@prologic@twtxt.net ‘Clownflare’ 🤣🤣🤣 Love it.

But yes the idea of a cheap VPS as a tunnel and keeping home network all local is a good one I reckon.

@bender@twtxt.net / @mckinley@twtxt.net could you both please change your password immediately? I will also work on some other security hardening that I have a hunch about, but will not publicize for now.

A equivalent yarnc debug <url> only sees the 2nd hash

@lyse@lyse.isobeef.org will be fixed, thanks!

@aelaraji@aelaraji.com Ahh it might very well be a Clownflare thing as @lyse@lyse.isobeef.org eluded to 🤣 One of these days I’m going to get off Clownflare myself, when I do I’ll share it with you. My idea is to basically have a cheap VPS like @eldersnake@we.loveprivacy.club has and use Wireguard to tunnel out. The VPS becomes the Reverse Proxy that faces the internet. My home network then has in inbound whatsoever.

@lyse@lyse.isobeef.org Ahh so it’s not just me! 😅

I learnt how to display a txt file in a html page in a pretty way: https://melyanna.ichi.city/twtxt.html

@lyse@lyse.isobeef.org 33 and rain! Do you have thunder as well? Here it’s been really nice too, but not 33 :)

I just revisited my first script which posts to Mastodon and twtxt from CLI

@bender@twtxt.net Yeah, when you mention it.. Norway is a pretty clean place. That bike has gone 2200km now, and I have not washed it once :) It’s worse during spring and when snow melts etc, but this time of the year it’s pretty nice :)

@prologic@twtxt.net Good to know. I must admit I’ve never actually used a Docker instance, probably as I just assumed the overhead might be a bit much for my usual very modest servers.

@bender@twtxt.net Is it so maxed out you couldn’t fit a pretty small program like Headscale on it? Headscale by itself and only personal home type use as far as amount of peers go, it really isn’t noticeable I don’t think resource-wise. The Docker version I guess could be a different story.

@bender@twtxt.net Mine is about the same, though I have 20GB left 😅 In terms of resources, Headscale is using next to nothing though.

@eldersnake@we.loveprivacy.club how big is that VPS, if you can tell? My 1 vCPU, 2GB, 50GB is maxed out. 😬

@prologic@twtxt.net Yes I suppose that is true. There is an article on Tailscale’s site that explains it all quite a bit: https://tailscale.com/blog/how-nat-traversal-works

To me, with CGNAT, it’s a small miracle that a direct connection can be made between peers (as opposed to going through a relay constantly) but it does indeed work. I guess to host it at home you would need to have it WAN accessible, and if you’ve already gone to the trouble of port forwarding etc… well 😅
Not that I could personally do that, but for those with static IPs etc.

@bender@twtxt.net on my hosted VPS, as I’m on Starlink which is CGNAT, I need some sort of external intermediary.

@prologic@twtxt.net Interesting! Had no idea about that, but trust you to know of a self-hosted implementation 😅👌

@bender@twtxt.net It cost what you mentioned here too, but they had a special discount, and the shop gave 20% discount for all the gear we needed (since I bought the bike + gear for two persons), so all in all I got a really good deal on it. Also interest rate is locked for 3 years (low rate) so that was also a good deal.
I just took the longest time I could on the loan, to have a low price each month, and then i just pay extra whenever I can to get it payed down faster.
Luckily the Marlyn, my son, and my daughter all fit the same gear, so the 3 of them share that, that saved a lot of money too :)

When i met Marlyn (before we had kids) I asked here to go on her first trip with me (I had a bike before I met her back then), and we went on a 2 week ride from Norway to Italy and back (venice) through the alps and all that. Was super fun, and I think it’s pretty cool of her to say yes to a 2 week trip as passenger :)

@bender@twtxt.net haha funny! though i just realized my ISP is the only one with fiber pulled to the property so i would have to get a phone line from them some how. The other ISP in the area is basically a mobile hotspot.

@bender@twtxt.net haha funny! though i just realized my ISP is the only one with fiber pulled to the property so i would have to get a phone line from them some how. The other ISP in the area is basically a mobile hotspot.

@xuu@txt.sour.is wow, not cool.

@xuu@txt.sour.is For what reason?

