finally starting to get somewhere with my neocities page.. fuck yes..

This is my first time on gopher. Very cool!

@seabirdie@yarn.girlonthemoon.xyz fuck yeah!!!!!!!!!1

@kat@yarn.girlonthemoon.xyz ok yeah idk what’s going on whatever i’ll mess with config later

tz test

@seabirdie@yarn.girlonthemoon.xyz KILLER ICON!!!

@kat@yarn.girlonthemoon.xyz DIDN’T WORK

test

wait i just realized this pod’s time zone is not my time zone hold on lol

should put together my new pi and set up the DIY KVM thing i’m doing but ehhh tired

HAPPY NEW YEAR – learning about gopher

@kat@yarn.girlonthemoon.xyz Haha 🤣

should get back to reading doctorow’s internet con, it’s so good

thanks to prologic i now know i can post video here. sorry for bringing idol fancams to this humble network do you still love me

Video

SEABIRDIE IS HERE!!!!!!!!

@gretahayes@yarn.girlonthemoon.xyz yesssss u got this!!!

Everyone should watch danger force cause why’s it lowkey sooo good

I’m so good at this. I’m so good at this. I can even reply to people successfully at times

@prologic@twtxt.net thank u :)

@yarn.girlonthemoon.xyz@yarn.girlonthemoon.xyz OH MY GOD IT WORKS

testing video posts here’s a yunjin fancam

Video

@prologic@twtxt.net OH SICK I GOTTA TRY THAT

Also yarnd supports video too 🤣

@prologic@twtxt.net hahahah yeah it’s a bit heavy for what i need but i do like that it’s advanced enough that it’s easy for friends to use :P

i went to X to learn more about lovable.dev and somehow ended up here.

@kat@yarn.girlonthemoon.xyz Thanks! I built my own video hosting platform too but not nearly as fancy as what you use 🤣

yesterday i was gonna buy new batgirl & birds of prey issues but the comic store didn’t have either

@yarn.girlonthemoon.xyz@yarn.girlonthemoon.xyz 👋 Welcome to Yarn.social 🙌

wishing everyone an awesome 2025! Less go

@kat@yarn.girlonthemoon.xyz HIIIIII

@gretahayes@yarn.girlonthemoon.xyz <333

Woah….it’s so pretty & pink on here…

@gretahayes@yarn.girlonthemoon.xyz HI RUS OMG

@prologic@twtxt.net mediacms! it’s janky yeah but it does the job ultimately (even if sometimes videos don’t encode and i gotta do some weird python venv shit to force the encode lol…)

@bender@twtxt.net Wre I’m talking about Web right? 🤣

@aelaraji@aelaraji.com Nice! 🙌

@bender@twtxt.net you’re right the scale wasn’t that large, but analyzing the logs. It definitely was a detox attack. 🤣 I woke up this morning to see six other small spikes like this which I’ll have to analyze later tonight…

@movq@www.uninformativ.de Yes

@kat@yarn.girlonthemoon.xyz What do you use for this btw? 🤔

why’d it announce my test account LOL

@yarn.girlonthemoon.xyz@yarn.girlonthemoon.xyz ok nvm just temp enabling registrations for this bc it just won’t work lol i’ll play with it another time

@lyse@lyse.isobeef.org yep, I gave it a spin locally! I freaking love the cute logo and the UI is fiiiine 👌 my TUI browsers love it just as much …

Image

@yarn.girlonthemoon.xyz@yarn.girlonthemoon.xyz wondering if the smtp_host variable is expecting something other than just the mailjet hostname…

hey yarn pod hosting friends, how do i enable an SMTP relay in the env settings? i’m trying to get a friend on here and i’m pretty sure my env config is good but it won’t send emails even after restarts which is strange. i have the right hostname for mailjet, user and pass are in there, same with from address, i’m wondering if the port is messing it up bc it has to send from 587?

