[-] Pekka@feddit.nl 7 points 3 months ago

I installed Fedora 40 with Gnome and Wayland a few days ago on my Surface pro gen 1 and have been very happy with the results so far. I do have a type cover and I do use it a lot and I use touch input instead of a mouse. Gnome supports most touch input, and that hasn't been an issue so far. Some third party applications don't understand what 'pinch to zoom' is though. The onscreen keyboard situation on Wayland seems to be a bit messy. I didn't really like the default gnome keyboard and I couldn't get a better keyboard to work (note that for me, it is also important that the OSK is disabled when the type cover is attached, so you won't have that issue).

The performance on the original Surface Pro is fine, I can even emulate Windows games trough Steam, I tried RuneScape (OldSchool and RuneScape 3) and Tunic. Browsing, reading Discord, watching videos all work fine. The main limitation when working with the device seems to be the 4 GB of RAM. So close other apps like the browser when starting a game, or the entire system can freeze. This seems to be mostly an issue when running multiple Electron based applications, gaming and compiling code.

The newer Surface devices have some Microsoft specific hardware that is not always well-supported by the kernel. If you have issues you can try the kernel made specifically for the Surface devices. https://github.com/linux-surface/linux-surface Personally I haven't tried it as everything just worked so far on my device (they do try to get their patches upstream, so that is probably the reason).

For drawing, I always used Adobe and Affinity software, I did try to get Affinity Photo installed, but I did not succeed yet. I tried both version 1 and 2.

[-] Pekka@feddit.nl 8 points 4 months ago

He also seems to make a video almost every day. That really doesn't help with the quality of the video's. I doubt there is a lot of time to do additional research on the topic, so often it seems to just stick to the basic information from some kind of article and comments (and maybe a few related articles). And is often just related to the drama of the day.

Although he does sometimes have video's that do require more research, but a lot of people won't see those as they assume low quality because of many other video's.

[-] Pekka@feddit.nl 16 points 4 months ago

Sometimes I do like his videos, but this one was positioned so bad. The video does go over the changes in Plasma 6.1 and they are good, but this is not a huge change that would change anybodies live.

I know he is probably inspired by channels like Linus Tech Tips, but even they don't got that far anymore. I think he probably intended this in a comedic way, as most of his audience knows that he makes his videos like this, but it really makes the videos worse.

[-] Pekka@feddit.nl 17 points 4 months ago

That headline is quite misleading ... the malicious extension only had a few hundred installs, not millions. They just copied an existing extension that does have 7 millions installs. They did went quite far by registering a URL. Of course it is bad that stuff like this manages to get on the store, but as long as you check what you are installing, you should be fine.

[-] Pekka@feddit.nl 8 points 5 months ago

Although this feature sounds helpful, it really looks like they went too far with this. They should probably look for a way to sell these Copilot+ pc’s in another way if they can’t get this secure enough and probably keep it disabled for companies…

I’m surprised they didn’t make sure that the part that should help you hide sensitive information worked well before letting the first testers get their hands on the feature. All this bad news about the future doesn’t help convince people to turn it on.

[-] Pekka@feddit.nl 7 points 5 months ago

Fedora might be a good option, but it might require more setup with an Nvidea GPU. They use Wayland now, are a Gnome based distro, support full disk encryption. For me the package mangar has been fine, and they do support flatpak. It is a very large distro with backing from RedHat. So it should generally be stable.

Pop_OS! Seems to be the great distro if you just want to game and watch videos without any issues arround setting up the drivers. It has been a quite stable distro for me and it is quite similar to Ubuntu. Unfortunately this distro doesn’t have Wayland yet.

Manjaro is an Arch based distro, but it had some issues with using packages from the AUR. They do run Gnome on Wayland by default.

1
submitted 5 months ago by Pekka@feddit.nl to c/thenetherlands@feddit.nl

Bij de Europese verkiezingen aanstaande donderdag doet een Nederlandse partij mee die gesteund wordt door organisaties die zijn verbonden aan de Chinese Communistische Partij. Dat melden RTL Nieuws en Follow The Money (FTM) op basis van eigen onderzoek.

[-] Pekka@feddit.nl 10 points 5 months ago* (last edited 5 months ago)

This looks great. That would be quite a powerful low-weight machine with long battery life. If they won't be too expensive (and gaming works on them) I might get one. At least RuneLite seems to already support ARM64 on Linux and these chips also put more spotlight on ARM trough Windows on ARM.

1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl

This version patches the security vulnerability related to custom emoji’s.

