.4 which are slightly different than previous versions.


The first step is to provision a new server. I use Digital Ocean. (Referral Coupon) I will be logged in as root for all of this since this is all stuff that needs to be done as root. If you don’t want to log in as root, you can instead use sudo at the beginning of each command.

(In previous versions, we needed to add new sources to install certbot. This is no longer necessary.)


apt-get update && apt-get upgrade

Now install all the packages we will need, and a few that everyone should really have which are no longer included by default;

apt-get -y install fail2ban apache2 php7.0 php-pear php7.0-mysql php7.0-mcrypt php7.0-mbstring libapache2-mod-php7.0 php7.0-curl screenfetch htop nload curl git unzip ntp mcrypt postfix mailutils php7.0-memcached mysql-server certbot python-certbot-apache man-db && a2enmod rewrite && service apache2 restart && mysql_secure_installation

You will no longer be prompted to create a mysql password when installing mysql-server. Now, you create it during the configuration command at the end of the line above.

Name Thyself

Now navigate to the virtualhost directory;

cd /etc/apache2/sites-available

Remove the default ssl virtualhost. We will be creating a new one instead.

rm default-ssl.conf

Rename the default virtualhost to the fqdn of the server. Example: Note that this is not the fqdn of the site(s) we are hosting on the server.

mv 000-default.conf [fqdn].conf

Edit the default configuration file. We need to change the admin email to your email, and change the webroot to the webroot you want to use. I like /var/www

Restart Apache and apply the changes so it knows where the files are…

a2dissite 000-default && a2ensite [fqdn].conf && service apache2 restart


Free SSL

We already set up LetsEncrypt so now we just need to run their Certbot. Once the domains are set up and pointed to the server’s ip, along with a virtualhost being configured as shown above, all it takes is running Certbot which takes care of everything.

certbot –authenticator webroot –installer apache

Certbot will ask you to enter the webroot from the previous step for validation.

Make sure to choose the most secure options as specified by Certbot.

Now you have an SSL certificate installed!


Hardening Apache

Edit our default configuration file and comment out the DocumentRoot with a # sign at the beginning of the line. You will notice LetsEncrypt has added some redirect rules. We need to modify one of them. Look for the line that looks like this, and change it as shown;

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

Becomes… (Use your fqdn where it says [fqdn].)

RewriteRule ^ https://[fqdn]%{REQUEST_URI} [END,QSA,R=permanent]

Save that file and exit.

Now, let’s make sure no one can navigate to the IP of the server and access any virtualhosts that way.

cp [fqdn].conf [ip].conf && a2ensite [ip]

Where [ip] is the public ip of your server.

Now edit the newly created ssl virtualhost configuration file replace the default webroot with the one you want to use. It will be called something like /etc/apache2/sites-available/[fqdn]-le-ssl.conf. Add the following block within the virtualhost tag of the file and save it. Substitute the directory path with your chosen webroot path.

<Directory “/var/www”>
AuthType Basic
AuthName “Restricted Content”
AuthUserFile /etc/apache2/.htpasswd
Require valid-user

Lock it Down

Let’s create a credential set for our new virtualhost. This is sort of a catch-all for any domains we point here which are not yet set up.

htpasswd -c /etc/apache2/.htpasswd [username]

You will be prompted for a password. This is very bruteforceable. My best practice is to use a very high entropy strings for both the username and the password. Typically at least 64 bits of random base 64 for each.

Apply Changes

Now restart apache


service apache2 restart

Test our changes by navigating to the public ip of the server. You should be redirected to a https url with the fqdn of the server and prompted for a username and password. If this happens, everything so far has worked!

Administrative Tools

We will need to put some tools in here so we can administer the server.


This will allow us to manage the databases we will be creating on the server. Head over to their website and get the download link for the current version.

Navigate to our new secure DocumentRoot directory and download that link.

cd /var/www && wget [link]

Now unzip it and remove the zip file we downloaded.

unzip [file] && rm [file]

Now that we have a PHPMyAdmin directory in our secure virtualhost, we need to configure it. Luckily it can do that itself! Use this command and enter the mysql root password when prompted.

mysql -uroot -p < /[unzipped phpmyadmin folder]/sql/create_tables.sql

The last thing PHPMyAdmin needs is a secret string. Edit the config file and save it as nano

Make sure to add a random string where prompted at the top of the file.

Postfix Outbound-Mail Server

We need to edit the config files for postfix and change the interface to loopback-only like so. We already set up a firewall rule to block connections to port 25, but those rules can be changed by mistake, so this will be a good second line of defense to prevent public access to sending mail through our server, while allowing us to still use it locally.

nano /etc/postfix/

Find this line;

inet_interfaces = all

And change to;

inet_interfaces =

Now edit the email aliases;

nano /etc/aliases

At the end of the file, make sure there is a line that starts with root and ends with your email, like so;


Save the file and exit. Then run newaliases to let Postfix apply the changes. Restarting Postfix is not enough because we changed the interfaces line in the config file. We need to stop and start it like so;

newaliases && postfix stop && postfix start

Now our sites will be able to send emails!

