"Bugs, Mr. Rico. Zillions of em!" Hughes, p. 248; reporting on…
Written by Simone
"Bugs, Mr. Rico. Zillions of em!"
- Hughes, p. 248; reporting on a bug assault to LT Juan Rico on Planet P.
Late March News
Written by Simone
Hello!
Last "real" post was about 2 months ago.. I got busy with stuff at home but also made a lot of adjustments here and there at @wpn. Let me list the most important ones:
- Set up shell and email users' homes backup: archives are still stored on the VPS for the time being, till when I'll find another proper backup location.
- Cleaned up
/var/www/and nginx virtualhosts; also removed "Shaarli", since I wasn't really using it anymore. - Added a new board on the main site for BitTorrent, reachable here: https://woodpeckersnest.space/board/torrents
- Upgraded XMPP Prosody server to 13.0.0 and isolated anon webchat even more, so that those users won't be able to connect to Biboumi IRC gateway.
- Upgraded all #slixmpp powered bots to 1.10, released only yesterday
- Formatted (again) the 2 pdf files regarding @wpn's Term of Use and Privacy Notice (no rules updates though)
I think that's about it.. probably 😀 I'm definitely forgetting something.
Some other news: a few new users joined XMPP and more than a few logged in our Movim COMMutiny pod. Welcome Aboard everyone! Be Nice!!
I'm keeping the pod up-to-date as much as I can (it's running on master branch), but that also mean I have to restart it sometimes; I will try to do that only during weekends from now on.. promise.
And now I'd better get going again.. See you soon!
Scheduled Maintenance
Written by Simone
😎
Notes
Written by Simone
I'll update this post whenever I see fits, A.K.A. when I have other bits of information which don't require a whole post.
Operations on files and directories
Move files to the current/parent directory in Linux
Current dir
find . -type f -exec mv {} . \;
Parent dir
find . -type f -exec mv {} .. \;
Recursive chmod on files and dirs
To change all the directories to 755 (-rwxr-xr-x):
find /var/www/blog -type d -exec chmod 755 {} \;
To change all the files to 644 (-rw-r--r--):
find /var/www/blog -type f -exec chmod 644 {} \;
Certbot
Certbot cli
/etc/letsencrypt/cli.ini
When renewing, use the same private key as the existing certificate. (default: False):
reuse-key = True
Common commands
Register single domain:
certbot certonly --standalone -d domain.tld --dry-run
- Remove “–dry-run” when ok.
Renew single domain:
certbot renew --cert-name domain.tld --dry-run
- Remove “–dry-run” when ok.
Delete single domain:
certbot delete --cert-name domain.tld
- Cannot use "--dry-run" in this case.
Revoke certificate:
certbot revoke --cert-path /etc/letsencrypt/archive/${YOUR_DOMAIN}/cert1.pem
Check certificate's expiry date:
cat /etc/letsencrypt/live/domain.tld/cert.pem | openssl x509 -noout -enddate
GIT
To reset your git repository to given commit id, do:
git reset --hard <commit-id>
git push origin master --force
Ignoring files that are already tracked
git update-index --assume-unchanged <your file here>
Delta Chat Mail sieve
require ["fileinto"];
# rule:[DeltaChat]
if header :contains "Chat-Version" "1.0"
{
fileinto "DeltaChat";
stop;
}
Postfix mail queue
To view postfix mail queue in case of problems and remove a particular message from it, do as follows:
# mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
6DCF32201B* 4824 Thu Oct 19 22:54:44 roughnecks@woodpeckersnest.eu
debian@spacenet.it
-- 4 Kbytes in 1 Request.
# postsuper -d 6DCF32201B
postsuper: 6DCF32201B: removed
postsuper: Deleted: 1 message
To delete all emails in the queue, use this command:
# postsuper -d ALL
Check Preferred Outgoing IP (when multiple are set on <interface>)
curl ifconfig.me
The correct command to add a new Linux user (in this case without a shell)
adduser --shell /usr/sbin/nologin <username>
I always forget which command is the complete one, useradd or adduser
Packages management with apt and aptitude
Finding currently installed "external" packages (not from stable repo)
# aptitude search "?narrow(?installed,?not(?archive(stable)))"
i containerd.io - An open and reliable container runtime
i docker-buildx-plugin - Docker Buildx cli plugin.
i docker-ce - Docker: the open-source application container engine
i docker-ce-cli - Docker CLI: the open-source application container engine
i A docker-ce-rootless-extras - Rootless support for Docker.
i docker-compose-plugin - Docker Compose (V2) plugin for the Docker CLI.