[-] Pekka@feddit.nl 6 points 1 year ago

I searched for a fish related video on PeerTube and put the URL (https://video.ploud.jp/w/ddbf542e-d4b6-4778-abed-8c51799188a4) in the search bar of my Lemmy instance, after a bit the video was available like here just as a regular Lemmy post. You should now be able to reply to it from Lemmy.

1
submitted 1 year ago by Pekka@feddit.nl to c/nieuws@feddit.nl
[-] Pekka@feddit.nl 47 points 1 year ago

Only Lemmy instances with custom emoticons were affected based on the Recap of the Lemmy XSS incident. So if Lemmy.ml doesn't have these it should not have been affected.

[-] Pekka@feddit.nl 7 points 1 year ago

So it works by fetching replies from Mastodon. We can see Mastodon users here by searching for their profile (like @user@example.com ) but that does not list any of their posts as Lemmy is not able to show messages that are not part of a post/magazine. Is there any way that we can find the messages trough a direct link?

1
submitted 1 year ago by Pekka@feddit.nl to c/webdev@programming.dev

htmx is a very different way of developing your web application. You can define a lot of behaviour inside your HTML with the new attributed added by htmx. This allows you to build an interactive website without using any JavaScript. You do need a REST API that returns HTML though.

For more information about HTMX you can read the htmx docs.

1
submitted 1 year ago by Pekka@feddit.nl to c/nieuws@feddit.nl
[-] Pekka@feddit.nl 31 points 1 year ago

Not worried at all. Their source code controversy mostly hurts companies that want to run RHEL without paying IBM, as after these changes distos like Alma Linux and Rockey Linux might diverge more from RHEL and they will have a harder time to guarantee bug-for-bug compatibility.

Fedora is not trying to steal business and government contracts away from RHEL and as a normal user you don’t need this bug-for-bug compatibility anyway. You can just sign up for a RedHat developer account and download RHEL Server for free, this includes a GUI everything you need to run it on a workstation. You can even view the source code trough their website.

So I am not worried that CentOS stream or Fedora will go away, RedHat is not trying to hurt consumers, they just want that enterprises (that are interested in support contracts) actually pay them when they use the work they put into RHEL. If they want a free version, they can still use CentOS stream.

[-] Pekka@feddit.nl 11 points 1 year ago

Such a misleading title.. if they actually do this you will still be able to install the minimum version of Ubuntu, you just get the option to pick additional software that automatically gets installed as snap packages.

I really don’t see the issue. If you don’t want any additional application or if you don’t want snap packages don’t pick anything. It really is their choice to support Snap packages, and snap and flatpack packages are just a lot easier to support for distro maintainers.

1
Lemmy v0.18.0 Release (join-lemmy.org)
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl
1
submitted 1 year ago* (last edited 1 year ago) by Pekka@feddit.nl to c/tech@feddit.nl
1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl

cross-posted from: https://lemmy.ml/post/1390029

cross-posted from: https://popplesburger.hilciferous.nl/post/9969

After setting up my own Lemmy server, I've been intrigued by the server logs. I was surprised to see some search engines already start to crawl my instances despite it having very little content.

I've noticed that most requests seem to come in from IPv4 addresses, despite my server having both an IPv4 and an IPv6 address. This made me wonder.

IPv4 addresses are getting more scarce by the day and large parts of the world have to share an IPv4 address to get access to older websites. This often leads to unintended fallout, such as thousands of people getting blocked by an IP ban from a site admin that doesn't know any better, as well as anti-DDoS providers throwing up annoying CAPTCHA pages because of bad traffic coming from the shared IP address. Furthermore, hosting a Lemmy server of your own is impossible behind a shared IP address, so IPv6 is the only option.

IPv6 is the clear way forward. However, many people haven't configured IPv6 for their hosts. People running their own Lemmy instances behind an IPv6 address won't be able to federate with those servers, and that's a real shame.