VPS Home

This is something simple I built which serves as a better index page for the secure virtual host and includes several helpful tools for diagnostic purposes. To try it out, run this command from the DocumentRoot directory.



It’s helpful to be able to access details of the server’s php installation from this directory. I like to create a file called phpinfo.php which contains simply

<?php phpinfo();

Automatic Backups

Create a new file called /root/ and add the following to it. Make sure to replace the mysql password with yours.


#deletes old backups
find /var/www/backups/www -mindepth 1 -mmin +$((60*24)) -delete
find /var/www/backups/mysql -mindepth 1 -mmin +$((60*24)) -delete

#backs up webs
cd /var/www/webs
for i in *
tar -czf “/var/www/backups/www/webs-$( date +’%Y-%m-%d’ )-$i.tar.gz” “/var/www/webs/$i”

#backs up databases
for i in `mysql -uroot -p[MySQL Root Password] -e “SHOW DATABASES;” | grep -v Database`; do
if [[ ( “$i” != “mysql” && “$i” != “phpmyadmin” && “$i” != “performance_schema” && “$i” != “information_schema” ) ]]
mysqldump -c -uroot -p[MySQL Root Password] ${i} | gzip > /var/www/backups/mysql/mysql.$( date +’%Y-%m-%d’ ).${i}.sql.gz


#fix permissions just in case they changed for some reason

chmod 644 /var/www/webs -R
find /var/www/webs/ -type d -exec chmod 750 {} +
find /var/www/webs/ -type f -exec chmod 640 {} +
chown www-data:www-data /var/www/webs -R

Now edit the crontab with nano /etc/crontab and add this line. This will automatically run that script every day at 8pm.

0 20 * * * root /root/ > /dev/null 2>&1

Make sure to give the script permission to execute.

chmod +x

Offsite Backups

The system I have used for this is no longer available. Will update when I decide on a new system.

Migrating Sites In

Move over the files for all the sites you want to host into individual directories in the /var/www/webs directory.

Now navigate to your virtualhosts directory.

cd /etc/apache2/sites-available

We created a default virtualhost file for the server and named it [fqdn].conf. This was the fqdn of the server, but not the sites it will host. Now we want to create our first hosted site. Copy the default file we made to create a new virtualhost like so…

cp [server fqdn].conf [site fqdn].conf

You can use any naming convention you like, but managing dozens or hundreds of these will become impossible if you are not naming them clearly.

Next, we need to add some new things to this hosted site fqdn. Add a new line inside the virtualhost tag like this;

ServerName [site fqdn]

And change the line which has DocumentRoot to point to the directory for this hosted site. For example;

DocumentRoot /var/www/webs/[site fqdn]

Lastly add these two blocks at the end of the file.

<Directorymatch “^/.*/\.git/”>
Order deny,allow
Deny from all

<Directory /var/www/webs/[site fqdn]>
Options FollowSymLinks
AllowOverride All
Require all granted

The first block will prevent anyone from navigating into a git repository and accessing sensitive data like credentials or from cloning the repository.

The second block will allow htaccess files or directory rewrites, and prevent directory listing. These are required changes if you want to host WordPress sites, and best practices all around.

Now we just need to enable these changes and make the site live with;

a2ensite [site fqdn] && service apache2 restart

From this point on, this new virtualhost can be copied to create new sites, rather than recreating each one from the original virtualhost file.


How To: Cheap and Unlimited Worldwide Cell Service

I will show you how to combine several products to get cheap and truly unlimited worldwide cell phone service.

Google Voice

What is Google Voice? This is a completely free service which allows you to make calls and texts from any web browser or from your cell phone, to and from your main phone number.

A long time ago, I was very frustrated about not being able to text and call from my phone while in St Thomas. This is a territory of the US which has excellent internet service in the cafes, but no service for people with US cell phone plans. It was so ridiculous and frustrating to be able to use Facebook just as easily as at home, but not to be able to call or text.

Google Voice solves this problem. I ported my same phone number I’ve had since I was 14 into Google Voice, and voila, I was able to call and text from my phone the same as before, but now I could ALSO call and text from Gmail as shown in the pic above. (This texting and calling also works in many other Google web apps like Contacts, Hangouts, Inbox, etc.) Both of these work anywhere you have an internet connection. If I am at a friend’s house in the mountains and there is wifi, I can text and call no problem. If I am in another country on data or wifi, I can text or call no problem.

