Mamdani skewers racist critics with delightful video
Meanwhile, Cuomo went to a Hamptons fundraiser hosted by a billionaire, where he said he'd move to Florida if Mamdani wins.
Trump’s “Big Beautiful Bill” Allocates $300 Million to Protect the Billionaire’s Properties
In the past, Trump has directly profited from overcharging agencies to protect him at his personal properties.
“We’re Done Working for Crumbs”: Indiana Kroger Workers Reject Second Contract
The offer didn’t meet workers’ needs — nor their expectations, which have been raised through member organizing.
A Tennessee Doctor Refused to Give a Woman Prenatal Care Because She’s Unmarried
Tennessee’s “conscience law,” allowing doctors to deny care due to their religious beliefs, went into effect in April.
thisisbutaname likes this.
Major European healthcare network AMEOS Group discloses security breach
AMEOS Group, an operator of a massive healthcare network in Central Europe, has announced it has suffered a security breach that may have exposed customer, employee, and partner information.
Fedora Weighs Dropping Release Criteria For DVD Optical Media
Fedora Weighs Dropping Release Criteria For DVD Optical Media
The Fedora project is seeking feedback from its user and developer community over potentially updating its release criteria to no longer block on optimal media boot issues (DVD images) as well as whether to continue honoring dual boot issues for Inte…www.phoronix.com
like this
Escobar Phone creator pleads guilty to scamming buyers, never delivered devices
Gustafsson was the CEO of Escobar Inc., a corporation registered in Puerto Rico that held successor-in-interest rights to the persona and legacy of Pablo Escobar, the deceased Colombian narco-terrorist and late head of the Medellín Cartel. Escobar Inc. used Pablo Escobar’s likeness and persona to market and sell purported consumer products to the public.From July 2019 to November 2023, Gustafsson identified existing products in the marketplace that were being manufactured and sold to the public. He then used the Escobar persona to market and advertise similar and competing products purportedly being sold by Escobar Inc., advertising them at a price substantially lower than existing counterparts being sold by other companies.
Gustafsson then purportedly sold the products – including an Escobar Flamethrower, an Escobar Fold Phone, an Escobar Gold 11 Pro Phone, and Escobar Cash (marketed as a “physical cryptocurrency”) – to customers, receiving payments via PayPal, Stripe, Coinbase, among other payment processors, as well as bank and wire transfers.
Despite receiving customer payments, Gustafsson did not deliver the Escobar Inc. products to paying customers because the products did not exist.
In furtherance of the scheme, Gustafsson sent crudely made samples of the purported Escobar Inc. products to online technology reviewers and social media influencers to attempt to increase the public’s demand for them. For example, Gustafsson sent Samsung Galaxy Fold Phones wrapped in gold foil and disguised as Escobar Inc. phones to online technology reviewers to attempt to induce victims who watched the online reviews into buying the products that never would be delivered.
Also, rather than sending paying customers the actual products, Gustafsson mailed them a “Certificate of Ownership,” a book, or other Escobar Inc. promotional materials so there was a record of mailing from the company to the customer. When a paying customer attempted to obtain a refund when the product was never delivered, Gustafsson fraudulently referred the payment processor to the proof of mailing for the Certificate of Ownership or other material as proof that the product itself was shipped and that the customer had received it so the refund requests would be denied.
Gustafsson also caused bank accounts to be opened under his name and entities he controlled to be used as funnel accounts – bank accounts into which he deposited and withdrew proceeds derived from his criminal activities. The purpose was to conceal and disguise the nature, location, source, ownership, and control of the proceeds. The bank accounts were located in the United States, Sweden, and the United Arab Emirates.
Swedish Man Who Licensed Rights to Late Colombian Drug Lord Pablo Escobar Pleads Guilty to Fraud, Money Laundering Charges
A Swedish national who licensed the rights of the late Colombian narco-terrorist Pablo Escobar pleaded guilty today to six federal criminal charges for defrauding investors by marketing and selling products – including flamethrowers and cellphones – …www.justice.gov
Neox does NOT like DIRT!
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
Re: Neox does NOT like DIRT!
This is a pretty huge oversight... it sounds like the first edition neox will need constant upkeep like a bike chain, etc!
Quite a departure from the typical "throw it in your bag" grigri.
Question About Bash Command Grouping Behavior in Script vs CLI
Question for you all.
I was working on a bash script and working out some logic for command chaining and grouping for executing different functions in my script based on the return status of other functions.
I know you can group commands with (), which spawns a subshell, and within the grouping you can chain with ;, &&, and ||.
I also know that you can group commands with {}, but, within the curly braces you can only separate commands with ;.
EDIT: the above statement of the curly braces only allowing ; is incorrect. I misunderstood what I had read. @SheeEttin@lemmy.zip pointed out my mistake.
The requirement is that the list of commands in the curly braces needs to be terminated with a semicolon or a newline character, and in the script, I unknowingly was meeting the rules by using the newlines to make the code easier to read for myself.
END EDIT:
In the script, for readability I did group the commands across lines kind of like a function.
The script is pretty simple. I created a few functions with echo commands to test the logic. the script asks for input of foo or bar. The first function has an if, and if the input is foo, it executes. If it's bar it returns 1.
The return of 1 triggers the or (||) and executes the second command group.
