Techrights logo

IRC: #boycottnovell @ Techrights IRC Network: Saturday, April 16, 2022

(ℹ) Join us now at the IRC channel | ䷉ Find the plain text version at this address (HTTP) or in Gemini (how to use Gemini) with a full GemText version.

*u-amarsh04 has quit (Connection closed)Apr 16 00:13
*u-amarsh04 has quit (connection closed)Apr 16 00:13
*DaemonFC has quit (Quit: Leaving)Apr 16 06:33
schestowitz-TRrestarted gewmini proxyApr 16 07:43
schestowitz-TRlately it has been having issues after 2 months of smooth sailingApr 16 07:43
schestowitz-TRthis predates any code changesApr 16 07:43
Techrights-secany log records regardingthe freezes?  systemd should have restarted it ifApr 16 08:26
Techrights-secit had stopped running and exited       Apr 16 08:26
Techrights-sec/var/log/nginx/* Apr 16 08:26
schestowitz-TRit seems to sort of hang rather than crash. It has generally been running mow slowly (longer load times) recently, but didn't completely fail until about a week ago. I did not apply any system updates or anything...Apr 16 08:27
schestowitz"Apr 16 08:39
schestowitz2022/04/16 07:40:22 [error] 29508#29508: *11165 connect() to unix:/var/run/nginx/nginx.gemini.proxy.0.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 83.202.186.108, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2020/05/27/canonical-helps-microsoft/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org", referrer: "http://Apr 16 08:39
schestowitztechrights.org/"Apr 16 08:39
Techrights-sechmm.  it will be hard to figure out what makes it hang without specificApr 16 08:40
Techrights-seclog entries from /var/log/nginx/ and maybe even not thenApr 16 08:40
Techrights-secmy guess though is that the http response from TR is tripping it upApr 16 08:40
Techrights-secsince that is not reliable and most recent software including pythonApr 16 08:40
Techrights-secexpet the network to both be 100% availabe and 100% perfectly reliableApr 16 08:40
schestowitz-TRchecking...Apr 16 08:40
schestowitz-TRof course one lusy workaround is to restart the service every hourApr 16 08:43
schestowitz-TRone thing I nopticed is that it slowed down a lotApr 16 08:43
schestowitz-TRalso, to restart it that may take like 2 minutesApr 16 08:43
schestowitz-TRwhich seems far too longApr 16 08:43
schestowitz-TRI saw no indication of memory going lowApr 16 08:43
Techrights-secbased on the shell script problems, python is probably waiting for Apr 16 08:49
Techrights-seca dropped HTTP transaction which will never finish to finish; maybe Apr 16 08:49
Techrights-secthere is a way to put in a timeoutApr 16 08:49
Techrights-secscratch that, the question would be Gemini protocol and Perl not HTTP and pythonApr 16 08:49
schestowitz-TRwhat intrigued me is that it ran OK for 2 months, no reboots or updates, and then suddenly the problems startedApr 16 08:51
schestowitz-TRafaik, we did not change anythiingApr 16 08:51
schestowitz-TRexcept maybe adding the tc stuff and changing sudoersApr 16 08:51
schestowitz-TRmaybe when tc gets run and there is an open nginx connection it gets it worked outApr 16 08:51
schestowitz-TRlike stopping a packet?Apr 16 08:51
Techrights-sectry git now                       Apr 16 08:56
schestowitz-TRmanually saw changelog.changes, applying now... will restartApr 16 08:56
schestowitz-TRdoneApr 16 08:59
schestowitz-TRI am going to tail -f error.logApr 16 08:59
schestowitz-TRas times there correspond with those cases of proxy downtimesApr 16 08:59
schestowitz-TRfor now it is emptyApr 16 08:59
schestowitz-TRbtw, did you see the LF article?Apr 16 08:59
schestowitz-TRit is the very latest post in TRApr 16 09:02
schestowitz-TRit kept me up until 2am, way beyond my sleep time, as I wanted the upload to finish and be verified with md5Apr 16 09:02
schestowitz-TRI think the timing of the report (easter friday) says how LF itself feels about itApr 16 09:02
schestowitz-TRthis has already been discussed a lot in IRC, where I floated a first draft of itApr 16 09:02
Techrights-sec  Apr 16 09:05
Techrights-sectahnksApr 16 09:05
Techrights-sec^thanksApr 16 09:05
Techrights-secI'll need to refresh my memory on the LF article, can you send the URL again?Apr 16 09:05
Techrights-secTHe one about the CoC?  Yes, I read it.  It looks likely that Apr 16 09:05
Techrights-secLF is using it to silence anyone not toeing the line, especially in regardsApr 16 09:05
Techrights-secto M$ insurgencyApr 16 09:05
Techrights-secYes, releasing on not just late on Friday but a very major holiday for mostApr 16 09:05
Techrights-secof the world is a strong indication they wish to bury such awarenessApr 16 09:05
Techrights-secNot that there are any journalists left to cover it, there are so few andApr 16 09:05
Techrights-secthose few are already so busyApr 16 09:05
schestowitz-TRremember that now to criticise criminals is the moral equivalent of kicking little innocent puppiesApr 16 09:05
