cherrykraken

joined 2 years ago
[–] cherrykraken 8 points 2 days ago (1 children)

The code basically tracks mouse movements, or the lack thereof. If a bot is using a cursor, it might move in a straight line at constant speed to the "I'm not a robot" checkbox. Most bots though just check the HTML and jump directly to the checkbox. There are other checks it might do as well, e.g. the user-agent of the browser, whether the user came from a search engine, etc.

That being said it's that not difficult to break, e.g. Puppeteer has a plugin specifically for getting around Captchas and Cloudflare's offerings.

All this is to say: automatic captchas are better at allowing legitimate users than they are at blocking bots entirely.

[–] cherrykraken 3 points 1 week ago

During a high school English class, we had a section on fairytales and their origins in old European folklore (think stories that inspired The Witcher, the gorier version of Cinderella, etc.)

One of the assignments was to write our own short fairytales, but apparently I was the only person that got a memo that these should have a darker style and tone as well... I don't remember the whole of what I wrote, only that it involved trying to kill a witch, if you failed you died, and the winning method was using a pencil (this was 3-4 years before John Wick).

After I read it to the entire class... well if there wasn't a whispered "WTF" to break the silence, there should've been.

I think I got a B minus.

[–] cherrykraken 23 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Carmy: "Cooking is not fun for me."

Richie: "Yeah, but you love it."

Carmy: "That doesn't mean it's fun."

Richie: "If this shit is not fun for you, Cousin,what the fuck is fun for you?"

-- The Bear, S2 E1

[–] cherrykraken 7 points 3 weeks ago (2 children)

I've actually been investigating Postgres cluster configurations the past 2 weeks at work (though we're considering CloudNativePG+Kubernetes on 3 nodes spanning two physical locations).

One thing I might recommend is to investigate adding a proxy like PgBouncer in front of the databases. This will manage request differences where write-queries must go to the primary, but read-queries may go to any of the replicas as well.

It should also better handle the recycling of short-lived and orphaned connections, which may become more of a concern on your stage 3, and especially on some stage 4.

[–] cherrykraken 3 points 1 month ago (1 children)

Regarding access tokens, there's a third party credential helper for Linux that uses OAuth. I recently found it and started using it a month ago. Works pretty much the same as Git + Windows Credential Manager. In case you are running headless, there is a device mode flag that will allow you to login with the GitHub app on your phone.

https://github.com/hickford/git-credential-oauth

(And if you layer a timed cache helper before the OAuth helper... well you shouldn't have to reauthenticate every time!)

Otherwise, the Git manual lists some other credential helpers that interface with some password managers.

https://git-scm.com/doc/credential-helpers

[–] cherrykraken 3 points 2 months ago (1 children)

My city has fully integrated the Transit app into our bus system, so you can also buy and scan your tickets within the app, including monthly passes and 10-use "punch cards". Just activate the QR code as you're boarding. It's awesome.

[–] cherrykraken 2 points 3 months ago (1 children)

In NPM I set a proxy host 192.168.box.IP to forward to 100.jellyfin.tailscale.IP:8096. I tested it by going to box.IP and jellyfin works.

I'm not surprised this worked, numbers are allowed in FQDNs, but an IP address is not entirely equivalent.

I tried "box.IP:8096" as a domain name and NPM rejected it. I tried "box.IP/jellyfin" and NPM rejected that too (I'll try Locations in a bit)

I would strongly suggest you to read up on the OSI model.

Nginx only understands HTTP and HTTPS requests at Layer 7 (implicitly and strictly ports :80 and :443), and forwards or redirects them to Layer 4 destinations. (Nginx can technically handle other protocol requests via plugins, but that isn't what you are looking for.)

In NPM, the proxy host name should at least contain the Raspberry Pi's hostname, e.g. jellyfin.your-rpi-name. Or you could use the path location option, e.g. your-rpi-name with location /jellyfin. (I think the second option might work with network hostname auto-discovery, in which case pihole as a DNS may not be strictly necessary.)

[–] cherrykraken 3 points 6 months ago (1 children)

I personally use rdfind as it has an option to replace duplicates with hardlinks instead of deleting them outright (if on the same filesystem). This is useful if you do still need a file to exist at multiple paths.

I then use Czkawka for everything else, especially for similar, non-duplicate files.