In fact anywhere in the world where I have wifi or data, I can call and text from any device I am on, not just my phone! Unlike other web based texting solutions like MightyText (Which allows you to text through your phone via the web), Google Voice is truly web based. So even if your phone is off or broken, you can still use Gmail to text and call because your phone number is not tied to your phone. You can simply hook your headphones or bluetooth into your laptop and make calls and texts through the website as clearly and simply as through your phone.

For years, I have used Google Voice in conjunction with a T-Mobile unlimited data plan. I have my same original phone number still tied to my phone through Google Voice; I can still call and text just like always. There wasn’t really any noticable change on my phone, but now I can also do everything on ANY device I am logged into.

Google Fi

This is an optional step which may not work for everyone. For years, I used Google Voice without Google Fi and it was great. The only reason I am adding Fi now is because I will be spending time overseas, and at this point Google Fi is a better deal than T-Mobile based on my usage.

Google Fi is a cell phone service from Google. They send you a sim card to put in your phone which gives you service anywhere in the world. In my case, it replaced T-Mobile as the data provider for my phone. My cell phone number is still with Google Voice.


Google only officially supports people using Fi on Google phones. But Fi is a sim card. It works on essentially any device that can accept sim cards and supports the modern bands. Also Google doesn’t want you to use both Fi and Voice. They want you to use one or the other.

Google’s official documented solution for people who want to try Fi on non-Google phones is to that we should create a second Google account to use for Fi only. Sign up on the website with this second account and they will send you a sim card.

Now simply install the sim card in your phone and DO NOT install the Fi app on your phone unless you have a Google phone like a Pixel or Pixel XL.

This process is confirmed to work on essentially any modern phone from iPhones to my LG V20.

So now your phone has data anywhere in the world, and your phone number works on any device you log into, including your phone and laptop.

Further Caution

Some people have reported eventual problems with non supported phones. I have been using Fi all day today and so far I have had no problems. I will report back once I have further updates about my Fi experience.


Please let me know about your success or troubles in the comments below!

Meditation: The Difference Between Pain and Suffering and What Meditation Can Do About It

I participate in a biweekly meditation and discussion group. It is my turn to select a reading to start the conversation, and I have selected an excerpt from an excellent conversation which happened on Sam Harris’ Waking Up Podcast. The episode is a much larger conversation than just this topic, and the entire episode is super interesting. In this episode, three of the world’s leading academic experts on meditation and mindfulness discuss the evidence and research that exists for benefits from meditation and mindfulness. You can read more about their expertise and credentials here.

The section I want to share is a discussion of studies they have conducted on people suffering from depression, anxiety, and chronic pain, and the evidence suggesting mindfulness based cognitive therapy is actually more effective than medication for dealing with these problems.

The Three Main Points

  • Mindfulness means knowing that you’re knowing. It means recognizing that a thought is just a thought, a feeling is just a feeling. The default mode is letting those things define who you are, but mindfulness means learning to understand that those things are separate from who you are. This is also sometimes called meta-cognition or meta-awareness.
  • Cognitive behavior therapy (commonly just called therapy) means you don’t have to believe your thoughts and feelings. You can decide to change them. You can decide how you want to think and feel. Thoughts and feelings come from what your brain is used to, so if you choose to proactively think or feel differently, your natural thoughts and feelings will change over time.
  • The evidence suggests that combining mindfulness and cognitive behavior therapy is more effective than medicines at treating depression, anxiety, and chronic pain disorders.
    • Suffering, depression, anxiety, and chronic pain are often anticipatory emotions which are experienced in anticipation of pain which may or may not even happen. Recognizing that fact and choosing how to feel can mitigate symptoms of suffering more effectively than medicine.


These main points together can help us define goals for our meditation practices; something solid to try to do which is based on evidence. These are the things that the data show are effective at changing behaviors and improving outcomes.

Diving Deeper (Optional)

Here is the actual conversation and the definitions given in depth. Our main group conversation will be about the points listed above, but here is the rest of the interview for background.

The Experts Define The Terms

Towards the beginning of the conversation, they define mindfulness and cognitive behavior therapy as it applies to the conversation. (You can click here to listen to that section or read below 34:12)

Davidson: “Meta-awareness is simply knowing that you’re knowing. Recognizing that a thought is a thought rather than being swept away in its content.”

Goleman: “One of the main principles of cognitive therapy is that you don’t have to believe your thoughts. That’s a very revolutionary idea for most of us.”

Harris: “We should probably define mindfulness at this point…. for those who are new to the topic, … how would you define mindfulness?”

Goleman: “I think mindfulness as it’s taught in the classic traditions encourages us to take an equanimeous position amongst the comings and goings of our own thoughts, and to see them as feelings and thoughts rather than, ‘that’s me’. And to just note them without judgment or without reactivity, and let them come and let them go. That’s a very radical stance internally.”