Hey so.. i just got an email from my ISP saying they will terminate my service. Did i break something @abucci@anthony.buc.ci ?

Hey so.. i just got an email from my ISP saying they will terminate my service. Did i break something @abucci@anthony.buc.ci ?

@prologic@twtxt.net sleep well!

Anyway, I’m gonna have to go to bed… We’ll continue this on the weekend. Still trying to hunt down some kind of suspected mult-GB avatar using @stigatle@yarn.stigatle.no ’s pod’s cache:

$ (echo "URL Bytes"; sort -n -k 2 -r < avatars.txt | head) | column -t
URL                                                                                                       Bytes
https://birkbak.neocities.org/avatar.jpg                                                                  667640
https://darch.neocities.org/avatar.png                                                                    652960
http://darch.dk/avatar.png                                                                                603210
https://social.naln1.ca/media/0c4f65a4be32ff3caf54efb60166a8c965cc6ac7c30a0efd1e51c307b087f47b.png        327947
...

But so far nothing much… Still running the search…

@prologic@twtxt.net @abucci@anthony.buc.ci my /tmp is fine now, no avatars there. I have to drive my daughter to a birthday party now, but I keep things running and I’ll check when I get back.

@abucci@anthony.buc.ci yeah I can see it :)

@abucci@anthony.buc.ci / @abucci@anthony.buc.ci Any interesting errors pop up in the server logs since the the flaw got fixed (unbounded receieveFile())? 🤔

@prologic@twtxt.net will do, thanks for the tip!

@prologic@twtxt.net you want a new cache from me - or was the one I sent OK for what you needed?

@prologic@twtxt.net No worries, thanks for working on the fix for it so fast :)

@prologic@twtxt.net here you go:
https://drive.proton.me/urls/XRKQQ632SG#LXWehEZMNQWF

@prologic@twtxt.net thank you. I run it now as you said, I’ll get the files put somewhere shortly.

@prologic@twtxt.net so, if I’m correct the dump tool made a pods.txt and a stats.txt file, those are the ones you want? or do you want the output that it spits out in the console window?

@prologic@twtxt.net I’m running it now. I’ll keep an eye out for the tmp folder now (I built the branch you have made). I’ll let you know shortly if it helped on my end.

@stigatle@yarn.stigatle.no / @abucci@anthony.buc.ci My current working theory is that there is an asshole out there that has a feed that both your pods are fetching with a multi-GB avatar URL advertised in their feed’s preamble (metadata). I’d love for you both to review this PR, and once merged, re-roll your pods and dump your respective caches and share with me using https://gist.mills.io/

@prologic@twtxt.net yeah I still do have that issue, I compiled latest main, did not apply any patches or anything like that.

@prologic@twtxt.net yeah, I ran out of space again. also have the activitypub stuff turned off (just so you know).

@prologic@twtxt.net I got it working, I reinstalled go under home (instead of where go wiki tells me to install it), and pointed to that, as well as the variables you mentioned, that enabled me to compile it. deleted the old yarnd , and made sure I run the new one.
Thanks for the help (as always :) ).

@prologic@twtxt.net Ok, thank you, I’ll try that.

@prologic@twtxt.net I did that, and it returns no error.

`user@server:~/backup/yarn$ make deps

user@server:~/backup/yarn$ make server

/bin/sh: 4: minify: not found
/bin/sh: 5: minify: not found
/bin/sh: 6: minify: not found
make: *** [Makefile:84: generate] Error 127
`

@prologic@twtxt.net hm, I installed latest go (vps did not have that intalled), I then did make deps, then make server, when I use the last command it said minify was not installed, I assumed minify package was the one to get, but it fails with that. (debian).

@prologic@twtxt.net Ok, I’ll get it updated today.

@prologic@twtxt.net Ok, good to know. So the issue is the same ‘avatar in tmp’ issue filling up the disk. I did not check the dates on the avatars there, but it worked fined earlier yesterday, and was full today, so it seems to be the same issue mentioned earlier on here. I’ll keep an eye on it. I have not updated yarnd for a while, so I run v 0.15.1.

@stigatle@yarn.stigatle.no Works now! 🥳

@lyse@lyse.isobeef.org @bender@twtxt.net try again please.

