Notices by SolSoCoG (solsocog@ieji.de)

Currently traveling to my gf in Bayreuth, the ride back was changed, causing a 1h later arrival. Meaning my budget ticket is no longer bound to the train, so instead of 9h ride with 6 transfers im departing a day later with a 7h ride and 2 transfers, lucky me!

@nanianmichaels Compared to pangolin, it is very rudimentary, there is no zero trust element, its limited to a plain wss > https webservice tunnel to your desired service.

@noonamer no

Looking for a #privacy aware #cloudflare replacement, an easy way to create a #tunnel to your #homelab webservices or DynDNS? Ask me for an invite to https://prot.li ! Currently in closed testing phase.

@bernd Tunnel funktionieren jetzt zufriedenstellend, kannste gerne testen!

Prot.li is constantly improving

@martijn @Mastodon already filled out when a fellow admin wrote about it 👌

I've updated caddy yesterday and somehow it made the mastodon webinterface go kamikaze, i did not waste time on troubleshooting but as quickly as i could switch to nginx to get it back up again asap.

@LeelaTorres i was tuning prot.li, is now disabled, did not want to impact usability.

@oheso disabled a setting now, should be better

@mousetech disabled it for now, sorry

Swapped the caddy ipv6 randomizer with the protli scrambler, you will now have a 2001:db8:* ipv6 randomized instead of a completely random one.

@alin @protli if you tell the controller to use https or http proxy mode, it will generate a wildcard cert, sync it with the workers and those serve tls traffic to the port 443 of your service. http mode sends unencrypted traffic to port 80. Current security features do not need to terminate tls. dnssec is generated and saved on the controller node on domain creation and synced with the worker nodes. ZSK/KSK can be rotated and dnssec disabled if desired. If the controller fails, the workers still keep working. As of now it is kind of a closed economy so you can't really add external sources and have to trust it. As soon as a worker is downed, any user info certs/ns entries etc are wiped and only persistently saved on the controller.

me: adding 10 domains to prot.li to test if theres any overlap issues of some kind, 9 domains generate a cert after half an hour of dns update. 1 does not, rip. issue! Nope i just forgot updating the nameserver on one domain.😅

@zoef https://github.com/SolSoCoG/caddy-randomipv6

First batch of prot.li invite codes were sent out, basicly with https://prot.li im trying to create a privacy aware cloudflare alternative with domain wildcard support. IPs are only stored in memory temporarily for the security features to work. Since ressources are limited, it is invite only for now. So if you want to give it a try, feel free to ask for a code. Endpoints in Germany only currently.

https://prot.li anyone else interested in an invite code? It will allow 3 domains to be created by default.

Still etching out some minor-moderate issues with protli but im close to delivering some invite codes. Some small sync issues, behaviour issues, like creating ssl certs when in dns only mode, low visibility. But in total im quite satisfied. Just need one or two more days to make it usable without annoying issues.

The claude code cap on the pro subscription is harsh, i regularly bump into it after adding like one function.

The security web proxy keeps growing, auto ip scrambling if selected, fine granularly detection settings, blocking of bots, ai, ua's, geolocations, rate limiting, autocertification including wildcard domains, dnssec, waf, all ip analysis is kept in memory. Let me know if you are interested, for now it will be invite only.