Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)TS
toothpaste_sandwich @feddit.nl
Posts 22
Comments 555
nos.nl Rutte en zijn appel: echt of een act?

In zijn veertien jaar durende premierschap was Mark Rutte zich zeer bewust van de camera's. "Verschrikkelijk, dat beeld van VVD'ers die in zo'n dikke auto stappen."

Rutte en zijn appel: echt of een act?

Los van z'n politiek—zucht, VVD…—een interessante meta-video over Ruttes beeldvorming als minister.

3

is there any Lemmy android app with data saving?

Something to disable image loading when not on Wi-Fi, for instance? Reddit is Fun had that option, and I have very limited data so that really helped me out.

10

Oh man, I just can't get away from Multiling O Keyboard

it's not open source, hasn't been updated for years (though the developer did update all the dictionaries for Android 14 recently) but its customization options just can't be beat.

I use swipe left and right for delete and space and auto-correct with a dictionary I've been adding to for years. It allows you to add custom emoticons and words, it has a тяαทรƒ๑я๓ functions to add ⓥⓐⓡⓘⓞⓤⓢ GIᙏᘻIᑥKS to text... It has an option for swiping, too, though that's instead of the swiping for backspace and space. You can also edit which letters have what symbols above it.

!

Here's what my keyboard looks like. Notice the handy copy, paste, home, end, undo and redo buttons, too. Which are also completely customizable. Haven't found anything that truly does everything Multiling O does.

I do wish it was open-sourced though, if only so others could update it again...

4

Maar... Koffieklets is één woord.

www.zapp.nl Wanneer is een spatie fout?

Als je een speciaal potje hebt voor lijm, dan plak je die woorden aan elkaar en krijg je een lijmpotje. In het Nederlands kunnen 2 woorden opeens 1 woord worden, zonder spatie. Als je toch een spatie laat staan tussen ‘lijm’ en ‘potje’ dan is die spatie fout (los!) en maak jij dus een spatiefout (aa...

Wanneer is een spatie fout?

Spatiefouten worden ook wel de Engelse ziekte genoemd. Vroeger werd deze website ook nog wel eens geüpdatet met vermakelijke voorbeelden: https://www.spatiegebruik.nl/

1
www.winq.nl Acceptatie homoseksualiteit loopt sterk terug onder jongeren

Slechts 43 procent van de Amsterdamse jongeren zegt dat ze homoseksualiteit accepteren, dat was twee ...

Acceptatie homoseksualiteit loopt sterk terug onder jongeren

Slechts 43 procent van de Amsterdamse jongeren zegt dat ze homoseksualiteit accepteren, dat was twee jaar geleden nog 69 procent. Ook in andere regio’s is er sprake van een dalende acceptatie. Dit blijkt uit onderzoek van GGD Nederland.

Uit onderzoek van de gezondheidsdienst GGD blijkt dat de acceptatie van lhbtiq+-personen drastisch daalt onder jongeren. Uit een enquête onder jongeren tussen 13 en 16 jaar blijkt dat steeds minder jongeren homoseksualiteit accepteren. Met name in Amsterdam is de afname fors. Twee jaar geleden accepteerde 69 procent van de jongeren homoseksualiteit nog, nu is dat slechts 43 procent.

8
Male Fashion Advice @lemmy.world toothpaste_sandwich @feddit.nl

Two clothing color matching guides I had saved. What do you think?

pix.anduin.net toothpaste_sandwich (@[email protected])

Two clothing colour matching guides I had saved

toothpaste_sandwich (@toothpaste_sand@pix.anduin.net)
10

Met z'n drieën fietsen: hoe?

Een klassiek Nederlands probleem: je bent niet met één maar met twee vrienden onderweg op de fiets. Met z'n drieën naast elkaar fietsen is zowel gevaarlijk als illegaal, maar hoe zorg je dat er niet één persoon is die de hele rit "waaat?" moet roepen terwijl-ie wanhopig toch aan het gesprek deel probeert te nemen van achter (of voor) de twee anderen?

(Edit: nu met volslagen onrealistische inspiratie-afbeelding van Chatgpt. Hihi, fietsen met een fietshelm.)

5

No notifications from Signal/Whatsapp until I open the app

Has anyone else come across this? I'm running 21-20240419-NIGHTLY-panther and I don't get notifications until I open the app, at least in Signal and WhatsApp, and I suspect Gmail too. I already set the apps to unrestricted battery usage (including the hard-to-find extra setting when you press to the left of the "Allow background usage" toggle ) and I disabled the "Battery Manager" (which I could only find by searching in settings, there doesn't appear to be a button for it in the settings, separately...)

