Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

250
active users

shakedown.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#proxy

0 posts0 participants0 posts today
Public
Third spruce tree on the left

Oh snap! `YARR - Yet Another RSS Reader` has a new version and I missed it in March!
github.com/nkanaev/yarr/releas
YARR is like Feedly or NewsBlur, except more like TinyRSS or FreshRSS - you can self-host.

UNLIKE those, you can tell yarr to run at `<ip:port>`, so you can stick it at port 7666 for your reverse #proxy. And its lightweight, I run my own AND 3 other instances for fam. members on the same host accessed via different subdomains re-proxied by #nginx.

- (new) Fever API support (thanks to @icefed) - (new) editable feed link (thanks to @adaszko) - (new) switch to feed by clicking the title in the article page (thanks to @tarasglek for suggestion) ...
GitHubRelease v2.5 · nkanaev/yarr- (new) Fever API support (thanks to @icefed) - (new) editable feed link (thanks to @adaszko) - (new) switch to feed by clicking the title in the article page (thanks to @tarasglek for suggestion) ...
#rss#smolweb#selfhosted
Public
aaron ~# :blinkingcursor:

My homelab got it's final touches. I finally removed #Nextcloud and switched completely to #Stalwart, i added automatic #database backups using #cronjobs for all my #databases, i've set up most of my publicly exposed services to run behind the #cloudflare #proxy, improved the directory structure for my #docker #containers, and finally set up pihole as the #dns server on my router. This feels so good.

#homelab#homeserver#selfhosting
Public *
Louis

Cloudflare or not Cloudflare? I have to confess I've been using it for a while, and while I do enjoy its multiple benefits (proxy, WAF, DNS management, security rules, automatic email obfuscation...), I dont like the idea of transmitting all the data through a 3rd party, especially based in the USA.

Mastodon tech people, I summon you!

What are your thoughts?
Do you use Cloudflare?
Or is it a non negociable no to you?
Have you tried European based solutions like Bunny.net?
Do you just live without such tools?

I'm interested in hearing your thoughts!
Boosts appreciated :boost_request:

#cloudflare#dataprivacy#proxy
Replied in thread
Public
Kevin Karhan :verified:

@nixCraft actually this screams "#GDPR & #BDSG violation" so loudly that even demanding #PII and espechally an #ID should get them sued by @noybeu and @Bundesverband ....

  • Cuz "#OpenAI" has neither "legitimate interest" nor a mandate to even demand to see an ID, much less to store and process it!

This isn't like a contractual agreement or some finance where one could argue "#KYC" is warranted "to combat #fraud"...

  • The only thing worse I've seen is some obscure company that brokers #bandwith with a hidden #proxy feature in #apps...
#bandwith#proxy#apps
Public
Third spruce tree on the left

did a thing!

Big problem in #selfhosting is making sure you've set things up right: #dns resolution, #ports, rev/ #proxy. _Sometimes_ its helpful to query _from the outside_ of your local network.

`canuseeme` - a single binary #webservice that will query the URI you give it and see if its reachable by randos/services on the internet. A bit like a #webproxy, but can exercise it programmatically, and not limited to HTTP/S ports.

github.com/tezoatlipoca/canuse

GitHubGitHub - tezoatlipoca/canuseeme: CanUSeeMe - a self-hosted auto-responder for remote self-testing local endpoints/websites.CanUSeeMe - a self-hosted auto-responder for remote self-testing local endpoints/websites. - tezoatlipoca/canuseeme
#selfhosted
Continued thread
Public *
Kevin Karhan :verified:

@torproject same with #obfs4 bridges: there is no option to say like ports=80,443 or similar, which makes it cumbersome to get said bridges.

And trying to get places to #DontBlockTor that criminalize the use of #Tor is foolish at best.

Contabo ToS Section 9.4: " (4) The Provider is entitled to immediately block any webspace packages and servers that are being used to operate the “TOR” service, insofar as the Provider has become aware that the server or package is being used unlawfully. "
#Germany#hosters#tos
Replied in thread
Public *
Kevin Karhan :verified:

@tauon Also what goid is an encryption like @signalapp is you don't have #SelfCustody of all the keys?

  • Shure you could disable encryption but @monocles shows you when it's active and when not and comes with sensible defaults like having #OMEMO active per default...

I can setup over a dozen #TechIlliterates 1:1 with #XMPP accounts and #monoclesChat & @gajim / #gajim in the time it takes me to get a #nonKYC #eSIM from overseas with a phone number as mandated by @signalapp and maintaining that number for #Signal will easily cost like $2,50 p.m. at minimum.

  • Whereas a Data-only eSIM is way faster and cheaper to get and maintain.