The idea was, if the user inputs foo, the first group triggers printing foo baz to stdout. If the user inputs bar, the foo function returns 1, the baz function does not execute, the or is triggered, and bar but is printed to stdout
Here's the script (which executes as described):
Can anyone explain why I'm able to group with curly braces and still use && inside them?
(Also, the reason I want to use the curly braces is I don't want to spawn a subshell. I want variable persistence in the current shell)
\#! /usr/bin/bash
# BEGIN FUNCTIONS #
foo () {
if [[ "${input}" = foo ]]; then
echo "foo"
return 0
else
return 1
fi
}
bar () {
echo "bar"
}
baz () {
echo "baz"
}
but () {
echo "but"
}
# END FUNCTIONS #
read -p "foo or bar? " input
{
foo &&
baz
} ||
{
bar &&
but
}
You're confusing a lot of things here. The operators you're referring to all do different things, not just "chaining" commands together. They are used to do basic logic operations based on the preceding conditions or comparisons.
For example: || does an OR operation, while && does an AND operation.
Using { } is an operative grouping or something in bash. It's used to make arrays, group function commands, and iterate on lists as well. In this case you've created a group of commands that will execute in order, then give an output result. Everything inside the curly braces is treated as one command, essentially.
Practical explanation here
All about {Curly Braces} in Bash - Linux.com
At this stage of our Bash basics series, it would be hard not to see some crossover between topics. For example, you have already seen a lot of brackets in the examples we have shown over the past several weeks, but the focus has been elsewhere.Linux.com
Thank you for the link!
I do understand the logic and the difference between ;, &&, and `||. What was confusing me was the command grouping and my misunderstanding of the curly brace grouping rule that the command list has to END with a semicolon. @SheeEttin@lemmy.zip pointed out to me with the link in the comment they left.
I had read that same link and misunderstood it. On second read I got it, and see now why my script is working, as the newlines serve the same purpose as the semicolon, so the curly braced groups are terminated correctly.
gnu.org/software/bash/manual/b…
I don't see any mention of only being allowed to use a semicolon. I don't have a test system handy unfortunately.
Ideally you'd simplify or separate your logic so that you're not relying so much on bash. If you need complex logic, I'd use another language, depending on what's available in your environment.
Ah! I misinterpreted what I read! I found that exact same reference link when looking into this and I misinterpreted this:
The semicolon (or newline) following list is required
to mean that it required the semicolon as the command separator. That explains why my script works. The newline closes each group, and the other operators are allowed, the list just needs to be closed. Thank you!
My environment is just my homelab. Ubuntu server on my server, Arch (btw) on my laptop. So I could go with any language , but right now I'm choosing Bash. I know stuff I'm doing would probably be easier in a different language, and maybe I'm a glutton for punishment. I just want to get really good with Bash.
The logic is Bash is gonna be available on just about any computing environment I encounter (linux especially, but even Windows with WSL and zsh on macOS (which I know is different, but still very similar). But really, I am just enjoying the hell out of learning and scripting with Bash. I'll move on to Python or something someday.
Russian troops liberate Novotoretskoye community in Donetsk region over past day
Russian troops liberate Novotoretskoye community in Donetsk region over past day
The Ukrainian army lost more than 1,180 troops in battles with Russian forces in all the frontline areas over the past 24 hoursTASS
like this
EU using Goebbels-style propaganda to fuel anti-Russia frenzy – Lavrov
EU using Goebbels-style propaganda to fuel anti-Russia frenzy – Lavrov
The EU is locked in an anti-Russia frenzy and prioritizes militarization above everything else, Russian Foreign Minister Sergey Lavrov saysRT
like this
I'm worried they'll be doctored to shit, maybe they can't release doctored versions of them because someone with knowledge of the originals would call them out (if you're that person stay safe!), but when (and I mean when, they're waiting until they've gotten all the good people out of the way before they try lying) they're going to be full of nothing but their common targets and enemies.
Still though release the damn files, they were on your fucking desk and you gave to podcasters
Three weeks later
HERE ARE THE FILES IN THEIR COMPLETE AND UNALTERED FORM:
Link to an empty word doc that just says "If I go to jail I'll kill myself. I sure hate trump."
Eleven-minute race for food: how aid points in Gaza became ‘death traps’ – a visual story
Mahmoud Alareer, a 27-year-old living in a tent in western Gaza City, says the opening time announcements for the aid site he uses – Wadi Gaza – have become useless, because of the distance from where he is living. Instead, he travels to the edges of the site in the middle of the night and gambles on it opening at 2am, as it has on every visit so far.
First he climbs on to the back of a truck for the long ride south from Gaza City through the militarised Netzarim corridor. Then he waits in the dark until Israeli forces allow him to enter. “You get there and you slowly, slowly advance,” he says. “You always know that it could be you who gets shot, or it might be someone next to you.”
Eleven-minute race for food: how aid points in Gaza became ‘death traps’ – a visual story
Hundreds of people have died while seeking food since delivery was taken over by the Gaza Humanitarian Foundation in May. But Palestinians facing extreme hunger have no choice but to take the riskKaamil Ahmed (The Guardian)
Domande da fare per scoprire un tradimento: queste funziona davvero
Avatar 3: Fuoco e Cenere svela il suo primo poster e anticipa l'uscita del trailer
Avatar: Fuoco e Cenere ha condiviso il suo primo poster ufficiale, anticipando il debutto del suo trailer in arrivo in concomitanza con I Fantastici 4: Gli Inizi al cinema. Il franchise ideato da James Cameron continua ad espandersi e riporterà molto presto il pubblico affezionato su Pandora in compagnia di Na’vi coraggiosi. Dopo il primo Avatar nel 2009 e il sequel Avatar: La via dell’acqua distribuito nel 2022, Cameron riporterà Jake Sully e la sua famiglia di nuovo in azione con Avatar: Fuoco e Cenere. Terzo capitolo del franchise, ha anticipato la data d’uscita del suo primo trailer ufficiale.