Harris: “And so is there any distinction between what you’re calling meta-awareness and mindfulness as you just used it?”

Davidson: “…In the classical traditions, mindfulness often has some additional components in addition to the ones [Goleman] described. It includes remembering to bring a certain view to every encounter. And what does that mean? Well in part it means recognizing that every human being shares the same wish to be happy and to be free of suffering.And also a view that has an altruistic intent. The disposition to help relieve the suffering of others whenever it’s encountered. And remembering to bring that conviction, that stance to every encounter is also part of mindfulness.”

The Reading

This conversation starts at 49:53 and continues to 54:30. You can listen to it here or read it below;

Harris: “Let’s talk about a few categories of human suffering and you can tell me the state of the literature on the utility of mindfulness in particular as a remedy. What do we know about depression and mindfulness at this point?”

Goleman:”Well there, it’s  mindfulness in tandem with cognitive therapy, mindfulness-based cognitive therapy. Which meta-analyses suggest can be as effective for mild and ordinary depression as are medications. Also for anxiety disorders, it seems to have the same amount of efficacy [as medications].”

Davidson: “I think that most of the work with depression has in fact been focused on mindfulness based cognitive therapy. And where it’s particularly effective is in reducing the likelihood of depressive relapse. That’s where the best data are. So if you take an individual who has had a history of depression — and one of the things we know about depression is that it’s a recurring illness — teaching a person mindfulness based cognitive therapy when they are admitted has a dramatic impact on the likelihood of relapse. In fact, it’s the one case where mindfulness based intervention is actually more effective than medication.”

Harris: “So this is in preventing or reducing the likelihood of relapse.”

Davidson: “Correct. And this is for depression and not bipolar disorder.”

Harris: “So what about pain perception and the problem of chronic pain which obviously links unhelpfully with the problem of opioid abuse which is so in the news now.”

Davidson: “I think we need to make an important distinction between pain and suffering. The neuroscience literature has helped us to understand  the different parts of neural circuitry involved in pain processing that are related to pain more explicitly itself, versus the suffering that often occurs as a consequence of the initial pain. With regard to the impact of meditation, the data show that the circuitry involved in the more emotional components of pain, the suffering component can be modulated much more strongly than the sensory features of the pain itself. Here is where I think mindfulness and related practices can make an important difference.”

Harris: “So this distinction between pain and suffering, lets say a little bit more about that because it’s highly counter-intuitive to people. What are your findings there, or what are the findings of meditators in general there?”

Davidson: “Well there are two kinds of findings. One is that during the anticipation of pain, we see the activation of parts of the neural circuitry associated with pain. We can see in the laboratory that when a person is told that they are going to be receiving a painful stimulus in the future, the circuitry involved in pain processing is activated in response to the innocuous queue that simply informs them that a painful stimulus will be occuring. In situations of chronic pain, we often encounter something quite similar where a person is anticipating for example that when they start walking, they will start feeling pain. And that activates aspects of the pain matrix itself even though they may not have begun to walk the actual triggers might not have been activated. The parts of the pain matrix that are activated during those anticipatory periods are parts that are associated with suffering; more the emotional components of pain rather than the sensory components of pain.”


Is Unconditional Love Possible?

I attend a bi-weekly meditation group and this was the prompt for the discussion this week. I decided to type out my thoughts and include an example from my life before I head to the meeting this week.

What Is Love

Love is one of the places the English language suffers from rudimentary vocabulary. The Ancient Greeks had six words for the different kinds of love. Today, we lump them together and scare ourselves out of using the word for fear of implying the wrong thing.

“You can’t love another until you love yourself.”

I think an important place to start is defining the word for oneself. In my case, I start with self-love. As the old saying goes, “You can’t love another until you love yourself.”

But what does self-love mean? I have done a great deal of reading on this topic and I have answered the question for myself; self-love is being kind instead of unkind to yourself when the person you are (or were) is different from the person you want to be.

Through this lens, it’s easy to look at other people. Every example I’ve come up with in daily life where I get upset or frustrated with someone is because something they are doing is different than what I want them to be doing. Conflict in traffic, politics, and relationships often fulfil this definition for me. In fact I haven’t found any examples where I am upset at someone and this is not the reason why.

Being unkind instead of kind to someone who is not what you want them to be will do nothing to change them.

So what is the reaction when one is angry? I think the default response is to try to punish the other person into being what you want them to be. Phrased this way, it’s obvious that this won’t work. Being unkind instead of kind to someone who is not what you want them to be will do nothing to change them. In fact, attacking someone will only cause then to resent you and your motives and to defend themselves rather than analyzing themselves. Attacking someone can not make them change.