@prologic@twtxt.net hm, it seems to be full disk that’s the issue, same problem with the avatar in tmp it seems that’s mentioned earlier here. I deleted them now. I regained 33% space (9GB).

@prologic@twtxt.net hm, okay, not sure what to do with it though. If I remember correct - I’ve just forwarded the subdomain to yarnd’s port - and that’s it.

This is the config:

`server {

server_name yarn.stigatle.no;
location / {
    proxy_set_header Host $host;
    proxy_pass http://127.0.0.1:8000;
    proxy_redirect off;
}`

@prologic@twtxt.net Thank you! How are you doing these days?

@lyse@lyse.isobeef.org hm, that’s weird, not sure what’s going on there to be honest.

@bender@twtxt.net haha yeah :) I agree, but it’s always nice to check back on here as well and catch up a bit and see what’s new :)

@bender@twtxt.net Thank you :) Yeah I’ve been silent for a while, been so much work and other things to focus on, but now I have vacation, so I missed this place, and wanted to bring it up to speed here as well :)

@prologic@twtxt.net I want to change my current setup to that as well, been thinking about it for a while, but I have never gotten to it yet.

@movq@www.uninformativ.de

(I don’t really trust Android, though, and I suspect that apps can still install background services that are always active. Pure speculation and paranoid on my part, but still.)

Which is fair, but I would say the GrapheneOS devs in particular are also quite paranoid about this stuff and go to great pains to make sure this stuff can be controlled by the user.

@prologic@twtxt.net Yeah that is probably what was happening. I wish that go build could embed the values that go install does.

@prologic@twtxt.net Yeah that is probably what was happening. I wish that go build could embed the values that go install does.

@xuu@txt.sour.is I have a theory as to why your pod was misbehaving too. I think because of the way you were building it docker build without any --build-arg VERSION= or --build-arg COMMIT= there was no version information in the built binary and bundled assets. Therefore cache busting would not work as expected. When introducing htmx and hyperscript to create a UI/UX SPA-like experience, this is when things fell apart a bit for you. I think….

@prologic@twtxt.net hey testing a rebuild of yarnd

@prologic@twtxt.net hey testing a rebuild of yarnd

@prologic@twtxt.net Well ain’t that grand? I’ll get it updated.

@prologic@twtxt.net Well ain’t that grand? I’ll get it updated.

@prologic@twtxt.net Well ain’t that grand? I’ll get it updated

@prologic@twtxt.net Well ain’t that grand? I’ll get it updated

By the way, @xuu@txt.sour.is, it looks like you’re running an old, buggy version of yarnd, that duplicates twts in the feed on edit.

@prologic@twtxt.net Hmm, yeah, hmm, I’m not sure. 😅 It all appears very subjective to me. Is 2k lines of code a lot or not?

I mean, I’m all for reducing complexity. 😅 I just have a hard time defining it and arguing about it. What I call “too complex”, others might think of as “just fine”. 🤔

@eldersnake@we.loveprivacy.club how many browsers are out there, that use a unique “engine”? There seems to be quite a few: https://en.m.wikipedia.org/wiki/Comparison_of_browser_engines. Sure, another one won’t hurt. Would I use it? Probably not. 😅

@Prologic@twtxt.net No, haven’t had the need to. We’re sticking to trusted and true over latest and sleekest in this project. Perhaps next year.

@mckinley@twtxt.net I must admit I was tempted to use EndeavourOS for an install on a HTPC (N97 mini PC) when it arrives to quickly get up and running, but then again I haven’t done a fresh install of Arch in quite a while so it sounds like things have simplified even more since then. Hmm…

If you’re reading this, it is now possible to post on twtxt.net using Ladybird!

@johanbove@johanbove.info Have you played with htmx at all? 🤔

@prologic@twtxt.net Very nice 👌

@bender@twtxt.net https://x.com/mortenjust/status/1805190952358650251

@bender@twtxt.net https://x.com/mortenjust/status/1805190952358650251

@bender@twtxt.net He is running on the latest macbook pro with 128G memory. though the chrome app seems to be sitting at 125MB. i am a bit suspicious about that stat since we dont see all the worker threads and he is currently sitting on 40GB of non cache ram.