In the above example, "i" means installed and "A" means it was automatically installed, such as a dependency. I'm running upstream docker.
This is another package that I have installed from sid and set on "hold":
# apt-cache policy toot
toot:
Installed: 0.45.0-1
Candidate: 0.45.0-1
Version table:
*** 0.45.0-1 100
100 /var/lib/dpkg/status
0.34.1-1 500
500 http://deb.debian.org/debian bookworm/main amd64 Packages
500 http://deb.debian.org/debian bookworm/main i386 Packages
bookworm version of toot is rather old, as you can see.
More stickers.. and pins!!
Written by Simone
An XMPP pin and sticker on my desktop PC, kindly sent by "emus", from XFS Communications Team.
Thanks ❤
Busy Days, Exciting Progress
Written by Simone
Busy Days, Exciting Progress 🚀
It’s been a couple working months, busy and sometimes hard but in the best way possible!
For starters, today the "GD" website went officially online, after we completed its migration from ZOPE to Wordpress and I couldn't be happier 😉
Another thrilling update is with COMMutiny, our social network project. The converse.js anonymous chat, originally set up for @wpn’s support room, has now found its own space within COMMutiny. This is a big step forward, and we’re inviting everyone interested in #XMPP, gaming, and social networks to join the conversation, anonymously or not.
On top of that, we’ve launched a brand-new freelance website, powered by Hugo. It’s sleek, fast, and everything we hoped it would be — hooray for #Hugo!
If you’re passionate about decentralized communication, gaming communities, or just want to connect with like-minded folks, we’d love to see you in COMMutiny! See you soon 👋
Anonymous (Support) WebChat
Written by Simone
Happy 2025!
This new year brought a change in our webchat, which is now fully anonymous and auto-connecting to @wpn support room.
https://xmpp.woodpeckersnest.space/conversejs
I thought the anon support room could be better used by people "interested in/wanting to ask questions about" XMPP and @wpn services, without the need to register an account.
You can still join other local MUCs when in the anon chat, but external, server to server (S2S) connections are denied for anon users, as I mentioned in a previous post. Feel free to test it out and send feedback about your experience.
For the future months, maybe another rather-big change will happen, as I foresee troubles in upgrading Homarr to its new milestone release. Homarr is what @wpn currently uses as its homepage; despite the fact that I quite like it, I'm not sure I want to embark in a complete overhaul, since I already tried importing configuration to the alpha release and it was a major disaster 😟
Wishing You all the best for this New Year! Stay safe!
prosodyctl commands and examples
Written by Simone
prosodyctl shell
Launch the shell:
# prosodyctl shell
Delete pubsub node (the ">" sign at the beginning is important and also dangerous, as it lets you do anything!):
>prosody.hosts["pubsub.example.tld"].modules.pubsub.service:delete("blog", true)
Delete ALL pubsub nodes
>local service = prosody.hosts["pubsub.example.tld"].modules.pubsub.service; for node in pairs(select(2, assert(service:get_nodes(true)))) do service:delete(node, true); end
Check subscription by user:
>prosody.hosts["pubsub.example.tld"].modules.pubsub.service.subscriptions["user@example.tld"]
Change affiliation on pubsub nodes (make user owner):
>prosody.hosts["pubsub.example.tld"].modules.pubsub.service:set_affiliation("blog",true,"user@example.tld","owner")
Unsubscribe from node
>prosody.hosts["pubsub.example.tld"].modules.pubsub.service:remove_subscription("blog",true,"user@example.tld")
Subscribe to node
>prosody.hosts["pubsub.example.tld"].modules.pubsub.service:add_subscription("blog",true,"user@example.tld")
prosodyctl commands
Asking for help:
# prosodyctl shell help
# prosodyctl shell 'help SECTION'
Show all listening ports:
# prosodyctl shell port list
Show all http endpoints:
# prosodyctl shell http list
List registered users:
# prosodyctl shell user list example.tld
List existing MUCs:
# prosodyctl shell muc list [component name]
List connected clients:
# prosodyctl shell c2s show
Activate a component:
# prosodyctl shell host activate some.component.example.tld
Generate Invites: create a new invite using an ad-hoc command in an XMPP client connected to your admin account, or use the command line:
# prosodyctl mod_invites generate example.tld
Reset forgot passsword: "doesn't seem to work - see below"
# prosodyctl mod_invites generate example.tld --reset <USERNAME>
Automatic Certificates Import: prosodyctl has the ability to import and activate certificates in one command:
# prosodyctl --root cert import HOSTNAME /path/to/certificates
Certificates and their keys are copied to /etc/prosody/certs (can be changed with the certificates option) and then it signals Prosody to reload itself. –root lets prosodyctl write to paths that may not be writable by the prosody user, as is common with /etc/prosody. Multiple hostnames and paths can be given, as long as the hostnames are given before the paths.
