@kat@yarn.girlonthemoon.xyz @bender@twtxt.net We’ve used pgloader at work to migrate an old legacy application from MySQL to PostgreSQL. Their website says it also works with SQLite. 🤔
… and then there’s SVED from SvarDOS at 6035 bytes. Oh, dear!
Good thing is, SVED is free software:
@kat@yarn.girlonthemoon.xyz I think it is kind of impossible to switch from sqlite to Postgres. I have run GtS on sqlite from get go, no issues. Granted, single user instance, but still…
my fucking second drive for plex isn’t auto mounting with fstab on reboot for some reason and i keep accidentally discovering this it’s super annoying
@kay@yarn.girlonthemoon.xyz “when it rains, it pours!” :-D
@kat@yarn.girlonthemoon.xyz wow, thanks for sharing that guide! I have now used it on my better tuned instance. Woot!
i need to try htmx out
guys i might be getting a framework laptop from my aunt i’m freaking out
i’m pretty sure i’m running this all off sqlite so if i get too many users on here i might be cooked but oh well i can always try to migrate (<– has heard migrations from sqlite to mysql/postgres are hell)
“we are invading the humble twtxt/yarn network”
LOL. @prologic@twtxt.net loves it. He wants it to grow a little. He told me. More than once!
getting my friends to join here is so fun. we are invading the humble twtxt/yarn network
IT’S SNOWING BTW IT’S SO PRETTY OUT
@kat@yarn.girlonthemoon.xyz i’m reading this and i already have a gts server that i could secure with this but i’m thinking it’d be best for most of my public sites https://ovelny.sh/blog/a-complete-guide-for-your-gotosocial-server/
hmmm i really should set up crowdsec and maybe a WAF like coraza or something. i don’t look at my logs as much as i should because they scare me and ignorance is bliss but i should probably cut out as much false traffic as possible especially to my biggest site (superlove)
morning friends (it is 1pm here)
@eapl@eapl.me same here. There are many “doctors”, and “professors” named Don Abel. None of them are showing as having said, or written that quote.
Hmm, yeah, I am doing something wrong. Same is happening with any site to which I apply the this.
Is there a reason you forked this from mholt? What was added, or changed? Your “Initial commit” throws an error.
nice! would you mind elaborating a bit?
Is that the scientific method?
I couldn’t find anything related when I searched for it.
On a test I ran, with a static site that is a PWA, like this:
example.com {
root * /web/example.com
route / {
rate_limit {path} 20r/m
file_server
}
}
It works (as limiting rate), but when rate isn’t reached, the page doesn’t render. Not sure what could be going on.
@movq@www.uninformativ.de Sounds about right. :-D It’s now calm again.
Always noise, whichever way you loo^Whear at it. :-(
@movq@www.uninformativ.de This video never gets old! :-) Now I ended up on https://brendangregg.com/specials.html#rshutdown and laughing my ass off. :-D
No more stupid little DDoS(s) from fucking China now 🤣
Note for reference I was trying to write and fix this rule (fixed version below):
# Ignore Content-Type restrictions for Git
SecRule REQUEST_HEADERS:Host "@streq git.mills.io" "id:101,phase:1,t:none,nolog,ctl:ruleRemoveById=920420"
Notably the custom operator @lookupASN
I’ll try to add a README for caddy-waf soon™ (going back to bed now) at least document the customizations I’ve made to this WAF (which I forked from caddy-coraza)
This is how I build my caddy:
proxy-1:~# cat build.caddy.sh
#!/bin/sh
xcaddy build \
--with github.com/caddy-dns/cloudflare \
--with github.com/caddyserver/cache-handler \
--with git.mills.io/prologic/caddy-ratelimit \
--with git.mills.io/prologic/caddy-waf
proxy-1:~#
Ahh fuck! Sorry I was fixing a rule 🤣 This is much better!
proxy-1:~# grep -c 'Bad ASN' /var/log/caddy/caddy.log
2441
So this should build caddy with both modules:
$ xcaddy build --with git.mills.io/prologic/caddy-ratelimit --with git.mills.io/prologic/caddy-waf
Right?
