-
thunder_
Hello! :D
-
thunder_
For some reason it says my security cert is invalid or wrong but it's working and The Freaks Club XMPP works! I think I still have more to do but, progress is made.
-
menel
What server?
-
menel
https://chat.tfc.im/ ? Is not reachable from the browser.
-
thndrbvr
Nah, tfc.im is down for now.
-
thndrbvr
I've got a *.thefreaks.club AlphaSSL / GlobalSign cert. It's good until mid-June. Also, wth did you find tfc.im? Lol
-
menel
Search engine, found a website and from there a link.
-
menel
You posted > The Freaks Club XMPP works!
-
thndrbvr
I have to update all of that. Nearly forgot.
-
thndrbvr
I was using tfc.im for matrix but decided branding and promotion would be better to stick with thefreaks.club for everything. And, to wait until Dendrite is stable to bother with Matrix again.
-
thndrbvr
Hey, does there happen to be any PSI devs in here?
-
thndrbvr
PSI+ *
-
menel
You defently have a cert problem with you setup: https://www.xmpp.net/result.php?domain=thefreaks.club&type=client
-
menel
Dont really know what thst means.. The root ca is not trusted?
-
menel
unable to verify the first certificate
-
thndrbvr
My client told me the CA was unknown which I thought was odd because I've been using it on the website for nearly a year now with no problems in FF, Brave, or Epiphany. Maybe I have the config pointing to one of the wrong files?
-
menel
Xmpp.net says the same but the cert chain is there.. So I don't know. Or is there another intermediate between your cert and AlphaSSL CA - SHA256 missing?
-
thndrbvr
Just switched something. Checking logs
-
thndrbvr
Just want to double check, X509 = key and PKCS7 = certificate, right?
-
thndrbvr
Just went back to the stores site to "get certs" and those are the two text-walls it shows me.
-
thndrbvr
I do believe AlphaSSL is the intermediate CA.
-
menel
No idea. I thought X509 is how you get certs and PKCS7 is the storage format.. But I know nothing of it.. I just use let's encrypt π
-
thndrbvr
Yeah... I got this wildcard for $40 last year. I figure
-
thndrbvr
I figured* at the time it'd be easier to just have that one for a full year rather than play around with LE every 60-89 days or learn how to write a script to auto-renew.
-
thndrbvr
Maybe because I reissued them these ones are no good? I had an issue before which is why I reissued in the first place.
-
thndrbvr
Also, I'd set up DNSsec but I'm afraid I'll irrevocably mess everything up. Once I know what I'm doing or find someone who does then I'll be glad to. Heh.
-
ernst.on.tour
> .... or learn how to write a script to auto-renew. Just a single line in crontab isn't for real a script π
-
ooperator
andrey.utkin: I think xmpp.love is a crawler
-
Amolith
Does anyone know how would I retrieve the contact addresses for XEP-0157? I want to contact some ops about spam before blocking their domains.
-
Wiktor
Amolith: XML console, eg. Gajim
-
Wiktor
Also may be relevant https://github.com/JabberSPAM/blacklist
-
Amolith
Yep, I'm contacting the addresses not listed there before opening an issue
-
Amolith
https://bin.nixnet.services/?430b1b01d204559c#9vkKtzT9sUY4S8kXyBBpWDnGP5hzEGrXv9VcCEXYV2F2
-
Wiktor
Now That I think about it the blacklist repo could contain instructions on how to contact
-
Wiktor
Also the name... So not 2021 now ;)
-
Amolith
I have no idea how to use this console π
-
Licaon_Kter
Amolith: put XML because that's what youwdo :))✎ -
Licaon_Kter
Amolith: put XML because that's what you do :)) ✏
-
Amolith
Well yes but I don't know what to write :P
-
Amolith
Ah I think I got it. There's an example query on the XEP's page
-
Wiktor
Amolith: exactly. If it doesn't work paste what you had. I was about to paste the example because that's what I do faced with this kind of problem. :)
-
Wiktor
Also, nice seeing you there, we chatted previously about openpgp social proofs (now replaced by keyoxide.org) π✎ -
Wiktor
Also, nice seeing you here, we chatted previously about openpgp social proofs (now replaced by keyoxide.org) π ✏
-
Martin
> Does anyone know how would I retrieve the contact addresses for XEP-0157? I want to contact some ops about spam before blocking their domains. There's a bot in SchrΓΆdingers.
