michael

joined 1 year ago
[–] michael@leuker.me 16 points 9 months ago* (last edited 9 months ago)

... aka the perfect recipe for endless deadlock and foreign entities trying to exert influence by "swaying" one member's opinion. Decisions made by a qualified majority (2/3, 3/4) would be much more appropriate for today's EU.

[–] michael@leuker.me 8 points 11 months ago* (last edited 11 months ago) (1 children)

I wonder if UBI is more unsustainable, or unsustainable at all - imagine a future where most things can be produced so efficiently without the involvement of humans that the idea of not doing so is simply preposterous, akin to insist on using horses after motorization became widely available. Employing humans might incur a higher lost opportunity cost than simply paying everybody to do "nothing". I'm using "" since all those people would of course do something, just not grind for bare survival or "the economy", which is arguably isn't necessary anymore, or at least not as necessary as it once was.

In a way, overcoming work (as in "unwanted compensated grind") is a way to truly live up to our potential as humans because it asks the very basic question of "how to be?" outside of what for millennia was basic necessity or narrowly defined by society.

[–] michael@leuker.me 13 points 11 months ago* (last edited 11 months ago) (1 children)

China has no claim to Taiwan whatsoever and I'm not talking about history. The majority of the Taiwanese people do not want unification, peaceful or otherwise, and that is all that matters. They've seen what happened to China's "Special Administrative Region" and know what's in store for them once the grubby old men yelling at flags in Peking get their greedy little hands on a free country ...

If the people in Taiwan at some point change their mind (perhaps because China has changed significantly), then that is their decision as well, but until then, I'm all for supporting them to maintain their freedom, whatever the cost. "Mourir pour Taiwan?" - Yes (*), if you make it necessary by starting a war of aggression against your neighbors.

The days of "backyard politics" are over, as Putin is just learning the hard way in Ukraine.

(*) And we all know the usual counter: "That's easy for you to say, keyboard warrior!" - but who wouldn't be impacted by a war between China and the US?

[–] michael@leuker.me 46 points 1 year ago* (last edited 1 year ago)

Sigh, one more thing for the list ...

"Didn't you have ads in the 21st century?"

"Well sure, but not in our dreams. Only on TV and radio. And in magazines. And movies. And at ball games and on buses and milk cartons and t-shirts and written on the sky. Oh, and in our operating systems. But not in dreams. No siree!"

[–] michael@leuker.me 18 points 1 year ago* (last edited 1 year ago)

Already going "hybrid" when it comes to content and Netflix only survived the last round because family members voted "stay". Not sure about the next time, especially since their little fabricated "crackdown" on sth. that was once not only tolerated, but actively encouraged definitely rubbed me the wrong way.

[–] michael@leuker.me 5 points 1 year ago* (last edited 1 year ago) (1 children)

Throwing my hat in the ring for dev-mode (you'll need a free developer account), which doesn't interfere / get removed with updates and has a gracious timeout of 999 hours these days, at least on the newer models, but likely in general. I'm using Kodi and the ad-free Youtube + sponsorblock client uploaded via dev-mode-manager, which accesses the WebOS homebrew project that also offers some other useful apps (e.g. a Moonlight client).

[–] michael@leuker.me 2 points 1 year ago

Can only speak for newer models, but LG has changed the devmode timeout to 999 hours, which is plenty of time to hit the refresh button in the meantime. It can be automated as well.

[–] michael@leuker.me 3 points 1 year ago* (last edited 1 year ago)

Since you mentioned it: Debrid has been serving this old pirate (used pretty much everything from IRC dl bots and the original Napster) well. Torrenting is much too dangerous ... and has been for a long time where I live. Maintaining a large library feels a bit like "been there, done that" and is cumbersome (even if well automated) with what little I'm watching these days. Streaming cached torrents from the debrid service of your choice via Kodi and the relevant addons is as painless (everything up to 4K works flawlessly, usually many sources available) as it gets while still having most content ready at my fingertips.

