👮 major
irc2p
#i2p-dev #i2pd-dev #ls2 #saltr
ilita
#4rum #acetonevideo #dev #retroshare #torrent #video2p
IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#i2p-dev
/2023/12/06
@eyedeekay
&eche|on
&kytv
&zzz
+R4SAS
+RN
+T3s|4
+acetone
+dr|z3d
+orignal
+polistern
+postman
+weko
An0nm0n
Arch
FreefallHeavens
Gid
Hikari
Irc2PGuest2974
Irc2PGuest4253
Irc2PGuest51959
Irc2PGuest5219
Leopold
Minogami
Onn4l7h
Sleepy
Soni
Teeed
aargh1
admin
anon
apt0110
b3t4f4c3__
cheddah
eyedeekay_bnc
itsjustme
j6
limak
not_bob_afk
pihole2
poriori
profetikla
qend-irc2p
rapidash
tbqdrn
theglitch
u5657
user101
w8rabbit
wodencafe
x74a6
yourtrueself
zer0bitz
eyedeekay I have seriously never hated any piece of software as much as I hate gitlab right now
eyedeekay I'm going to start calling the knot in my back gitlab
dr|z3d eyedeekay: blow it off, sounds like now's a great time to replace it with gitea.
eyedeekay 2 weeks before release? Pretty sure I'm not that crazy
eyedeekay It should not be this hard to get nginx to act as a client to i2pgit.org, then serve it back to the HTTP tunnel on 80
dr|z3d well, here's an idea. run gitea in parallel for now, see how you get on with it, and then when you're comfortable, switch.
eyedeekay Might give that a shot yeah
eyedeekay Just seems very ill-advised to suddenly migrate without a plan
dr|z3d are you giving nginx the correct SSL cert?
dr|z3d because nginx can't proxy_pass to https without a cert.
eyedeekay Even if the cert is in the global store?
eyedeekay Yeah that's probably it
dr|z3d you could alternatively proxy_pass to a private port, that's probably easier.
eyedeekay That's the really hilarious part
eyedeekay It isn't
eyedeekay It isn't even close
eyedeekay gitlab.com/gitlab-org/omnibus-gitlab/-/issues/1891
eyedeekay No dice on the cert configuration
dr|z3d ah, right, gotcha, http -> https or vice versa no workee on gitlab.
eyedeekay It can't even listen on both
eyedeekay Apparently it's some rails bullshit
dr|z3d see if this helps: cake.i2p/view/rsZeVhnXcT_Xd1vqegSCWLSpsnM3QwoFLfTncdWoa_i1eLrydsxK/rsZeVhnXcT.txt
dr|z3d gitlab itself shouldn't be listening on multiple ports, that's nginx's job.
eyedeekay Technically you're right but it's a little more complicated than that, there's gitlab the API and there's gitlab the webUI and then there all the little working components of it, what it actually does is starts an API server then serves a bunch of files with nginx(the webUI) then uses nginx to proxy them both, so by definition the thing you see is actually an nginx server sitting between you and the API
eyedeekay server serving you files
eyedeekay That's an oversimplification actually gitlab's this complicated behemoth
dr|z3d yeah, it's a monster, this much I know.
eyedeekay But part of the standard gitlab install is this nginx server which it configures for you
eyedeekay So on i2pgit.org there's the nginx in the VM where gitlab runs then there's the nginx on the host, the nginx on the host I configure by hand and it has no problems listening on multiple ports
eyedeekay But for the nginx in the VM when I try to make it listen on a second port it gets all confused
eyedeekay But that nginx and the nginx on the host both need to be using TLS or gitlab will think it's being served over HTTP and try to get a bunch of stuff over HTTP which will cause it to break ^^
dr|z3d it seems obvious to me that you're spending way too much time wrestling with it.
eyedeekay You have a point
dr|z3d if you like gitlab enough, use their servers.
eyedeekay I just need it to survive 13 days
eyedeekay And a plan
eyedeekay I don't
dr|z3d I think you can use a custom hostname with their servers.
eyedeekay I hate gitlab, I've hated it since before we deployed it
eyedeekay It is among my chief regrets that I didn't fight harder for gitea when the time was right
eyedeekay As far as I2P decisions
dr|z3d in your boat, I'd mirror the current repos to gitlab.com (while keeping your servers running)..
dr|z3d then when everything looks intact, I'd see about using your current domains with their servers. as an interim measure.
dr|z3d then I'd setup gitea on your vps, and mirror all the repos to it (initially).
dr|z3d then, when the dust has settled, you can tell gitea not to mirror anymore, you want it to be a "normal" repo. and then you've got gitlab.com and github as backup plans where you can also leverage their CI.
eyedeekay It's simple enough to add gitlab remotes to the mirror script
dr|z3d but if you want painless, just run a gitea instance and mirror the repos you want, then you can get a sense of how it functions without disturbing anything.
eyedeekay and I understand **exactly** how to make gitea honor proxy settings of any level of elaboration, gitlab I don't even bother trying to hide the physical location of the server but with gitea, I could actually achieve that
eyedeekay Not that we need to or should, but we could
eyedeekay it's really easy to get gitlab to contact other git servers and really hard to tell when it's following your proxy settings
dr|z3d gitlab works for me because I let them run it :)
dr|z3d I suspect I'd hate it as much as you if I was hosting it.
