@eyedeekay
&Irc2PGuest88200
&zzz
+R4SAS
+RN
+StormyCloud
+T3s|4
+dr|z3d
+eche|off
+hagen
+hk
+orignal
+postman
+segfault
+snex
+weko
+wodencafe
Arch
BubbRubb
Danny
DeltaOreo
FreeB
FreefallHeavens
Irc2PGuest59134
Irc2PGuest59461
Irc2PGuest77557
Irc2PGuest85010
Leopold
Onn4l7h
Onn4|7h
Sisyphus
Sleepy
T3s|4_
acetone_
ardu
b3t4f4c3__
bak83
boonst
cumlord
dr4wd3_
duck
eyedeekay_bnc
meowking
not_bob_afk
phil
phobos
pisslord
plap
poriori
profetikla
qend-irc2p
rapidash
shiver_
solidx66
u5657
uop23ip
w8rabbit
x74a6
eyedeekay
Holy cow, scrapers did not waste any time. And in-network too.
orignal
AI shit?
orignal
I was tired to ban them
eyedeekay
Yeah looks like it, they were eating gitlab alive too, and are also pounding on the mirrors
eyedeekay
But they're fucking up the whole internet so why should gitea be special I guess
eyedeekay
Fortunately for me I've got way more options with gitea than gitlab to mess with them
eyedeekay
Going to try a honeypot thing soon, they're looking at stuff that isn't real and they're doing it pretty early, so if somebody tries to look for like, acme stuff in .well-known then I can pretty much conclude they're a bot and ban them in real-ish time
StormyCloud
Dooooo it nuke them all
orignal
no, recognize them and redicrect to pages with shit
orignal
let this crap learn on crap
eyedeekay
Whatever gets them out of my hair
eyedeekay
Where I'm doing the I2P side by plugging in SAMv3 Listeners I can pretty much put any Listener middleware in between the service and the net, including ones I write, so I have a lot of strategic agility here
orignal
this shit must be elimited at all cost
orignal
if AI so smart as these fucking idiots declare, why it has to abuse the sites made by people for people
orignal
not enough material in fucking facebook dataabse?
orignal
assholes
orignal
thieves
snex
create a black hole and redirect them to that so they stay stuck connected to you forever
orignal
that's what I suggest
orignal
or let them learn on complete useless garbage
orignal
Zuckerberg and Altman must eat thier own shit
eyedeekay
As long as I don't waste I2P network resources on it I'm going to be as harsh as possible with them. If I can just trickle them a stream of garbage that's a worthwhile plan.
eyedeekay
But job one right now is giving the service a way to reliably spot them.
snex
respond with a "file" that is just /dev/urandom at 1B/s
eyedeekay
Described above is plan A^
snex
a while back i saw an article on how to run an ssh server that prevents the client from ever disconnecting but i cant seem to find it
eyedeekay
I remember that
RN
ohhhh, niiiiiice
eyedeekay
Maybe I'll give it the ability trickle out a some... "random" .gif from somewhere, one 1B/s
eyedeekay
user-supplied of course
dr|z3d
from someone we know, eyedeekay: ramble.i2p/f/Tech/5684/open-source-devs-say-ai-crawlers-dominate-traffic-forcing
eyedeekay
Yeah I read that. Also experienced it, they're doing basically the same thing to all the stuff we host AFAICT
eyedeekay
I had occasion to look at the logs of one of the mirrors yesterday, it's wild
dr|z3d
any obvious user agents?
eyedeekay
No not really, but it's obvious by what they're downloading, you'll see one IP from AWS download like, I2P 1.8.1 and an old version of imule and the source code for an old version of android
eyedeekay
stuff that nobody seeks out organically
orignal
fail2ban solves the problem
eyedeekay
More-or-less yeah, but they rotate identities pretty quickly too
eyedeekay
Oh I see planet.i2p looking for RSS feeds, I'll get new addresses for those
dr|z3d
nginx request throttling is probably worth deploying.
dr|z3d
shouldn't impact normal users, but bots can get throttled to a single request per minute, or longer, once they hit a certain threshold.
snex
have you all looked at anubis?
snex
proof-of-work captcha thingy
dr|z3d
that's what I linked earlier, no?
snex
maybe?
dr|z3d
> from someone we know, eyedeekay: ramble.i2p/f/Tech/5684/open-source-devs-say-ai-crawlers-dominate-traffic-forcing
snex
ive seen it in several places
snex
now if only you could make anubis challenges count as monero blocks...
snex
at the very least they need to let you easily theme it yourself. that tan page is ugly af
zzz
eyedeekay, any luck on git push?
zzz
and letsencrypt/DNS?
dr|z3d
I'm sure eyedeekay is already aware of python3-certbot-nginx, but if he isn't, that handles things better than whatever docker or other solution some sites recommend.
