-
Permanent link to “Some news for XMPP: support MUC and anonymous login” -
Notes
I'll update this post whenever I see fits, A.K.A. when I have other bits of information which don't require a whole post. Operations on files and directories Move files to the current/parent directory in Linux Current dir find . -type f -exec mv {} . \; Parent dir find . -type f -exec mv {} .. \; Recursive chmod on files and dirs To change all the directories to 755 (-rwxr-xr-x): find /var/www/blog -type d -exec chmod 755 {} \; To change all the files to 644 (-rw-r--r--): find /var/www/blog -type f -exec chmod 644 {} \; Certbot Certbot cli /etc/letsencrypt/cli.ini When renewing, use the same private key as the existing certificate. (default: False): reuse-key = True Common commands Register single domain: certbot certonly --standalone -d domain.tld --dry-run Remove “–dry-run” when ok. Renew single domain: certbot renew --cert-name domain.tld --dry-run Remove “–dry-run” when ok. Revoke certificate: certbot revoke --cert-path /etc/letsencrypt/archive/${YOUR_DOMAIN}/cert1.pem Check…
-
Downtimes
It's been a few days now that I'm experiencing downtimes at night, early mornings. When I wake up, connect to the VPS and attach to tmux, I am welcomed by these messages in console: Message from syslogd@pandora at Nov 3 05:37:13 ... kernel:[1586232.350737] Dazed and confused, but trying to continue Message from syslogd@pandora at Nov 3 05:37:24 ... kernel:[1586235.049143] Uhhuh. NMI received for unknown reason 30 on CPU 1. Message from syslogd@pandora at Nov 3 05:37:24 ... kernel:[1586235.049145] Dazed and confused, but trying to continue Message from syslogd@pandora at Nov 3 05:37:55 ... kernel:[1586273.642163] watchdog: BUG: soft lockup - CPU#2 stuck for 27s! [dockerd:526408] Message from syslogd@pandora at Nov 3 05:38:00 ... kernel:[1586278.545172] watchdog: BUG: soft lockup - CPU#1 stuck for 24s! [systemd-journal:257] Message from syslogd@pandora at Nov 3 05:38:02 ... kernel:[1586281.187611] watchdog: BUG: soft lockup - CPU#3 stuck for 35s! [lua5.4:1702] There's no need to say…
-
Night tinkering..
I am most productive at night, when there is finally silence - apart from background music. The last couple hours of this Wednesday brought some nice additions to the @wpn support MUC: chat is not XMPP only anymore, but it got bridged to Matrix, via "matterbridge". a bot is now sending "BOFH excuses" to the chat, once a day. XMPP MUC can be reached from: https://invite.woodpeckersnest.space/#status@chat.woodpeckersnest.space?join Matrix room can be reached from: https://matrix.to/#/#wpn:matrix.org Bridged chat means that everything being written in any of those rooms, gets relayed to the other by bots: there are in fact 2 bots connected to the 2 rooms, one is an XMPP bot and the other is a Matrix one, operated by "matterbridge", as I said earlier. About "BOFH excuses", they are some fortune cookies from the relative Linux package, which are all about "Bastard Operators From Hell" excuses.. They are some short funny sentences about IT…
-
New VPS Location:…
Last evening, at around 22:00 CET, Contabo migrated my VPS from old Hub at Nuremberg to the newly built "Hub Europe". They rebooted it and everything came back up as usual.. I wasn't at home when it happened, didn't even notice anything until I connected and found no tmux session running. Even my phone which was connected to wireguard, quietly continued working and sending notifications 😎 Meanwhile, my friends and I watched "The Creator" on Disney+ Can't really say I do recommend it, but for some casual evening/entertainment, it wasn't half bad. gemlog
-
Changes for blog…
I've been rethinking about the publication license of these blog posts. Changes I made: Some "public" posts were turned to "CC BY-NC-SA" Some "all-rights-reserved" posts were turned to "CC BY-NC-SA" At the moment there are still other public and all-rights-reserved posts.. Most of the public ones are from me, while some are from friends who told me to publish them with such license. The all-rights-reserved ones are mostly from content I grabbed over the net and published here, where I wasn't able to contact the original authors (so credits are to themselves) and some others are e.g. posts with pictures I took myself. So.. From now on, all these types of licenses will co-exist and each post will be tagged with the correct/relative one (hopefully). Disclaimer: If not specified, you can assume it's "CC BY-NC-SA" by Simone "roughnecks" Canaletti https://creativecommons.org/licenses/by-nc-sa/4.0/