This command can be put in cron or passed as a callback to automated certificate renewal programs such as certbot or other Let's Encrypt clients.
Import All:
# prosodyctl --root cert import /etc/letsencrypt/live
Reset forgot password
# prosodyctl install --server=https://modules.prosody.im/rocks/ mod_password_reset
Reload prosody configuration then use ad-hoc commands to generate a reset link for given JID
Some news for XMPP: support MUC and anonymous login
Written by Simone
More news on the previously announced bridge for support MUC: we got another bridge set up. This time around, IRC joins the ballet, so matterbridge is now bridging @wpn support MUC for 3 different protocols.. XMPP and MATRIX being the previous other two.
https://health.woodpeckersnest.space/
On this matter I was thinking about making a "tombstone" of the current XMPP MUC, which is called status and move to wpn - In fact that's the name of the MATRIX and IRC rooms. This is not really something I want to do soon, though, because it implies changing several things.
Last, but not least, I have also set up an anonymous VirtualHost in Prosody. You can now login to anon.woodpeckersnest.space with a disposable account (whose data gets deleted from the server as soon as the account is not connected anymore) and participate/discuss in @wpn MUCs - access to external servers is not permitted to anonymous users, for obvious security concerne.
You can follow the steps in this GIF to connect anonymously with Gajim; Dino should also support it but I don't know how it's done.. Finally if you want to join via Android, these are the instructions provided by Daniel Gultsch, from Conversations IM:
you can just add the account something@anon.woodpeckersnest.space with an empty password to #Conversations_im and it will login anonymously. Anonymous logins don't require registration. When I say 'something@anon...' you can use anything as that username. Doesn't matter (it's only used to get through the client side jid validation check)
TIP: If the server tells you can't join a MUC, make sure you have added a nickname in your profile's details (Android).
Downtimes
Written by Simone
It's been a few days now that I'm experiencing downtimes at night, early mornings.
When I wake up, connect to the VPS and attach to tmux, I am welcomed by these messages in console:
Message from syslogd@pandora at Nov 3 05:37:13 ...
kernel:[1586232.350737] Dazed and confused, but trying to continue
Message from syslogd@pandora at Nov 3 05:37:24 ...
kernel:[1586235.049143] Uhhuh. NMI received for unknown reason
30 on CPU 1.
Message from syslogd@pandora at Nov 3 05:37:24 ...
kernel:[1586235.049145] Dazed and confused, but trying to continue
Message from syslogd@pandora at Nov 3 05:37:55 ...
kernel:[1586273.642163] watchdog: BUG: soft lockup - CPU#2 stuck
for 27s! [dockerd:526408]
Message from syslogd@pandora at Nov 3 05:38:00 ...
kernel:[1586278.545172] watchdog: BUG: soft lockup - CPU#1 stuck
for 24s! [systemd-journal:257]
Message from syslogd@pandora at Nov 3 05:38:02 ...
kernel:[1586281.187611] watchdog: BUG: soft lockup - CPU#3 stuck
for 35s! [lua5.4:1702]
There's no need to say that when this happens, the server is completely frozen and doesn't respond to anything.
I already contacted support, but they didn't investigate at all, I believe. They manually restarted my VPS once and did some pings and connection tests (VNC, SSH) afterwards.. "everything is working fine!"
This last Saturday I was up when it happened, so I did a mtr from my PC to the VPS's IP and logged it, then I sent another email with the output to support.. Still waiting for them to reply, I guess tomorrow (Monday).
Friends like lorenzo and shai are having difficulties too, with the same provider, so I'm not imagining things.
Well, that's all I got to say, will keep you posted if any news.