Il film, invece, ha già da tempo fissato la sua data d’uscita per il 19 dicembre 2025.
Avatar 3: Fuoco e Cenere svela il suo primo poster e anticipa l'uscita del trailer
Avatar: Fuoco e Cenere ha mostrato al pubblico il suo primo poster ufficiale, accompagnando l'annuncio con la data d'uscita del primo trailer in arrivo prestissimo al cinema.Cristina Migliaccio (ComingSoon.it)
like this
Godot getting serious
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.youtube.com
Feddit Un'istanza italiana Lemmy reshared this.
Il Campo e la Trincea: La Memoria del Tenente Luigi Ferraris
Il Campo e la Trincea: La Memoria del Tenente Luigi Ferraris
di Francesco Caldari 23 maggio 1915. Cinquantadue squadre si erano presentate al via del campionato di calcio 1914/15. In quattro rimangono per il girone “Nord” ed in sei per la Lega “Centro-Sud”.www.tuttostoria.net
Ex-officer sentenced to 33 months in prison in Breonna Taylor case
Brett Hankison, a former Kentucky police officer who was convicted in the death of Breonna Taylor, a 26-year-old emergency medical technician, was sentenced on Monday to 33 months in prison.
Taylor was shot and killed on March 13, 2020, during a botched drug raid authorized by the Louisville Metro Police Department. A Louisville detective at the time, Hankison, 46, was found guilty last November of violating Taylor's civil rights while executing a search warrant on her home, which resulted in the tragedy.
Hankison will not report directly to prison, with U.S. District Judge Rebecca Grady Jennings saying during Monday's sentencing hearing that the Bureau of Prisons will decide when his sentence begins, according to The Associated Press. His prison sentence will be followed by three years of supervised probation.
☆ Yσɠƚԋσʂ ☆ likes this.
Tesla is the least-trusted car brand in America
Self-Driving Cars and Electric Vehicles: U.S. Market Insights & Analysis, July - Electric Vehicle
EVIR surveyed more than 8,000 U.S. consumers, weighted by education, race, gender, age, income, and geography, to uncover the truths behind what’s powering or stalling the EV and self-driving car transition.sedrick@kineticstrategies.us (ev-intelligence.com)
copymyjalopy likes this.
I cant be the only one that sucks at playing against humans but am OK against bots???
essell likes this.
Sweden, Sex Work, Screens: The Criminalisation of Online Sex Work and Article 8 of the ECHR
Sweden has quietly taken a radical step: it is now illegal to purchase online sexual acts. This move advances Sweden’s long-standing “end demand” policy model for tackling sexual services from the physical realm, into the digital. Yet it seems to overlook the significant differences between the two spheres – in terms of behaviour models, profiles, and market dynamics – and how such differences may be taken into account when determining the persuasiveness of the law’s rationale. This becomes especially clear when measured against the protections enshrined under Article 8 of the European Convention on Human Rights (ECHR) and recent Strasbourg case law.While the criminalisation of the purchase of in-person sexual services has been judged to be compatible with Article 8, the underlying reasoning rests on factors that do not translate to the online sphere: combatting prostitution and human trafficking, a lack of consensus on sex work policy across Europe, and an inability to parse the harms caused by the law from the harms caused by sex work itself. Sweden’s extension of its “end demand” policy into digital sex work thus risks overstepping the boundaries of Article 8 of the ECHR and reveals how laws that are directly transplanted from the offline to the online sphere without due thought may lead to the erosion of private digital rights.
How can I share/store sensitive data for family
I need to start making plans for when I am gone, much sooner than I thought, and I realized our finances are pretty opaque to my spouse. Our bank account is shared, but there are other sites that only I have access to.
The easiest solution would be to physically write down logins and what needs done, put it in an envelope, and tell my family where that envelope is. I'm not thrilled about that, because I would have to shred and rewrite it every time I update a password or a URL changes, and it'd be vulnerable to nosy guests.
Putting it in a shared Google Doc would be easiest for everyone. But then Google has that data. Even supposing I trust a cloud SaaS provider not to misuse the data (which is a big 'if') I do not trust them to never have a data breach.
Self-hosting seems like the next step, except I expect my home server to be the first thing to collapse once I'm gone. Filing login info with an estate attorney would still require frequent updates. Putting a document on a flash drive risks data loss, but is what I'm leaning towards.
Is there a solution I'm missing?
like this
I would use Keepass. You would have a single file, opened with a single password, that you could share with them however you want.
Wishing you the best
adhocfungus likes this.
adhocfungus doesn't like this.
like this
Technology reshared this.
But then he would have been a good human, and one who worried about the right things.
You can’t just swap suicide like that.