@bender@twtxt.net He is running on the latest macbook pro with 128G memory. though the chrome app seems to be sitting at 125MB. i am a bit suspicious about that stat since we dont see all the worker threads and he is currently sitting on 40GB of non cache ram.

I didn’t know this was a thing. Well, local home improvement store believes so.

@prologic@twtxt.net Perfect 👌

@movq@www.uninformativ.de Golly, you are right 😅

@prologic@twtxt.net phew 😁

@prologic@twtxt.net yep pretty much!

@prologic@twtxt.net hey mate, all working well here so far. The login issue isn’t really an issue as far as actually logging in goes, rather if I get my password wrong it gives the response error code in console, the response of which contains the HTML for the wrong password page if you inspect it, but on the frontend itself nothing actually happens which is the confusion. Just stays on the login page as if it was never submitted. Am I alone in having this issue as well?

@prologic@twtxt.net Yes very very strange! I truly don’t know where to start on that one 🤣 Must be one of those really weird edge cases. Thanks for your help on this, I can at least post normally now.👌

I’ll check logging in etc tomorrow, time for bed lol 😴

@prologic@twtxt.net It’s weird though cos I could reproduce it on any of my browsers on either my laptop or phone 🤔

@prologic@twtxt.net Firefox 126.0.1 is my primary

@prologic@twtxt.net Fix works!

@prologic@twtxt.net Woops my blockquote got mangled but you get the gist haha

@prologic@twtxt.net I was wondering if my reverse proxy could cause something but it’s pretty standard…

server {

    listen 80;
    server_name we.loveprivacy.club;

    location / {
            return 301 https://$host$request_uri;
            <a href="https://txt.sour.is/search?q=%23proxy_pass">#proxy_pass</a> http://127.0.0.1:8000;
    }

}
server {

    listen 443 ssl http2;
    server_name we.loveprivacy.club;

    ssl_certificate /etc/letsencrypt/live/we.loveprivacy.club/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/we.loveprivacy.club/privkey.pem;

    client_max_body_size 8M;

    location / {
            proxy_pass http://127.0.0.1:8000;
    }

}

@prologic@twtxt.net Firefox but it happens on Brave and Chromium on my laptop, or any browser (Brave, Chromium, Vanadium) I try on my Android phone.

@prologic@twtxt.net Sorry, my messages don’t get included in the current convo unless I tag you. Guess something gets lossed in translation with this weird posting issue. ANYWAY, it is rather perplexing. Clearly only an issue on my Pod, but what could the source of it be 🤔

@prologic@twtxt.net Okay lemme see

@prologic@twtxt.net Yeah realised I hit the character limit lol

@prologic@twtxt.net The login issue I cant yet narrow down as to when it happens as sometimes I login fine. But it gives off a 401 forbidden error. Anyway I’ve been focusing on the posting error as I figured it must be related. Registering and logging in as a new user works every time, which is weird.

@bender@we.loveprivacy.club hmm you may be right…

@prologic@twtxt.net Correct… epic fail 🤣 Been a long day and I just wasn’t thinking, nor backing up properly. Oops indeed. My usual errors still exist though.

@prologic@twtxt.net Righteo, so rookie error - I obviously had some untracked, rather important files for starting my pod and I ran a make clean. Why I originally had them in the git directory is anyone’s guess. Anyway it blew away those files including the database so that’s that. So your good self and @bender@twtxt.net etc - apologies but your profiles got nuked as well (as did my own but easily recreated).

Another thing I noticed which was the reason I ran make clean in the first place. I noticed my pod was being built with Go 1.22.4. Could this be a problem @prologic? preflight.sh actually errors out about it…

@bender@twtxt.net Hmmmm I’m not sure about this… 🧐 Does anyone have any other opinions that know this web/session security better than me?

@prologic@twtxt.net on the the timeline with mentions filter I missing the latest mention that comes up in the mentions page.

Oh.. And you are mentioning my dev instance here 😄

@prologic@twtxt.net on the the timeline with mentions filter I missing the latest mention that comes up in the mentions page.

Oh.. And you are mentioning my dev instance here 😄

@prologic@twtxt.net how do i enable htmx? i built latest main