@lyse@lyse.isobeef.org The west. Nasty wind is always coming from the bloody west. (My apartment is facing the west and so I get to enjoy all the storms. 😂)
Good weather/wind comes from the east. (Which makes all the planes approach from the west again and so I get to enjoy their noise. 😂😂)
@movq@www.uninformativ.de hahahahaha! I see. Of course, better be safe than… well, you know it. :-)
Meh, I hit an import cycle while writing tests. Now I have to relocate some code. What do we conclude from that: don’t write tests. ;-)
The rate-limit one too (https://git.mills.io/prologic/caddy-ratelimit), for sure! Would the caddy-waf be:
$ xcaddy build --with git.mills.io/prologic/caddy-waf
Yes? Still, the README for a configuration example would be awesome!
@prologic@twtxt.net cool! Looking forward to the README for https://git.mills.io/prologic/caddy-waf! :-) I will probably build that module on my Caddy!
Where is all this wind suddenly coming from?
@bender@twtxt.net Yes they are rather large 🤣 Here you go:
proxy-1:~# cat /etc/caddy/waf/bad_asns.txt
# CHINANET-BACKBONE No.31,Jin-rong Street, CN
# Why: DDoS
4134
# CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN
# Why: DDoS
4837
# CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN
# Why: DDoS
9808
# FACEBOOK, US
# Why: Bad Bots
32934
proxy-1:~#
@prologic@twtxt.net can you give me an example of one ASN you have blocked? First time I heard of ASNs but, furthermore, blocking ASNs. It seems like they are huge blocks!
An autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain, that presents a common and clearly defined routing policy to the Internet.[1][1=] Each AS is assigned an autonomous system number (ASN), for use in Border Gateway Protocol (BGP) routing. Autonomous System Numbers are assigned to Local Internet Registries (LIRs) and end-user organizations by their respective Regional Internet Registries (RIRs), which in turn receive blocks of ASNs for reassignment from the Internet Assigned Numbers Authority (IANA). The IANA also maintains a registry of ASNs which are reserved for private use (and should therefore not be announced to the global Internet).
@bender@twtxt.net Maybe, I don’t want to risk anything, though, and I can’t get this video out of my head: https://www.youtube.com/watch?v=tDacjrSCeq4 😅 (My main machine runs on an SSD, the HDDs are just for additional data like my software archive, music, …)
@prologic@twtxt.net what’s ASN again?
Nouvel article pour les anxieux comme moi : Sac d’urgence. https://si3t.ch/log/2025-01-06-sac-d-urgence.txt
"twtxtfeevalidator/0.0.1" UA about? I thought I could ask before throwing a 1000GB file at it 🪤 could it be the same 'xt' thing @lyse was talking about the other day?
@aelaraji@aelaraji.com Thank you very much, glad you like it. :-) I always try to make web pages use as much semantic tags as possible and keep the HTML very simple, so that they also have a chance to look decent in terminal browsers. The logo took me a few hours to draw in all its three sizes.
I just solved my issue with noise in my headphone. Thank you public archives! So smooth now :) https://www.mail-archive.com/misc@openbsd.org/msg182180.html
Cool! 😎 So I can now block ASN(s) 🤣 (And I bet no-one noticed anything)
@kat@yarn.girlonthemoon.xyz I love blue 🤣
@aelaraji@aelaraji.com Still in my cache 🤣
@aelaraji@aelaraji.com Bahahaha, you know where the default theme lives 🤣 PRs welcome!
@xuu@txt.sour.is ROFLMAO! 🤣 reading that, the Tech bro sounded in my mind like Cow from Cow and Chicken
@bender@twtxt.net @movq@www.uninformativ.de I appreciate you! and don’t you worry about it, if 2025 doesn’t behave itself we Will make it! 🦾 (now I know the real meaning behind the expression of Making it)
I was looking for an #mpd/#rofi script and stumbled upon this repo adi1090x/rofi, it is just 🤤 DELICIOUS! … and a great reference/kick starter for making my own.