XMPP Service Operators - 2021-03-10

Is it theoretically or practically possible for a TCP connection to fail to setup over a loopback interface? Assuming the transport is perfectly ideal eg, the linux kernel loopback interface; Can you expect TCP to work 100% of the time?

tom, no

there are always resource limits which can be hit, e.g. lack of available source ports

Say you check the return code of prosody's HTTP server for a 200OK every 10 seconds for months on end

One fails

Otherwise the logs don't report anything good AND the daemon quitting successfully with a regular SIGTERM

Should I suspect prosody's failure or check_http's failure

I've got plenty of headroom there jonas

tom, which daemon quit?

Prosody

I have a screen which checks prosody's health every 10 seconds

And restarts the daemon if it doesn't work

OVH on fire, everyone is up? https://nitter.fdn.fr/olesovhcom

What kind of hosting company releases updates over some third party social media service instead of their own website

That is laughable

using a third party service is exactly what you should do

and exactly what should be in your plans

when your DC is on fire, you cannot rely on your own website being available

Speaking of, what kind of datacenter catches on fire

any datacenter can catch fire

Their built not to though

rumors are that this was an arc fault in DC equipment. if that happens at the right amperage, you can only let it burn down

Halon systems and whatnot

halon systems are forbidden in the EU since the 90ies

» <jonas’> when your DC is on fire, you cannot rely on your own website being available OVH is big enough to have an HA webserver, or at least anycast

tom, they also have that: https://status.us.ovhcloud.com/

so maybe also stop assuming that twitter is their only communication channel ;)

the OVH folks aren’t idiots

> OVH SAS hosts 54 XMPP servers: ['404.city', '57n.org', 'alternanet.fr', 'biboumail.fr', 'bonjourbonjour.win', 'brie.tech', 'chat.mass-trespass.uk', 'chatme.im', 'chif.fr', 'creep.im', 'cybercod.com', 'death.social', 'etwinning.ovh', 'feichtmayr.com', 'fisle.eu', 'gdr.name', 'hildebrand.pro', 'hostux.im', 'howlettmartin.com', 'im.ameci.org', 'im.logipren.com', 'im.mastd.racing', 'im.openalgeria.org', 'jabber.libre-informatique.fr', 'jabber.otr.im', 'jix.im', 'ketchupma.io', 'lain.church', 'libreti.net', 'maillard.im', 'mass-trespass.uk', 'mathdacloud.ovh', 'maxhill.de', 'momi.ca', 'napis.xyz', 'natalie.ee', 'netsec.im', 'openalgeria.org', 'parleur.net', 'qth.fr', 'seeadoc.ca', 'spritneybeers.de', 'stuff2233.club', 'suchat.org', 'tamytro.org', 'thesecure.biz', 'utsuro.ml', 'xmpp.dk', 'xmpp.fossgalaxy.com', 'xmpp.howlettmartin.com', 'xmpp.ps-ef.net', 'xmpp.re', 'xmpp.taiga-san.net', 'xmpp.zered.net'] from https://codeberg.org/infosechandbook/scripts/raw/branch/master/other/xmpp-server-hosters.txt

hopefully none of them in SBG[1234]

creep.im: U ok?

chatme.im has been offline for a couple of years now, that list doesn't look very current.

You can never be too sure with people who use twatter or tracebook for anything other than marketing to their own websites

https://www.searchenginejournal.com/ovh-data-center-fire-darkens-thousands-of-sites-worldwide/398485/

also, if you are the CEO of a cloud company whose DC just literally went up in flames… I don’t fucking blame you for using twitter.

mike: 2019

Thanks for that list Licaon_Kter

Yeah that's about when I last recall seeing it online.

» <jonas’> also, if you are the CEO of a cloud company whose DC just literally went up in flames… I don’t fucking blame you for using twitter. jonas’, when disasters happen on this scale there were several things and factors that were festering for a very long time that allow them to happen

tom, I don’t think that’s necessarily true.

tom: fire and twitter accounts don't mix, c'mon

but before speculating, maybe wait for a post mortem?

I bet the CEO did not put the nuts and bolt of the building :)

https://www.youtube.com/watch?v=mWGHprpu4SI

Yes, hopefully they'll do a postmortem

Mismanagement at best

also, I’d like you to be a bit more thoughtful

the engineers which are now having a real bad day might even be here if they run a private XMPP server

We

We will see

Licaon_Kter: » >The last big downtime crisis at OVH also happened at the Strasbourg campus. A power outage in 2017 brought the entire campus down. Forty minutes later, its campus in Roubaix lost connectivity due to an unrelated software bug in networking equipment.