-
prosodyctl commands…
prosodyctl shell Launch the shell: # prosodyctl shell Delete pubsub node (the ">" sign at the beginning is important and also dangerous, as it lets you do anything!): >prosody.hosts["pubsub.example.tld"].modules.pubsub.service:delete("blog", true) Delete ALL pubsub nodes >local service = prosody.hosts["pubsub.example.tld"].modules.pubsub.service; for node in pairs(select(2, assert(service:get_nodes(true)))) do service:delete(node, true); end Check subscription by user: >prosody.hosts["pubsub.example.tld"].modules.pubsub.service.subscriptions["user@example.tld"] Change affiliation on pubsub nodes (make user owner): >prosody.hosts["pubsub.example.tld"].modules.pubsub.service:set_affiliation("blog",true,"user@example.tld","owner") Unsubscribe from node…
-
eggdrop script:…
You can try this script on #fediverso at irc.libera.chat, where me, cage, ndo and other friends hang out bot: "verne", running on @wpn SearXNG instance: https://search.woodpeckersnest.space/ Thanks to cage for the script and ndo for creating the channel o/ # © cage released under CC0, public domain # https://creativecommons.org/publicdomain/zero/1.0/ # Date: 16-08-2024 # Version: 0.1 # Package description: do a web search using your searxng instance # Public ones won't probably work because of "limiter" # Authorize your channel from the partyline with: # .chanset +searxng #your-channel # Do a search # .search <query> | .search paris (this query goes to default engine) # .search +<engine> <query> | .search +wp paris (this query goes to # wikipedia) # .search !images paris | this query search only paris' images # List of engines: https://docs.searxng.org/user/configured_engines.html # tcllib is required ############## configuration directives…
-
-
@wpn gemini server…
Yet another small update about gemini. You can now browse gemini://woodpeckersnest.space even from regular HTTP, here: https://gemini.woodpeckersnest.space/ I've applied some fixes (like) to HTML and CSS (the latter is pretty much the same used by the @wpn onboarding page, but obviously customized). As for accessibility, I think it should work well for desktop and also mobile browsers; CGIs work as well. The proxy I used is Loxy. I also already opened an issue on their repo for a problem with query strings, still waiting for someone to reply. Apart from that, everything checks out. gemlog
-
@wpn gemini capsule…
Hello, just a brief update on gemini here at @wpn. I switched TLD from ".eu" to ".space": seemed more appropriate for gemini. gemini://woodpeckersnest.space/ gemlog
-
@wpn onboarding:…
I was running 2 separate apps for shell/XMPP account registration at @wpn, so far.. This night I made some changes to the original code (provided by Schimon) and I got just one app with account choice - meaning that you must choose what account type you want in the form. Shell accounts are for friends only, as it's always been. As a consequence of that, I shut down the old address for XMPP account onboarding and left only the main one, which is: https://hello.woodpeckersnest.space/ gemlog
-
Summer Recap at WPN
I'm always a bit busy when it comes to pandora (the VPS running WPN: woodpeckersnest.space/eu). I like experimenting new things, fixing/improving existing things.. I cannot stay still 😀 After migrating the homepage to homarr - which took really no time for the initial setup, but a lot of work afterward to fix layouts for mobile devices and non-full-hd screens for desktop PCs - I started messing up with a brand new toy: gemini!! Not even a week since I installed molly-brown, the actual gemini server, to today, I can count lots of improvements.. Installed terminal gemini browser client amfora for wpn's shell users and also gtl, a tinylog reader, always for the shell. Configured a local tinylog which groups together all wpn's capsuleer tinylogs, so it's easy to follow all of the local server users in one single place; the log is generated by gtl itself, refreshed and published every 5 minutes: can't miss a thing! Initially configured gemlog mentions starting from a script by…
-
gemini protocol -…