-
moparisthebest
thndrbvr: acme.sh for renewing LE certs
-
Amolith
Wiktor: ah I thought I recognised your display name but didn't want to assume you were the same person ;) It's nice to see you as well :)
-
Amolith
I added info about abuse reports to my wiki here: https://docs.nixnet.services/XMPP/Hosting
-
Wiktor
great, thanks for the reference π
-
andrey.utkin
i seem to recall there was some XMPP uptime monitor not so long ago. Is it a thing?
-
Martin
There was one at Conversations.im, don't know whether it's still alive.
-
rob
If you mean the compliance thing it's still up
-
andrey.utkin
thanks to you both. No, I didn't mean the compliance tester.
-
andrey.utkin
does anyon know of any IM service, interoperable or siloed, free or paid, which declares any guarantees about *durability (persistence)* of your conversations archive?
-
thndrbvr
https://the-federation.info/ perhaps?
-
thndrbvr
About uptime and stuff I mean.
-
moparisthebest
andrey.utkin, have you heard of XMPP
-
andrey.utkin
thndrbvr, i don't see where. also that website itself doesn't store any user data, right?
-
andrey.utkin
moparisthebest, sorry, i don't understand. What are you trying to say?
-
thndrbvr
No user data, just data about servers.
-
Sam
andrey.utkin: I think conversations.im gives you unlimited history
-
andrey.utkin
i am interested in guarantees against corruption or loss of the history. Because shit happens over time.
-
andrey.utkin
my explanation to me not seeing it is currently this: in freedom-centric services there's no substantial paid services so making schemes around reimbursement don't make sense; in the walled gardens the users are the product and not the customer, so again any guarantees to them don't make sense.
-
thndrbvr
If you're super concerned about archiving chats, I'd look into something like SyncThing or NextCloud or MEGA to backup your data.
-
thndrbvr
What are you looking to do exactly? Host your own chat server for yourself and your peers? Or just join someone else's network?
-
andrey.utkin
i'm interested in LARPing an "sysop making economically sensible spending on data durability"
-
andrey.utkin
it's LARP because it's for engineering practice and not for real revenue; still i am looking into making up sort of SLA
-
thndrbvr
Live Action Role Playing?
-
andrey.utkin
and what i'm seeing there's not much of a precedent for user data durability guaranteeing
-
andrey.utkin
yes. i am using it loosely, as in "encrypted email is LARP security"
-
thndrbvr
I think the thing about libre software is that it's smaller entities with limited amounts of resources that either don't want the responsibility, don't see the need, or don't want to make promises that can't easily be kept. Users generally either want only a fairly recent amount of conversation + file history, want it to be ephemeral, or will log their own.
-
moparisthebest
andrey.utkin: I'm saying you can make your XMPP server as durable as you wish and have money for
-
moparisthebest
Persist it to stone tablets if you want
-
rob
Mine is on a btrfs raid host with backups which is pretty overkill already
-
menel
i would use own server in RAID1. text storage based. and daily backups to a cloud - storage provider if i would need that kind of security. Or 10 min btrfs snapshot backups if tinfoiling is max. π
-
rob
Ya, server is in my possession
-
rob
Keep your data in sight
-
menel
what I actually do is RAID 1 and weekly backups of stuff.(also containing the xmpp stuff) to a raspberry PI with HDD in annother house
-
rob
Nice, mines all one big server right now, everything docker behind traefik. Raid 1 btrfs
-
rob
But I do have an rpi sitting around. What server do you run on it?
-
menel
debian stable
-
rob
I mean xmpp server
-
menel
prosody
-
rob
Nice, I was thinking of testing Snicket on this one
-
rob
Haven't checked for arm support yet
-
menel
of course it has π its made for it. ...Snicket = small family server.. everything else is overkill
-
rob
Very cool, I've only just noticed it
-
rob
I like that prosody does multiple vhosts though
-
rob
I think snikket does not yet
-
menel
ARM is the 3rd most popular arch https://popcon.debian.org/
-
menel
> I think snikket does not yet
-
menel
it will not later
-
moparisthebest
I send btrfs snapshots to a server I wol at another house nightly
-
menel
more btrfs users than i thought
-
moparisthebest
Raid is needed so service continues when hard drives inevitably die, but it's not a replacement for backups
-
menel
*So say we all*
-
menel
ok, enough spam here (sorry @all) .. ---> conversations-offtopic-reloaded@conference.trashserver.net more spam there...