Is there anything else I could try? I have a Pixel 7.

9

Time for a classic: BIFL computer mouse?

I have a Mastermouse MM530 by Cooler Master at the moment, bought on the basis of its "sturdy" build, but the mouse wheel has been playing up for a while now, occasionally scrolling down when I'm in fact scrolling up.

I'm not even looking for a gaming mouse, just a decent mouse with a clickable scroll wheel. More buttons is nice, but not needed. Any tips?

24
Male Fashion Advice @lemmy.world toothpaste_sandwich @feddit.nl

Eleven ways to tie a scarf infographic.

It's spring here in Europe, but we're international... right? I use the reverse drape cross a lot, though I've used the chest warmer while wearing a suit a couple of times, this past winter.

23
Male Fashion Advice @lemmy.world toothpaste_sandwich @feddit.nl

Relevant discussion for this community!

13

What are your experiences with Molly?

github.com GitHub - mollyim/mollyim-android: Enhanced and security-focused fork of Signal.

Enhanced and security-focused fork of Signal. Contribute to mollyim/mollyim-android development by creating an account on GitHub.

GitHub - mollyim/mollyim-android: Enhanced and security-focused fork of Signal.

I've been wanting to link my Android tablet to Signal for ages now and recently came across Molly as an alternative app to use, which allows this possibility.

To import a backup from Signal you must use a matching or newer version of Molly, though, and where Molly is 6.41.3-2, Signal is 6.43.2, so I'll have to wait a bit before I can switch, I suppose. Looking at the open issues on Github though, it seems linked devices aren't all that stable yet.

How are your experiences with Molly, if you have them?

(I came across this disclaimer too: "unofficial forks are not supposed to use Signal’s infrastructure so Molly violates Signal’s TOS".)

9

Does anyone else think the upvote/downvote buttons are too small in card view?

Maybe it's my sausage fingers, but I often end up opening the post comments instead of upvoting and moving on as I intend.

9
www.droidapp.nl De grote weer-app test 2023: dit is de beste weer-app

Het jaar 2023 is weer een jaar vol uiteenlopende weersomstandigheden. Met sneeuw en ijzel aan het begin van het jaar, flink wat regen in ‘de zomer’ en

De grote weer-app test 2023: dit is de beste weer-app
2

Anyone else still using the Nook Simple Touch?

I'm still steaming through a book a month on the little monster. Battery lasts forever, the screen reads great...

The ReLaunch rom for it is quite nice to work with, I can access my server with books using Total Commander and SSH, AlReader is quite adjustable (if not updated for Android 2.1 since forever, of course)... I even downloaded a couple of custom eReader fonts for it, Using Bookerly, now.

I just wish some apps were still updated for it. But then that's the bleeding-edge software lover in me talking, it actually works fine and doesn't need any updates.

7

Please help troubleshooting my Caddy server. Can't get it to work since changing from IPv4 to IPv6