In fact even legitimately acquiring and registering a #Prepaid #SIM in-store in #Germany takes longer than setting up #Fdroid & monocles chat & a XMPP account whilst on throttled #EDGEland speeds...

possum.city/notes/a3rt4nzbn11z

Possum City🌸 lily 🏳️‍⚧️ :flag_pansexual: :flag_ace: θΔ ⋐ & ∞ (@tauon)@kkarhan@infosec.space > centralised tbh i agree, i don't like that signal is centralised, but that isn't insecure, it's just an anti-feature > proprietary no it isn't, every element of signal is open source > subject to cloud act what is that? are you talking about subpoenaing of information? they legally have to do that anyway, and can't give anything except for the account creation date and the date that the account was last accessed > collects pii like phone numbers i'm pretty sure they don't signal is more secure than anything you've mentioned because on signal, encryption is not optional. any service where encryption is optional is not secure. RE: @tauon@possum.city no, it is not because it is a #Centralized, #proprietary, #SingleVendor & #SingleProvider solution subject to #CloudAct that collects #PII like #PhoneNumbers, which makes it inherently less secure, as they are able and willing to restrict access as they please. RE: ...
Replied in thread
Public *
Kevin Karhan :verified:

@wmd @miqokin I've yet to find a nation that criminalizes @torproject but not #VPN|s that facilitate the same...

  • Also commercial VPN providers are relatively easy to detect, filter & block unless they support #SSH-Tunneling.

Whereas #Tor has multiple ways to circumvent #InternetCensorship, includibg multiple #proxy & 9bfuscation systems like #obfs4, #meek, #webtunnel and regular #TorBridges on included, public query-able amd private lists...

chaos.social🌈☔🌦️🍄 (@wmd@chaos.social)@kkarhan@infosec.space @miqokin@denden.world sorry a single line, sourcing a single bold claim linking to a wall of (us) legalese isn't a very useful means of communication. VPNs have functions outside of geoblocking. In many countries not logging isn't illegal (logging and not providing logs is a different story). Tor would be illegal otherwise. Torrenting is one reason, laws and enforcement changes a lot from country to country. Requiring international cooperation is another, making things more complicated. (1/2)
Replied in thread
Public
Kevin Karhan :verified:

@bagder Problem with that is (besides occasional bugfixes), most people including myself would see #curl to be functionally complete and anything "nice to have" would be considered not worth the balooning in #complexity and #size.

  • I mean, does curl need to be able to do #BitTorrent (magnet:), #IPFS (ipfs://) or god forbid #blockchain (i.e. #EVM) support?

  • Do you really want to integrate @torproject / #Tor support natively into curl when using #HTTP (localhost:8118) and #SOCKS5 (localhost:9050) #proxy allows for the same and doesn't necessitate having to handle and ingest Tor arguments as well??

In fact if #toybox didn't have a #wget implementation that I could use for OS/1337 I would've merely chosen tiny-curl -o as a global alias or if #tinycurl wasn't an option, curl -o instead.

  • Maybe someone who wants to have said functionality like tor support built-in will go and IDK make i.e. #neocurl or sth. along those lines or build something like #ethcurl or #torcurlor #ipfscurl or whatever...

That being said I am glad curl isn't solely maintained by you but has other contributors (give them a shoutout!) but I also am glad you maintain that vital software that most "#TechIlliterate #Normies" most likely never heard of but propably use on a daily basis as part of all the #tech they use to #consume media with...

  • I consider curl to be "the #vim of downloaders" (tho that's kinda insulting and limiting since curl is more than just a downloader and more intuitive than vim) with wget being "the #vi of downloaders" (tho wget is even simpler to use than vi)...

Either way, curl is awesome...

curl.securl
#neocurl#ethcurl#torcurl
Public
Kevin Karhan :verified:

#WhatsMissing:

A modern competitor to #OperaMini with:

Why?

OFC since #Opera #Mini needs a trustworthy proxy backend any "#clone" would need an #OpenSource'd & #SelfHosting-capable #backend (similar to @ActionRetro 's #FrogFind .com as it breaks #E2EE.

Needless to say it would be a godsent for anyone stuck on #EDGEland and slower speeds (i.e. #SATCOM like #Iridium)...

  • Sadly building a #browser is thousandsfold harder than building a Linux #distro...
en.wikipedia.orgOpera Mini - Wikipedia
#browser#distro
Public
George E. (he/him/his)

For the love of god if you're trying to convince your employer or an organization to "come over" to the #Fediverse, do NOT under any circumstances suggest that they set up a #Mastodon #instance!

Mastodon is the ONLY Fediverse platform that ... by default ... forces #server #admins to #cache, #copy, and #proxy all #media that passes through its server. This means that not only are server admins paying to host the media their users #upload, but they have to pay to host the media everyone else on the fucking fediverse uploads as well.

Other platforms offer this feature, but Mastodon is the only one that has this turned on by default.

This results in Mastodon server admins having to shell out thousands of dollars each month in #S3 hosting costs for no reason whatsoever.

There are much better alternative instance platforms than Mastodon.

#media
ExploreLive feeds
About