Anmol Sharma - anmol@pod.datamol.org

Anmol Sharma

anmol@pod.datamol.org

Hubzilla version from command-line

Anmol Sharma

Fri, 02 Nov 2018 10:55:23 -0700

!Hubzilla Support Forum
How can I check the version of Hubzilla from the command-line?

mostra-ho tot 11 commentaris

Mike Macgirvin

Fri, 02 Nov 2018 14:45:07 -0700

grep STD_VERSION boot.php

Max Kostikov

Fri, 02 Nov 2018 15:12:20 -0700 últim editat: Fri, 02 Nov 2018 15:18:10 -0700

1. Remote position based
curl -s http://example.com/siteinfo.json | awk -F '"' '{print $16}'
or
curl -s http://example.com/siteinfo.json | cut -d "," -f 4 | cut -d ":" -f 2 | tr -d '"'
2. Remote full text search
curl -s http://example.com/siteinfo.json | sed -r 's/.+"version":"([0-9\.]+)".+/\1/'

Anmol Sharma

Fri, 02 Nov 2018 15:29:56 -0700

Thanks to everyone for the solutions.
Specially to @Max Kostikov for perfect solution.

Fail2ban or 2FactorAuthentication

Anmol Sharma

Mon, 29 Oct 2018 01:55:38 -0700

!Hubzilla Support Forum {support@zotadel.net}
Somebody has working Fail2ban or 2FactorAuthentication settings for brute force attacks protection?!

Hubzilla Fail2ban

mostra-ho tot 14 commentaris

Alex

Mygeeto, Mon, 29 Oct 2018 02:42:06 -0700

🖐️

M. Dent

Mon, 29 Oct 2018 05:15:15 -0700

I frequently use NGINX rate limiting as a first line of defense. I've thought about 2FA, but if it is done over SMS, I find that it is technically less securen than most standard passwords (assuming isers choose good passwords)

Anmol Sharma

Mon, 29 Oct 2018 06:53:46 -0700

@M. Dent
It would nice to know about NGINX rate limiting. Can you tell me the configuration for it?

M. Dent

Mon, 29 Oct 2018 07:11:44 -0700

This is a pretty good primer: #^NGINX Rate Limiting

I haven't (yet) implemented it on Hubzilla, but expect I will have a need. From a quick glance, it appears it will require compiling nginx with the #^form input module - which is already included in the #^OpenResty package.

Protect your applications from excessive traffic, including DDoS attacks, by controlling the requests they receive with NGINX rate limiting.

Steffen K9 🐙

Mon, 29 Oct 2018 13:38:52 -0700

I have set up fail2ban for Hubzilla's login. You need to enable debug logging at loglevel 'Normal'. Be careful. The size of the log file can grow to several 100 MBs per day.

/etc/fail2ban/jail.local

[hubzilla]
enabled = true
findtime = 300
bantime = 900
maxretry = 3
filter = hubzilla
port = http,https
logpath = /path/to/hubzilla.log
logencoding = utf-8

/etc/fail2ban/filter.d/hubzilla.conf

[Definition]
failregex= ^.*auth\.php.*failed login attempt.*from IP <HOST>.*$
ignoreregex =

h.ear.t

Mon, 29 Oct 2018 15:14:19 -0700

Anmol Sharma

Tue, 30 Oct 2018 00:53:32 -0700

@Steffen K9 🐰

I tried the configuration but its not working for me. Is there an error message for fail2blog? How to debug?

Steffen K9 🐙

Tue, 30 Oct 2018 02:02:46 -0700

Well, I don't know if there is an error message in your fail2ban log.

This configuration works on Ubuntu/Debian. Paths and file names may be different on other distributions.

Anmol Sharma

Wed, 31 Oct 2018 06:27:08 -0700

I use Yunohost which is Debian 9 based. I have enabled the Ldap plugin which lets all the Ldap user able to login and have there accounts despite of registration closed on my hub.
I will try to use the fail2ban configuration without the Ldap plugin to see if it works.

Anmol Sharma

Wed, 07 Nov 2018 16:19:59 -0800

@Steffen K9 🐙
The fail2ban works for ip4 but do not work for ip6.
Can you confirm?

