Conversation
Notices
-
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:31:30 JST 
Pleroma-tan
i fucking hate using a vps for pleroma
fuck my life- ✙ dcc :pedomustdie: :phear_slackware: likes this.
-
Embed this notice
menherahair (menherahair@eientei.org)'s status on Thursday, 11-Jan-2024 07:33:57 JST 
menherahair
@kirby $20 chinkcentre when Pleroma-tan likes this. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:35:32 JST
Pleroma-tan
@menherahair when i don't have to use my home router with the most secure at&t web portal ever to host lab -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:38:11 JST
Pleroma-tan
@menherahair that was my initial plan just with the box somewhere else but my wireguard server is being a hag and not letting my vps on the network for more than 10 minutes, then it breaks until I ping vps wg ip -
Embed this notice
menherahair (menherahair@eientei.org)'s status on Thursday, 11-Jan-2024 07:38:13 JST
menherahair
@kirby front everything on vps, host at home, link with wg? -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:40:28 JST
Pleroma-tan
@iska I just told someone that was the initial plan. The vps doesn't want to cooperate with my wireguard server. It keeps breaking every 10 min and I have to ping wg ip for vps for it to work again just for it to break again. -
Embed this notice
Iska (iska@catposter.club)'s status on Thursday, 11-Jan-2024 07:40:30 JST 
Iska
@kirby@lab.nyanide.com just run it at home and use VPS for wireguard :cirno_shrug:
-
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:41:41 JST
Pleroma-tan
@menherahair I looked it up on the internet I'm actually kind of convinced it might be an issue with vultr and their nat, something about udp state resetting all the time.
I kind of want to think it's just a wireguard server issue, but I'm not so sure when I read about it. -
Embed this notice
menherahair (menherahair@eientei.org)'s status on Thursday, 11-Jan-2024 07:41:43 JST
menherahair
@kirby it's probably what everyone defaults to.
>not letting my vps on the network for more than 10 minutes, then it breaks until I ping vps wg ip
there's some keepalive wg setting, have you tried it? -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:41:59 JST
Pleroma-tan
@menherahair apparently keepalive will not help -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:45:02 JST
Pleroma-tan
@menherahair cc @iska ahem -
Embed this notice
menherahair (menherahair@eientei.org)'s status on Thursday, 11-Jan-2024 07:45:04 JST
menherahair
@kirby huh. different vps provider, or different vpn software then? -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:45:08 JST
Pleroma-tan
@menherahair also to answer you I don't know any good ones that can match the price of vultr, other than buyvm. I don't know if I want to take the time to move to them though. This is also the only wireguard provider I have -
Embed this notice
Soy_Magnus (soy_magnus@detroitriotcity.com)'s status on Thursday, 11-Jan-2024 07:45:21 JST 
Soy_Magnus
@kirby just use tor Pleroma-tan likes this. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:47:11 JST
Pleroma-tan
@Soy_Magnus real -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:47:39 JST
Pleroma-tan
@menherahair well, for a proxy it might not be difficult, someone will have to guide me through how to use buyvm though. Because I have been a vultr customer for about 2 years, it's been the only thing I've ever used. Thanks luke smith. -
Embed this notice
✙ dcc :pedomustdie: :phear_slackware: (dcc@annihilation.social)'s status on Thursday, 11-Jan-2024 07:48:00 JST 
✙ dcc :pedomustdie: :phear_slackware:
@kirby @menherahair You could just use openvpn Pleroma-tan likes this. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:49:06 JST
Pleroma-tan
@dcc @menherahair I don't know how to use it -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:49:49 JST
Pleroma-tan
@dcc @menherahair also the person providing me with the VPN doesn't like openvpn lol, it is considered legacy in their network. Replaced with wireguard some time ago -
Embed this notice
✙ dcc :pedomustdie: :phear_slackware: (dcc@annihilation.social)'s status on Thursday, 11-Jan-2024 07:51:51 JST
✙ dcc :pedomustdie: :phear_slackware:
@kirby @menherahair https://www.cyberciti.biz/faq/install-configure-openvpn-client-on-openbsd-desktop/
>legacy
Most people still use it and its fine. Also yk i could just do the vpn part for you, so you could host at home.Pleroma-tan likes this. -
Embed this notice
menherahair (menherahair@eientei.org)'s status on Thursday, 11-Jan-2024 07:53:52 JST
menherahair
@kirby I wonder if mikr.us could handle proxying pleromer Pleroma-tan likes this. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 07:54:47 JST
Pleroma-tan
@dcc @menherahair if you could show me how to set up a client I would gladly host from house then.