Looking into it

So, I whipped up this quick Python script:

import requests
import sys
import socket
from progress.bar import Bar

lemmy_host = sys.argv[1]

site_request = requests.get(f"https://{lemmy_host}/api/v3/site").json()

hosts = site_request['federated_instances']['linked']

ipv4_only = []
ipv6_only = []
both = []
error = []

with Bar('Looking up hosts', max=len(hosts)) as bar:
    for host in hosts:
        host = host.strip()

        try:
            dns = socket.getaddrinfo(host, 443)
        except socket.gaierror:
            error.append(host)

        has_ipv4 = False
        has_ipv6 = False
        for entry in dns:
            (family, _, _, _, _) = entry

            if family == socket.AddressFamily.AF_INET:
                has_ipv4 = True
            elif family == socket.AddressFamily.AF_INET6:
                has_ipv6 = True

        if has_ipv4 and has_ipv6:
            both.append(host)
        elif has_ipv4:
            ipv4_only.append(host)
        elif has_ipv6:
            ipv6_only.append(host)
        else:
            error.append(host)
        
        bar.message = f"Looking up hosts (B:{len(both)} 4:{len(ipv4_only)} 6:{len(ipv6_only)} E:{len(error)})"
        bar.next()

print(f"Found {len(both)} hosts with both protocols, {len(ipv6_only)} hosts with IPv6 only, and {len(ipv4_only)} outdated hosts, failed to look up {len(error)} hosts")

This script fetches the instances a particular Lemmy server federates with (ignoring the blocked hosts) and then looks all of them up through DNS. It shows you the IPv4/IPv6 capabilities of the servers federating with your server.

I've run the script against a few popular servers and the results are in:

Results

Server IPv6 + IPv4 IPv6 only IPv4 Error Total
Lemmy.ml 1340 3 1903 215 3461
Beehaw.org 807 0 1105 74 1986
My server 202 0 312 4 518

A bar chart of the table above

A pie chart of the results for Lemmy.nl

A pie chart for the results for Beehaw.org

A pie chart for the results for my server

It seems that over half (55%+) the servers on the Fediverse aren't reachable over IPv6!

I'm running my own server, what can I do?

Chances are you've already got an IPv6 address on your server. All you need to do is find out what it is (ip address show in Linux), add an AAAA record in your DNS entries, and enable IPv6 in your web server of choice (i.e. listen [::]:443 in Nginx). Those running a firewall may need to allow traffic through IPv6 as well, but many modern firewalls treat whitelist entries the same these days.

Some of you may be running servers on networks that haven't bothered implementing IPv6 yet. There are still ways to get IPv6 working!

Getting IPv6 through Tunnelbroker

If you've got a publicly reachable IPv4 address that can be pinged from outside, you can use Hurricane Electric's Tunnelbroker to get an IPv6 range, free of charge! You get up to five tunnels per account (each tunnel with a full /64 network) and a routed /48 network for larger installations, giving you up to 65k subnets to play with!

There are lots of guides out there, some for PfSense, some for Linux, some for Windows; there's probably one for your OS of choice.

Getting IPv6 behind CGNAT

Getting an IPv6 network through a tunnelbroker service behind CGNAT is (almost) impossible. Many ISPs that employ CGNAT already provide their customers with IPv6 networks, but some of them are particularly cheap, especially consumer ISPs.

It's still possible to get IPv6 into your network through a VPN, but for serving content you'll need a server with IPv6 access. You can get a free cloud server from various cloud providers to get started. An easy way forward may be to host your server in the cloud, but if you've got a powerful server at home, you can just use the free server for its networking capabilities.

Free servers are available from all kinds of providers, such as Amazon(free for a year), Azure(free for a year), Oracle(free without time limit). Alternatively, a dedicated VPS with IPv6 capabilities can be as cheap as $4-5 per month if you shop around.

You can install a VPN server on your cloud instance, like Wireguard, and that will allow you to use the cloud IPv6 address at home. Configure the VPN to assign an IPv6 address and to forward traffic, and you've got yourself an IPv6 capable server already!

There are guides online about how to set up such a system. This gist will give you the short version.

Final notes

It should be noted that this is a simple analysis based on server counts alone. Most people flock to only a few servers, so most Lemmy users should be able to access IPv6 servers. However, in terms of self hosting, these things can matter!

1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl

cross-posted from: https://lemmy.cat/post/6385

It is currently possible, through Lemmy's API, to create accounts automatically and without limit if verification by email address or captcha is not activated. I'd advise you to activate one or both of them NOW!

After registering x number of accounts (currently I could do thousands), all you have to do is list all the existing communities for each of the account to publishes one new post per community, or more. I'll leave you to picture the mess.

(I apologise to the administrators of sh.itjust.works, I should have done the test with my own server.)

1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl
1
submitted 1 year ago by Pekka@feddit.nl to c/about_lemmy@feddit.nl

Last time we discussed how to set up Lemmy locally, this time we will discuss setting up Lemmy in production mode on a Rasberry Pi with functioning image upload by using Docker. This time we have to deviate more from the official guide as some things don’t seem to work. To follow this guide, you will need a basic understanding of the terminal and a Raspberry Pi 3 or 4 (I have only tested this on the Raspberry Pi 4). If you are on Windows 10 or 11 you can use OpenSSH in PowerShell.