Fundamentally, I define love as a verb, not a noun. For me, it means choosing to be kind instead of unkind when someone is different than I want them to be.


This is another hard word to define. I choose to think it means valuing love as a chosen behavior when loving is hard, or not the first reaction we have.

Whenever I feel myself becoming upset or frustrated with someone, I try to ask myself how I can be loving towards this person as opposed to unloving, meaning how can I be kind instead of unkind in reaction to them being different than I want them to be.

This is fundamentally tied to the eternal philosophical conflict between prescriptivism versus descriptivism.

Countless variables contribute to the makeup of any person. Maybe I have an idea of who I want to be or who I want other people to be, but I can not control every variable. In fact the only variables I can control are my own behaviors, and then only with great difficulty. Luckily my own behavior can be a very impactful variable.

Without Love

I had a close friend in high school who had a difficult relationship with his father, a neo-nazi. His father had recently come back into his life after a long absence and my friend was very excited to have a father once again. He started trying very hard to fulfil his father’s expectations and build a closer relationship.

My friend was very conflicted between wanting to have this relationship with his father based on fulfilling his paternal expectations, and with the consequences for the other relationships in his life if he were to follow the path of radical xenophobia and bigotry. I felt very strongly that he was making the wrong choices in following his father, and I tried very hard to change his mind. Over and over, every time we talked about it, he would eventually agree with me and come to the realization that he needed to get away from his family and start over somewhere with better people around him. But over and over, he didn’t follow through with walking away. He wanted a father in his life more than he wanted to be a good person.

I moved away after high school and we drifted apart. A couple years ago, I read in the newspaper that his body had been found in a dusty gutter. He was beaten to death in the street. The reports say he choked on his own blood while people watched and did nothing to help, did not call 911. They just let my friend lay there and die. He had crossed the wrong line, did the wrong thing, said the wrong thing to the wrong person and it cost him his life. I picture him imagining his dad’s satisfied reaction as he did whatever he did that cost him everything. As he lay there in the street choking to death on the taste of blood, I can only imagine him finally deciding he had made the wrong decision in following his father’s path.


I have decided to crop out his face and not identify him for obvious reasons.

I really wish more people in his life had tried to be understanding and tried to be kind rather than unkind when he said or did the often evil things he did. I really believe he would have eventually come around and become an ally. He would have had an incredible story to tell of escaping the dark and evil side of the generation that’s on its way out.

I think about him all the time and how conflicted he was, whenever I see someone do something that upsets me. I try to picture the reasons why they are the way they are and what sort of choices I can make to be understanding and be loving, rather than the alternative.

A Sad Tale of Two Fishes

CJ Trowbridge

Micro Econ


A Sad Tale of Two Fishes

Prompt: Why do salmon populations face extinction the world over while goldfish populations face no such danger?

As someone who grew up in the mountains of Southern Oregon and experienced first-hand the bleeding edge of Salmon conservation efforts, this issue is close to my heart. Wild Salmon populations all over the world face extinction because of negative corporate and public externalities. One of the leading problems historically has been poor design of hydroelectric-dams providing power to home energy markets. These dams can interrupt Salmon runs and prevent them from reaching their spawning grounds. This is literally the definition of genocide: an entire generation of a population is prevented from reproducing before they die.

More recently, these issues have been addressed in many places around the world, and populations are sometimes on the rise. Another negative externality which threatens wild Salmon populations is habitat destruction through pollution or other means. In some shocking cases, physical barriers are put down by people trying to deliberately sabotage or destroy populations in order to later avoid officially responding to conservation efforts during planned future development.

In contrast, Gold fish are a common fancy pet which have spawned a large and macabre market. Many people buy them in order to treat them as a disposable and temporary pet for children who put them in enclosures they cannot possibly survive in and without correct filtration or food in place. Goldfish will often live short and tortured lives, starving or suffocating because of improper equipment and then they are frequently replaced by sadistic and irresponsible parents, ambivalent to the harm they are causing to these animals. A large industry exists to create an endless supply of these animals for children and parents to negligently kill.


Quit Your Mediocre Job And Get An MBA

Going to college is an investment, but many people assume that just any college is a good investment. I know a lot of people who have gotten liberal arts bachelor’s degrees and ended up stuck working in restaurants for years, unable to find a real job. This example is a waste of an education. All that money and time spent and they are no better off than someone who didn’t go to college at all. And they probably have debt to pay back.

I decided to wait over a decade to go to school until I decided what I wanted to do and came up with a coherent plan to actually get a return on this huge investment.

If you find yourself working a mediocre job which you hate, then maybe it’s time to do more. So what would happen if you just quit your job today, take out student loans, and go to school for an MBA?