Dms?✙ dcc :pedomustdie: :phear_slackware: likes this. -
Embed this notice
✙ dcc :pedomustdie: :phear_slackware: (dcc@annihilation.social)'s status on Thursday, 11-Jan-2024 07:54:58 JST
✙ dcc :pedomustdie: :phear_slackware:
@kirby @menherahair The client part is me just giving you a config and you start openvpn with it. I need to put in my new routor (tomorrow) before i can give you one. -
Embed this notice
menherahair (menherahair@eientei.org)'s status on Thursday, 11-Jan-2024 08:00:38 JST
menherahair
@dcc @kirby
>Also yk i could just do the vpn part for you, so you could host at home.
the anni shitnexus growing each day✙ dcc :pedomustdie: :phear_slackware: likes this. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 08:02:37 JST
Pleroma-tan
@menherahair @dcc can't wait to become part of his botnet. -
Embed this notice
✙ dcc :pedomustdie: :phear_slackware: (dcc@annihilation.social)'s status on Thursday, 11-Jan-2024 08:24:09 JST
✙ dcc :pedomustdie: :phear_slackware:
@dj @menherahair @kirby >cloudflare tunnel
:alex_lol: -
Embed this notice
DJ :debian: :coolcat: :colombia: (dj@parcero.bond)'s status on Thursday, 11-Jan-2024 08:24:10 JST 
DJ :debian: :coolcat: :colombia:
@dcc @menherahair @kirby
Nobody mentioned cloudflare tunnel yet. -
Embed this notice
re_l@ryona.agency's status on Thursday, 11-Jan-2024 08:26:47 JST 
Re_L
@kirby @dcc @menherahair
Use some tunneling like shadowsocks and port forward to the reverse proxy server?
Use yggdrasil without connecting it to the main network or allowing any other hosts? (it does use the tun wg interface underneath though so it might not work)
Both are very simple to setup, should take no more than half an hour for each one.Pleroma-tan likes this. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 08:27:53 JST
Pleroma-tan
@lamp @menherahair there is no firewall set up on the reverse proxy -
Embed this notice
lamp (lamp@kitty.haus)'s status on Thursday, 11-Jan-2024 08:27:55 JST 
lamp
@kirby @menherahair it's called a firewall and the solution is to configure it to allow the packets, statelessly. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 08:28:32 JST
Pleroma-tan
@lamp i cannot upgrade the storage in 2 seconds -
Embed this notice
lamp (lamp@kitty.haus)'s status on Thursday, 11-Jan-2024 08:28:33 JST
lamp
@kirby why -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 08:29:17 JST
Pleroma-tan
@Re_L @dcc @menherahair i already have a solution sorted out but I'll keep these in mind for later -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 09:12:17 JST
Pleroma-tan
@lamp @menherahair no the vultr vps does not come with one -
Embed this notice
lamp (lamp@kitty.haus)'s status on Thursday, 11-Jan-2024 09:12:18 JST
lamp
@kirby @menherahair did you open the firewall at your house? -
Embed this notice
lamp (lamp@kitty.haus)'s status on Thursday, 11-Jan-2024 09:14:00 JST
lamp
@kirby why do you need to upgrade the storage in 2 seconds? you can upgrade it in 20 seconds. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 09:14:00 JST
Pleroma-tan
@lamp me breaking into the vultr servers to upgrade my cloud vps' storage -
Embed this notice
lamp (lamp@kitty.haus)'s status on Thursday, 11-Jan-2024 09:14:25 JST
lamp
@kirby @menherahair i said your house dumbass. if you're not using wireguard keepalive you have to open the port at both ends so either side can receive at any time. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 09:14:25 JST
Pleroma-tan
@lamp @menherahair nat issue -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 09:15:15 JST
Pleroma-tan
@lamp @menherahair also the vps is handing reverse proxy stuff on the network. There is no reason for it to drop connection consistently because there is no freaking firewall -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 09:18:44 JST
Pleroma-tan
@lamp @menherahair im not hosting from home -
Embed this notice
lamp (lamp@kitty.haus)'s status on Thursday, 11-Jan-2024 09:18:46 JST
lamp
@kirby @menherahair yes, PORT FORWARD AT YOUR HOUSE DUMMY -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 09:26:38 JST
Pleroma-tan
@lamp @menherahair reverse proxying traffic to another device on the network
Did I mention it's not even mine -
Embed this notice
lamp (lamp@kitty.haus)'s status on Thursday, 11-Jan-2024 09:26:39 JST
lamp
@kirby @menherahair then what are you using wireguard for???? -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:20:13 JST 
Neko McCatface v2023 :verified::makemeneko:
@dj @dcc @menherahair @kirby that's just a cheap VPS tunnel except with extra fluoride ✙ dcc :pedomustdie: :phear_slackware: likes this. -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:23:51 JST
Pleroma-tan
@roboneko @menherahair udp port changing constantly -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:23:53 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair if ping works then why does keepalive fail? -
Embed this notice
✙ dcc :pedomustdie: :phear_slackware: (dcc@annihilation.social)'s status on Thursday, 11-Jan-2024 16:25:29 JST
✙ dcc :pedomustdie: :phear_slackware:
@kirby @roboneko @menherahair Im still not sure what you mean by this lol -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:27:49 JST
Pleroma-tan
@roboneko @menherahair I'll try keepalive later just to prove a point.