Waitman Gobble

Wed, 07 Nov 2018 20:39:07 -0800

I wrote a yubikey addin a few years ago. (Non nomadic) It would be good to have a FreeOTP plugin. I'm not sure these would work well with a nomadic identity though. It could be done i suppose. FreeOTP is kind of like a hash based on your secret that is only valid for a limited amount of time. Both endpoints need the secret, but they don't have to talk to each other. It would require running a FreeOTP cli on the server, which would complicate things. Yubikey is like a 12 digit serial number and a hash based on the serial, which also is only valid for a limited time. So the 12 digit serial would be like a username. Its hardcoded on the device. To validate the hash you have to run a validation server or use theirs.

Anmol Sharma

Thu, 15 Nov 2018 11:13:05 -0800

@Waitman Gobble
Yes I have FreeOTP would be great for the Hubzilla.
Meanwhile the Fail2ban works for IPv6 now. I was using old version for Fail2ban which is available on Debain 9. The latest version of Fail2ban deals with IPv6 well.

cb7f604332cf39

Thu, 15 Nov 2018 11:22:23 -0800

@Waitman Gobble As an owner of an Yubikey I would like to ask you nicely for the code.
From my perspective the OTP should be bound to the account for login and not to the channel.
So the account isn't part of the nomdic feature.

Waitman Gobble

Thu, 15 Nov 2018 17:54:04 -0800

Ok i will track it down

Anmol Sharma

Fri, 26 Oct 2018 10:11:14 -0700

Mike Macgirvin va escriure el següent entrada Sun, 21 Oct 2018 15:44:17 -0700

Legacies


Entity	What you remember	What historians will remember
---	---	---
Netscape	Mozilla	SSL
Amazon	Online shopping	Impenetrable server farms
Microsoft	IE, Windows	The EULA
Twitter	140 chars	Donald Trump
Apple	Iphone	vendor lock-in
Facebook	memes	The complete destruction of privacy
Google	Maps, YouTube	An empire built through an eternal auction of dictionary words
SMTP	Unification of email	globalisation of spam
Diaspora	Facebook-killer	hashtag spam
Zot	Redmatrix, Hubzilla, confusion	decentralised privacy, nomadic identity
OStatus	the old identi.ca	the new identi.ca
ActivityPub	Mastodon	TBD

Anmol Sharma

Wed, 17 Oct 2018 17:04:02 -0700

I guess Hubzilla would cost lost more.

Friendica Support va escriure el següent entrada Tue, 16 Oct 2018 12:51:49 -0700

Estimated Cost: $ 4,788,156 (87 person-years)

♲ alfred@libranet.de:

Nice! 😀 The Friendica Open Source Project on Open Hub : Estimated Cost Page @Friendica Support

[l]

Mike Macgirvin

Wed, 17 Oct 2018 17:21:23 -0700

A bit less than double.

#^https://www.openhub.net/p/hubzilla/estimated_cost

Anmol Sharma

Thu, 18 Oct 2018 23:10:57 -0700

And I suspect the project don't even get 1% of this. This would be the case with all good open source projects. To add salt to injuries the coders are asked whats the use of this when you have free professional service. :broken_heart:

Anmol Sharma

Wed, 10 Oct 2018 16:20:25 -0700

This is scary.

LoYggϞM va escriure el següent entrada Sat, 06 Oct 2018 06:57:19 -0700

Diaspora* needs you ! Coders : be welcome !

Diaspora is an honest alternative to facebook, however its development is now slowing down due to a lack of coders.*

#diaspora #dev #code

The graph of number of coding contributions is from here.
Imatge/foto

Anmol Sharma

Sun, 07 Oct 2018 00:50:34 -0700

Saurav 🇮🇳 va escriure el següent entrada Sun, 07 Oct 2018 00:36:47 -0700

A lot of Western magicians stole or appropriated Indian tricks, says John Zubrzycki, author of a book on the history of Indian magic.