UN Statements Undercut New Israeli Report on 10/7 Sexual Violence
Major news organizations, most prominently the New York Times, have promoted the idea of systematic sexual violence at opportune moments to justify Israel’s ongoing genocide in Gaza. The first major salacious headlines and assertions emerged in late 2023, when Israel was campaigning to restart its killing during a brief ceasefire. The latest effort to revive this narrative follows the same pattern as its predecessors—and, indeed, is more overtly political, with the report spending less airtime on the well-being of women than on reasons we should roll back what is left of international law.
The UN, however, has stated multiple times that it does not have evidence of systematic sexual abuse by Hamas or any other militant group on October 7, 2023. A top United Nations official issued a statement last week that stands in direct contradiction to the new Israeli report.
Reem Alsalem, the UN Special Rapporteur on violence against women and girls, affirmed in her statement this week that though the UN had not found “systematic” sexual violence: "It is my understanding that neither the Commission nor any other independent human rights mechanism established that sexual or gender-based violence was committed against Israelis on or since the 7th of October as a systematic tool of war or as a tool of genocide," Alsalem wrote in the statement, first reported by NBC News.
In a move that is highly unusual, the Dinah Project report is now hosted on the UN’s website among its own reports on sexual violence and global conflict. Drop Site News asked Patten why she was hosting the report, but she did not respond. The UN fact-finding mission led by Patten and so dearly held by the Dinah Project, at times, directly contradicts what the Dinah Project argues.
UN Statements Undercut New Israeli Report on 10/7 Sexual Violence
The Dinah Project had to come up with an entirely new standard for evidence to continue to claim sexual violence perpetrated by Hamas on October 7, 2023.Ryan Grim (Drop Site News)
KI-Tool versteckt Inkompetenz
Ein Vibe-Coder schreibt ohne es zu merken auf X, wie kaputt Vibe-Coding ist: Ein Staging-System greift direkt auf die Produktionsdatenbank zu. Keine Versionskontrolle mit Git. Tests funktionieren laut den Posts nur auf dem Produktionssystem. Und der Höhepunkt: Ein KI-Tool warnt explizit „I can not be trusted, I will violate the rules“ und „hire human developers you can trust“ – trotzdem verwendet der Typ das Tool weiter.
Da hab ich schon Meinung zu.
jascha.wtf/ki-tool-versteckt-i…
#Claude #Inkompetenz #KITools #MonsterEnergy #Softwareentwicklung #VibeCoding
KI-Tool versteckt Inkompetenz
Ein Vibe-Coder schreibt ohne es zu merken auf X, wie kaputt Vibe-Coding ist: Ein Staging-System greift direkt auf die Produktionsdatenbank zu. Keine Versionskontrolle mit Git. Tests funktionieren laut den Posts nur auf dem Produktionssystem.jascha.wtf
Quanto costa un funerale oggi in Italia?
reshared this
Purtroppo me l'hanno regalato, quindi l'autore è stato pagato e non posso fare resi
16.50€ per questa porcheria!
All'interno altre gemme "ai slop" come fette di banana con il picciolo, petti di pollo con ossa, forchette dai denti storti, ecc
Most doctors in most Gaza hospitals involved in ‘terrorist activities’ says Israel Special Envoy
Most doctors in most Gaza hospitals involved in ‘terrorist activities’ says Israel Special Envoy
We spoke to Fleur Hassan-Nahoum, who's Israel’s Special Envoy for Trade and Innovation.Channel 4 News
like this
Laura Santi è morta dopo aver avuto accesso al suicidio assistito, infine
Laura Santi è morta dopo aver avuto accesso al suicidio assistito, infine
Dopo un lungo e complesso iter giudiziario, civile e penale, per vedersi riconosciuto questo diritto: è la nona persona in Italia e la prima in UmbriaIl Post
Nintendo can disable your Switch 2 for piracy in the U.S., but not in Europe, as confirmed by its EULA
Nintendo can disable your Switch 2 for piracy in the U.S., but not in Europe, as confirmed by its EULA
The significant legal differences between the United States and Europe cause Nintendo to punish piracy differently depending on the territory.Rubén Martínez (Meristation)
like this
And Nintendo JP says that “Nintendo Switch and Nintendo Switch 2 cannot be remotely located, their users remotely identified nor disabled over the Internet” (tweet in Japanese warning people against accidentally losing or getting their consoles stolen over summer vacation)
But I bet it is more like “Nintendo won’t disable them remotely even if people report ones stolen to them with serial numbers and police reports”, but they’ll happily do so if they caught you using the console in an unapproved manner in their eyes.
like this
Twitter link with an archive link or screenshot. We don't allow direct Twitter links on our instance. Thanks.
This is by definition "we are just assholes"
Someone play for 5 minutes with a mig switch a legit dump of their own, legally purchased game, just for convenience, to have multiple games on the same cart? The console is now almost useless. You can't play any digital games that you purchased with real money, and physical games can't get any update. Game requires a 20gb day one patch to be playable? Though luck buddy, go to buy a new console!
They stole your console? Oh no! Yes, we absolutely could do the same, as it's bound to your Nintendo account and we could add a button "report as stolen and ban it from internet" in your profile. But we won't, go to buy a new console!
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
A Self-hosted, BSD-native Gemini Protocol Server Stack
For those who are adventurous enough to explore the non-http corners of the Internet, the Gemini protocol is a delightful experience to use. It has been around a number of years, making the biggest bang around the time when discontent with the web’s general demise started to reach current heights (so maybe around 2022).
