14
submitted 5 months ago by Pekka@feddit.nl to c/thenetherlands@feddit.nl

Bij de Europese verkiezingen aanstaande donderdag doet een Nederlandse partij mee die gesteund wordt door organisaties die zijn verbonden aan de Chinese Communistische Partij. Dat melden RTL Nieuws en Follow The Money (FTM) op basis van eigen onderzoek.

1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl

This version patches the security vulnerability related to custom emoji’s.

7
submitted 1 year ago by Pekka@feddit.nl to c/esperanto@sopuli.xyz
15
submitted 1 year ago by Pekka@feddit.nl to c/nieuws@feddit.nl
[-] Pekka@feddit.nl 45 points 1 year ago

Only Lemmy instances with custom emoticons were affected based on the Recap of the Lemmy XSS incident. So if Lemmy.ml doesn't have these it should not have been affected.

43
submitted 1 year ago by Pekka@feddit.nl to c/webdev@programming.dev

htmx is a very different way of developing your web application. You can define a lot of behaviour inside your HTML with the new attributed added by htmx. This allows you to build an interactive website without using any JavaScript. You do need a REST API that returns HTML though.

For more information about HTMX you can read the htmx docs.

31
submitted 1 year ago by Pekka@feddit.nl to c/nieuws@feddit.nl
[-] Pekka@feddit.nl 34 points 1 year ago

Not worried at all. Their source code controversy mostly hurts companies that want to run RHEL without paying IBM, as after these changes distos like Alma Linux and Rockey Linux might diverge more from RHEL and they will have a harder time to guarantee bug-for-bug compatibility.

Fedora is not trying to steal business and government contracts away from RHEL and as a normal user you don’t need this bug-for-bug compatibility anyway. You can just sign up for a RedHat developer account and download RHEL Server for free, this includes a GUI everything you need to run it on a workstation. You can even view the source code trough their website.

So I am not worried that CentOS stream or Fedora will go away, RedHat is not trying to hurt consumers, they just want that enterprises (that are interested in support contracts) actually pay them when they use the work they put into RHEL. If they want a free version, they can still use CentOS stream.

1
Lemmy v0.18.0 Release (join-lemmy.org)
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl
11
submitted 1 year ago by Pekka@feddit.nl to c/nieuws@feddit.nl
2
submitted 1 year ago* (last edited 1 year ago) by Pekka@feddit.nl to c/tech@feddit.nl
1
submitted 1 year ago by Pekka@feddit.nl to c/webdev@programming.dev

The results of this year Stack Overflow survey have been published: https://survey.stackoverflow.co/2023/ There is a lot to go through, so if you prefer it in a video format, these kinds of videos can help and also provide some comments on the raw data that you see.

1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl

cross-posted from: https://lemmy.ml/post/1390029

cross-posted from: https://popplesburger.hilciferous.nl/post/9969

After setting up my own Lemmy server, I've been intrigued by the server logs. I was surprised to see some search engines already start to crawl my instances despite it having very little content.

I've noticed that most requests seem to come in from IPv4 addresses, despite my server having both an IPv4 and an IPv6 address. This made me wonder.

IPv4 addresses are getting more scarce by the day and large parts of the world have to share an IPv4 address to get access to older websites. This often leads to unintended fallout, such as thousands of people getting blocked by an IP ban from a site admin that doesn't know any better, as well as anti-DDoS providers throwing up annoying CAPTCHA pages because of bad traffic coming from the shared IP address. Furthermore, hosting a Lemmy server of your own is impossible behind a shared IP address, so IPv6 is the only option.

IPv6 is the clear way forward. However, many people haven't configured IPv6 for their hosts. People running their own Lemmy instances behind an IPv6 address won't be able to federate with those servers, and that's a real shame.