I used to see a lot of magicians when I was in India in the late 1970s, but the encounter I remember most was outside Alipurduar railway station in 1979 when I saw the basket trick being performed. A young boy climbed into a round basket and an old man chanted incantations and plunged a sword through the wicker. The blade came out bloody but the boy later emerged unscathed. It was quite spectacular. Later, I realised that a lot of Western magicians were appropriating Indian costumes and tricks in the early 20th century. Even Harry Houdini started his career posing as a ‘Hindu fakir’.

https://timesofindia.indiatimes.com/home/sunday-times/all-that-matters/a-lot-of-western-magicians-stole-or-appropriated-indian-tricks-says-john-zubrzycki-author-of-a-book-on-the-history-of-indian-magic/articleshow/66101202.cms

#india #magic

Anmol Sharma

Thu, 04 Oct 2018 04:26:09 -0700

!Hubzilla Support Forum

1. I deleted a connection from my channel few days back but I am still getting the feeds from that connection. :thinking:

2. I am getting this warning in php. :fearful:

[pool hubzilla] child 11611, script '/var/www/hubzilla/index.php' (request: "POST /index.php?q=/receive/public") executing too slow (5.176683 sec), logging

mostra-ho tot 4 commentaris

Anmol Sharma

Thu, 04 Oct 2018 13:14:25 -0700

Don't know if it is related

Its a Hubzilla connection. If the feeds are pending before I deleting the connection,can they be pushed after the connection was deleted? I remember that when I connected to this connection I was was getting 2 week old feeds.

Anmol Sharma

Sat, 06 Oct 2018 17:46:18 -0700

1. I deleted a connection from my channel few days back but I am still getting the feeds from that connection. thinking face 1.

How can I delete the connection from database query?

Anmol Sharma

Wed, 10 Oct 2018 16:22:04 -0700

1. This is solved by itself after a week of removing the connection.

Anmol Sharma

Sat, 29 Sep 2018 08:35:52 -0700

M. Dent va escriure el següent entrada Fri, 28 Sep 2018 17:42:18 -0700

Recent DEV Branch Updates
If you think development of Hubzilla is at a standstill just because Mike is churning out some awesome code for Osada and Zap, you haven't been paying close enough attention!

Things certainly aren't sitting still! There has been quite a bit of activity on the /dev branch of core as well as updates to addons.  Here's just a brief recap of some of the things that have been done in preparation for the next release of Hubzilla:

  * "Appification" of various features.  - The Appification effort has been led by @Mario Vavti  and he's been doing a great job!  In addition to keeping up with merge requests from other developers, Mario has converted quite a number of FEATURES into SYSTEM APPS.  This does mean significant UI changes, including a new structure for settings.  As features become apps, it may be necessary to "install" additional apps to your channel in order to access things.  For example, recently the Privacy Groups were "appified" requiring channel owners to install the "Privacy Groups" app in order to access privacy groups filtering.  A BIG THANK YOU to Mario for this important work!
  * Translations, Translations, Translations - @Max Kostikov has been hard at work trying to keep up with changes to make sure Hubzilla is multi-lingual and easy to maintain.  He has been making sure that things that may need translation are coded to make them easy to translate.  You can help in the translation effort!  Ask on the Dev channel how to get started!  We can make sure Hubzilla is a truly international tool.  THANK YOU Max for your continued work on making this possible!
  * Database Updates - A database update was applied to the DEV branch on September 28 to rename the groups tables.  Mysql8 has added reserved words which conflict with Hubzilla's group table name requiring the change.  Thanks @Max Kostikov  for submitting the changes for Hubzilla.
  * More Hooks - Various hooks in order to allow addon developers to do additional processing or filter various default lists have been added by @M. Dent.
  * Removal of "techlevels" - With the appification project well underway and the ability to hook into the core and write apps to filter various UI items, tech-levels became an unnecessary complication and the code logic implementing them has been removed.
  * The brains behind Hubzilla, Osada, Zap, and everything Zot has been working at breakneck speed on ZAP and OSADA - the latest social-media centric ZOT applications which are coming along nicely. But he has still found time to provide ongoing updates and patches to Hubzilla as well as direction and guidance to the other developers.  The biggest THANK YOU goes to @Mike Macgirvin without whom none of this would be possible.

JOIN THE FUN! There are plenty of things that can be done.  Documentation, translation, UI, testing, and many other things.

If someone would like to help by putting together periodic summaries like these, that would be GREAT!  Drop me a note and let me know!