cross-posted from: https://feddit.nl/post/1094546

> Hi everyone, > > My router went from IPv4 to IPv6 after an update from my ISP back in April, and so I decided to try and get my selfhosted Raspberry Pi server to work with it. It's been less trivial than I hoped it would be, though. It worked and was reachable when it still used IPv4, but it's been out of the air since April. > > I'm running Arch Linux ARM on the device and use networkd to connect it to the internet. I use https://now-dns.com to get a dynamic DNS and have connected it to my server using their Linux script. > > This is my Caddyfile: > > > { > debug > > } > > # Jellyfin: > https://myserver.now-dns.net:26347, > https://myserver.now-dns.net:443, > [(my IPv6 address here)]:26347 { > header / { > # Enable cross-site filter (XSS) > # and tell browser to block detected attacks > X-Frame-Options "Deny" > Content-Security-Policy " > default-src 'self' data: blob:; > style-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com https://ctalvio.github.io/Monochromic/default_style.css https://ctalvio.github.io/Monochromic/jfblue_style.css https://ctalvio.github.io/Monochromic/jfpurple_style.css https://ctalvio.github.io/Monochromic/bottom-progress_style.css https://ctalvio.github.io/Monochromic/customcolor-advanced_style.css https://ctalvio.github.io/Monochromic/improve-performance_style.css https://fonts.googleapis.com/css2; > script-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com googleapis.com *.googleapis.com https://www.gstatic.com/cv/js/sender/v1/cast_sender.js worker-src 'self' blob:; > font-src 'self' bootstrapcdn.com *.bootstrapcdn.com; > img-src data: 'self' imgur.com *.imgur.com; > form-action 'self'; > connect-src 'self' pokeapi.co; > frame-ancestors 'self'; > report-uri {$CSP_REPORT_URI} > " > } > reverse_proxy 127.0.0.1:8093 > #reverse_proxy localhost:8093 > } > > # Nextcloud: > #https://192.168.1.96:65002, > https://myserver.now-dns.net:65001 { > root * /usr/share/webapps/nextcloud > file_server > # log { > # output file /var/log/caddy/myserver.now-dns.net.log > # format single_field common_log > # } > > #php_fastcgi 127.0.0.1:9000 > #php_fastcgi unix//run/php-fpm/php-fpm.sock # veranderd naar correcte adres uit /etc/php/php-fpm.d/www.conf > php_fastcgi unix//run/nextcloud/nextcloud.sock # veranderd naar nieuwe correcte adres uit /etc/php/php-fpm.d/nextcloud.conf > > header { > # enable HSTS > Strict-Transport-Security max-age=31536000; > } > > redir /.well-known/carddav /remote.php/dav 301 > redir /.well-known/caldav /remote.php/dav 301 > > # .htaccess / data / config / ... shouldn't be accessible from outside > @forbidden { > path /.htaccess > path /data/* > path /config/* > path /db_structure > path /.xml > path /README > path /3rdparty/* > path /lib/* > path /templates/* > path /occ > path /console.php > } > > respond @forbidden 404 > } > > (myserver.now-dns.net is not actually my server name, I changed it to stay a bit more anonymous. Maybe this is unnecessarily cautious, let me know if I should change this to my actual address to aid your help.) > > This is a journalctl log from fresh after a Caddy restart: > > > Aug 01 14:36:12 baspi2 systemd[1]: Starting Caddy web server... > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.0834036,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""} > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"warn","ts":1690893373.0915132,"msg":"No files matching import glob pattern","pattern":"/etc/caddy/conf.d/*"} > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1047359,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x4394a00"} > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1278725,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"} > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1279871,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv1","https_port":443} > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1280322,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv1"} > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.128112,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv2"} > Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1328619,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0x4394a00"} > Aug 01 14:36:13 baspi2 caddy[23895]: Valid configuration > Aug 01 14:36:13 baspi2 caddy[23904]: caddy.HomeDir=/var/lib/caddy > Aug 01 14:36:13 baspi2 caddy[23904]: caddy.AppDataDir=/var/lib/caddy > Aug 01 14:36:13 baspi2 caddy[23904]: caddy.AppConfigDir=/etc/caddy > Aug 01 14:36:13 baspi2 caddy[23904]: caddy.ConfigAutosavePath=/var/lib/caddy/autosave.json > Aug 01 14:36:13 baspi2 caddy[23904]: caddy.Version=v2.6.4 > Aug 01 14:36:13 baspi2 caddy[23904]: runtime.GOOS=linux > Aug 01 14:36:13 baspi2 caddy[23904]: runtime.GOARCH=arm > Aug 01 14:36:13 baspi2 caddy[23904]: runtime.Compiler=gc > Aug 01 14:36:13 baspi2 caddy[23904]: runtime.NumCPU=4 > Aug 01 14:36:13 baspi2 caddy[23904]: runtime.GOMAXPROCS=4 > Aug 01 14:36:13 baspi2 caddy[23904]: runtime.Version=go1.20.1 > Aug 01 14:36:13 baspi2 caddy[23904]: os.Getwd=/ > Aug 01 14:36:13 baspi2 caddy[23904]: LANG=C > Aug 01 14:36:13 baspi2 caddy[23904]: PATH=/usr/local/sbin:/usr/local/bin:/usr/bin > Aug 01 14:36:13 baspi2 caddy[23904]: NOTIFY_SOCKET=/run/systemd/notify > Aug 01 14:36:13 baspi2 caddy[23904]: HOME=/var/lib/caddy > Aug 01 14:36:13 baspi2 caddy[23904]: LOGNAME=caddy > Aug 01 14:36:13 baspi2 caddy[23904]: USER=caddy > Aug 01 14:36:13 baspi2 caddy[23904]: INVOCATION_ID=131202f1b6e3472bab7e6fc48933c731 > Aug 01 14:36:13 baspi2 caddy[23904]: JOURNAL_STREAM=8:2593614 > Aug 01 14:36:13 baspi2 caddy[23904]: SYSTEMD_EXEC_PID=23904 > Aug 01 14:36:13 baspi2 caddy[23904]: XDG_DATA_HOME=/var/lib > Aug 01 14:36:13 baspi2 caddy[23904]: XDG_CONFIG_HOME=/etc > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4270308,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"warn","ts":1690893373.4276912,"msg":"No