eyedeekay I dunno
eyedeekay jgit's easy, gitea's easy
eyedeekay presumably gogs is still easy
dr|z3d well, if maintenance gets in the way of doing stuff, then there's a problem, houston!
eyedeekay It's because I'm running it **and** because it's way too complicated
eyedeekay Like you can just throw the jgit war into the eepsite config and it works
eyedeekay is it jgit I'm thinking of
eyedeekay no it's gitbucket
eyedeekay gitbucket is based on jgit
eyedeekay Hey it's only 2:15 and I've finally got it down to just a stupid redirect loop
dr|z3d haha
dr|z3d well done
zzz eyedeekay, what I would give up on is http+https, which I thought you did give up several days ago
zzz and made the change two days ago
zzz but took another run at yesterday which seems to have been fruitless?
eyedeekay What I was trying to do yesterday was just to get comments to post, or at least get it to where I could see why they weren't
eyedeekay Which was indeed fruitless
eyedeekay I did get http->https redirects on the I2P side working
zzz hmph. baby steps
zzz oooh finally tracked down a good susimail bug
zzz I'm going to clean it up and get it in, eyedeekay ok if I bump afterward?
eyedeekay Yeah go right ahead
zzz susimail is going to be cherry
zzz I'm almost done with 2.5.0
RN If you want to test the dev version but don't want to build it youreself you can grab an updater file at I2Peek-a-Boo.i2p/i2pupdates.html 2.3.0-18-rc
dr|z3d cherry..
dr|z3d is that cherry with mail filters and multiple user-defined folders flavor of cherry, zzz? :)
dr|z3d also, I asked postman if there was an issue with mail retention on the server re the online reader (view online, no download).. apparently no issue at all.
dr|z3d eyedeekay's also interested in getting pgp integration working. would be good to see that happening, perhaps in conjunction with contacts feature, so you can attach a pgp key to a contact and susimail handles the pgp encryption / decryption transparently.
dr|z3d local disk encryption of the mail store also cherry flavored :)
RN Brand New Cherry flavor
RN (ugh that was a creepy movie)
dr|z3d Cherry wasn't bad.
dr|z3d Post-Iraq soldier adjusts to civilian life.
RN don't think that's the same movie
RN brand new cherry flavor has a character eat their eyeball
RN not really ontopic. LOL
eyedeekay Here's a question put after entirely too little consideration IMO...
eyedeekay What if there was an "EncryptedWorkingDir extends WorkingDir"
eyedeekay ?
eyedeekay i.e. use a password to unlock the config dir and actually start I2P with the config, treating it as a sort of "profile"
eyedeekay I've done zero research on it but maybe that's both better and potentially more straightforward than encrypting the susimail data only
zzz here's my proposed cherries for 2.5, mostly done: stats.i2p/docs/roadmap-2.5-zzz.html
dr|z3d eyedeekay: sure, works for me. a bit like firefox's optional password storage password.
dr|z3d looks good, zzz. plenty of time in the next release cycle for additional cherries, then :)
zzz not really as by the time all that gets in we will probably be close to big changes deadline, aka "merge window"
dr|z3d you can add another possible cherry there, maybe, your keepalive stuff?
zzz on there
dr|z3d I must be blind, then. Can't see it.
dr|z3d ah, there it is. my bad.
dr|z3d another thing that was mooted a while back.. blind dests for snark.. any more thoughts on that?
zzz requires a proposal/spec/postman involvement
zzz and bigly
dr|z3d roger that.
dr|z3d since you've been so busy, here's a gift..
dr|z3d body {text-align:center;font-family:sans-serif;background:#449;font-size:90%}
dr|z3d h1,h2,h3{color:#fff}
dr|z3d h3{margin:30px auto 0;width:50%;min-width:600px;background:#225;box-shadow:0 0 0 5px #225;padding-bottom:8px}
dr|z3d table,th,td {border:1px solid #ddf;border-collapse:collapse}
dr|z3d table{margin:auto;width:50%;min-width:600px;box-shadow:0 0 0 1px #ddd,0 0 0 5px #225}
dr|z3d th, td {padding: 4px 8px;text-align:left}
zzz re: encryption, seems like a howto writeup for fscrypt would be the thing
dr|z3d th{font-size:80%}
dr|z3d th:nth-child(n+2),td:nth-child(n+2) {text-align:center}
dr|z3d tr:nth-child(even){background:#eef}
dr|z3d tr:nth-child(odd){background:#fff}
zzz and where would I use that gift?
dr|z3d add it as a <style> block on that proposals page you just posted.
dr|z3d and anywhere else you need to throw up tabulated data.
zzz just notes but ok
dr|z3d also, don't be lazy. that html *chuckle*
dr|z3d you're making RN look good, and that's saying something :)
zzz next time I'll do text to not awaken the pnut gallery
dr|z3d :)
dr|z3d you can nuke this line, not optimal on that table: th:nth-child(n+2), td:nth-child(n+2) { ... }
dr|z3d left alignment on all cells probably what you want.
dr|z3d and if you convert the <p> above the table to an <h3> it'll sit nicely.
RN :P