Anmol Sharma

Wed, 26 Sep 2018 06:18:14 -0700

anonymiss va escriure el següent entrada Mon, 24 Sep 2018 18:25:27 -0700

Please check this out @simstim:

https://libreprojects.net
https://the-federation.info
https://fediverse.party
https://www.socialcooling.com
https://www.privacytools.io
https://prism-break.org
https://www.cryptoparty.in/learn/tools
https://securityinabox.org
https://ihavesomethingtohi.de/tools.html
https://ssd.eff.org
https://www.securitywithoutborders.org
https://www.bestvpn.com/guides/the-ultimate-privacy-guide
https://securityplanner.org
https://github.com/moshest/p2p-index

#privacy #security #online #URI #link #internet #knowledge #Guide #information #freedom

Anmol Sharma

Sat, 22 Sep 2018 02:58:53 -0700

terf hating juice va escriure el següent entrada Fri, 21 Sep 2018 17:16:09 -0700

It’s dangerous to go alone!

Here, take these.

Imatge/foto

Anmol Sharma

Fri, 21 Sep 2018 05:56:52 -0700

Sir Bøøps va escriure el següent entrada Fri, 21 Sep 2018 05:31:59 -0700

[language=en][/language]

Anmol Sharma

Fri, 14 Sep 2018 23:30:07 -0700

anmol wrote post

Just added a #squid 3 #proxy package for #yunohost. It has #ldap integration too. Please feel free to test it and open an issue.

https://github.com/YunoHost-Apps/squid3_ynh

Anmol Sharma

Fri, 14 Sep 2018 08:33:01 -0700

Paul H va escriure el següent entrada Fri, 14 Sep 2018 04:42:14 -0700

Pixel owners realising Google can fully control their phones after battery saving mode was switched on remotely for many handsets.

https://www.reddit.com/r/GooglePixel/comments/9fkrvw/is_anyone_elses_power_saving_mode_turning_itself/e5xl907/

Anmol Sharma

Fri, 14 Sep 2018 09:16:19 -0700

These big screen phones are crap with big corporation stealing you data. Even if I change my mind and keep them for few more months, it accidentally falls and screen breaks. I have started spending lot more on phones then I was spending few years back. And there is no excitement on buying new phone anymore.

I think I will buy an old Nokia phone, maybe N8 which was my first phone with #^ Delight custom firmware. Use #^Z-push on my server to synchronize contacts and calendar with #^Baikal cal and cardDav server. I have keys for few apps like #^Boaldbeast(yes, I sometime record calls ) :daseesaw . DLNA and radio broadcaster is inbuilt, along with camera with Xenon flash. I will have to look at Chinese market to have one, they are discontinued now.

Imatge/foto

Anmol Sharma

Fri, 14 Sep 2018 05:18:16 -0700

R</>K_ va escriure el següent entrada Fri, 14 Sep 2018 03:18:21 -0700

If you have some time this weekend and know #arabic, #russian, #japanese, #italian, #polish or #portugese, please consider translating a few sentences of #PeerTube !

- arabic: 4% translated
- russian: 50% translated
- japanese: 24% translated
- italian: 3% translated
- polish: 58% translated
- portugese: 0% translated

If you have never joined the effort, here is how to get started: https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/translation.md#how-to

boosts appreciated :blobcat:

Anmol Sharma

Tue, 11 Sep 2018 12:48:24 -0700

YunoHost va escriure el següent entrada Tue, 11 Sep 2018 10:29:06 -0700

Annnnd we just released YunoHost 3.2 😋 ! This version includes a new key feature which we anticipate will make a difference in debugging issues such as failed app installs ✌️ !

Several improvements were also made in the admin documentation 📄 !

In the meantime, we are also creating a french association called "Support Self-Hosting" (SSH :thinkerguns: ) to help with receiving donations / grants and deciding how to allocate the monee™ 💰.

More info on the release note : https://forum.yunohost.org/t/yunohost-3-2-release-sortie-de-yunohost-3-2/5710

Anmol Sharma

Sun, 09 Sep 2018 23:39:43 -0700

Anmol Sharma updated their profile photo

giac hellvecio

Mon, 10 Sep 2018 08:41:26 -0700

Anmol Sharma

Sat, 08 Sep 2018 10:04:07 -0700

The Federation va escriure el següent entrada Sat, 08 Sep 2018 03:01:12 -0700

Daily statistics from The Federation

Count of nodes

Total count of nodes per platform and change from 30 days.