[–] michael@leuker.me 2 points 1 year ago* (last edited 1 year ago)

Solved: It was an oversight on my part: I didn't include the ".well-known" part in the backend block. When changed as follows (compare above), it works as expected -

    ## Backend                                                                                                                                                                                                  
    location ~ ^/(api|pictrs|feeds|nodeinfo|.well-known) {                                                                                                                                                                  
      proxy_pass http://127.0.0.1:8536;                                                                                                                                                                         
      proxy_http_version 1.1;                                                                                                                                                                                   
      proxy_set_header Upgrade $http_upgrade;                                                                                                                                                                   
      proxy_set_header Connection "upgrade";                                                                                                                                                                                                                                                                                                                                                                                    
 

I have created a selfhosted instance from scratch a couple of days ago and everything seems to be working well, however, 3rd party apps (Memmy, Voyager) complain that my profile at "/u/michael@leuker.me" does not exist ...

I tried replicating this in the webinterface and indeed, while "/u/michael" displays the profile as expected, "/u/michael@leuker.me" gives a "couldnt_find_that_username_or_email" error. Perhaps I am missing the obvious (see log and config below), but this seems to be working on other instances (and is expected by the apps mentioned above) and any pointers would be greatly appreciated!

Log output:

Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.313311Z  WARN Error encountered while processing the incoming HTTP request: lemmy_server::root_span_builder: couldnt_find_that_username_or_email: expected value at line 2 column 5
Sep 23 09:48:16 lemy lemmy_server[58804]:    0: lemmy_apub::fetcher::resolve_actor_identifier
Sep 23 09:48:16 lemy lemmy_server[58804]:              at crates/apub/src/fetcher/mod.rs:21
Sep 23 09:48:16 lemy lemmy_server[58804]:    1: lemmy_apub::api::read_person::read_person
Sep 23 09:48:16 lemy lemmy_server[58804]:            with data=Query(GetPersonDetails { person_id: None, username: Some("michael@leuker.me"), sort: Some(New), page: Some(1), limit: Some(20), community_id: None, saved_only: None, auth: Some(Sensitive) })
Sep 23 09:48:16 lemy lemmy_server[58804]:              at crates/apub/src/api/read_person.rs:17
Sep 23 09:48:16 lemy lemmy_server[58804]:    2: lemmy_server::root_span_builder::HTTP request
Sep 23 09:48:16 lemy lemmy_server[58804]:            with http.method=GET http.scheme="http" http.host=leuker.me http.target=/api/v3/user otel.kind="server" request_id=b95e4f8d-5f30-4549-8e99-e0cd1e036046 http.status_code=400 otel.status_code="OK"
Sep 23 09:48:16 lemy lemmy_server[58804]:              at src/root_span_builder.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]:    3: tokio::task::runtime.spawn
Sep 23 09:48:16 lemy lemmy_server[58804]:            with kind=local task.name= task.id=4701 loc.file="/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/service.rs" loc.line=74 loc.col=17
Sep 23 09:48:16 lemy lemmy_server[58804]:              at /home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]:    4: tokio::task::runtime.spawn
Sep 23 09:48:16 lemy lemmy_server[58804]:            with kind=local task.name= task.id=26 loc.file="/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs" loc.line=367 loc.col=29
Sep 23 09:48:16 lemy lemmy_server[58804]:              at /home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]:    5: tokio::task::runtime.spawn
Sep 23 09:48:16 lemy lemmy_server[58804]:            with kind=block_on task.name= task.id=25 loc.file="/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs" loc.line=402 loc.col=32
Sep 23 09:48:16 lemy lemmy_server[58804]:              at /home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]: LemmyError { message: Some("couldnt_find_that_username_or_email"), inner: expected value at line 2 column 5, context: SpanTrace [{ target: "lemmy_apub::fetcher", name: "resolve_actor_identifier", file: "crates/apub/src/fetcher/mod.rs", line: 21 }, { target: "lemmy_apub::api::read_person", name: "read_person", fields: "\u{1b}[3mdata\u{1b}[0m\u{1b}[2m=\u{1b}[0mQuery(GetPersonDetails { person_id: None, username: Some(\"michael@leuker.me\"), sort: Some(New), page: Some(1), limit: Some(20), community_id: None, saved_only: None, auth: Some(Sensitive) })", file: "crates/apub/src/api/read_person.rs", line: 17 }, { target: "lemmy_server::root_span_builder", name: "HTTP request", fields: "\u{1b}[3mhttp.method\u{1b}[0m\u{1b}[2m=\u{1b}[0mGET \u{1b}[3mhttp.scheme\u{1b}[0m\u{1b}[2m=\u{1b}[0m\"http\" \u{1b}[3mhttp.host\u{1b}[0m\u{1b}[2m=\u{1b}[0mleuker.me \u{1b}[3mhttp.target\u{1b}[0m\u{1b}[2m=\u{1b}[0m/api/v3/user \u{1b}[3motel.kind\u{1b}[0m\u{1b}[2m=\u{1b}[0m\"server\" \u{1b}[3mrequest_id\u{1b}[0m\u{1b}[2m=\u{1b}[0mb95e4f8d-5f30-4549-8e99-e0cd1e036046 \u{1b}[3mhttp.status_code\u{1b}[0m\u{1b}[2m=\u{1b}[0m400 \u{1b}[3motel.status_code\u{1b}[0m\u{1b}[2m=\u{1b}[0m\"OK\"", file: "src/root_span_builder.rs", line: 16 }, { target: "tokio::task", name: "runtime.spawn", fields: "kind=local task.name= task.id=4701 loc.file=\"/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/service.rs\" loc.line=74 loc.col=17", file: "/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs", line: 16 }, { target: "tokio::task", name: "runtime.spawn", fields: "kind=local task.name= task.id=26 loc.file=\"/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs\" loc.line=367 loc.col=29", file: "/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs", line: 16 }, { target: "tokio::task", name: "runtime.spawn", fields: "kind=block_on task.name= task.id=25 loc.file=\"/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs\" loc.line=402 loc.col=32", file: "/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs", line: 16 }] }
Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.313380Z  INFO actix_web::middleware::logger: 10.200.106.2 'GET /api/v3/user?username=michael%40leuker.me&sort=New&page=1&limit=20&auth=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjIsImlzcyI6ImxldWtlci5tZSIsImlhdCI6MTY5NTQ2MTU2NX0.dgg4VoY7rhG2JivMv3JxVKOHESKj_ELeXfAQS3R8ce4 HTTP/1.1' 400 47 '-' 'node-fetch/1.0 (+https://github.com/bitinn/node-fetch)' 0.042611
Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.547471Z  INFO actix_web::middleware::logger: 10.200.106.2 'GET /api/v3/user/unread_count?auth=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjIsImlzcyI6ImxldWtlci5tZSIsImlhdCI6MTY5NTQ2MTU2NX0.dgg4VoY7rhG2JivMv3JxVKOHESKj_ELeXfAQS3R8ce4 HTTP/1.1' 200 47 'https://leuker.me/u/michael@leuker.me' 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36' 0.003553
Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.595166Z  INFO actix_web::middleware::logger: 10.200.106.2 'GET /api/v3/site HTTP/1.1' 200 10527 '-' 'node-fetch/1.0 (+https://github.com/bitinn/node-fetch)' 0.011685