Setting up the Raspberry Pi

To prepare an SD card for the Raspberry Pi, download the Raspberry Pi Imager. Insert the SD card, select the Raspberry Pi OS Lite (64-bit) and make sure you pick the SD card for Storage. You could pick the full version of the OS, but make sure you pick a 64-bit version of Debian Bullseye. Before clicking “Write”, go click on the settings icon and enable ssh. You can also set up a user, hostname, authorization keys and WiFi.

Now insert the card into your Raspberry Pi, connect power and you should be able to ssh to the pi. So, with the default pi user, that would be ssh pi@raspberrypi.

Installing Docker

To install Docker we have to follow the Docker Debian installation guide (The Raspian guide leads to a configuration that won’t be able to find any stable docker installation).

First, we have to install the dependencies for adding the new repository:

sudo apt-get update

sudo apt-get install ca-certificates curl gnupg

Add Docker’s official GPG key:

sudo install -m 0755 -d /etc/apt/keyrings

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

sudo chmod a+r /etc/apt/keyrings/docker.gpg

And set up the Docker repository: echo \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Now we can install docker and docker-compose:

sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin docker-compose

To be able to run docker command without using sudo we have to add our current user to the Docker group:

sudo groupadd docker

`sudo usermod -aG docker $USERz

newgrp docker

Configuring Lemmy

We need to download a few configuration files. The configuration files listed in the guide don’t support Arm64, so I took the files from Lemmy 1.17.3 and modified them, so they pick the ARM version of the docker images. The NGINX configuration does work, but it is included to make the download simpler:

curl https://gist.githubusercontent.com/Fireblade75/95a0dfa7abbedff554eb9109434060cd/raw/5cf6eddbe706dd25b84234ce619f18a4faca854a/docker-compose.yml -o docker-compose.yml

curl https://gist.githubusercontent.com/Fireblade75/95a0dfa7abbedff554eb9109434060cd/raw/5cf6eddbe706dd25b84234ce619f18a4faca854a/lemmy.hjson -o lemmy.hjson

curl https://gist.githubusercontent.com/Fireblade75/95a0dfa7abbedff554eb9109434060cd/raw/5cf6eddbe706dd25b84234ce619f18a4faca854a/nginx.conf -o nginx.conf

If you want to change the default password of the database, make sure that you change it both in the docker-compose file and the lemmy.hjson configuration.

Now we can run docker-compose up, this downloads all the containers and starts the Lemmy server. Check the logs for errors and see if there is anything we still need to solve. When the services are done starting, we can stop the cluster again by pressing control + C.

A problem I had was that the image server did not get the right permissions to the location where it wants to store its files. To solve this, we simply have to run the following command:

sudo chown -R 991:991 volumes/pictrs/

Running Lemmy

When all errors are solved, we can start the cluster in detached mode. Let’s first destroy the containers by using docker-compse down. And after that we can run docker-compose up -d. The containers should start now, but this time docker-compose is running in detached mode, this mode does not block the terminal and lets Docker run in the background.

You now have a working installation of Lemmy on a Raspberry Pi. It listens to port 80, so you should be able to navigate to it from other devices in your network. For example, by going to http://raspberrypi/ . The default user is lemmy and its password is lemmylemmy, this is configured inside the lemmy.hjson file. If you later want to update Lemmy to a newer version, you can just change the version of the Docker images inside the docker-compose file.

Hopefully this helped you understand how to set up Lemmy, if you have any question please ask.

1
Community Icons (gist.github.com)

Ik zag dat ze bij Beehaw nu één stijl aan icoontjes aan houden. Dat ziet er erg leuk en herkenbaar uit. Natuurlijk is het ook goed dat je gewoon een community kan oprichten zonder dat je je daar super druk over hoeft te maken.

Ik vond het zelf alleen wel leuk om iets van een gezamenlijke stijl aan te houden voor de icoontjes die ik maakte, daarom koos ik voor de stijl van onze nu al meestgebruikte community !nieuws@feddit.nl. Wil je ook net zoals !nieuws en !tech@feddit.nl deze stijl aanhouden, dan kan je het SVG-bestand van de Tech community gebruiken als basis: https://gist.github.com/Fireblade75/005f4d398eb67c970bbd2e3f5d77b24f

view more: next ›

Pekka

joined 1 year ago
MODERATOR OF