My “capsule”, Vigilia, is self-hosted, and has been since its inception. It used to run on a disused Macbook Pro running Fedora Server, under our TV at home, but since then I have become much more confident in using OpenBSD. It used to run on a little Python CGI script I wrote, which also started to feel too bloated and complex, with too many bells and whistles that I frankly had no need for. It was time to make a change, so I replaced the old Macbook with a Raspberry Pi, and Fedora with OpenBSD, and then took my time to figure out a new “status quo”.
0. Philosophy
I wished to create a more Unix-minded stack. The more I have been using OpenBSD and Unix systems the more I have been sold on the “everything is a file” philosophy, as well as opting to use internal tools as much as possible rather than reinvent the wheel on my own. That is to say, I’d much rather work with simple scripts and shell commands than write complicated and buggy code.
So with that in mind, here’s the stack that I settled on after a some trial and error:
1. Hardware
I have absolutely no intention to expose our home IP address via DynDNS or similar. However, I like to be in control of my data as much as possible: ideally as little of my data should be hosted on “someone else’s computer”. If I can’t unplug the hard disk and put it in a drawer, I can’t guarantee it’s security from a hack.
So Vigilia is actually two servers. The server with the actual data is at home, in running on a Raspberry Pi 4B. But as a “public front” vigilia runs a reverse-proxying gemini server on a standard VPS over at OpenBSD.amsterdam.
2. Network setup
I will not go into the intricacies of the dual-wan setup in this post I have at home; but to keep things connected to each other I am using Tailscale to tie the servers together in a Virtual LAN. This is incredibly handy because they get to have easy to remember static IP addresses, all over an encrypted channel.
So here’s the rough idea:
- Vigilia.cc’s DNS records resolve to the OpenBSD.Amsterdam VPS running
gmid - VPS and home server both run
tailscale - VPS reverse-proxies incoming gemini connections to home server
3. Gemini server config
Both the VPS and the local server run [url=https://gmid.omarpolo.com]gmid[/url]. It’s a fast and simple gemini server that mirrors OpenBSD’s httpd; which means it is very easy to configure, it is stable and secure. It can run in chrooted environments, and as its own user, so it’s just a Good Thing all over. Most importantly, it can relay and reverse-proxy TCP connections with sni fields intact, which is something for example OpenBSD’s relayd, built primarily for HTTP, does not do.
My gmid config files look something like this:
### REMOTE_SERVER:/etc/gmid.conf#user "_gmid" # running it as its own user to achieve privilege separationchroot "/var/gemini" # and in a chroot so it can't just access random bits of the file systemlog { syslog # log to /var/log/messages}vigilia_pem = "/etc/ssl/PUBLICKEY.pem"vigilia_key = "/etc/ssl/private/PRIVATEKEY.key"public_ip = "46.23.93.41" # OpenBSD Amsterdam VPS' public addresshomeserver = "100.REDACTED.REDACTED.101" # TailScale IP of the home machine public_port = "1965"homeserver_port = "2965"server "vigilia.cc" { listen on $public_ip port $public_port cert $vigilia_pem key $vigilia_key proxy { proxy-v1 # this directive enables some advanced features like forwarding IP Addresses of visitors verifyname off # I found I need to specify this somehow, maybe because of self-signed certs sni "vigilia.cc" relay-to $homeserver $homeserver_port }}
This above allows to listen for connections to vigilia.cc:1965 and forward them to HOME_SERVER:2965. So thus the homeserver has the following configuration:
### HOME_SERVER:/etc/gmid.conf#user "_gmid" chroot "/var/gemini" log { syslog }internal_address = "100.REDACTED.REDACTED.101" # TailScale IP of the home machine internal_port = "2965"# The below are the same certificates that are in use on the VPSvigilia_pem = "/etc/ssl/PUBLICKEY.pem"vigilia_key = "/etc/ssl/private/PRIVATEKEY.key"server "vigilia.cc" { listen on $internal_address port $internal_port proxy-v1 # add proxy-v1 support for relayed connections cert $vigilia_pem key $vigilia_key log on location "*" { auto index on # enables directory listing }}
4. Getting the files to the Server
Because I am lazy I want to edit files locally and I want them to magically appear on my capsule. So I am using [url=https://syncthing.net/]syncthing[/url] to copy things over automagically from DESKTOP:~/public_gemini to HOME_SERVER:/var/gemini.
Syncthing runs most reliably as my own user, I found. To do this it is best to follow the documentation for the Syncthing OpenBSD package — but basically it involves starting it via the user’s crontab with the “@reboot” directive. But as it runs as my own user, I need to set the permissions properly. HOME_SERVER:/var/gemini is owned by the _gmid user in the _gmid group so I also added MYUSER on both machines to the same _gmid group, and made sure MYUSER has write access:
#!/bin/sh# HOME_SERVERusermod -G _gmid MUYSERchown -r _gmid /var/geminichmod -r ug=rwx,o=r /var/gemini
Then I set up syncthing on HOME_SERVER. As it is running headless, I needed to access the web interface, which I achieved via SSH tunneling:
$ ssh -L 9999:localhost:8384 HOME_SERVER
This way I could open a browser on DESKTOP and access the server’s Syncthing settings.