They have been having "power problems" for a very long time

https://nitter.vxempire.xyz/pic/media%2FEwGyxvUXYAEem2D.jpg%3Fname%3Dorig

https://nitter.vxempire.xyz/pic/media%2FEwHAshMWQAEqETF.jpg%3Fname%3Dorig

https://nitter.vxempire.xyz/pic/media%2FEwG_JU1WEAMPcXi.jpg%3Fname%3Dorig

Licaon_Kter: I'm good, thank you

didn't notice any disruptions

https://jix.im/ is effected

otherwise the xmpp world seems fine?

there's always a silver lining https://twitter.com/craiu/status/1369633870786797568

moparisthebest: the "known" but not taken down part is...odd...c'mon...

I find it interesting in just how much the cloud hosting pricing race to the bottom has not only resulted in massive overprovisioning of VPS hardware, but also servers being hosted in litteral old shipping containers (and buildings that seem hardly more in substance).

are you saying recycling is bad ? :P

does anyone remember that study that showed most xmpp servers are hosted on Hetzner infra? all I can find right now is a similar one on Mastodon servers: https://bitkeks.eu/blog/2020/03/underlying-problem-fediverse-decentralised-platforms.html

I'm not sure that's a problem though, I mean, assuming proper backups etc it should be easy to quickly fail over to anywhere else

to some extend yes. but some of the privacy benefits of xmpp are lost when the data just moves from one server to the other in the same datacenter

in regards to metadata

I'm not sure, the datacenter has more visibility, but state actors likely have less

Kris: so...you say I should make my own datacenter first? Host at home? "Oh terrible" Host at hosting? "Oh noes" Effing move the goalpost further

hostng at home (depending on your ISP) is great

and at least in theory it can be even greater with ip6

but what I am actually saying: some awareness of datacenter centralisation and resulting issues is probably good to have

people complan about AWS and then happily host their stuff on Hetzner because it costs 20ct less per month

I don't know that there's an easy solution though, generally I like a reliable provider other people are happy with, not a brand new one I have to test first

yeah no easy solutions to that one

p2p

just move it into the cloud with homomorphic encryption!

fefe reader exposed

covfefe?

> fefe reader exposed :)

ah maybe not. famous german IT blogger just had a big rant about homomorphic encryption 😉 ✏

FWIW, I don’t host at hetzner because they’re cheap, but because they’re the *only* european hoster I was able to find which: - offers proper IPv6 (= /64 or greater, *routed* to the server) - proper virtualization (no virtuozzo or lxc, real kvm) - isn’t super shady, i.e. offers at least GDPR-compliant contractor things (I only know the german term, "Auftragsverarbeitungsvertrag")

if you know another ISP which offers that, I would *really* like to know, because currently most of my stuff is in the same AZ (hetzner’s) and I like cross-AZ redundancy

it still needs to be affordable though, >15 Eur/month for a mail server is not something I’m going to invest.

netcup.de has the same I think, but also in germany

I moved to hetzner in about 2013 after using many other hosts over many years and so far they've been the best

netcup is on my do-not-use-list

why?

I had very bad interactions with them when moving a domain from them to another registrar

it's always good to see other suggestions though

i like hetzner and ovh, currently using soyoustart

ah, yes they are a bit possessive of their .de domains

i ordered an ax101 from hetzner like a month ago one evening while a bit drunk

still trying to decide what to put on it

isn't soyoustart also ovh ?

Kris: of *their* .de domains? ;)

well, DNS is obviously black magic that nobody understands.

Yeah, DNS... but kind of understandable as labour costs for even 5 minutes of support on 20ct/month domain name reselling basically wipes out any profit for the next 10 years.

yeah soyoustart is an ovh sub-company

I'm looking for somebody from omemo.im

Ge0rG, their website lists contact@omemo.im

vanitasvitae: and their 0157 lists an email address, but they have no MX.

vanitasvitae: I pinged the JID an hour ago

hm

maybe I just shouldn't expect express delivery.

PSA: I changed the JID of the search.jabber.network crawler. It is now crawler@search.jabber.network. So don’t be surprised if you see that in your logs instead of the old christopher.muclumbus@search.jabbercat.org

Ge0rG: omemo.im was just a fork of Conversation, abandoned...

Nwm ✏

Nvm ✏

https://upload.convorb.im/7c370453f738f2c0c995eaee643e5e0aba76aeb0/X42q5oXo0dko4FdL87vHgFDeFlEJy9EVt0MCcIvw/V9xZhOclQfG4xdwZWdZ_qg.jpg

http://travaux.ovh.net/?do=details&id=49484

aaand their issue tracker was slashdotted :)