files matching import glob pattern","pattern":"/etc/caddy/conf.d/*"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4616253,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//127.0.0.1:2019","//localhost:2019","//[::1]:2019"]} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4650905,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x4e32000"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4871185,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4872386,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv1","https_port":443} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4872835,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv1"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4874046,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv2"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9077604,"logger":"pki.ca.local","msg":"root certificate is already trusted by system","path":"storage:pki/authorities/local/root.crt"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9084256,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.909473,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.9139633,"logger":"http","msg":"starting server loop","address":"[::]:443","tls":true,"http3":true} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9140959,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9144514,"logger":"http","msg":"enabling HTTP/3 listener","addr":":65001"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.91526,"logger":"http","msg":"starting server loop","address":"[::]:65001","tls":true,"http3":true} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9154122,"logger":"http.log","msg":"server running","name":"srv2","protocols":["h1","h2","h3"]} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.9156892,"logger":"http","msg":"starting server loop","address":"[::]:80","tls":false,"http3":false} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9158008,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9160817,"logger":"http","msg":"enabling HTTP/3 listener","addr":":26347"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.9165256,"logger":"http","msg":"starting server loop","address":"[::]:26347","tls":true,"http3":true} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9165914,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.916624,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["(my IPv6 address here)","myserver.now-dns.net"]} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.917206,"logger":"tls","msg":"finished cleaning storage units"} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"warn","ts":1690893373.920347,"logger":"tls","msg":"stapling OCSP","error":"no OCSP stapling for [(my IPv6 address here)]: no OCSP server specified in certificate","identifiers":["(my IPv6 address here)"]} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.920421,"logger":"tls.cache","msg":"added certificate to cache","subjects":["(my IPv6 address here)"],"expiration":1690917213,"managed":true,"issuer_key":"local","hash":"8aa98ab4d6a397ee8784859f4ba69d8df96d6d978247a3436a20cc8373cf9a8a","cache_size":1,"cache_capacity":10000} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.920493,"logger":"events","msg":"event","name":"cached_managed_cert","id":"2420e703-5823-4962-ad5b-05a084aafacb","origin":"tls","data":{"sans":["(my IPv6 address here)"]}} > Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.923109,"logger":"tls","msg":"loading managed certificate","domain":"myserver.now-dns.net","expiration":1697974414,"issuer_key":"acme-v02.api.letsencrypt.org-directory","storage":"FileStorage:/var/lib/caddy"} > Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"debug","ts":1690893374.1269143,"logger":"tls.cache","msg":"added certificate to cache","subjects":["myserver.now-dns.net"],"expiration":1697974414,"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"7db3c32211ccb2942c5d329650e92ddd63cd9a17670eba2ce29476f3c3e3a741","cache_size":2,"cache_capacity":10000} > Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"debug","ts":1690893374.1271243,"logger":"events","msg":"event","name":"cached_managed_cert","id":"fc000be0-ac06-4ca2-aa53-c14c6fb3ae27","origin":"tls","data":{"sans":["myserver.now-dns.net"]}} > Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"info","ts":1690893374.1345215,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/autosave.json"} > Aug 01 14:36:14 baspi2 systemd[1]: Started Caddy web server. > Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"info","ts":1690893374.137206,"msg":"serving initial configuration"} > Aug 01 14:36:14 baspi2 sudo[23887]: pam_unix(sudo:session): session closed for user root > > > - I "opened" the necessary ports on my router (my router calls it that, I realise it's probably more like I unblocked these ports in its IPv6 firewall) > - I scanned the open ports with an IPv6 port scanner (this one) and it shows ports 80 and 443 to be open, as well as ports 65001 and 26347 > - I used my public IPv6 address to scan, as well as the myserver.now-dns.net address (which is actually another server name) > - I used a smart phone unconnected to wifi to test, but the site cannot load there, either. I tested from other networks while away from home, too, which also didn't work. > > Unfortunately, I still cannot connect to the server with a browser. https://myserver.now-dns.net:26347/ gives an ¨Unable to connect" error on Firefox. > > > I have been whittling away at this issue on and off since April and haven't really made any big breakthroughs. What would be your first steps in troubleshooting this issue? > > When I scan one of the open ports with an online tool, a message like this pops up in the journalctl log: > > > Aug 01 14:45:49 baspi2 caddy[23904]: {"level":"debug","ts":1690893949.6947021,"logger":"http.stdlib","msg":"http: TLS handshake error from [2a01:4f8:1c1c:2d4e::1]:50079: EOF"}

