~bitfehler

https://bitfehler.net

~bitfehler/public-inbox

Last active 8 days ago

~bitfehler/vomit

Last active a month ago

~bitfehler/names.sr.ht-discuss

Last active a month ago
View more

Recent activity

Re: Bug: Updated user bio is not visible until submitted twice 4 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-discuss

On 8/6/22 07:35, Liele Zerau wrote:
> Indeed, this issue has been reported before – see here:
> 
> https://lists.sr.ht/~sircmpwn/sr.ht-discuss/%3C58735211-cc31-4533-3b3e-6458c3ffdb95%40kolesnikov.se%3E

A patch for this has been submitted and is pending review:

https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/34433

Conrad

Re: Fedora 35 image is always broken 6 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-discuss

Thanks for the update, mystery solved: the problem is indeed the 
installation of the systemd-resolved package. I am able to reproduce 
with a minimal test case [1].

The exact issue is that upon installation, the systemd-resolved package 
replaces /etc/resolv.conf with a symlink:

[build@build ~]$ ls -ln /etc/resolv.conf
lrwxrwxrwx 1 0 0 39 Aug  4 12:06 /etc/resolv.conf -> 
../run/systemd/resolve/stub-resolv.conf

However, the link target does not exist **until systemd-resolved 
actually gets started** (which doesn't happen automatically).

[PATCH meta.sr.ht] api: fix webhooks being called with outdated data 6 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-dev

When a user updates their profile, the database gets updated
accordingly, but the webhooks get called with data retrieved before the
update.

Make the update statement return the new values and apply them to the
user object that gets passed to the webhooks.
---
 api/graph/schema.resolvers.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/api/graph/schema.resolvers.go b/api/graph/schema.resolvers.go
index d81a4ba..5c2ed91 100644
--- a/api/graph/schema.resolvers.go
+++ b/api/graph/schema.resolvers.go
[message trimmed]

Re: Sourcehut pages only uses HTTP/1.1 6 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-discuss

On 8/3/22 17:16, Lionir wrote:
> I was wondering if this was working as intended or if it was an 
> oversight

pages.sr.ht uses a somewhat special setup with tlstunnel and uacme to 
retrieve Let's Encrypt certificates for pages on demand. This setup 
makes it a little hard to set up with HTTP/2, as the negotiation for it 
happens in TLS, which is handled (and then stripped) in a different process.

Conrad

Re: [sr.ht pages] - links to external pages only opening in new tab 8 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-discuss

On 8/2/22 12:23, Thomas Lambert wrote:
> At the very least, a simple one-line warning to
> explicitly detail that links can not open in tabs would be more than welcome!

Not an unreasonable request. I sent a patch [1], let's see what Drew 
says. I would however also caution that you totally should at least skim 
over the CSP documentation and check how it might relate to your page. 
Spelling out the policy itself is the most concise way of conveying the 
necessary information.

[1] https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/34384

Conrad

[PATCH srht.site] Explain CSP impact on target="_blank" links 8 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-dev

---
Making this just a bit more explicit will likely help people spend less
time debugging this or even deciding upfront that pages.sr.ht is not the
right service for them.

 content/limitations.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/content/limitations.md b/content/limitations.md
index b247c81..860fe08 100644
--- a/content/limitations.md
+++ b/content/limitations.md
@@ -20,6 +20,9 @@ Content-Security-Policy:
The main consequence of this is that all resources must be served from
[message trimmed]

Re: [PATCH blog] Wrap post content in CDATA 8 days ago

From Conrad Hoffmann to ~bitfehler/public-inbox

Hey there!

Sorry for the late response, I was out on vacation. Thanks for your 
patch, I applied it. Also:

On 7/15/22 14:58, Umar Getagazov wrote:
> I also noticed the RSS feed on the live website is missing post content
> altogether. Is that intentional?

Not at all. I noticed it went missing at some point, but didn't have 
time to investigate. Turns out the mkrss script was still using the 
stock markdown renderer, which is no longer installed on the build 
image. Fixed it to use cmos like for the actual pages, the content is

Re: Fedora 35 image is always broken 8 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-discuss

On 7/30/22 02:53, Haowen Liu wrote:
> I don't think Fedora 35 is doing anything different from other Fedoras. 
> I'm randomly guessing here, but could it be running on a different 
> machine in the data center, which has a different network configuration?

I'd say the problem description (empty/missing resolv.conf) points more 
towards something inside the image itself. I'll keep investigating, though.

> Further, I think it could be beneficial to add a test script to crontab.
> Basically, every several days or every week, just run the sanity-check 
> script on every image.

I don't think this adds much value. The sanity check is run before

Re: Fedora 35 image is always broken 8 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-discuss

Hey,

On 7/30/22 02:47, Alexandros Theodotou wrote:
> It should be reproducible with any repository's .build configuration.

I just tried a simple build and it works fine. Can you tell me if it's 
still broken for you, and if yes, provide a link to the build (either 
the build itself or the build.yml)?

> The issue seems to be that /etc/resolv.conf is empty/missing. I can fix
> the connectivity issues in the build machine after I ssh and put
> `nameserver 8.8.8.8` in that file.

Re: Can't create Git repo in self-hosted instance 8 days ago

From Conrad Hoffmann to ~sircmpwn/sr.ht-discuss

Hey,

On 7/14/22 23:12, Riccardo Sacchetto wrote:
> Now the question is, as adnano himself highlighted on IRC, how it 
> can be possible that the official nginx config files I installed
> from the Alpine repo are causing an issue that is forcing us to
> entirely bypass the reverse proxy?
Configuration depends on many things, such as environment and desired 
setup. Distributed config files cannot reasonably expected to work for 
everyone.

> As far as I can understand (correct me if I'm wrong) I can keep my
> instance working with api-origin set even though it is a feature meant
> for developers, but I really would like to know what I messed up in my