So here are the settings:
On the DESKTOP:
- Syncthing web interface -> Add folder
- Folder path:
~/public_gemini - Folder label: Gemini files (or something)
- Ignore patterns: “
*.sock” (Unix sockets might confuse the poor thing) - Sharing: HOME_SERVER
- Pause syncing for now
On HOME_SERVER:
- Establish ssh tunnel to HOME_SERVER as described above
- Open remote Syncthing webinterface on DESKTOP: localhost:9999
- Accept the incoming share request for “Gemini files” from DESKTOP; but point it to /var/gemini
- Folder path:
/var/gemini - Folder label Gemini files
- Advanced: UNTICK “Wach for changes” because OpenBSD doesn’t seem to allow Syncthing to poke around in
/varwith those various Go modules and you’d just get errors, like I did - Check the Ignore patterns — if it didn’t synchronise “
*.sock” then specify it manually
On DESKTOP:
- Unpause syncing
Now any file you write into DESKTOP:~/public_gemini will sync across to HOME_SERVER:/var/gemini. Yay!
6. Setting up automatic static site generation
Now if you are content to maintain your capsule manually, you are done. As I said I am lazy so I want my little “ssg” script, Lumen, to create index pages for each directory for me. Lumen, I promise, will be made available once I tidy it up.
Lumen basically lists all files recursively and generates an index.gmi for each directory. This means that Lumen has to be re-run each time the folder changes. OpenBSD is acquiring some degree of file watching natively.1 However [url=https://openports.pl/path/sysutils/entr]entr[/url] already exists in ports.
It took a bit of tweaking but basically here’s the command I ended up using, adapted from one of the examples provided in the entr manpage:
$ while sleep 0.1; do find /var/gemini/vigilia.cc/* | entr -nd python3 /var/gemini/cgi/lumen.py -d /var/gemini/vigilia.cc; done
What it does is, in a loop it recursively lists all files every 0.1 seconds in /var/gemini/vigilia.cc, and feeds the output to entr. Then entr runs with -n to specify a non-interactive session (in interactive sessions it also responds to e.g. keystrokes and tty changes – so to be safe, I don’t want that); and with -d to specify it should be looking for changes in the parent folder of any changing files. The looping and the -d directive were added because sometimes I ran into issues when a file got deleted: entr just quit because it could not find the removed file in a “stale” file list it was provided on launch. Lumen needs a -d argument as well to specifiy which directory it needs to work on.
7. System config
Because there are a few other servers like “auld.vigilia.cc” also running on the home machine (the configs for wich aren’t reproduced above for brevity’s sake) and because those rely on a number of CGI scripts I have to start them on launch. I ended up using supervisord for these. Supervisor is a cool little daemon for launching things. I could use rc but supervisord allows me to specify a few extra bits more easily, like redirecting output to syslog and other things.
So for HOME_SERVER, here is my supervisord configuration:
#### HOME_SERVER:/etc/supervisord.conf## [... snip ...][program:gmid]command=/usr/local/bin/gmid -f ; the program (relative uses PATH, can take args)process_name=%(program_name)s ; process_name expr (default %(program_name)s)directory=/var/gemini/ ; directory to cwd to before exec (def no cwd)priority=100 ; the relative start priority (default 999)autostart=true ; start at supervisord start (default: true)startretries=3 ; max # of serial start failures when starting (default 3)autorestart=true ; when to restart if exited after running (def: unexpected)killasgroup=true ; SIGKILL the UNIX process group (def false)stdout_syslog=true ; send stdout to syslog with process name (default false)stderr_syslog=true ; send stderr to syslog with process name (default false)[program:lumen-vigilia_cc]command=/bin/ksh -c 'while sleep 0.1; do find /var/gemini/vigilia.cc/* | entr -nd python3 /var/gemini/cgi/lumen.py -d /var/gemini/vigilia.cc; done'process_name=%(program_name)sdirectory=/var/gemini/priority=102autostart=truestartretries=3autorestart=trueuser=MYUSERNAMEstderr_syslog=truestdout_syslog=true
There are other directives that start the CGI scripts for “auld.vigilia.cc” in the config, omitted here.
Note that you can specify “priority” to control in what order you want the scripts to run. I first want the gemini server to run (100); then I want it to run the CGI scripts (101 — left out of the above example); then I want to run the static site generator’s watcher (102). Notice I am telling explicitly it to run /bin/ksh with a command specified in -c; this is because simply feeding it a complex command confuses supervisord, as I discovered.
One nice feature of supervisord is that it can redirect both stderr and stdout to syslog, so any commands and processes supervisord runs will have their output sent to /var/log/messages, neatly tagged and organised.
Conclusion
So there you have it — my Gemini stack from start to finish. It was a really fun experiment to start to use OpenBSD, instead of reinventing the wheel, or relying on some monolithic CGI scripts. You can do quite a lot with just system internals and a few packages.
- The
watchutility was added to 7.7-current on 2025-05-19; it will make its way into 7.8 hopefully. ↩︎
Adapted from the original article “Vigilia’s New Gemini Stack” published via Gemini at vigilia.cc on 21 July 2025.
Trying Guix: A Nixer's Impressions
One aspect of Guix I found to be really fascinating: That there is basically no conceptual difference between defining a package as a private build script, and using a package as part of the system.
Let me explain: Say you wrote a little program in Python which uses a C library (or a Rust library with C ABI) which is in the distribution. Then, in Guix you would put that librarie's name and needed version into a manifest.scm file which lists your dependency, and makes it available if you run guix shell in that folder. It does not matter whether you run the full Guix System, or just use Guix as s package manager.