I'm glad to announce the start of a new gemini server here at WPN, only for shell users: gemini://woodpeckersnest.eu/ Gemini is an application-layer internet communication protocol for accessing remote documents, similar to HTTP and Gopher. It comes with a special document format, commonly referred to as "gemtext", which allows linking to other documents. Started by a pseudonymous person known as Solderpunk, the protocol is being finalized collaboratively and as of October 2022, has not been submitted to the IETF organization for standardization. You need a "gemini" client to be able to open that link, the same way you need a browser to open this blog post; I can recommend Lagrange: choose your flavor ^^ The server is powered by molly-brown, author "solderpunk". Thanks
-
A new new home
Good day everyone! This weekend I've been restructuring "woodpeckersnest's" homepage. The move was pretty huge since I went from a static #HTML plus some #JS site to homarr; it's taking quite a lot of RAM to run now, but the outcome is nice and I like it better than the old style - on mobile, at least on my crap smartphone, doesn't look very good, it needs quite a lot of pixels to perform alright (I hate phones btw, so it's still good for me). Everything is WIP, but you can take a look at it anyway: https://woodpeckersnest.space Please let me know if you find anything broken or not working properly. 😍 P.S. I have also upgraded our DeltaChat "chatmail" instance to latest and greatest 1.4.1 release - Thanks Federico for the hosting and Andrea for translations. Come join us at https://chatmail.woodpeckersnest.space/
-
beszel
Beszel Setup Interesting project at https://github.com/henrygd/beszel Collects resource statistics from one or more systems, display CPU/RAM/DISK/NET/DOCKER information and be alerted in case "event" happens. These days I set up beszel HUB on my VPS and beszel-agent on the same VPS, on our chatmail server and even on my desktop PC at home on WSL2: so now I'm monitoring 3 systems from a web interface and I'm being notified if one of them becomes unreachable or has exceeded %resources for every type of monitor. This is my compose.yaml for the HUB and agent on "woodpeckersnest.eu": services: beszel: image: 'henrygd/beszel' container_name: 'beszel' networks: beszel: ipv4_address: 172.30.0.2 restart: unless-stopped ports: - '8090:8090' volumes: - beszel_data:/beszel_data environment: DISABLE_PASSWORD_AUTH: false beszel-agent: image: "henrygd/beszel-agent" container_name: "beszel-agent" networks: beszel: ipv4_address: 172.30.0.3 restart:…
-
Onboarding
Hello, this is "Opening Day": finally decided to open fully featured shell accounts' registration on WPN: woodpeckersnest.space/eu for friends. Who are friends then? Since IRL friends have zero interest in this, my friends are people I know and respect over the Internet, in particular - but not limited to - the XMPP network. They are mostly Italian and English speaking folks, since those are the only 2 languages I know.. This is a first-time experience for me, so give me a few days (a week maybe) to "adjust" and set account(s) up. If you feel lucky, click the title of this post and apply now! 😏
-
re: CardDAV Plugin…
Continuing from the previous article.. Today while trying to install yet another plugin (Calendar this time), I had a lil incident and destroyed everything 😃 Some hours later I restored a backup and we're up again. BUT! In the process I discovered some SQL errors which I believe were there since a lot ago, always gone unseen. To make a long story short, I had to disable the standard "Personal Address Book" for everyone, because it was impossible to save any contact in there anyway.. And we are now relying on CardDAV, which is way better. At one point I had the Calendar plugin working too, alongside CardDAV, but I had (wrongfully) installed it as a local one, so no sync to the cloud with CalDAV; it was later that I tried the CalDAV way by changing the config and shit got me. Now I asked the people of libera.chat about the plugin, to see if it really supports any CalDAV implementation or not - and then I'll try again :) Feel free to check it out and leave a comment if…
-
CardDAV Plugin for…
Hello o/ Just completed a new software installment for the "woodpeckers" webmail, powered by roundcube. It's a plugin to manage CardDAV address books, so you can import them in your web contacts; I've tested it with "Radicale Cal/CardDAV" server and the import to roundcube was fast and easy peasy; hopefully it'll be the same for every other compatible server 😎 https://webmail.woodpeckersnest.space/ Yeah, that was all for your local news! Until next.