0

Please help troubleshooting my Caddy server. Can't get it to work since changing from IPv4 to IPv6

Hi everyone,

My router went from IPv4 to IPv6 after an update from my ISP back in April, and so I decided to try and get my selfhosted Raspberry Pi server to work with it. It's been less trivial than I hoped it would be, though. It worked and was reachable when it still used IPv4, but it's been out of the air since April.

I'm running Arch Linux ARM on the device and use networkd to connect it to the internet. I use https://now-dns.com to get a dynamic DNS and have connected it to my server using their Linux script.

This is my Caddyfile:

``` { debug

}

Jellyfin:

https://myserver.now-dns.net:26347, https://myserver.now-dns.net:443, [(my IPv6 address here)]:26347 { header / { # Enable cross-site filter (XSS) # and tell browser to block detected attacks X-Frame-Options "Deny" Content-Security-Policy " default-src 'self' data: blob:; style-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com https://ctalvio.github.io/Monochromic/default_style.css https://ctalvio.github.io/Monochromic/jfblue_style.css https://ctalvio.github.io/Monochromic/jfpurple_style.css https://ctalvio.github.io/Monochromic/bottom-progress_style.css https://ctalvio.github.io/Monochromic/customcolor-advanced_style.css https://ctalvio.github.io/Monochromic/improve-performance_style.css https://fonts.googleapis.com/css2; script-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com googleapis.com *.googleapis.com https://www.gstatic.com/cv/js/sender/v1/cast_sender.js worker-src 'self' blob:; font-src 'self' bootstrapcdn.com *.bootstrapcdn.com; img-src data: 'self' imgur.com *.imgur.com; form-action 'self'; connect-src 'self' pokeapi.co; frame-ancestors 'self'; report-uri {$CSP_REPORT_URI} " } reverse_proxy 127.0.0.1:8093 #reverse_proxy localhost:8093 }

Nextcloud:

#https://192.168.1.96:65002, https://myserver.now-dns.net:65001 { root * /usr/share/webapps/nextcloud file_server # log { # output file /var/log/caddy/myserver.now-dns.net.log # format single_field common_log # }

#php_fastcgi 127.0.0.1:9000 #php_fastcgi unix//run/php-fpm/php-fpm.sock # veranderd naar correcte adres uit /etc/php/php-fpm.d/www.conf php_fastcgi unix//run/nextcloud/nextcloud.sock # veranderd naar nieuwe correcte adres uit /etc/php/php-fpm.d/nextcloud.conf

header { # enable HSTS Strict-Transport-Security max-age=31536000; }

redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301

# .htaccess / data / config / ... shouldn't be accessible from outside @forbidden { path /.htaccess path /data/* path /config/* path /db_structure path /.xml path /README path /3rdparty/* path /lib/* path /templates/* path /occ path /console.php }

respond @forbidden 404 } ``` (myserver.now-dns.net is not actually my server name, I changed it to stay a bit more anonymous. Maybe this is unnecessarily cautious, let me know if I should change this to my actual address to aid your help.)

This is a journalctl log from fresh after a Caddy restart:

Aug 01 14:36:12 baspi2 systemd[1]: Starting Caddy web server... Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.0834036,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""} Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"warn","ts":1690893373.0915132,"msg":"No files matching import glob pattern","pattern":"/etc/caddy/conf.d/*"} Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1047359,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x4394a00"} Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1278725,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"} Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1279871,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv1","https_port":443} Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1280322,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv1"} Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.128112,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv2"} Aug 01 14:36:13 baspi2 caddy[23895]: {"level":"info","ts":1690893373.1328619,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0x4394a00"} Aug 01 14:36:13 baspi2 caddy[23895]: Valid configuration Aug 01 14:36:13 baspi2 caddy[23904]: caddy.HomeDir=/var/lib/caddy Aug 01 14:36:13 baspi2 caddy[23904]: caddy.AppDataDir=/var/lib/caddy Aug 01 14:36:13 baspi2 caddy[23904]: caddy.AppConfigDir=/etc/caddy Aug 01 14:36:13 baspi2 caddy[23904]: caddy.ConfigAutosavePath=/var/lib/caddy/autosave.json Aug 01 14:36:13 baspi2 caddy[23904]: caddy.Version=v2.6.4 Aug 01 14:36:13 baspi2 caddy[23904]: runtime.GOOS=linux Aug 01 14:36:13 baspi2 caddy[23904]: runtime.GOARCH=arm Aug 01 14:36:13 baspi2 caddy[23904]: runtime.Compiler=gc Aug 01 14:36:13 baspi2 caddy[23904]: runtime.NumCPU=4 Aug 01 14:36:13 baspi2 caddy[23904]: runtime.GOMAXPROCS=4 Aug 01 14:36:13 baspi2 caddy[23904]: runtime.Version=go1.20.1 Aug 01 14:36:13 baspi2 caddy[23904]: os.Getwd=/ Aug 01 14:36:13 baspi2 caddy[23904]: LANG=C Aug 01 14:36:13 baspi2 caddy[23904]: PATH=/usr/local/sbin:/usr/local/bin:/usr/bin Aug 01 14:36:13 baspi2 caddy[23904]: NOTIFY_SOCKET=/run/systemd/notify Aug 01 14:36:13 baspi2 caddy[23904]: HOME=/var/lib/caddy Aug 01 14:36:13 baspi2 caddy[23904]: LOGNAME=caddy Aug 01 14:36:13 baspi2 caddy[23904]: USER=caddy Aug 01 14:36:13 baspi2 caddy[23904]: INVOCATION_ID=131202f1b6e3472bab7e6fc48933c731 Aug 01 14:36:13 baspi2 caddy[23904]: JOURNAL_STREAM=8:2593614 Aug 01 14:36:13 baspi2 caddy[23904]: SYSTEMD_EXEC_PID=23904 Aug 01 14:36:13 baspi2 caddy[23904]: XDG_DATA_HOME=/var/lib Aug 01 14:36:13 baspi2 caddy[23904]: XDG_CONFIG_HOME=/etc Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4270308,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"warn","ts":1690893373.4276912,"msg":"No files matching import glob