@lyse@lyse.isobeef.org TABs, of course, are best. >:-)

thanks man!!! love seeing ppl use gopher -@levelsio

What’s the alternative, plow straight through them? lol

happy 2025

@aelaraji@aelaraji.com Ta! It’s just the millenia old tabs vs. spaces debate. ;-) Here’s a screenshot, that also kinda serves as a preview of the ugly – yet functional – web interface:

Image

hmm… apparently the invalid twts are the latest ones I’d posted from Timeline but highly probably because I’d tried to restore them manually, after unintentionally overriding my twtxt file with one that was out of date 🤦

@bender@twtxt.net Magnetic-core memory. SCNR.

@yarn.girlonthemoon.xyz@yarn.girlonthemoon.xyz (that is targeted only at me. i do not shower enough. exposing myself)

@yarn.girlonthemoon.xyz@yarn.girlonthemoon.xyz though i feel like this doesn’t need to be said because if anyone is that pretty they are not a self hoster because they regularly shower

in case anyone here has the impression that the girl in my icon is me, somehow, no it’s a k-pop girl her name is wonyoung and she is the prettiest girl alive

rose put crack in apt because jesus christ i just find myself mindlessly chanting “apateu apateu” under my breath at the most random times. some brain programming shit

i’ve been transitioning CLI text editors from nano (godforsaken editor) to micro (normal and not overly opinionated to the point where i feel like i’m defusing a bomb trying to learn its keybindings) and the only weird thing is that i can’t get it to persist an alias from nano to micro when i run sudo despite me configuring that. well at least on my servers, it persists on this machine. idk i’ll look at it later

posting from CLI just cuz i can lalalala i have nothing to talk about

i love posting to my own personal youtube site i can just do whatever tf i want. no content ID here just vibes and finger crossing that i don’t get a cease and desist one day

@lyse@lyse.isobeef.org Oh! no need to be sorry and feel free to keep at it if it helps, I don’t mind. It’s just that I’m always on the lookout for corpo-bots and crawlers slipping through the cracks (a fun little game of sorts) 😅 the only thing I let them see is a robots.txt telling them to :diffoff

Also, I’m curious about the invalid lines in my feed. is it something I should lookout for in future?

owow. Gopher is still here!

That graph doesn’t look that bad. I mean, by the looks of it, I wouldn’t even qualify it as a DDoS. 😅

@movq@www.uninformativ.de I am sure they would have been just fine. Should we assume your main driving machine is on solid state?

This Simon Willison’s post is a good read: https://simonwillison.net/2024/Dec/31/llms-in-2024/. If you haven’t read it, and are negatively or positively thinking of the so called AI, then you should.

There is more at Simon’s blog. It is worth spending some time in it.

@yarn.girlonthemoon.xyz@yarn.girlonthemoon.xyz after some fighting with this janky software (that i still love despite the jank) we now have stupid tux as our logo. slayyy

changing my video site’s logo to this silly no thoughts head empty tux clip art. because i can. https://openclipart.org/detail/103855/tux-the-penguin

[47°09′44″S, 126°43′49″W] Wind speed: 67kph

@movq@www.uninformativ.de oh no good luck!!!

On DDoS, wouldn’t sshguard and/or fail2ban work?

It seems like this is cached, I think levels is doing good work with this.

Hell0 here

Happy to find this secret place on the gopherspace

It turns out my ISP supports ipv6. After 4-5 months with only ipv4, I thought to ask customer support, and they told me how to turn it on. (I’m pretty happy with ebox so far. Low-priced fibre with no issues so far. Though all my traffic goes through Montreal, 500km away from me in Toronto, which adds a few ms to network latency.)

[47°09′17″S, 126°43′48″W] Automatic systems disengaged due to heavy rain

So I need to figure out how to block ASN(s)…

Additionally, I’ thinking of; How to detect DDoS attachs?

Here’s one way I’ve come up that’s quite simple:

Detecting DDoS attacks by tracking requests across multiple IPs in a sliding window. If total requests exceed a threshold in a given time, flag as potential DDoS.

[47°09′43″S, 126°43′25″W] Working impossible due to thunderstorm

@movq@www.uninformativ.de Sweet!

@lyse@lyse.isobeef.org Cool 👌

Hmmm so I’ve sustained two DDoS attacks on my Gitea server today. A few hours apar. Still analyzing the traffic…

@movq@www.uninformativ.de Oh dear. All the best of luck with that noise! And the disks.

@movq@www.uninformativ.de I don’t use them either.