Looking into it

So, I whipped up this quick Python script:

import requests
import sys
import socket
from progress.bar import Bar

lemmy_host = sys.argv[1]

site_request = requests.get(f"https://{lemmy_host}/api/v3/site").json()

hosts = site_request['federated_instances']['linked']

ipv4_only = []
ipv6_only = []
both = []
error = []

with Bar('Looking up hosts', max=len(hosts)) as bar:
    for host in hosts:
        host = host.strip()

        try:
            dns = socket.getaddrinfo(host, 443)
        except socket.gaierror:
            error.append(host)

        has_ipv4 = False
        has_ipv6 = False
        for entry in dns:
            (family, _, _, _, _) = entry

            if family == socket.AddressFamily.AF_INET:
                has_ipv4 = True
            elif family == socket.AddressFamily.AF_INET6:
                has_ipv6 = True

        if has_ipv4 and has_ipv6:
            both.append(host)
        elif has_ipv4:
            ipv4_only.append(host)
        elif has_ipv6:
            ipv6_only.append(host)
        else:
            error.append(host)
        
        bar.message = f"Looking up hosts (B:{len(both)} 4:{len(ipv4_only)} 6:{len(ipv6_only)} E:{len(error)})"
        bar.next()

print(f"Found {len(both)} hosts with both protocols, {len(ipv6_only)} hosts with IPv6 only, and {len(ipv4_only)} outdated hosts, failed to look up {len(error)} hosts")

This script fetches the instances a particular Lemmy server federates with (ignoring the blocked hosts) and then looks all of them up through DNS. It shows you the IPv4/IPv6 capabilities of the servers federating with your server.

I've run the script against a few popular servers and the results are in:

Results

Server IPv6 + IPv4 IPv6 only IPv4 Error Total
Lemmy.ml 1340 3 1903 215 3461
Beehaw.org 807 0 1105 74 1986
My server 202 0 312 4 518

A bar chart of the table above

A pie chart of the results for Lemmy.nl

A pie chart for the results for Beehaw.org

A pie chart for the results for my server

It seems that over half (55%+) the servers on the Fediverse aren't reachable over IPv6!

I'm running my own server, what can I do?

Chances are you've already got an IPv6 address on your server. All you need to do is find out what it is (ip address show in Linux), add an AAAA record in your DNS entries, and enable IPv6 in your web server of choice (i.e. listen [::]:443 in Nginx). Those running a firewall may need to allow traffic through IPv6 as well, but many modern firewalls treat whitelist entries the same these days.

Some of you may be running servers on networks that haven't bothered implementing IPv6 yet. There are still ways to get IPv6 working!

Getting IPv6 through Tunnelbroker

If you've got a publicly reachable IPv4 address that can be pinged from outside, you can use Hurricane Electric's Tunnelbroker to get an IPv6 range, free of charge! You get up to five tunnels per account (each tunnel with a full /64 network) and a routed /48 network for larger installations, giving you up to 65k subnets to play with!

There are lots of guides out there, some for PfSense, some for Linux, some for Windows; there's probably one for your OS of choice.

Getting IPv6 behind CGNAT

Getting an IPv6 network through a tunnelbroker service behind CGNAT is (almost) impossible. Many ISPs that employ CGNAT already provide their customers with IPv6 networks, but some of them are particularly cheap, especially consumer ISPs.

It's still possible to get IPv6 into your network through a VPN, but for serving content you'll need a server with IPv6 access. You can get a free cloud server from various cloud providers to get started. An easy way forward may be to host your server in the cloud, but if you've got a powerful server at home, you can just use the free server for its networking capabilities.

Free servers are available from all kinds of providers, such as Amazon(free for a year), Azure(free for a year), Oracle(free without time limit). Alternatively, a dedicated VPS with IPv6 capabilities can be as cheap as $4-5 per month if you shop around.

You can install a VPN server on your cloud instance, like Wireguard, and that will allow you to use the cloud IPv6 address at home. Configure the VPN to assign an IPv6 address and to forward traffic, and you've got yourself an IPv6 capable server already!

There are guides online about how to set up such a system. This gist will give you the short version.

Final notes

It should be noted that this is a simple analysis based on server counts alone. Most people flock to only a few servers, so most Lemmy users should be able to access IPv6 servers. However, in terms of self hosting, these things can matter!

1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl

cross-posted from: https://lemmy.cat/post/6385

It is currently possible, through Lemmy's API, to create accounts automatically and without limit if verification by email address or captcha is not activated. I'd advise you to activate one or both of them NOW!