zzz
seems like he could just copy the current key/cert over and worry about LE later?
dr|z3d
easier just to update the cert from that python handler, no need to think what goes where, then.
zzz
why mess with a new cert right now?
dr|z3d
it'll just update the existing cert.
dr|z3d
the existing cert that they have the record for.
dr|z3d
also, ip..
zzz
yeah but he said he borked it and then hit some LE rate limit, so if LE is stuck then use the old one
dr|z3d
new ip address, probably requires a new/updated cert.
zzz
no
dr|z3d
ok, it's hostname based then I guess.
zzz
certs are not bound to IP
dr|z3d
ok
zzz
eyedeekay, the current cert expires July 3rd, copy the privkey and cert over and worry about LE later
eyedeekay
git push should work now, I did a git push successfully before I went to bed last night. Cert I will do today
zzz
eyedeekay, still no luck pushing, tried both zzz and I2P_Developers
eyedeekay
What message is it giving you?
eyedeekay
NM I think I see the problem, back in a sec
eyedeekay
Try again, should be good now
zzz
ok here we go...
zzz
worked, both to zzz and developers, thanks
eyedeekay
Awesome. Sure is nice to have comprehensible logs now :)
zzz
maybe a little slower than it was on gitlab? not sure
zzz
please confirm your gitea-to-github exporter is working, so I can update the website?
zzz
(I think the website pulls from github, right?)
eyedeekay
Pretty sure it does right now, 5 minutes I'll check
eyedeekay
Yes it's pulling from github, no sync is not working. Go ahead and push to the website, I'll run the old sync-every-5-minutes script for today and will fix CI-based syncing today after I fix the certificate
zzz
ok
zzz
after that, next up please fix eche's broken reseed, down 9 days and counting
eyedeekay
Jeez again? I just fixed that...
eyedeekay
Yeah I got it
zzz
did you test? you didn't ask me to test or tell me you fixed it...
eyedeekay
I did, but you're right it's down again, not sure why
zzz
I test periodically but things go a lot more efficient if you tell me
eyedeekay
Didn't I email you telling I switched it to the .deb?
eyedeekay
Sorry I guess I emailed saying I was going to...
eyedeekay
My bad
eyedeekay
Looks light maybe reseed-tools and Apache are fighting over a port
eyedeekay
*like
zzz
correct, you said you were going to
eyedeekay
Well I switched it to the deb but it's failing to start because of a port conflict, so I'll look into that and try to resolve it today
zzz
ok, thanks
eyedeekay
no problem
zzz
eyedeekay, hit another problem, but fixed FYI
zzz
push to www failed with: error: Push to create is not enabled for organizations.
zzz
I discover you renamed the i2p.www repo to I2P_Website. Changed in .git/config and the push worked
zzz
but heads up as you may need to adjust your exporter-to-github stuff
zzz
4 revs pushed, please verify they make it to github on your next sync run
zzz
there may be other jank caused by gitea having different repo names than everywhere else; you may wish to reconsider that choice
eyedeekay
Yup looks like I mixed up Gitlab and Gitea's internal interpretation of the "Name"
eyedeekay
I hit that issue with the sync script as well, figuring out what I should recommend to people
eyedeekay
I am going to re-name them all to bring it back to normal
zzz
ok I'll switch back to i2p.www in .git/config
eyedeekay
Don't push anything for about 20 minutes
zzz
nothing planned for now
zzz
getting creative with git usually ends poorly...
eyedeekay
All the most important repos were renamed a while ago, all the other repos have been renamed now, I'm not going to reach in and rename everybody's forks unless you ask me to but the fork relationship status will remain unchanged
eyedeekay
For anybody who forked i2p.www and it became I2P_Website after the migration, changing it back involves going to the repository page, opening the repo settings page using the link near the top-right, and change the name using the provided interface
zzz
eyedeekay, I see at least four still to be renamed on git.idk.i2p/I2P_Developers
zzz
keyring, snark rpc, i2p_browser, maybe i2pbutton?
zzz
no, i2pbutton is the same
zzz
so I think 3
eyedeekay
Ah thanks I'll get those too
eyedeekay
Oh looks like I missed orchod too
zzz
I didn't look at 2nd page ))
zzz
I2PSnark-RPC is a dup of i2p.plugihs.i2psnark-rpc looks like
zzz
looks like you have serveral to fix in your account, including Go_I2p which I have forked
eyedeekay
Hm. Maybe I should just make a script to do them all, I was afraid I'd mess it up but I don't think I will, and if I do, they're just renames, not like I'm deleting history...
zzz
eyedeekay, now that you have most of the repo names fixed would you please try again to sync i2p.i2p and i2p.www over to github? thanks
eyedeekay
Yup, running the script now
eyedeekay
I deleted my old sync directory so I have to re-unshallow everything