@movq@www.uninformativ.de Thanks! I already found it and patched it to run in my ancient Python version (no match keyword and exec(…) only allows globals and locals as positional arguments). :-) https://lyse.isobeef.org/tmp/mcalc-patched.py.txt

@prologic@twtxt.net Excellent, working fine now. Thank you!

@movq@www.uninformativ.de Truly classic. :-D

@movq@www.uninformativ.de That sounds super useful! I always used bc and ibase=2/obase=2 for conversions. But your digit grouping is what I always lacked. I gotta switch.

@movq@www.uninformativ.de Yeah, the Python docs are more like a book. They absolutely shine if you have no idea and read them from top to bottom. The tutorial is baked right in. But they don’t work all that perfect as cheat sheets. I also remember looking for the return types way too long in the past.

I would have thought that this could be easily improved when type hints are in place. And it sure does: https://www.tornadoweb.org/en/stable/httpclient.html#tornado.httpclient.HTTPClient.fetch

@movq@www.uninformativ.de It’s crazy! I thought about it the other day on my hike. There are so many shady areas in winter that are fully blasted by the sun in summer.

@movq@www.uninformativ.de Heck yeah, they’re both very lovely! I like how you can still see the full disk through the clouds in the first one.

@kat@yarn.girlonthemoon.xyz Oh cool, I wish I had a similar subject in school. :-)

I cobbled that together yesterday, @aelaraji@aelaraji.com. Since I was too lazy to write some tests, I simply hit your feed as I knew it contains two invalid lines right now. Sorry mate! :-( Next thing is to actually write some proper tests, improve the messages, etc.

Here’s the code: https://git.mills.io/yarnsocial/validator

Looking forward to that, @prologic@twtxt.net. :-)

[47°09′10″S, 126°43′48″W] Automatic systems disengaged due to thunderstorm

For the time being… I’ve just blocked all of OpenAI(s) Bots. They (thankfully) publish a JSON endpoint that you can use to block all OpenAI crawlers from reaching your server (in my case, blocking it at the edge). Example:

proxy-1:~# curl -qs https://openai.com/gptbot.json | jq -r '.prefixes[].ipv4Prefix' | xargs -I{} ./block-ip.sh {}

Where block-ip.sh is simply:

#!/bin/sh

ufw insert 1 deny from "$1" to any

@aelaraji@aelaraji.com Yes! 👏 This is exactly what it is! 🤣 I will of course soon™ be hosting this service, likely at validator.twtxt.net 😅😅

Any idea What’s this "twtxtfeevalidator/0.0.1" UA about? I thought I could ask before throwing a 1000GB file at it 🪤 could it be the same ‘xt’ thing @lyse@lyse.isobeef.org was talking about the other day?

[47°09′07″S, 126°43′13″W] Weather forecast alert – storm from N

@kat@yarn.girlonthemoon.xyz Haha 🤣 If someone figures this out, please let me know 🙏🙏 – In the meantime, I’m going to very soon™ write a daemon that will watch the audit log for repeated violations and add to the network firewall.

This is better:

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
2025/01/04 23:17:04 4.227.36.76 58982 GET /external?aff-HY0BLO=&f=mediaonly&f=noreplies&nick=g1n&uri=https%3A%2F%2Fthe-president-codes.linegames.org null 0  On OWASP_CRS/4.7.0
Actionset: OWASP_CRS/4.7.0
Message: Bad User Agent
Severity: 0
Raw: SecRule REQUEST_HEADERS:User-Agent "@pmFromFile /etc/caddy/waf/bad_user_agents.txt" "id:2000,log,phase:1,deny,msg:'Bad User Agent'"

Nice! I wrote another useful tool 👌

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
Actionset: OWASP_CRS/4.7.0
Message: Bad User Agent
Severity: 0
Raw: SecRule REQUEST_HEADERS:User-Agent "@pmFromFile /etc/caddy/waf/bad_user_agents.txt" "id:2000,log,phase:1,deny,msg:'Bad User Agent'"

@prologic@twtxt.net we live in hell

went out with my family today, brought my camcorder, resulted in a little vlog :) https://memoria.sayitditto.net/view?m=SjbDq15bL