Techrights-secyes they are pushing that narrative hard nowadaysApr 16 09:05
Techrights-secIt's "unprofessional".  Apr 16 09:05
schestowitz-TRwe agree 100% on thisApr 16 09:09
schestowitz-TRno point debating this furtherApr 16 09:09
schestowitz-TRI don't suppose any "news" site will pick up the topicApr 16 09:09
schestowitz-TRthat's x-istApr 16 09:09
schestowitz-TR"it helps the [some bad group]"Apr 16 09:09
schestowitz-TRthere sre sying along the lines ofApr 16 09:13
schestowitz-TR"if you don't offer legal options, then ./.. piracy"Apr 16 09:13
schestowitz-TR"if you suppress subject x... then [some consequences"Apr 16 09:13
schestowitz-TRBN and TR did well over the years because they do offer an outlet for suppressed views  Apr 16 09:13
schestowitz-TRbut the perpetual risk is being taken out of context and presented as "Extremists"Apr 16 09:13
schestowitz-TRas happend to FSF, Pocock and othersApr 16 09:13
schestowitz-TRit's a "delicate dance"Apr 16 09:13
schestowitz-TRall in all I think we did alrightApr 16 09:13
schestowitz-TRit's very hard to argue that we're extremeApr 16 09:13
schestowitz-TRgulagtroll is still tryingApr 16 09:13
schestowitz-TRlike provoking DFC with certain subjects, then linking to that in Musk SocialApr 16 09:13
Techrights-secackApr 16 09:17
Techrights-secyes he is still trollingApr 16 09:17
schestowitz-TRbtw, irc is suitable for discussions like sheela zemlinApr 16 09:24
schestowitz-TRbecause that is very informalApr 16 09:24
schestowitz-TRhardly counts as "stalking" or "harassment"Apr 16 09:24
schestowitz-TRthe subject is VERY relevantApr 16 09:24
schestowitz-TRbut you would not want to talk about it much in articlesApr 16 09:24
schestowitz-TRnor will you wish to mention anything race--relatedApr 16 09:24
schestowitz-TRor cultural differencesApr 16 09:24
schestowitz-TRit might be OK foirm people from rich nationsApr 16 09:24
schestowitz-TRI still think many CEO appoinments in the USApr 16 09:24
schestowitz-TRare based not on skillsApr 16 09:24
schestowitz-TRbut based on a baggage associated with public opinionApr 16 09:24
schestowitz-TRseeing that some of them (accent aside) cannot speak coherently Apr 16 09:24
Techrights-sec:(Apr 16 09:25
Techrights-secyes if even that. same for nearly all other CxO appointementsApr 16 09:25
Techrights-secThe C-suite as it is called just seems  to shuffle between failures atApr 16 09:25
Techrights-secvarious businessesApr 16 09:25
schestowitz-TRusually they do not do actual workApr 16 09:25
schestowitz-TRthey just pass 'email' (Outlook) and tell peopple to do thingsApr 16 09:25
Techrights-secOutlook/Exchange is used for plausible deniabilityApr 16 09:29
Techrights-secnever a real mail serviceApr 16 09:29
schestowitz-TRmicrosoft <3 outlookApr 16 09:29
schestowitz-TRrussia <3 outlookApr 16 09:29
schestowitz-TRnsa <3 outlookApr 16 09:29
schestowitz-TRstupid MBAs <3 stupid magazines that tell them criminals from microsoft = "professionalism"Apr 16 09:29
Techrights-secyepApr 16 09:37
Techrights-secprobably the main reason that putin can't attack the computers is becauseApr 16 09:37
Techrights-secrussia itself is open to a devastating counter attack due to its failureApr 16 09:37
Techrights-sec4x to eliminate M$ products from within its borders.  At least some of theApr 16 09:37
Techrights-sectime that was due to out of control corruption which then resulted in firingApr 16 09:37
Techrights-secof many who knew computers and relaced them with microsoftersApr 16 09:37
schestowitz-TRat around 9:01am the error logs started filling up againApr 16 10:07
schestowitz-TRI've just restarted the service, about an hour lateApr 16 10:07
schestowitz2022/04/16 10:05:51 [error] 29508#29508: *11484 connect() to unix:/var/run/nginx/nginx.gemini.proxy.0.sock failed (111: Connection refused) while connecting to upstream, client: 201.65.94.22, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2021/04/04/microsoft-nationalism/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org", referrer: "http://techrights.org/"Apr 16 10:08
schestowitz2022/04/16 10:06:49 [error] 29508#29508: *11488 connect() to unix:/var/run/nginx/nginx.gemini.proxy.0.sock failed (111: Connection refused) while connecting to upstream, client: 81.154.169.249, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/git/tr-git/IPFS/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org"Apr 16 10:08
-TechrightsBN/#boycottnovell-techrights.org | Welcome to TechrightsApr 16 10:08
Techrights-secackApr 16 10:12
Techrights-secthanksApr 16 10:12
*u-amarsh04 (~amarsh04@joseon-rmogvn.g0d7.dtdf.mc4289.IP) has joined #boycottnovellApr 16 10:16
*u-amarsh04 (~amarsh04@v6xmmrhxmbafc.irc) has joined #boycottnovellApr 16 10:16
schestowitz-rw-r-----  1 www-data adm  114391 Apr 16 10:28 error.logApr 16 10:29
