Money is more important than humans.

Why is everyone acting surprised, Trump said Kimmel is Next after he made Colbert fired: https://thehill.com/homenews/media/5410016-donald-trump-jimmy-kimmel-stephen-colbert-cbs/

I already set up my own forgejo instance and moved my code off of GitHub:

https://git.jeena.net

You thought that right- and left-wing extremists are the problem, turns out the center-extremists are /s

I had the problem that peertube redundancy only works on public videos and most of my videos are private/internal. And in my specific case I hosted them in Germany where my server is and because of routing and peering they would always buffer a lot in South Korea where I am so I had to solve it in a creative way, the S3 bucket is one part of my solution, putting it in the right country was another, which I explain in detail here: https://tube.jeena.net/w/uXZN52xsH75LbHWNt8dsLY

I also put the video itself into a S3 bucket, so PeerTube basically only has to show the meta data and the comments from my server, so kind of like what Mastodon or Lemmy/PieFed has to do. I just had a look at the [PeerTube nginx config((https://github.com/Chocobozzz/PeerTube/blob/develop/support/nginx/peertube) but couldn’t see anything there which would do caching, so I assume the app does it’s own caching somewhere.

For my website, which is a rails application, I did

proxy_cache_path /var/lib/nginx/cache/jeena.net keys_zone=jeenanet:30m;

and then

location @rails {
    # ...
    proxy_cache jeenanet;
}

I wonder if the caching is not aggressive enough or something.

I had a PeerTube video from my instance on the HN FrontPage last week and the load was minimally higher compared to before or after.

I had several of my blogposts on HN FrontPage in the past. The first time it happened it brought my poor VPS to the Knies, but I learned from it and cached pages with nginx for some minutes and since then never had any problems. Just invalidate the cache when there are changes.

If you’re anti fashism, you’re anti (future) America and need to be dealt with because you’re a terrorist. /s

That would be really bad and anti american! /s

I use Radicale för it.

So many awesome AI features, and I just switched to helix /s

New generation?

https://www.wearethemighty.com/mighty-trending/writing-funny-messages-bomb-ammo/

For now I feel disabling archives and my simple list of bots to drop in Nginx seems to work very well, it doesn’t create the archives anymore and the load went down also on the server.

That’s what Richard Stallman has been preaching since the 80’s

Yep, off to prison you go! /s

Is this in China?

The most funny part of the post is the last line :D

Hm, but this only works on tmpfs which is in memory. It seems that with XFS I could have done it too: https://fabianlee.org/2020/01/13/linux-using-xfs-project-quotas-to-limit-capacity-within-a-subdirectory/ but I used ext4 out of habit.

For now I asked chatgtp to help me to implement a simple return 403 on bot user agent. I looked into my logs and collected the bot names which I saw. I know it won’t hold forever but for now it’s quite nice, I just added this file to /etc/nginx/conf.d/block_bots.conf and it gets run before all the vhosts and rejects all bots. The rest just goes normally to the vhosts. This way I don’t need to implement it in each vhost seperatelly.

➜ jeena@Abraham conf.d cat block_bots.conf 
# /etc/nginx/conf.d/block_bots.conf  

# 1️⃣ Map user agents to $bad_bot  
map $http_user_agent $bad_bot {  
    default 0;  

    ~*SemrushBot                            1;  
    ~*AhrefsBot                             1;  
    ~*PetalBot                              1;  
    ~*YisouSpider                           1;  
    ~*Amazonbot                             1;  
    ~*VelenPublicWebCrawler                 1;  
    ~*DataForSeoBot                          1;  
    ~*Expanse,\ a\ Palo\ Alto\ Networks\ company 1;  
    ~*BacklinksExtendedBot                   1;  
    ~*ClaudeBot                              1;  
    ~*OAI-SearchBot                          1;  
    ~*GPTBot                                 1;  
    ~*meta-externalagent                     1;  
}  

# 2️⃣ Global default server to block bad bots  
server {  
    listen 80 default_server;  
    listen [::]:80 default_server;  
    listen 443 ssl default_server;  
    listen [::]:443 ssl default_server;  

    # dummy SSL cert for HTTPS  
    ssl_certificate     /etc/ssl/certs/ssl-cert-snakeoil.pem;  
    ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;  

    # block bad bots  
    if ($bad_bot) {  
        return 403;  
    }  

    # close connection for anything else hitting default server  
    return 444;  
}  

I already have LVM but I was using it to combine drives. But it’s not a bad idea, if I can’t do it with Docker, at least that would be a different solution.