Half of the shit posted in thread was made when I was super freaking tired -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:27:50 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair honestly the stuff you've posted in this thread doesn't really make sense to me. wireguard does not break in this manner in my experience. if you set keepalive to 20 seconds or so you can reliably traverse CGNAT for ~unlimited time spans -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:29:27 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair
> just to prove a point
what is actually breaking? what does "udp port changing" even mean? is the remote peer modifying its wireguard config to listen on a different port? -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:29:27 JST
Pleroma-tan
@roboneko @menherahair something about client side having bad nat and udp state constantly changing -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:30:00 JST
Pleroma-tan
@roboneko @menherahair makes the most sense logically, because pinging peer on the wg network makes it magically work again -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:35:42 JST
Pleroma-tan
@roboneko @menherahair seems to be the case
Maybe it is a server side misconfiguration, either way I don't own the wg server and I can't be bothered to beg the person who does to change configuration settings in an effort to fix the problem -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:35:43 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair so client -> server UDP traffic is failing to keep the client side NAT open? but somehow ICMP outside of the wireguard connection opens it back up? or do I misunderstand? because that is not a NAT configuration I have ever heard of before ... -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:37:32 JST
Pleroma-tan
@roboneko @menherahair i left it to ping for several minutes while transferring pleroma database somewhere else and the connection still dropped -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:37:33 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair anyway if that's true then a simple `ping blah; sleep 20` would fix it -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:39:58 JST
Pleroma-tan
@roboneko @menherahair yes its not clear
No it's not my fault
I leave the vps on the network for several minutes, and then it is unable to communicate with other devices on the network after several minutes unless something communicates with it first
Do you understand how much I understand the situation as well.... -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:39:59 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair well then this isn't adding up so I don't think it's at all clear what is actually happening here that breaks the connection -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:40:20 JST
Pleroma-tan
@pomstan @roboneko @menherahair wireguard is a udp application -
Embed this notice
pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Thursday, 11-Jan-2024 16:40:21 JST 
pomstan
@kirby @roboneko @menherahair well i guess it's time for you to grab tcpdump and debug this shit
-
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:41:28 JST
Pleroma-tan
@pomstan @menherahair @roboneko unless tcpdump has an option to display all udp packets instead then I could see whether or not the udp port for the client on wg is changing or not -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 16:44:12 JST
Pleroma-tan
@roboneko @menherahair that was what I'm thinking, but it's really difficult to tell who tf is at fault here -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 16:44:14 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair
> server
> beg the person who does
but you said it was the client (your end) with the bad nat config I thought? :hyperconfused: -
Embed this notice
Pleroma-tan (kirby@lab.nyanide.com)'s status on Thursday, 11-Jan-2024 18:08:10 JST
Pleroma-tan
@roboneko @menherahair yes on the wireguard net -
Embed this notice
Neko McCatface v2023 :verified::makemeneko: (roboneko@bae.st)'s status on Thursday, 11-Jan-2024 18:08:11 JST
Neko McCatface v2023 :verified::makemeneko:
@kirby @menherahair
> No it's not my fault
you can't be certain of that if you can't explain what's actually happening under the hood to cause this :puniko_shrug:
> other devices
what other devices? I've had stuff like this happen with shitty WiFi connections where the wireless device puts the hardware to sleep and can't be reached until it instigates outgoing traffic
> on the network
you mean the wireguard network?
> unless something communicates with it first
that sounds like a firewall on the remote network to me HOWEVER given that you can establish an outgoing connection from you -> them in the first place it doesn't seem to add up
basically for an incoming (not outgoing) connection to be allowed to be established initially but then to get killed *while still active* would basically constitute an active measure AGAINST keepalive mechanisms on the part of the remote firewall
All GNU social JP content and data are available under the