Now, if you want to install your little python program as part of your system, you'll write an install script or package definition, which is nothing else than a litle piece of Scheme code which contains the name of your program, your dependency, and the information needed to call python's build tool.
The point I am making is now that the only thing which is different between your local package and a distributed package in Guix is that distributed packages are package definitions hosted in public git repos, called 'channels'. So, if you put your package's source into a github or codeberg repo, and the package definition into another repo, you now have published a package which is a part of Guix (in your own channel). Anybody who wants to install and run your package just needs your channel's URL and the packages name. It is a fully decentral system.
In short, in Guix you have built-in something like Arch's AUR, just in a much more elegant and clean manner - and in a fully decentralized way.
like this
I had a go at using guix as a package manager on top of an existing distro (first an immutable fedora, which went terribly, then OpenSUSE). Gave up for a few reasons:
- As mentioned in the article,
guix pullis sloow. - Packages were very out of date, even Emacs. If I understand correctly, 30.1 was only added last month, despite having been available since February. I get that this isn't the longest wait, but for the piece of software you can expect most guix users to be running, it doesn't bode well.
- The project I was interested in trying out (Gypsum) had a completely broken manifest. Seems like it worked on the dev's machine though, which made me concerned about how well guix profiles actually isolate Dev environments. This was probably an error on the dev's part, but I'd argue such errors should be hard to make by design.
All in all I love the idea of guix, but I think it needs a bigger community behind it. Of course I'm part of the problem by walking away, but 🤷
- As mentioned in the article,
guix pullis sloow.
This one has beem discussed on several forums discussing the original blog post, like here or also here on lobste.rs
Part of the reason for slow pulls is that the GNU projects savannah server, which Guix was using so far, is not fast, especially with git repos. Luckily, this is already being improved because Guix is moving to codeberg.org, a FOSS nonprofit org which is hosted in Europe. So if one changes the configured server URL, it is faster. (On top of that interested people might use the opportunity to directly take influence, and donate to codeberg so that they can afford even better hardware 😉).
OpenAI and UK sign deal to use AI in public services
OpenAI and UK sign deal to use AI in public services
The US tech firm behind ChatGPT say it will work with the UK government to "deliver prosperity for all".Mitchell Labiak (BBC News)
thisisbutaname likes this.
Fedora Must (Carefully) Embrace Flathub
Fedora Must (Carefully) Embrace Flathub
Motivation Opportunity is upon us! For the past few years, the desktop Linux user base has been growing at a historically high rate. StatCounter currently has us at 4.14% desktop OS market share...Michael Catanzaro (Michael Catanzaro's Blog)
like this
L'enorme braccio reclutato per agevolare la rinascita del nucleare in Gran Bretagna - Il blog di Jacopo Ranieri
L'enorme braccio reclutato per agevolare la rinascita del nucleare in Gran Bretagna - Il blog di Jacopo Ranieri
Affermò la profezia: “E quando il destino dovrà compiersi, il giorno si trasformerà in notte, e il normale ciclo diurno sembrerà finire prima dell’ora del tramonto.Jacopo (Il blog di Jacopo Ranieri)
What is the exact meaning of the "Banned" label next to a user?
For example, I've come across this:
::: spoiler References
1. Type: User Page. Name: "CanadaRocks" ("@CanadaRocks@piefed.ca"). Publisher: ["Lemmy". "sh.itjust.works"]. Accessed: 2025-07-22T02:07Z. URI: sh.itjust.works/u/CanadaRocks@….
:::
[…] Due to a bug, currently the user can post & comment […]
Do you have a link to the bug?
A hacky, incomplete solution has been running for a while: github.com/LemmyNet/lemmy/issu…
A full solution has been merged, but I don’t think it’s been released yet: github.com/LemmyNet/lemmy/pull…
Instance banning a remote user should prevent them from participating in remote versions of communities
Requirements Is this a feature request? For questions or discussions use https://lemmy.ml/c/lemmy_support Did you check to see if this issue already exists? Is this only a feature request? Do not p...sunaurus (GitHub)
[…] A full solution has been merged, but I don’t think it’s been released yet: github.com/LemmyNet/lemmy/pull…
It looks like it's coming with Lemmy 1.0 ^[1]^.
::: spoiler References
1. Type: Comment. Author: "Nutomic". Publisher: [Type: Post. Title: "Open issues on popular lemmy apps to prepare for 1.0.0 release". Author: "dessalines". Publisher: ["GitHub". "LemmyNet/Lemmy"]. Published: 2025-03-15T13:17:39.000Z. URI: github.com/LemmyNet/lemmy/issu….]. Published: 2025-06-02T08:21:42.000Z. Accessed: 2025-07-22T06:26Z. URI: github.com/LemmyNet/lemmy/issu….
:::
Open issues on popular lemmy apps to prepare for `1.0.0` release
Now that we've fundamentally changed nearly all the data structs, there's no reason to keep an api/v3 in the codebase. Nearly every data structure was changed with #5482 . As one example: GET /comm...dessalines (GitHub)
Yes. It "blocks" the user. Afaik it should prevent the banned user from interacting with communities from the instance they were banned from and also the instance will no longer accept any new interactions from the user (local users cant see new content of that user, like PMs, comments, etc.)