-
chatmail recap…
Statistiche $ uptime 03:54:18 up 34 days, 8:19, 4 users, load average: 0.00, 0.00, 0.00 $ free -m total used free shared buff/cache available Mem: 877 503 159 8 377 374 Swap: 499 87 412 $ df -h Filesystem Size Used Avail Use% Mounted on udev 428M 0 428M 0% /dev tmpfs 88M 8.4M 80M 10% /run /dev/vda1 9.7G 2.8G 6.6G 30% / tmpfs 439M 0 439M 0% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock /dev/vda15 124M 12M 113M 10% /boot/efi tmpfs 88M 0 88M 0% /run/user/1000 $ ip -s link 2: ens6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 RX: bytes packets errors dropped missed mcast 1444308867 14871375 0 32828 0 0 TX: bytes packets errors dropped carrier collsns 18414348377 21921709 0 0 0 0 $ curl https://chatmail.woodpeckersnest.space/metrics accounts 83 1719367201634
-
etckeeper log and…
store /etc in git, mercurial, brz or darcs The etckeeper program is a tool to let /etc be stored in a git, mercurial, brz or darcs repository. It hooks into APT to automatically commit changes made to /etc during package upgrades. It tracks file metadata that version control systems do not normally support, but that is important for /etc, such as the permissions of /etc/shadow. It's quite modular and configurable, while also being simple to use if you understand the basics of working with version control. https://packages.debian.org/stable/etckeeper root@pandora:/etc# git log --oneline mumble-server.ini c1e2238 daily autocommit 2e66cf6 daily autocommit 76fd073 daily autocommit baaff1c saving uncommitted changes in /etc prior to apt run 9980c10 daily autocommit 830fa84 daily autocommit 0cc8fd9 saving uncommitted changes in /etc prior to apt run 4e7b545 saving uncommitted changes in /etc prior to apt run 20d692a daily autocommit c05a405 saving uncommitted changes in /etc prior to apt…
-
Slixfeed News Bot…
Hello, do you remember about Slixfeed? Talked about that here a while ago. Schimon, the bot's author, chose woodpeckersnest.space to host a new home for it and I was am very happy about that 😀 More to that, he also decided to move Slixfeed's source repository from "gitgud.io" to the Italian XMPP-IT Community GIT server - even if we're not sure everything will be migrated (WIP). Oh, I also want to mention the other XMPP-related projects which Schimon also moved to our community server, which you should check out! Thanks Schimon for trusting us with your work. Keep it up! Now, links! Slixfeed Homepage - also linked in this post's title schimon's GIT profile Slixfeed repository XMPP support room for Slixfeed XMPP-IT main chat room XMPP-IT Homepage Finally, I would like to remember you that the XMPP-IT Git server is not open to registrations, but if you want an account there to post your work (we only accept XMPP-related stuff!), you can request an account to one of the…
-
More on WebDAV -…
After some failed attempt at this, I think I found the right way to "mount" a remote WebDAV folder under Windows' Explorer. Initially my baby steps took me here: https://note.woodpeckersnest.space/share/0TJT81fgI8Jy After following that tutorial I didn't succeed, so I investigated further. I can say that everythig looks correct until you get to point 9. The address they tell you have to enter isn't correct in my experience and they aren't even using https for the URL. What worked for me was instead something like: \\webdav.woodpeckersnest.space@SSL\folder You have to input the network-path-stile address which is common in Windows, as in: double backslash, FQDN of your WebDAV server, "@SSL" and then the path (folder) where you have access to files in your WebDAV server, with a backslash preceding it. That's it, a prompt will ask for username and password and then a new Network Path (WebFolder) will be connected in Explorer, just below your local drives. You can then…
-
Sharing big files…
Thunderbird filelink with self-hosted webdav Me and friends on xmpp:lozibaldone@conference.xmpp-it.net?join had a discussion about big attachments in Thunderbird and one person ("idice"), which I thank, suggested to use (long forgotten by me) Thunderbird's "filelink" functionality. filelink lets you upload your big attachments to the cloud and send a link to download them, to your email contact. For it to work, you have to download an extension for Thunderbird and choose a cloud instance. There are a few in the community, ranging from Dropbox, to Nectcloud and webdav. I chose webdav, because I already have a docker container with a running instance. The tricky part in setting the extension up and working with my server was to have a private and a public URLs: you have credentials for webdav, so the private one is easily accomplished, while I had never thought about having a public site to share stuff without authentication; and in the end it was really…