After registering x number of accounts (currently I could do thousands), all you have to do is list all the existing communities for each of the account to publishes one new post per community, or more. I'll leave you to picture the mess.

(I apologise to the administrators of sh.itjust.works, I should have done the test with my own server.)

[-] Pekka@feddit.nl 27 points 1 year ago

Although Lemmy is free and open source, the main power is the federation. The most valuable thing that Lemmy has, are its users and the content (this is the same for Reddit). And because of the federation every instance in the Lemmy network has these assets.

Let's say one instance would get massive, and would stop federating and start charging for API access. If that happened, we would be in the same situation as now with Reddit. Yea, it would e a lot easier to set up your own instance, but you would still need to convince all these people to give up that main instance. So I'm really happy that federation basically would mean that all other instances could cut that massive instance out and still have all the data.

[-] Pekka@feddit.nl 27 points 1 year ago

I would not be surprised if lemmy.world will outgrow lemmy.ml this month. Lemmy.world has a lot of active communities and meanwhile lemmy.ml. is not allowing new registrations and many of the existing communities look like they are no longer maintained or used.

[-] Pekka@feddit.nl 36 points 1 year ago

Simply replacing all the mods sound like a good way to kill a subreddit, Reddit probably has no way to pick good mods... Mods will need some connection with the topic, and you don't want to pick random users with no experience for large subreddits.

[-] Pekka@feddit.nl 23 points 1 year ago

Apps that autoplay video adds really don't respect people on mobile metered connections. Especially if these videos are 90 seconds long. This is such a greedy addition to an app where you are already paying for a product...

[-] Pekka@feddit.nl 22 points 1 year ago

I started looking into building a theme for Lemmy, but it was quite difficult to get everything to run well locally. When I did a checkout the main branch had an error in the Rust code and the main branch of the ui had an error that prevented the websocket from connecting to the back-en. I did get it to work by fixing the small error in rust and using a branch that fixed the websocket error. But it was hard to get started.

I was wondering if there is a Lemmy development community here on Lemmy. I tried searching for it on Lemmy.ml, but the cummunties about Lemmy and support don’t really look like they are about development.

[-] Pekka@feddit.nl 34 points 1 year ago

Great post. I absolutely agree, this was always a bit weird on reddit. I have seen people getting flamed on PC building subreddits for considering components that were expensive in the US (but where relatively cheaper here in the EU).

It would be great if we can really keep Lemmy a global community!

[-] Pekka@feddit.nl 48 points 1 year ago* (last edited 1 year ago)

A 502 status code does sound more like an error from the server, yes. The correct HTTP status code for a block by the government would be 451. But I'm not sure if countries that try to block social media respect this, they probably want to hide the fact that that website exists entirely. So they might go for a 404 error instead.

[-] Pekka@feddit.nl 22 points 1 year ago

Federation should not be an issue for users, I think we could make the front-end hide most of the complexity that it brings. There are only a few things that are harder now:

  • discovering communities outside your own instance (this is now mostly done through a website that lists communities)
  • logging in when you receive a link to a post on another instance (you have to go to your own instance, login there, and search for the post again)
  • creating a community on another instance (this requires an account on the other instance to create the community, after that they can add you as a mod)

One of the things that could be improved is changing the login page to add least add something about Federation, so users won't try to log in on another instance with the credentials of their home instance.

[-] Pekka@feddit.nl 20 points 1 year ago* (last edited 1 year ago)

I already had to use the cached version of a Reddit thread today to solve a technical issue I had with the rust compiler. There is so much valuable content there that is well indexed by search engines, let's hope they don't lock down the site even further to prevent AI's from training on their data.

Although, in that case, Lemmy can take over as the searchable internet forum.

[-] Pekka@feddit.nl 20 points 1 year ago

They already made the mobile site practically unusable by constantly reminding you to use the app. The mobile browsing experience was just terrible. They can just show the same adds in the mobile browser...

view more: next ›

Pekka

joined 1 year ago
MODERATOR OF