According to research done by US News in 2016, 88% of students who get an MBA find a job within three months making an average of $126,919. That’s the average. Consider the average person for a moment and ask yourself whether you’ll be ahead of that curve. According to Bloomberg, the average person triples their previous salary when getting an MBA from ~$50k to ~$145k.

Cold Turkey

Imagine quitting your job today and starting the path to your MBA tomorrow.

To save money and improve your chances of getting into a good school, you decide to start by finishing the IGETC and at a community college. If you’re not working at all, then tuition is free, and you will get about $3k/semester in financial aid. Let’s assume you take out about $20k in student loans along with that financial aid to cover living expenses while getting through and IGETC. This number is deliberately high; my own amount was much lower. And I went full-time at two different community colleges to speed up the process.

Now it’s time for a four year school, BUT since we did IGETC and Assist, we’re already halfway done. Let’s assume we decide on a mid-range state school like San Diego State University and a bachelor’s that actually has job potential like engineering, marketing, or computer science rather than something pointless like psychology or art. There are cheaper options and more expensive options out there, but the important thing is to get a degree that is actually going to mean something to an employer, otherwise what’s the point?

According to, average cost (Includes tuition, room and board, supplies and other expenses) for in state students at San Diego State University is $28,224 minus an average financial aid award of $11,400. So that’s $16,824 per year. Since we did the IGETC and Assist at community college, we’re only spending two years here which comes out to a total of $33,648 which goes onto a student loan.

Alright so now our total loan principal is $50,648 and we have a valuable bachelor’s degree. Time for that MBA.

Bloomberg has really comprehensive research on this, and they put the average cost of an MBA in the US at just $53k plus living expenses. There is no financial aid for Masters students so let’s add another $20k in debt to cover living expenses while we are doing the Master’s program.

Now we have our MBA and debt of around $123,648.

Less Debt Than Income

Remember from above that within three months on average, MBA grads will be making an average of $126,919/year. We could pay all of this debt off the first year if we are as frugal as we have been while in college, or more likely we will spread it out over the next few years and enjoy some of the fruits of our labor. The point is that this amount of debt is trivial for an MBA grad. On average, the total amount of debt is LESS than the starting annual salary.

Having student loans and paying them off is a  great way to demonstrate you are creditworthy. Once you get past the educational hurdle and triple your income, you will be able to do things you never could have before.

Just Do It

It’s scary to leave the comfortable routine and reinvest in one’s future, but it makes sense for anyone smart and capable to make a choice like this, especially if they are tired of wasting time doing mediocre work for mediocre rewards. Life is too short!

Spring Break 2018 in Europe: What I’m Bringing With Me

This is my first big overseas trip! I will be spending about a week backpacking across western Europe at the end of March. You can look at my goals for this trip and itinerary here.

For this trip, I am trying to be as frugal and minimal as possible but I still want to bring a pretty full featured set of gear. I will be spending lots of time on trains and planes and visiting lots of touristy spots for sweet selfies. This trip is also a sort of test run for the digital nomad lifestyle. I am planning to try to write some code and work on things like that to see if I like the feel of the lifestyle before really committing to it.

This will be a solo trip. I am going alone and bringing just one small bag.

The Backpack

Jansport BackpackI have spent a lot of time observing online communities around this type of trip, like Onebag, Digital Nomad, and SoloTravel. A lot of people go with very expensive and complex options for the gear and especially the backpacks they choose. I wanted to take a decidedly different route. When something that costs $25 dollars works just as well as something that costs hundreds of dollars, I don’t see the point in spending more. I expect that’s probably naivete, and that I’ll likely revisit this topic after the trip.

I ordered a simple grey Jansport backpack. I think there is something romantic about this particular backpack. It’s probably the world’s most common and popular backpack and yet it’s very sturdy and has excellent build quality. The zippers in particular are surprisingly good and I expect no backpack problems on this trip or many more to come. I also got a TSA approved lock for the zippers. Hopefully this is unnecessary but I’m not willing to risk it since this is my first big overseas trip.

Eagle Creek Pack-It Cube Set

I also picked up the widely recommended Eagle Creek Pack-It Cube Set. These should make it easy to keep my bag organized and tidy. Also, putting everything in cubes means that if someone tries prying the zippers apart, it will still be hard to get anything out through the opening in the lock.

I’ll be using an REI dry bag for dirty clothes in order to keep anything wet from getting water in the bag, along with providing airtight compression for the clothes in the bag. (I’m planning on doing a bunch of swimming in Barcelona 😎)

The Camera

GoPro Hero 5 Black

I got a GoPro Hero 5 Black at REI especially for this trip. REI has a one-year no questions asked return policy in case I don’t like it. I compared it with the newer version, the 6, but no one could tell me how they are different aside from higher 4k frame rates (30 vs 60). This one is a hundred dollars cheaper than the new one so it seemed like a no brainer.

