muntedcrocodile

@muntedcrocodile@lemmy.world

• ⁨Comment⁩ on ⁨How to setup searxng with traefik or nginx and cloudflare⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  How are u running it? Bare metal? Docker?

  So nginx, traffic, and cloudflare are both reverse proxies that can do SSL termination. Now cloudflare hijacks all SSL connection it proxies (essentially a mitm) and has configuration for if u would like SSL connection from cloudflare to ur own server.

  All reverse proxies pass along headers to backend services indicating all sorts of things most importantly the remote client IP, and info about if the service is behind an ssl proxy.

  I use client -> cloudflare -> nginx -> my services. The client makes an encrypted pipe between itself and cloudflare, cloudflare then terminates SSL does some scanning on the raw unencrypted packet makes an encrypted connection to nginx and attaches headers about the client. I have a SSL cert on my server where nginx does SSL termination of the cloudflare connection. Nginx then attaches more headers and does routing to passes it back to a backend service ie searxng (the service itself) the docker compose for searxng comes with a packaged traffic reverse proxie its not necessary here and will in fact cause all sorts of problems.

  Here is the service in my docker compose for searxng:

  searxng:
      container_name: searxng
      image: docker.io/searxng/searxng:latest
      restart: unless-stopped
      networks:
        - local_bridge
        - proxy
      volumes:
        - ./data/searxng:/etc/searxng
      environment:
        - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
        - SEARXNG_SECRET=${SEARXNG_SECRET}
      cap_drop:
        - ALL
      cap_add:
        - CHOWN
        - SETGID
        - SETUID
  

  Here is the docker compose for my nginx config

    certbot:
      image: certbot/dns-cloudflare
      # Command to obtain certificates (run once manually or integrate with a web server's startup)
      # Replace 'yourdomain.com' and '*.yourdomain.com' with your actual domain(s)
      volumes:
        - ./data/certbot/conf:/etc/letsencrypt
        - ./data/certbot/www:/var/www/certbot # A dummy webroot, not strictly necessary for DNS challenge but good practice
        - ./data/certbot/secrets:/etc/letsencrypt/secrets:ro # Mount secrets read-only
      command: certonly
        --dns-cloudflare
        --dns-cloudflare-credentials /etc/letsencrypt/secrets/cloudflare.ini
        --non-interactive
        --agree-tos
        --email ${LETS_ENCRYPT_EMAIL}
        --dns-cloudflare-propagation-seconds 60
        -d example.com
        -d *.example.com
      environment:
        - TERM=xterm # Required for certbot to run in non-interactive mode gracefully
  
    nginx:
      image: nginx:latest
      container_name: nginx
      restart: unless-stopped
      ports:
        - "80:80"
        - "443:443"
      volumes:
        - ./data/nginx/cache:/var/cache
  
        - ./data/certbot/conf:/etc/letsencrypt
        - ./data/nginx.conf:/etc/nginx/nginx.conf
        
        - ./data/sites-enabled:/etc/nginx/sites-enabled
        - ./data/sites-available:/etc/nginx/sites-available
        - ./data/snippets:/config/nginx/snippets
        - ./data/www:/var/www/html
  
      depends_on:
        - certbot
      extra_hosts:
        - "example.com:127.0.0.1"
        - "*.example.com:127.0.0.1"
  

  I use certbot to issue SSL certs for my domain locally this is the cert that do SSL connection between nginx and cloudflare.

  Then nginx can route connection to the searxng instance (ur gonna need a bunch of nginx config and I couldn’t be bothered copy pasting that when an LLM can gen that it can probably gen all this tbh).

  Also how u doing auth for searxng? Cos if ur opening it to the internet as a whole u might end up with lots of traffic from randos.

• ⁨Comment⁩ on ⁨oi mates wtf is going on over there⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  It has nothing to do with electricity. It actually has everything to do with the unites states, the CIA, and a country it is now illegal for me to criticise.

  Essentially Ukraine surrendered their nuclear weapons and received a treaty from Russia, UK, and USA all promising to Ukraine it would be protected by their nuclear umbrella.

  Well Russia invaded Ukraine. Ukraine called the Wests bluff and thus got military backing under the gambit that if the treaty is broken by someone other than themselves they are all well good and free to go make nukes and not be in violation of said treaty thus forcing the west to give them military backing else risk a nuclear rearmed Ukraine (if Kyiv falls to Russia they are gonna take Moscow with them)

  Then Donald Trump cut em off and now they are being slowly crushed by the Russia meatgrinder.

  Australia has “assurances” that we will be backed by the united states up to and including US solders and deployment of US nuclear weapons. Ukraine his proven that these “assurances” are a load of shit. Also we are essentially a vassal state of the US. The CIA couped us cos our prime minister threatened to not renew the lease for pine gap (a US military base on Australian soil). He wanted to impose a clause where the Australia government could inspect said base to ensure no war crime where happening (we have since learned that war crimes where almost certainly happening). The unites states military base which proxed every single drone used by the unites states in every war in the middle east. And the rely station used by redacted nation as part of their intelligence sharing agreement used for guiding missiles.

  The assurances we where given are very similar to those that where given to Ukraine and thus the Australian defence force has realised we need nukes to ensure our sovereignty is maintained if the unites states stops backing us or becomes actively hostile to us.