pattern","pattern":"/etc/caddy/conf.d/*"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4616253,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//127.0.0.1:2019","//localhost:2019","//[::1]:2019"]} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4650905,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x4e32000"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4871185,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4872386,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv1","https_port":443} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4872835,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv1"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.4874046,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv2"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9077604,"logger":"pki.ca.local","msg":"root certificate is already trusted by system","path":"storage:pki/authorities/local/root.crt"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9084256,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.909473,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.9139633,"logger":"http","msg":"starting server loop","address":"[::]:443","tls":true,"http3":true} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9140959,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9144514,"logger":"http","msg":"enabling HTTP/3 listener","addr":":65001"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.91526,"logger":"http","msg":"starting server loop","address":"[::]:65001","tls":true,"http3":true} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9154122,"logger":"http.log","msg":"server running","name":"srv2","protocols":["h1","h2","h3"]} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.9156892,"logger":"http","msg":"starting server loop","address":"[::]:80","tls":false,"http3":false} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9158008,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9160817,"logger":"http","msg":"enabling HTTP/3 listener","addr":":26347"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.9165256,"logger":"http","msg":"starting server loop","address":"[::]:26347","tls":true,"http3":true} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.9165914,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.916624,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["(my IPv6 address here)","myserver.now-dns.net"]} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"info","ts":1690893373.917206,"logger":"tls","msg":"finished cleaning storage units"} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"warn","ts":1690893373.920347,"logger":"tls","msg":"stapling OCSP","error":"no OCSP stapling for [(my IPv6 address here)]: no OCSP server specified in certificate","identifiers":["(my IPv6 address here)"]} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.920421,"logger":"tls.cache","msg":"added certificate to cache","subjects":["(my IPv6 address here)"],"expiration":1690917213,"managed":true,"issuer_key":"local","hash":"8aa98ab4d6a397ee8784859f4ba69d8df96d6d978247a3436a20cc8373cf9a8a","cache_size":1,"cache_capacity":10000} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.920493,"logger":"events","msg":"event","name":"cached_managed_cert","id":"2420e703-5823-4962-ad5b-05a084aafacb","origin":"tls","data":{"sans":["(my IPv6 address here)"]}} Aug 01 14:36:13 baspi2 caddy[23904]: {"level":"debug","ts":1690893373.923109,"logger":"tls","msg":"loading managed certificate","domain":"myserver.now-dns.net","expiration":1697974414,"issuer_key":"acme-v02.api.letsencrypt.org-directory","storage":"FileStorage:/var/lib/caddy"} Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"debug","ts":1690893374.1269143,"logger":"tls.cache","msg":"added certificate to cache","subjects":["myserver.now-dns.net"],"expiration":1697974414,"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"7db3c32211ccb2942c5d329650e92ddd63cd9a17670eba2ce29476f3c3e3a741","cache_size":2,"cache_capacity":10000} Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"debug","ts":1690893374.1271243,"logger":"events","msg":"event","name":"cached_managed_cert","id":"fc000be0-ac06-4ca2-aa53-c14c6fb3ae27","origin":"tls","data":{"sans":["myserver.now-dns.net"]}} Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"info","ts":1690893374.1345215,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/autosave.json"} Aug 01 14:36:14 baspi2 systemd[1]: Started Caddy web server. Aug 01 14:36:14 baspi2 caddy[23904]: {"level":"info","ts":1690893374.137206,"msg":"serving initial configuration"} Aug 01 14:36:14 baspi2 sudo[23887]: pam_unix(sudo:session): session closed for user root

  • I "opened" the necessary ports on my router (my router calls it that, I realise it's probably more like I unblocked these ports in its IPv6 firewall)
  • I scanned the open ports with an IPv6 port scanner (this one) and it shows ports 80 and 443 to be open, as well as ports 65001 and 26347
  • I used my public IPv6 address to scan, as well as the myserver.now-dns.net address (which is actually another server name)
  • I used a smart phone unconnected to wifi to test, but the site cannot load there, either. I tested from other networks while away from home, too, which also didn't work.

Unfortunately, I still cannot connect to the server with a browser. https://myserver.now-dns.net:26347/ gives an ¨Unable to connect" error on Firefox.

I have been whittling away at this issue on and off since April and haven't really made any big breakthroughs. What would be your first steps in troubleshooting this issue?

When I scan one of the open ports with an online tool, a message like this pops up in the journalctl log:

Aug 01 14:45:49 baspi2 caddy[23904]: {"level":"debug","ts":1690893949.6947021,"logger":"http.stdlib","msg":"http: TLS handshake error from [2a01:4f8:1c1c:2d4e::1]:50079: EOF"}

16

Please help troubleshooting my Caddy server. Can't get it to work since changing from IPv4 to IPv6

Hi everyone,

My router went from IPv4 to IPv6 after an update from my ISP back in April, and so I decided to try and get my selfhosted Raspberry Pi server to work with it. It's been less trivial than I hoped it would be, though. It worked and was reachable when it still used IPv4, but it's been out of the air since April.

I'm running Arch Linux ARM on the device and use networkd to connect it to the internet. I use https://now-dns.com to get a dynamic DNS and have connected it to my server using their Linux script.

This is my Caddyfile:

