The issue here is that these are solvable problems, release compat isn’t a new problem. It’s just a problem that takes dedicated effort to solve for, just like any other feature.
This is something FOSS apps tend to lack simply due to the nature of how contributions tend to work for free software. Which is an unfortunate reality, but a reality none the less.
People really underestimate the value of stability and predictability.
There are some amazing FOSS projects out there ran by folks who don’t give a crap about stability or the art of user experience. It holds them back, and unfortunately helps drive a fragmented ecosystem where we get 2,3,5 major projects all trying to do the same thing.
Because the majority of my traffic and services are internal with internal DNS? And I want valid HTTPS certs for them, without exposing my IP in the DNS for those A records.
If I don’t care about leaking my IP in my a records then this is pretty easy. However I don’t want to do this for various reasons. One of those being that I engage in security related activities and have no desire to put myself at risk by leaking.
Even services that I exposed to the internet I still don’t want to have my local network traffic go to the internet and back when there is no need for that. SSL termination at my own internal proxy solves that problem.
I now have this working by using the cloudflare DNS ACME challenge. Those services which I exposed to the internet cloudflare is providing https termination for, cloudflare is then communicating with my proxy which also provides https termination. My internal communication with those services is terminated at my proxy.
I stated in the OP that this is off :/
I stated in the OP that cloudflair HTTPS is off :/
I’m not using cloudflare for the certificate. I also can’t use the cloud for certificate anyways for internal services through a loopback.
Similarly you can have SSL termination at multiple layers. That’s works I have services that proxy through multiple SSL terminations. The issue that I’m having is that the ACME challenge seems to be having issues, these issues are documented and explained in various GitHub threads, however the set of solutions are seemingly different and convoluted for different environments.
This is why I’m asking this question here after having done a reasonable amount of research and trial and error.
I am doing SSL termination at the handoff which is the caddy proxy. My internal servers have their SSL terminated at caddy, my traffic does not go to the internet… It loops back from my router to my internal Network.
However DNS still needs to have subdomains in order to get those certificates, this cloudflair DNS. I do not want my IP to be associated with the subdomains, thus exposing it, therefore cloudflair proxy.
You’re seeing the errors because the proxy backend is being told to speak HTTPS with Caddy, and it doesn’t work like that.
You can have SSL termination at multiple points. Cloudflare can do SSL termination and Cloudflair can also connect to your proxy which also has SSL termination. This is allowed, this works, I have services that do this already. You can have SSL termination at every hop if you want, with different certificates.
That said, I have cloudflair SSL off, as stated in the OP. Cloudflare is not providing a cert, nor is it trying to communicate with my proxy via HTTPS.
Contrary to your statement about this not working that way, cloudflair has no issues proxying to my proxy where I already have valid certs. Or even self signed ones, or even no certs. The only thing that doesn’t work is the ACME challenge…
Edit: I have now solved this by using Cloudflair DNS ACME challenge. Cloudflair SSL turned back on. Everything works as expected now, I can have external clients terminate SSL at cloudflair, cloudflair communicate with my proxy through HTTPS, and have internal clients terminate SSL at caddy.
“spreading misinformation” is a phrase mostly used by feds when they see something they consider to be “wrong think” or not “politically correct”. They use this anti-misinformation campaign to support their censorship and mass surveillance system.
Immediately jumping to discredit and dismiss instead of engage by way of over generalization and accusation is not a good look my man.
The comment two above this links to a tool that literally does live syncing on a line by line level. Unless you’re editing the same lines at the same time you’re not going to get sync conflicts.
I use it as well and it works wonderfully in real time.
I very specifically want an app that collates all the information that can possibly be gathered about me in a way that I can utilize and abuse it myself. For me there is a lot of utility and value to be found with this sort of thing.
Of course the security posture of said app needs to be rather robust. And instead of it being an app it should instead be an SDK that I can then choose and control my own storage medium for.
Never not
They could, but as it currently stands media hosting on the fediverse… Sucks.
It’s obscenely expensive for everyone involved, and scales poorly. It’s just not ready to operate at scale at this point.
I’m sure it will get better, but large storage costs are better off being handled by a distributed file-system where a minimal level of duplication is baked in, but the storage load is reasonably spread out instead of fully duplicated on each peer.
There are technologies for this, but they all have their own issues. And tomorrow there will be n+1 distributed filesystems, fragmenting it further.
why is this here
Because it’s relevant?
Don’t let a bad thing go to waste, it’s a great opportunity to shore up, improve, and accept migrating users with friendliness and openness.
A great time to share the ideology behind decentralized social media.
Yeah that’s the problem is guessing what they meant.
The language it’s written in has very little, almost nothing, to do with how efficient larger applications are.
This is almost entirely up to the design and day-to-day decisions of the developers. These almost always outweigh the efficiencies of the underlying languages themselves (within reason).
A single location of poor data access patterns could negate the aggregate performance gains of your entire application, as an example. A framework that prevents you from making simple mistakes and drives you towards more efficient patterns goes much further than the language is written in.
Between Rust, C#, Java, and Go you’re essentially even on performance for large applications (with C# pushing ahead of the pack). What you are not even on is engineering efficiency, it’s going to take considerably longer to build the same set of features in rust than any of the others listed. And the performance is likely the same, potentially even worse depending on the maturity of the ecosystem.
Rust is a great systems design language and a great language to choose when developing high efficiency libraries & frameworks for I/O and data processing. It’s not really a great choice for application development due to how slow it is to actually get things done in.
I fully expect to see alternate backends written in more operationally efficient languages over the next decade that will catch up to the official Lemmy codebase, and potentially even replace it. It actually sounds like a super fun project, funding is always a problem though.
I love this.
Especially being written in a language like C#. Which makes it incredibly accessible to work on, performant, and long-lasting.
Straight to the personal attacks, I’m sure this can only end well.
This is not how you promote a project…
You’re right, we should all stop talking about and discussing problems and risks. And silently stare at each other tille someone else comes up with a solution.
Step 1 in fixing a problem is to recognize and get awareness for it.
Step 2 is garnering interest from the people who are qualified to actually make realistic proposals
Step 3 is collaborating on ideas to figure out what will or won’t be effective, and to create new ideas by returning to step 2.
Step 4 is to circle back to step 1, but for actions and implementations. Repeat ad nauseum.
**We’re Still in Step 1. ** Complaining that we aren’t getting to the next step quick enough without providing assistance to get there is incredibly meta to this process 🤔
I’m finding the opposite…
Lots of posts made by bots, with majority top level comments being short quips and attempts at jokes as opposed to discussion. So many discussions devolve into ad hominems almost immediately.
Just like Reddit.
It’s a social media phenomenon I think. The lowest common denominator will always dominate unless communities push against it.
Bots taking the place of humans when it comes to social interactions is NOT a net positive…
It was negative side effects that we have been seeing for years now. One of which is the removal of organic human behavior, bots driving extremism & polarized views/discussion, and humans losing empathy for each other without realizing it’s the bots that despise.
Let’s not turn lemmy into reddit v2
I didn’t really mention immich directly here.
This is a problem which is endemic to casual software development like many FOSS projects. It’s a reality of how free software tends to be built in general vs commercial software.