Additionally, their content can also be removed, but that is optional.
Hrm, I have a suspicion that it was a false positive by the automod (maybe it didn't like "kill this idea"?):
Update (2025-07-22T02:37Z): The moderation action was a false positive, and has been reverted ^[2]^.
::: spoiler References
1. Type: Webpage. Title: "Modlog". Publisher: ["Lemmy". "sh.itjust.works"]. Accessed: 2025-07-22T02:31Z. URI: sh.itjust.works/modlog?actionT….
2. Type: Message. Author: "InEnduringGrowStrong" (@inenduringgrowstrong:matrix.org). Publisher: ["Matrix". "sh.itjust.works"]. Published: 2025-07-22T02:36Z. Accessed: 2025-07-22T02:40Z. URI: matrix.to/#%2F%21ftaqqnpOePvPw….
:::
Matrix - Decentralised and secure communication
You're invited to talk on Matrix. If you don't already have a client this link will help you pick one, and join the conversation. If you already have one, this link will help you join the conversationmatrix.to
They also can’t send direct messages to users on that instance.
Can a user on the banning instance message the banned user? If so, can the banned user reply?
Can a user on the banning instance message the banned user?
I’ve never tried it so I’m not sure.
If so, can the banned user reply?
I’ve never tried this either, but I highly doubt it.
ISolox
in reply to network_switch • • •like this
Mordikan, TVA e Scrollone like this.
Captain Aggravated
in reply to ISolox • • •like this
TVA likes this.
Squizzy
in reply to Captain Aggravated • • •I was hopeful I would find a decent bluray drive to rip some movies I have but I cant see anything priced as I would have thought and decent.
I got a usb dvd one that works fine
Captain Aggravated
in reply to Squizzy • • •Squizzy
in reply to Captain Aggravated • • •Ah thats a great idea! I got an optiplex second hand to try my hand at linux recently. I wonder if it has a bd drive. Its an i7 too.
I want to take all my media and rip it for sharing with the fam. Over covid I was putting things on my cloud for others to grab but I want to do a full jellyfin build now.
Captain Aggravated
in reply to Squizzy • • •data1701d (He/Him)
in reply to Captain Aggravated • • •I just ripped the Blu-Ray drive from my father’s PC since he wasn’t using it.
Since my machine doesn’t have 5.25” bays, I just have SATA cables dangling out the side of the case. I’ve probably ripped more CDs than Blu-Rays, though.
Captain Aggravated
in reply to data1701d (He/Him) • • •data1701d (He/Him)
in reply to Captain Aggravated • • •It’ll definitely be a difficult undertaking, but I plan on really trying to have a 5.25” bay when I build another PC.
That probably won’t be for a couple more years, though. I’m on a Ryzen 5 2600 and RX 580, and I really don’t do that much intense gaming; a GPU upgrade is tempting so I can actually use ROCm for some casual Blender Cycles renders, though. I hope that the already dismal supply of those 5.25 cases doesn’t dwindle even more.
Captain Aggravated
in reply to data1701d (He/Him) • • •Get a Fractal Pop. It's got a drive bay.
I have built a computer in a Fractal Meshify before, and I prefer that case, but the Pop is alright.
cmnybo
in reply to ISolox • • •like this
TVA e Scrollone like this.
BeardedBlaze
in reply to cmnybo • • •Korhaka
in reply to BeardedBlaze • • •MonkderVierte
in reply to Korhaka • • •Kazumara
in reply to BeardedBlaze • • •myrmidex
in reply to network_switch • • •BlackVenom
in reply to myrmidex • • •Korhaka
in reply to BlackVenom • • •BlackVenom
in reply to Korhaka • • •yumyumsmuncher
in reply to myrmidex • • •myrmidex
in reply to yumyumsmuncher • • •bacon_pdp
in reply to network_switch • • •actionjbone
in reply to bacon_pdp • • •My pre-UEFI system can boot from a USB drive.
Most still-functional ones can.
beleza pura
in reply to actionjbone • • •ÚwÙ-Passwort
in reply to beleza pura • • •beleza pura
in reply to ÚwÙ-Passwort • • •damn
and i thought my computer was obsolete. i bought it "new" 10 years ago, but i optimized for price, so it was already obsolete then. still, it supports usb booting
pastermil
in reply to bacon_pdp • • •irotsoma
in reply to pastermil • • •gnuplusmatt
in reply to network_switch • • •like this
TVA likes this.
deadcade
in reply to gnuplusmatt • • •corsicanguppy
in reply to deadcade • • •Jakeroxs
in reply to corsicanguppy • • •corsicanguppy
in reply to Jakeroxs • • •AnUnusualRelic
in reply to network_switch • • •MonkderVierte
in reply to AnUnusualRelic • • •Asswardbackaddict
in reply to network_switch • • •data1701d (He/Him)
in reply to network_switch • • •Besides the corrections others have said, I really can’t think of any reason people would intentionally use legacy BIOS on a machine with UEFI for a new install.
Like, I could get doing it for an old install - I know someone who installed Windows 7 in 2015 on their then-new desktop build and later upgraded to 10 but is stuck on legacy BIOS for now with that machine because 7 only ran on that.
I could see something similarly jank happening to someone in the Linux world and then decide not to address it for “if it ain’t broke, don’t fix it reasons”, but certainly not for no reason.