nginx config:

server {                                                                                                                                                                                                        
    listen 443      ssl http2;                                                                                                                                                                                  
    listen [::]:443 ssl http2;                                                                                                                                                                                  
    server_name leuker.me;                                                                                                                                                                                      
                                                                                                                                                                                                                
    ssl_certificate /etc/ssl/letsencrypt/lemy.leuker.me/fullchain.pem;                                                                                                                                          
    ssl_certificate_key /etc/ssl/letsencrypt/lemy.leuker.me/key.pem;                                                                                                                                            
    ssl_dhparam /etc/ssl/dhparams.pem;                                                                                                                                                                          
                                                                                                                                                                                                                
    ssl_protocols TLSv1.2 TLSv1.3;                                                                                                                                                                              
    ssl_prefer_server_ciphers on;                                                                                                                                                                               
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';                                                                                                                            
    ssl_session_timeout  10m;                                                                                                                                                                                   
    ssl_session_cache shared:SSL:10m;                                                                                                                                                                           
    ssl_session_tickets on;                                                                                                                                                                                     
    ssl_stapling on;                                                                                                                                                                                            
    ssl_stapling_verify on;                                                                                                                                                                                     
                                                                                                                                                                                                                
    # Upload limit, relevant for pictrs                                                                                                                                                                         
    client_max_body_size 20M;                                                                                                                                                                                   
                                                                                                                                                                                                                