I also picked up a tiny multiple Go-Pro battery charger which comes with two extra batteries and a small protective case for all the camera gear which comes with some extra accessories like a diving enclosure.


This is a major priority which I am very anxious about.

I picked up a universal power adapter which works all over the world and has four handy usb ports! This pairs perfectly with my Anker charger which gives me Quick Charge 3.0 (For my phone) along with several of Anker’s IQ ports. These put out over 40 watts to charge all my devices at once! I have really shopped around and this is the best charger I’ve found.Anker Charger

The Laptop

Asus C302CA Chromebook with Razer Deathadder Elite mouse

I’m bringing my Asus C302CA Chromebook. This is a really great laptop which can run any Android or Chrome apps and of course access the web and any web apps. At just 12.5 inches and 2.65 pounds, it’s a tiny but powerful machine with 4gb ram and a 64gb ssd. Typically I get about 12 hours of battery life on a charge. This makes it easy to upload pics and videos from my GoPro to Google Photos and to edit them with something like Pixler before posting them to social media. The Asus C302CA Chromebook also charges from USB-C so it can use the same single charger which will power my other devices!

I already enjoy using this machine for work so I think I will really like this part of the digital nomad experience during my trip.

The Headphones

I am bringing a pair of Xiaomi Mi ANC earbuds. These are USB-C so they work with my phone or laptop, and they feature REALLY great active noise cancelling. (Sometimes I put them in and just listen to the silence. They are better than earplugs.) I will have a lot of hours to kill in transit during this trip, so these will help me eat through my favorite audiobooks and podcasts in silent comfort.

The Wardrobe

I will be in a wide range of climates from Oslo to Barcelona with temperatures ranging from the low 30s to the 70s (according to historical averages) so I also ordered a large ultralight rain poncho which can cover the backpack and folds up very small when it is not needed. I will check weather forecasts before my trip and then I may or may not bring this.

A pair of blue Prana Super Mojo shorts will be perfect for a couple days at the beach in Barcelona. 😎

I plan to do laundry halfway through the trip, so three sets of packed shirts, socks and underwear along with the pants, hoodie, and clothes I will wear on the plane complete the wardrobe.

Please Offer Feedback!

I am new to this, it’s my first time. I would love feedback on things I may not have considered or mistakes I may be making. Thanks in advance!

Spring Break 2018 in Europe: The Plan

I am so excited to FINALLY go backpacking across western Europe for spring break this year! This will be my first trip to Europe and my first solo trip. In the past, I have traveled around America a lot, and I went on a cruise around the Caribbean but somehow I have had a shamefully limited travel range. That all changes with this trip!


I will be going alone on this trip. I think solotravel is going to become my prefered mode of travel. Along the way, I plan to meet up with friends in different places and make new friends wherever I go. A big part of the motivation behind this mode of travel for me is the idea of radical self-reliance and personal independence. A bigger part is just pulling the trigger on this thing that I want, and making it real for myself. I have spent years churning out lots of ideas and realizing only a few of them. I think doing this will help me to spur myself to greater action throughout all the ventures and projects in my life.


I will be bringing just one bag, and a small one at that. Check out my post about What I’m Bringing With Me. Minimalism has become a super important theme in my life. I like the idea I’ve heard that the best state to be in is one where adding anything would be too much, and taking anything away would not be enough. I will be taking that to the extreme and traveling as minimally as possible during this trip.


I want to spend as little money as possible on this trip. This almost goes into the minimalism theme but for me it’s about more than that. Since this is my first big overseas trip, it’s the one all the rest will be judged by. I’m thinking of it like the first year attending Burning Man; the main goal is to get through it and survive and maybe take some nice pictures and learn about how to do it better next time. The biggest and most important thing is just doing it.

The less I spend, the sooner I can do it again and do it better. Currently, it looks like I will be spending a total of just $1,400. two thirds of that is transportation, so it isn’t affected by how long I stay. This is very exciting because in the future I know I could stay much longer. I was shocked to learn that hostels in beautiful and idyllic Barcelona and Berlin range from $10-$20 per night. In the bay area, a shithole hotel goes easily for over ten times that price.

One change I have made from my original plan is not using trains, and flying between cities instead. It’s actually cheaper because my trip spans the end of one month and the beginning of another, and it will give me a lot more free time along with more comfortable trips between cities.


-Day 0 (Mon 3/26)

This is the day I get on the first plane and head towards Olso.

(6:30pm OAK -> 12:40 LGW, 15:00 LGW -> 18:05 OSL)

-Day 1 (Tue 3/27) Travel + Oslo

Arrive in Oslo at 6:06pm local time (9am back home).

Maybe have time to explore Oslo a little.

Spend the night in Oslo at Anker Hostel.