``` { debug

}

Jellyfin:

myserver.now-dns.net:26347, myserver.now-dns.net:443, [my ipv6]:26347 { header / { # Enable cross-site filter (XSS) # and tell browser to block detected attacks X-Frame-Options "Deny" Content-Security-Policy " default-src 'self' data: blob:; style-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com https://ctalvio.github.io/Monochromic/default_style.css https://ctalvio.github.io/Monochromic/jfblue_style.css https://ctalvio.github.io/Monochromic/jfpurple_style.css https://ctalvio.github.io/Monochromic/bottom-progress_style.css https://ctalvio.github.io/Monochromic/customcolor-advanced_style.css https://ctalvio.github.io/Monochromic/improve-performance_style.css https://fonts.googleapis.com/css2; script-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com googleapis.com *.googleapis.com https://www.gstatic.com/cv/js/sender/v1/cast_sender.js worker-src 'self' blob:; font-src 'self' bootstrapcdn.com *.bootstrapcdn.com; img-src data: 'self' imgur.com *.imgur.com; form-action 'self'; connect-src 'self' pokeapi.co; frame-ancestors 'self'; report-uri {$CSP_REPORT_URI} " } reverse_proxy 127.0.0.1:8093 #reverse_proxy localhost:8093 }

Nextcloud:

myserver.now-dns.net:65001 { root * /usr/share/webapps/nextcloud file_server # log { # output file /var/log/caddy/myserver.now-dns.net.log # format single_field common_log # }

#php_fastcgi 127.0.0.1:9000 #php_fastcgi unix//run/php-fpm/php-fpm.sock # veranderd naar correcte adres uit /etc/php/php-fpm.d/www.conf php_fastcgi unix//run/nextcloud/nextcloud.sock # veranderd naar nieuwe correcte adres uit /etc/php/php-fpm.d/nextcloud.conf

header { # enable HSTS Strict-Transport-Security max-age=31536000; }

redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301

# .htaccess / data / config / ... shouldn't be accessible from outside @forbidden { path /.htaccess path /data/* path /config/* path /db_structure path /.xml path /README path /3rdparty/* path /lib/* path /templates/* path /occ path /console.php }

respond @forbidden 404 } ```

Figuring out how to open the necessary ports took some doing on my router, but now when I test with an IPv6 port scanner (like this one) it shows me that ports 80 and 443 are open, as well as ports 65001 and 26347. It works both when I fill in my public IPv6 address as well as the address I get from now-dns. I still cannot connect to the server with a browser, though.