    # Enable compression for JS/CSS/HTML bundle, for improved client load times.                                                                                                                                
    # It might be nice to compress JSON, but leaving that out to protect against potential                                                                                                                      
    # compression+encryption information leak attacks like BREACH.                                                                                                                                              
    gzip on;                                                                                                                                                                                                    
    gzip_types text/css application/javascript image/svg+xml;                                                                                                                                                   
    gzip_vary on;                                                                                                                                                                                               
                                                                                                                                                                                                                
    # Various content security headers                                                                                                                                                                          
    add_header Referrer-Policy "same-origin";                                                                                                                                                                   
    add_header X-Content-Type-Options "nosniff";                                                                                                                                                                
    add_header X-Frame-Options "DENY";                                                                                                                                                                          
    add_header X-XSS-Protection "1; mode=block";

    ## Frontend                                                                                                                                                                                                 
    location / {                                                                                                                                                                                                
        set $proxpass "http://127.0.0.1:1234";                                                                                                                                                                  
                                                                                                                                                                                                                
        if ($http_accept = "application/activity+json") {                                                                                                                                                       
          set $proxpass "http://127.0.0.1:8536";                                                                                                                                                                
        }                                                                                                                                                                                                       
        if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {                                                                                                          
          set $proxpass "http://127.0.0.1:8536";                                                                                                                                                                
        }                                                                                                                                                                                                       
        if ($request_method = POST) {                                                                                                                                                                           
          set $proxpass "http://127.0.0.1:8536";                                                                                                                                                                
        }                                                                                                                                                                                                       
        proxy_pass $proxpass;                                                                                                                                                                                   
                                                                                                                                                                                                                
        rewrite ^(.+)/+$ $1 permanent;                                                                                                                                                                          
                                                                                                                                                                                                                
        # Send actual client IP upstream                                                                                                                                                                        
        proxy_set_header X-Real-IP $remote_addr;                                                                                                                                                                
        proxy_set_header Host $host;                                                                                                                                                                            
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                                                                                                                                            
    }                                                                                                                                                                                                           
                                                                                                                                                                                                                
    ## Backend                                                                                                                                                                                                  
    location ~ ^/(api|pictrs|feeds|nodeinfo) {                                                                                                                                                                  
      proxy_pass http://127.0.0.1:8536;                                                                                                                                                                         
      proxy_http_version 1.1;                                                                                                                                                                                   
      proxy_set_header Upgrade $http_upgrade;                                                                                                                                                                   
      proxy_set_header Connection "upgrade";                                                                                                                                                                    
                                                                                                                                                                                                                
      # Send actual client IP upstream                                                                                                                                                                          
      proxy_set_header X-Real-IP $remote_addr;                                                                                                                                                                  
      proxy_set_header Host $host;                                                                                                                                                                              
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                                                                                                                                              
    }
}

lemmy config:

{                                                                                                                                                                                                                                                                                                                                                                                                                       
database: {                                                                                                                                                                                                     
    user: "user"                                                                                                                                                                                                
    password: "password"                                                                                                                                                        
    host: "host"                                                                                                                                                                                        
    port: 5432                                                                                                                                                                                              
    database: "database"                                                                                                                                                                                            
  }                                                                                                                                                                                                             
                                                                                                                                                                                                                
  pictrs: {                                                                                                                                                                                                     
    url: "http://127.0.0.1:8080/"                                                                                                                                                                               
  }                                                                                                                                                                                                             
                                                                                                                                                                                                                
  email: {                                                                                                                                                                                                      
    smtp_server: "10.200.111.2:25"                                                                                                                                                                              
    smtp_from_address: "lemmy@leuker.me"                                                                                                                                                                        
    tls_type: "none"                                                                                                                                                                                            
  }                                                                                                                                                                                                             
                                                                                                                                                                                                                
  hostname: "leuker.me"                                                                                                                                                                                         
  bind: "127.0.0.1"                                                                                                                                                                                             
  port: 8536                                                                                                                                                                                                    
  tls_enabled: true                                                                                                                                                                                                                                                                                                                                                                                                       
} 
[–] michael@leuker.me 14 points 1 year ago

Cancelled Prime a couple of years ago so that Amazon wasn't the default for ordering things anymore and wouldn't watch anything even via the free 30-day trial that they offer from time to time if commercials are shown. I'm still subscribed to Netflix as the family uses it extensively, but if something is not on there, Kodi has proven to be a good matey.