Meow.tar.gz @ ablackcatstail @lemmy.goblackcat.com

I am an archo-communist, cat-loving dude with a very eclectic range of inte

---

Read more

Posts

12

Comments

464

Joined

2 yr. ago

I still trust open source over proprietary.

I solved this! The reverse proxy has to account for longer connection sessions via WebSockets. Once I put this into the reverse proxy, everything started working.

Yes, larger companies suffer from inertia!

I've often wondered this myself because they've got the inhouse engineering talent to do it. If I had to guess, I think they don't see an immediate and a direct benefit. In the grand scheme of things, the #fediverse is still small but it is making rather exponential games.

Also, maybe these companies are just in the planning stages and we just don't know about it yet.

This has to be past peak capitalism because I see us on the downhill side towards collapse.

Thank you for giving him a great life! Please try and celebrate that. 🙂

I should have clarified maybe more mature. Headscale is still very much alpha quality

Reminds me of Snow Meow from the old cartoon Thundercats.

This is a good article but I really would like to see a fully open source app with a GPL, MIT, or similar license. I am intrigued by Slack's Nebula. It uses the noise protocol in a way similar to WireGuard.

Linux, BSD, and open source in general has saved my life too. It's given my a passion and a love again. Linux and BSD quite literally work better than any antidepressant I've ever had.

I just decided to go ahead and implement split-brain DNS this evening and it works perfectly. What are you using for your internal DNS server? If it is Unbound, the one that I am using, I can share my config with you. After implementing this, the speed of my services when being accessed from my internal network sped up by an order of magnitude. I shoulda done this earlier. 😆

When you start a career, you begin at what they call entry level. Then as you gain experience, you get promoted or you seek other opportunities in the same field that pay more money. Career progression is basically how you are advancing in the field.

Here is the Canadian equivalent which is Statistics Canada.

I have not converted my home network to use split-brain yet and that's because I only just recently got Let's Encrypt to work with the DNS-01 challenge which verifies domain ownership via a TXT record. Now that the DNS-01 challenge works perfectly, I can use split-brain DNS to resolve my example.com requests to internal IP addresses. What I am currently doing is as follows and it is inefficient and ugly!

Local request ---> Internet --> VPS Proxy --> WireGuard tunnel --> Local Server --> WireGuard tunnel -> VPS Proxy -> Internet --> Local origin

Now that I have Let's Encrypt working using the DNS-01 challenge, there will be significantly less latency. It should look something like this:

    
Local request --> Local DNS Server --> Local Server --> Local request
                                         |
                                         --> Local Server --> WireGuard Tunnel --> Internet
 

  

I hope this is helpful! This will reduce the amount of locally generated traffic that must transit the VPN tunnel bi-directionally.

It's quite a challenge. Start with something that you think might interest you, look it up on the Bureau of Labor Statistics (BLS) website. See what kind of education it requires and what the typical career progression is. Normally I don't trust government websites but this is considered reliable and politically neutral.

Here is a way to get working Mastodon working behind a reverse proxy that exists on a different machine. Basically, the NGINX server running on the Mastodon instance is configured to "lie" to the the streaming and web servers that the connection is happening over. This way you handle the SSL termination at the actual proxy server. So what you do is change the listen line to 80 and comment out all of the SSL related stuff. Then look for the @proxy section of the NGINX daemon running on the mastodon instance and change the X-Forwarded-Proto header to https as shown below.

    
server {
  #listen 443 ssl http2;
  #listen [::]:443 ssl http2;
  
  listen 80;
  server_name example.com;

  #ssl_protocols TLSv1.2 TLSv1.3;
  #ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
  #ssl_prefer_server_ciphers on;
  #ssl_session_cache shared:SSL:10m;
  #ssl_session_tickets off;

  # Uncomment these lines once you acquire a certificate:
  #ssl_certificate     /etc/ssl/fullchain.pem;
  #ssl_certificate_key /etc/ssl/private/privkey.pem;

...

location @proxy {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    #proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Proxy "";
    proxy_pass_header Server;

    proxy_pass http://backend;
    proxy_buffering on;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    proxy_cache CACHE;
    proxy_cache_valid 200 7d;
    proxy_cache_valid 410 24h;
    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
    add_header X-Cached $upstream_cache_status;

    tcp_nodelay on;
  }


  

If you have not yet created the reverse proxy server itself, check out NGINX Proxy Manager as it makes things stupidly easy. NGINX Proxy Manager runs in a dockerized container and makes setting up Let's Encrypt certs a breeze. Just be sure that when you define the

This is certainly not an easy task! Hell, I am 46 years old and still figuring out life. 🤣 In all seriousness though, you will probably change careers 2-3x in your life or more. Maybe just figure out something that you could see yourself doing for the next 5-10 years and have a go at it? That would be my recommendation. Choose a career that will at least pay you enough so that you can live with a bit of comfort.

Go figure that the OP would be a homophobe.

It is almost a drop in replacement for Reddit. I had an easier time figuring out Lemmy than Mastodon and I've only been in the LemmyVerse now for 5 days.

Maybe see if your local area has any swap meets? In my home town, there are quite a few computer enthusiasts and I've gotten some pretty good deals on stuff from Windows users that will no longer cut the mustard for Windows but do great for Linux and BSD.