Since that happens to the best of us, I envision writing a wrapper script around {n,}pfctl that asks for confirmation upon detecting that you're logged in via ssh through a specific port AND detecting that the new rules would block that port.

Lol.

Just tailscale it and this will never happen again.

(Set the whole interface of tailscale0 as a trusted network)

They should have a remote console like Dell RAC or HP iLO

Hello Derek you fucking idiot

Believe it or not, "rite" is the, uh, right, word here.

I don't belief it.

Messing up the spelling is a wrong of passage.

Yes, I also used to run an "on premise" server - in my kitchen, not 500km away. I sometimes might need to admin it remotely, but never critical setup work.
And the meme makes it sound like they have to drive there specifically to fix it, like nobody is actually living nearby.

Does it actually happen to people? All servers I worked with both had a back door (or two), and someone at the data centre (during work hours at least) you could contact in an emergency.

why is everything in rust now

I guess some smaller companies might have simpler setups they self-host

It's easy to write, easy to build, produces lightweight and fast executables, and the type system is great. Why not rust?

What's really fun is hearing "oh shit" from the UPS maintenance tech followed by darkness and silence.

You have a right to pass once you've done this rite of passage.

Just breath!

Most data centers have some kind of service where you can request a KVM to be connected to the server. It's not instant as an actual human has to do so but a lot sooner than another human driving long distance. I guess in this case, it's a mid size company that is big enough to have multiple locations yet small enough to still manage to use on-premise infra instead of data centers.

even worse. I regularly have to get up out of my chair and go down 2 stairs.

Also this took a while to find, but : https://sourceforge.net/p/shorewall/svn/HEAD/tree/branches/4.2/Samples/one-interface/shorewall.conf

ADMINISABSENTMINDED=Yes

Is an actual setting in the config for the (now apparently unmaintained) Shorewall Firewall software/tool for linux.

If I remember correctly, it always checks on firewall rule changes if there is an active connection on port 22, and adds a special rule at the end to maintain that connection.

They don't build them like they used to anymore.

Believe it or not, straight to jail

Well, I have my server running in my parents basement, because they have fiber, and I don't.

It's not quite a 500km drive, but still a long enough distance for this scenario to be a major inconvenience.

But since I have wireguard running on their router though this specific scenario is not something that could happen to me

Would misusing the dd command be considered a hardware failure?