-
Grand Opening:…
Istanza Italiana Chatmail per DeltaChat Annunciazione, annunciazione! [cit. per i diversamente giovani] Da qualche giorno è nata l'istanza Italiana Chatmail per DeltaChat.. Arabo? Delta Chat è un’app di messaggistica che funziona tramite e-mail Chatmail è un server di posta "particolare", progettato per l'utilizzo con DeltaChat Il nostro amico Federico, in arte Fede 😀 ha deciso di sponsorizzare il progetto con un VPS dedicato, sul quale Io ho poi provveduto ad installare il servizio Chatmail, la cui componente web può essere visitata al seguente indirizzo: https://chatmail.woodpeckersnest.space/ Tramite l'appena citato sito web potete registrare il vostro account mail anonimo "chatmail" da usare in DeltaChat: è sufficiente scansionare il QR code con l'app di DeltaChat e sarete immediatamente loggati sul server. Tutte le future conversazioni saranno esclusivamente cifrate e2ee. A questo punto dovrete aggiungere qualche amico o unirvi ad un gruppo di altre…
-
self-hosting di…
L'applicazione "photos" della società "ente" è una alternativa alla più rinomata Google Foto, ossia un'app che conserva le vostre immagini (anche chiamate "memories", ricordi) sul cloud. A seconda del profilo scelto potrete immagazzinare tot dati a determinati prezzi - a dire il vero esiste anche un piano di prova per un anno con 1GB di spazio, che naturalmente non soddisferà nessuno. Da qualche settimana però ente ha deciso di rilasciare come codice aperto la sua versione del server, che può essere liberamente fatto girare sulla propria macchina insieme alle relative app (photos per Android, web app), tramite alcune modifiche alle stesse. Io e lorenzo @lorenzo@fedi.bobadin.icu ci siamo allora messi in gioco per avere delle istanze personali di ente server ed uno spazio in cloud dove poter caricare il materiale (l'Object Storage S3 che abbiamo utilizzato è totalmente sponsorizzato da lorenzo, il quale ringrazio) Sin da subito abbiamo avuto diverse…
-
The Internet…
It's been a week or so that I started using Wireguard on my desktop too, browsing the Internet and doing the usual stuff I do, but this time connecting both via IPv4 and IPv6 through my VPS. Results? I've already been banned (or to better state it, my VPS's IPv4 has) from 3 popular hosts: reddit, imgur and alienwarearena. Reason? I don't really know, looks like everyone doesn't like VPNs. For the time being I resorted to replace reddit.com with old.reddit.com (even in my SearxNG instance) to be able to browse that shit, which unfortunately is sometimes useful. "imgur" is even more trickier, since I was still able to upload images (and also display them) via their API on Glowing-Bear.. But if I try to curl imgur.com from my VPS shell I get this: {"data":{"error":"Imgur is temporarily over capacity. Please try again later."},"success":false,"status":403} "Over capacity", yeah, but it's a 403, you liar! So, a few…
-
-
-
Wireguard IPv6
Here's my configuration, working fine with my Android 9 Phone server.conf root@pandora:~# cat /etc/wireguard/wg0.conf [Interface] # specify generated private key for server PrivateKey = <sekret> # IP address for VPN interface Address = 172.16.100.1/32, fd42:42:42::1/64 MTU = 1420 # UDP port WireGuard server listens ListenPort = 51820 # possible to set any commands after WireGuard starts/stops # set routing rules like follows to access to local network via VPN session PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; [Peer] # REDMI # specify public key for client PublicKey = <sekret> # clients' VPN IP addresses you allow to connect #…
-
-
-
Setting up IPv6 in…
Found this post quite useful to set up Hurricane Electric's IPv6 on a Windows machine and serve the connection over LAN (Windows machine must stay on, obviously) Legend of variables: $ipv4a = tunnel server's IPv4 IP $ipv4b = user's IPv4 IP $ipv6a = tunnel server's side of point-to-point /64 allocation $ipv6b = user's side of point-to-point /64 allocation $ipv6c = first address of user's routed /64 allocation $ipv6d = user's routed /64 allocation $adapter = name of local area network connection (where your IPv4 address is configured now) netsh int teredo set state disabled netsh int ipv6 add v6v4tunnel IP6Tunnel $ipv4b $ipv4a netsh int ipv6 add address IP6Tunnel $ipv6b netsh int ipv6 set interface IP6Tunnel forwarding=enabled netsh int ipv6 set interface "$adapter" forwarding=enabled advertise=enabled netsh int ipv6 add address "$adapter" $ipv6c netsh int ipv6 set route $ipv6d "$adapter" publish=yes netsh int ipv6 add route ::/0 IP6Tunnel $ipv6c publish=yes
-
-
Slixfeed RSS XMPP…
Interesting project, features' rich and almost complete. Thanks goes to its main developer Schimon AKA "sch". Here is the support room
-