  Technologically the tech and expertise for nuclear reactors are highly applicable for the manufacture of nuclear weapons. Defence has advised the government that we need nuclear reactors so we can make nuclear weapons and remove the blanket nuclear ban (the ban that doesn’t apply to the unites states base on ur soil that they couped our government to keep, commit war crimes at, and most likely hold some of the units states nuclear arsenal itself thus making Australia a target if anyone wants to nuke the unites states).

  Ohh and also the politicians got given a shitonne of money from the fossil fuel mogals who want to delay renewables. The fossil fuel mogals that wouldn’t exist if the government hadn’t been couped while in the process of nationalising all of Australia’s resources thus robbing every single Australian citizen of $130,000 USD

  tldr it’s the unites states fault.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  Did can be served by your own server as just a json blob or federated between multiple identity servers or on the blockchain. A did is did:source:publickey and their are multiple different sources u can use.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  Someone claimed it contained hallucinations. I read through the entire thing as well as doing all the research and understanding of the concept being talked about. If someone is claiming that their are issues I expect them to be able to prove that. I’m not asking for a fact checker I’m asking for someone to provide evidence of the thing they verbatim claimed. If u wanna tell me that my research showing the sky is blue is wrong I would appreciate u pointing out my error otherwise ur just making baseless claims.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  That’s exactly what I did. Its essentially a translater from 3 pages of dotpoints and notes that would be incoherent to anyone but myself to normal English.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  Did also allows portable identity so ur home instance is whatever instance u feel like. Did has been tested and proven reliable its in use by lots of different applications.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  Its both. It can we a json file served from some webserver. It can be a peer hosted thing where a bunch of instances host it on your behalf. It can be something that exists on your designated identity server. It can be a transaction on a blockchain. And as long as the software knows how to resolve it they all work.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  So Activpub needs an actor with an I box and outbox to send a receive content. A did is a virtual actor that reroutes to a real actor a collates across real actors. Ideally can send an activity to a did which is resolved to the current home instance. And the did stores ur profile picture a public key display names bio etc etc. U could use pgp as the key in the did if the devs want to support it as a cryptography protocol.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  I did the research I looked at many different way to get the desired solution. I learned how ATProto works i looked into other services with did got an llm to put those ideas in the required format for the issue. Can you please point out the hallucinations in the issue so i can go and fix them

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  I did put effort into it I just got an LLM to write it. I’ll see what the devs say and might make an rfc if needed.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  Yeah that’s critical without it everything would break

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  what by having all users exist on a centralised server? That sounds like vendor lock in which is exactly what federation was trying to avoid.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  Due to how the fediverse works if users can be given a did so can a community. It would only migrate for services that support did but wouldn’t be all to different.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  DID already exist they are a Decentralised IDentiy (DID) it is a keypair and user data so usernames, profile, bio, and a list of accounts across different instance that allows associating post comments likes etc.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  im lazy i used llm to write issue and post.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  That’s essentially how ATProto does it and they publish other instance actors under “also known as” in the did. that’s essentially what im proposing.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  i didn’t name it that’s what its called.

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  we add a did to objects and keep the id the same. supporting platforms will use did old ones will carry on using id.

  did is what ATProto uses this is a step in that direction

• ⁨Comment⁩ on ⁨Implementing Portable User Identities with DIDs⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:

  No thats the whole point of a DID. Its an existing standard that has been established to manage decentralised identity. Their exists multiple ways to handle it so a did is did:source:id where the source can be many different things blue-sky uses a group of trusted identity server, but u can use a selhosted file, the blocckchain all sorts of things

• Implementing Portable User Identities with DIDsgithub.com ↗
  Submitted ⁨⁨4⁩ ⁨months⁩ ago⁩ to ⁨fediverse@lemmy.world⁩ | ⁨55⁩ ⁨comments⁩
• ⁨Comment⁩ on ⁨Seems .world and .ee federation are broken⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  Yeah but u cant see this comment from my .ee account

• ⁨Comment⁩ on ⁨Seems .world and .ee federation are broken⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  Nar its lagging now. Ps Can only see this cos im on a .world alt

• ⁨Comment⁩ on ⁨Any peertube based podcasts on the fediverse?⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  All of the above

• Any peertube based podcasts on the fediverse?
  Submitted ⁨⁨1⁩ ⁨year⁩ ago⁩ to ⁨fediverse@lemmy.world⁩ | ⁨6⁩ ⁨comments⁩
• ⁨Comment⁩ on ⁨I don't want to call Twitter X out of spite, but calling the travesty that is X Twitter is an insult to the people that made Twitter what it was.⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  Twitter was no better than x lol

• ⁨Comment⁩ on ⁨Loops by Pixelfed • Launching in a week⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  Well peertube is struggling already so thats a valid question. Idk if they using peertube style bitorrent video delivery that might help offload the cost a little.

• ⁨Comment⁩ on ⁨"Skip ad's" YouTube and "Skip Intro" on Netflix take the same amount of effort but I only hate the former.⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  The frustration i feel when someone is trying to show me something and im sitting there ads rolling so i tell em i can install an ad block for em before the ad finishes and they so no its fine.

• ⁨Comment⁩ on ⁨Juno for YouTube has been removed from the App Store⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  Its not big tech unless they are abusing a monopoly.

• ⁨Comment⁩ on ⁨Authorities hack cryptocurrency seed phrase⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  I wrote a script to generate seed phrases and look up if that derived into a key with any value. Then did the maths on how impossible that is and decided to stop.

• ⁨Comment⁩ on ⁨"Skip ad's" YouTube and "Skip Intro" on Netflix take the same amount of effort but I only hate the former.⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  U guys see ads online?