-Day 2 (Wed 3/28)  Oslo!

Explore Oslo.


Spend the night in Oslo at Anker Hostel.

-Day 3 (Thu 3/29) Oslo + Travel

Fly from Oslo to Berlin. (6:00pm OSL -> 7:35pm SXF)

Stay at Citystay Mitte.

-Day 4 (Fri 3/30)  Berlin

Explore Berlin.

Stay at Citystay Mitte.

-Day 5 (Sat 3/31) Berlin

Explore Berlin.

Stay at Citystay Mitte.

-Day 6 (Sun 4/1) Berlin + Travel

Breakfast in Berlin.

Fly to Barcelona. (2:20pm TXL -> 3:45pm STR, 5:25pm STR -> 7:15pm BCN)

Stay in Barcelona at Sant Jordi Alberg Hostel.

 -Day 7 (Mon 4/2) Barcelona

Explore Barcelona.

Stay the night at Sant Jordi Alberg Hostel.

 -Day 8 (Tue 4/3) Barcelona

At 11:00am local time, I get on a plane in Barcelona and fly directly back to Oakland. I arrive at 3pm local time the same day. If only it was really just four hours!

Norse Mythology by Neil Gaiman (10/10)

This was another amazing book by Neil Gaiman! 10/10. I only wish it was longer. There are so many other Norse myths which I would have loved to have heard him retell.

The audiobook in particular was great. It is read by the author and unabridged. He has the voice of an angel. I have already gone back several times and listened to stories as I fall asleep.

This is one book I will revisit over and over again.

Years of Problems Solved


#deletes old backups
find /var/www/backups/ -mindepth 1 -mmin +$((60*24)) -delete

#creates new backups
tar -czf “/var/www/backups/webs-$( date +’%Y-%m-%d_%H-%M-%S’ ).gz” /var/www/webs
/usr/bin/mysqldump -uroot -p[mysql root password] –all-databases | gzip > “/var/www/backups/mysql-$( date +’%Y-%m-%d_%H-%M-%S’ ).sql.gz”

This is a script I wrote years ago that shall live in infamy. It creates an automatic backup of databases and virtualhost directories. It is called by a cron job each day, and builds the new archive files, depositing them into the backups folder.

The backups folder is a Bittorrent Sync repository which automatically copies the backups to other NAS servers. This script also deletes the old backups each day as you can see at the top. Because the files are deleted on this server, the remote repositories they are syncing with retain old versions. This means that all prior backups are saved on the remote NAS server, but only the most recent backups are ever stored locally.

Because the files are transfered with the bittorrent protocol, they are end-to-end encrypted, and highly available across an unlimited number of nodes. So the remote NAS servers will share the backups with each other if necessary.

This is a super good system which accomplishes highly available and completely free, secure offsite backups. The remote server has a highly secure virtualhost which shares the backups, so they are available to other command line scripts which can fetch them and deploy new versions of these servers in seconds.

Also keep in mind this is a simplified version of the script. The actual script I use will create a separate backup file for each database and for each virtualhost. This script will create one single archive of all databases and one single archive of all virtualhosts. This is still a good system, but it is less easy to deploy one single virtualhost or database this way if a server is hosting more than one.

The Symptom

Every once in a while after some unknown period of time, the Bittorrent Sync stops working. It says there is an unknown error, and it has to be reconfigured. Then it works fine for some unknown period of time but this ALWAYS ALWAYS happens again.

It only happened on some servers, despite the same script running on all of them. (I now realize the reason.)

I tried for a long time to figure it out but I chocked it up to a bug in BTSync because it is a mildly jank, gratis, closed-source, and long-discontinued product. I just kept periodically reconfiguring BTSync and everything kept working, despite this little annoyance.

The Cause

Bittorrent Sync stores the configuration files for each repository in a hidden directory within that repository called “.sync”. This works just like git does.

When my script deletes old files in that directory, it also deletes the Bittorrent Sync configuration files, then BTSync crashes until it is reconfigured.

The Fix

This is the new script which solves this problem;


#deletes old backups

find /var/www/backups/www/ -mindepth 1 -mmin +$((60*24)) -delete

find /var/www/backups/mysql/ -mindepth 1 -mmin +$((60*24)) -delete


#creates new backups
tar -czf “/var/www/backups/www/webs-$( date +’%Y-%m-%d_%H-%M-%S’ ).gz” /var/www/webs
/usr/bin/mysqldump -uroot -p[mysql root password] –all-databases | gzip > “/var/www/backups/mysql/mysql-$( date +’%Y-%m-%d_%H-%M-%S’ ).sql.gz”

As you can see, each type of backup now goes into its own subdirectory. Backups are only deleted from the subdirectories. The config files are no longer effected when backups are deleted.