I have been whittling away at this issue on and off since April and haven't really made any big breakthroughs. What would be your first steps in troubleshooting this issue?

journalctl -f -u caddy gives the following:

Jul 18 16:28:13 baspi2 caddy[422]: {"level":"debug","ts":1689690493.3595114,"logger":"http.stdlib","msg":"http: TLS handshake error from 198.199.97.61:43266: no certificate available for '192.168.1.96'"} Jul 18 16:28:16 baspi2 caddy[422]: {"level":"debug","ts":1689690496.401284,"logger":"http.stdlib","msg":"http: TLS handshake error from [2604:a880:400:d0::20e2:c001]:46636: EOF"} Jul 18 16:28:45 baspi2 caddy[422]: {"level":"debug","ts":1689690525.159631,"logger":"http.stdlib","msg":"http: TLS handshake error from [2607:5300:201:3100::7911]:42978: read tcp [2a02:a465:1b91:1:dea6:32ff:fe54:67fb]:65001->[2607:5300:201:3100::7911]:42978: read: connection reset by peer"} Jul 18 16:35:44 baspi2 caddy[422]: {"level":"debug","ts":1689690944.3032691,"logger":"http.stdlib","msg":"http: TLS handshake error from [2a01:4f8:1c1c:2d4e::1]:31497: EOF"} Jul 18 16:41:15 baspi2 caddy[422]: {"level":"debug","ts":1689691275.666184,"logger":"http.stdlib","msg":"http: TLS handshake error from 45.227.254.49:65421: tls: first record does not look like a TLS handshake"} Jul 18 16:48:14 baspi2 caddy[422]: {"level":"debug","ts":1689691694.1229563,"logger":"events","msg":"event","name":"tls_get_certificate","id":"f6540cc3-dce9-4f75-995a-9d313ad6a9a8","origin":"tls","data":{"client_hello":{"CipherSuites":[49199,49195,49169,49159,49171,49161,49172,49162,5,47,53,49170,10],"ServerName":"","SupportedCurves":[23,24,25],"SupportedPoints":"AA==","SignatureSchemes":[1025,1027,513,515,1025,1281,1537],"SupportedProtos":null,"SupportedVersions":[771,770,769],"Conn":{}}}} Jul 18 16:48:14 baspi2 caddy[422]: {"level":"debug","ts":1689691694.1232002,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"192.168.1.96"} Jul 18 16:48:14 baspi2 caddy[422]: {"level":"debug","ts":1689691694.1232479,"logger":"tls.handshake","msg":"all external certificate managers yielded no certificates and no errors","remote_ip":"192.241.226.31","remote_port":"60480","sni":""} Jul 18 16:48:14 baspi2 caddy[422]: {"level":"debug","ts":1689691694.1233048,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","remote_ip":"192.241.226.31","remote_port":"60480","server_name":"","remote":"192.241.226.31:60480","identifier":"192.168.1.96","cipher_suites":[49199,49195,49169,49159,49171,49161,49172,49162,5,47,53,49170,10],"cert_cache_fill":0.0003,"load_if_necessary":true,"obtain_if_necessary":true,"on_demand":false} Jul 18 16:48:14 baspi2 caddy[422]: {"level":"debug","ts":1689691694.1235263,"logger":"http.stdlib","msg":"http: TLS handshake error from 192.241.226.31:60480: no certificate available for '192.168.1.96'"}

(Those handshake errors show up when I scan the ports with an online tool.)

5

Regular expressions in Double Commander to skip incompatible symbols when copying

Hi all,

I've been breaking my head on this for the past while and I figured I'd ask the hive mind here.

I'm using Double Commander as my file browser of choice, and I'm copying some files to an SD card that goes into an mp3 player running Rockbox, which only accepts FAT32 file systems.

I've tried to get all the filenames as compatible with FAT32 as possible, but here and there there's still some file names that contain symbols incompatible with FAT32 ( , \ , / , : , * , ? , " , < , > , | .)

Now, Double Commander allows to use file templates for copying files, which includes the option for a file mask using regex. I figured I ought to be able to use this to skip files using these characters. Looking at regex syntax and googling for something similar to have already been done (I found this Stackexchange question) I came up with this regular expression:

[^\\/:*?\"<>|]

Double commander then spits out the following error, though:

>Unhandled exception: ERegExpr: TRegExpr compile: quantifier ?+*{ follows nothing (pos 1)

Any ideas on what I'm doing wrong? Regex is kind of foreign to me, so I'm guessing I'm doing something fundamentally wrong that should be easy to solve for someone who knows what they're doing.

5

Gezien op een stoplicht in Utrecht

Eens even kijken hoe je nou het handigst iets deelt van Pixelfed...

2