Mastodon: 1495 (share: 71.2%, value change: 377)
diaspora*: 185 (share: 8.8%, value change: -8)
Pleroma: 138 (share: 6.6%, value change: 58)
Friendica: 82 (share: 3.9%, value change: 1)
Hubzilla: 79 (share: 3.8%, value change: 6)
PeerTube: 68 (share: 3.2%, value change: 64)
PixelFed: 18 (share: 0.9%, value change: 5)
Funkwhale: 6 (share: 0.3%, value change: 3)
Write．as: 5 (share: 0.2%, value change: 3)
Plume: 5 (share: 0.2%, value change: 2)
blablanet: 4 (share: 0.2%, value change: 0)
Socialhome: 4 (share: 0.2%, value change: 1)
GNU social: 3 (share: 0.1%, value change: 0)
microblogpub: 3 (share: 0.1%, value change: 0)
redmatrix: 3 (share: 0.1%, value change: -1)
red: 2 (share: 0.1%, value change: 0)
GangGo: 1 (share: 0.0%, value change: 0)
unknown: 1 (share: 0.0%, value change: -1)
pyaspora: 1 (share: 0.0%, value change: 0)
rustyrazorblade: 1 (share: 0.0%, value change: 0)
pleroma-disrespect: 1 (share: 0.0%, value change: 0)
Social Relay: 1 (share: 0.0%, value change: 0)
red_platform: 1 (share: 0.0%, value change: -1)
p3k: 1 (share: 0.0%, value change: 0)
camelpub: 1 (share: 0.0%, value change: 0)
read．as: 1 (share: 0.0%, value change: 0)
pleroma-crt: 1 (share: 0.0%, value change: 0)
eventos: 1 (share: 0.0%, value change: 0)

For more statistics visit the-federation.info

#thefederationstatsdaily

giac hellvecio

Sat, 08 Sep 2018 10:34:11 -0700

but also the ghosts like blablanet, which no longer exist?

These statistics are not realistic, sorry.

Anmol Sharma

Sat, 08 Sep 2018 12:28:57 -0700

The important point is the list of federated platforms. I am interested how many people use more then one of these.
I use Hubzilla, Mastodon(inactive, just a over hyped platform), Peertube, Matrix(Synapse) , Funkwhale and planning to try Plume. So I have my share in many of them.

Anmol Sharma

Wed, 05 Sep 2018 13:20:38 -0700

Matrix.org va escriure el següent entrada Wed, 05 Sep 2018 04:27:14 -0700

Important: we have an upcoming critical security fix on the horizon for Synapse; we're doing a planned disclosure: https://matrix.org/blog/2018/09/05/pre-disclosure-upcoming-critical-security-fix-for-synapse/. Synapse 0.33.3.1 will be released as a security update tomorrow at 12:00 UTC: all federated servers will need to upgrade. Sorry for hassle.

Anmol Sharma

Tue, 04 Sep 2018 09:02:14 -0700

Fimbul Sunflowers ✅ va escriure el següent entrada Sat, 01 Sep 2018 01:24:42 -0700

I made a hole in the fediverse

Imatge/foto

Y-U-No-Host apps updated

Anmol Sharma

Sun, 02 Sep 2018 10:54:30 -0700 últim editat: Sun, 02 Sep 2018 10:56:11 -0700

I have updated few apps for #yunohost.
Please feel free to test and review.

#Webtrees: Leading on-line collaborative genealogy application
https://www.webtrees.net

https://github.com/YunoHost-Apps/Webtrees_ynh

#Ghost: Blogging platform
https://ghost.org/

https://github.com/YunoHost-Apps/ghost_ynh/tree/testing

#Monica: Monica is an open-source PRM, or Personal Relationship Management to organize the interactions with your loved ones
https://monicahq.com/

https://github.com/YunoHost-Apps/monica_ynh

#Moodle: Moodle is a free, online Learning Management system
https://moodle.org/

https://github.com/YunoHost-Apps/moodle_ynh/tree/yunohost3

#Hubzilla:Hubzilla is a powerful platform for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology

#^https://github.com/YunoHost-Apps/hubzilla_ynh

#Peertube: PeerTube is a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using WebTorrent
https://joinpeertube.org/en/

#^https://github.com/YunoHost-Apps/peertube_ynh

#Shaarli: The personal, minimalist, super-fast, database free, bookmarking service - community repo
https://shaarli.readthedocs.io/

https://github.com/YunoHost-Apps/shaarli_ynh

yunohost