schestowitz-rw-r-----  1 www-data adm   59570 Apr 15 23:57 error.log.1Apr 16 10:29
schestowitz-rw-r-----  1 www-data adm    2756 Apr  6 23:53 error.log.10.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    2141 Apr  5 23:35 error.log.11.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    2764 Apr  4 23:27 error.log.12.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    3249 Apr  3 23:52 error.log.13.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    4320 Apr  2 23:29 error.log.14.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    3319 Apr 14 23:58 error.log.2.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    7667 Apr 13 23:45 error.log.3.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm   23349 Apr 12 23:25 error.log.4.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    2112 Apr 11 23:15 error.log.5.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    1885 Apr 10 22:33 error.log.6.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    1613 Apr  9 23:14 error.log.7.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    3112 Apr  8 23:21 error.log.8.gzApr 16 10:29
schestowitz-rw-r-----  1 www-data adm    2657 Apr  7 23:28 error.log.9.gzApr 16 10:29
schestowitz-TRnow it barely lasts a minute eveven if or when I restart the servicesApr 16 10:29
schestowitz-TRlooking into itApr 16 10:29
schestowitz systemctl status gemini-proxy.service Apr 16 10:34
schestowitz● gemini-proxy.service - Gemini Proxy ServiceApr 16 10:34
schestowitz     Loaded: loaded (/etc/systemd/system/gemini-proxy.service; enabled; vendor preset: enabled)Apr 16 10:34
schestowitz     Active: inactive (dead) since Sat 2022-04-16 10:33:28 BST; 1min 3s agoApr 16 10:34
schestowitz-TRit looks like with the latest git change is became more sensitiveApr 16 10:38
schestowitz-TRit also looks like systemd does try to restart it a few timesApr 16 10:38
Techrights-secok some more changes in the worksApr 16 10:59
Techrights-secok sevral changes in Git nowApr 16 10:59
schestowitz-TRrunning for 2 mins now, no errors yetApr 16 10:59
schestowitz-TRso far so goodApr 16 11:03
schestowitz2022/04/16 11:03:17 [error] 11909#11909: *58 FastCGI sent in stderr: "[Sat Apr 16 11:03:17 2022] gemini-proxy.pl: Failed to connect: Resource temporarily unavailable, 'SSL wants a read first'" while reading response header from upstream, client: 93.218.25.16, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2022/04/14/spurning-science/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "Apr 16 11:03
schestowitzgemini.techrights.org", referrer: "http://techrights.org/Apr 16 11:03
-TechrightsBN/#boycottnovell-techrights.org | Welcome to TechrightsApr 16 11:03
Techrights-secokApr 16 11:12
Techrights-seccheckingApr 16 11:12
Techrights-sec(fwiw it works here in the local test set up)Apr 16 11:12
Techrights-secstill checking Apr 16 11:12
Techrights-secstrange only the path is differentApr 16 11:12
Techrights-secthat is the matter, Apr 16 11:12
Techrights-secwhere would be a good place to cache a copy of the public cert for Apr 16 11:12
Techrights-secgemini.techrihgts.org ?  Somewhere in /etc? Apr 16 11:12
schestowitz-TRmaybe userspace?Apr 16 11:13
schestowitz2022/04/16 11:07:55 [error] 11909#11909: *75 connect() to unix:/var/run/nginx/nginx.gemini.proxy.0.sock failed (111: Connection refused) while connecting to upstream, client: 93.23.18.203, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2021/11/10/firefox-esr-91-issues/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org", referrer: "http://techrights.org/"Apr 16 11:14
schestowitz2022/04/16 11:08:27 [error] 11909#11909: *77 connect() to unix:/var/run/nginx/nginx.gemini.proxy.0.sock failed (111: Connection refused) while connecting to upstream, client: 84.249.218.214, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2020/08/31/linux-should-reject-github/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org", referrer: "http://techrights.org/"Apr 16 11:14
schestowitz2022/04/16 11:09:07 [crit] 11909#11909: *89 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 51.159.99.253, server: 0.0.0.0:443Apr 16 11:14
schestowitz2022/04/16 11:09:35 [error] 11909#11909: *90 connect() to unix:/var/run/nginx/nginx.gemini.proxy.0.sock failed (111: Connection refused) while connecting to upstream, client: 95.115.120.75, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2019/04/19/pypy-7-1-1/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org", referrer: "http://techrights.org/"Apr 16 11:14
schestowitz2022/04/16 11:10:44 [error] 11909#11909: *93 connect() to unix:/var/run/nginx/nginx.gemini.proxy.0.sock failed (111: Connection refused) while connecting to upstream, client: 84.249.218.214, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2020/06/18/rusty-censorship/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org", referrer: "http://techrights.org/"Apr 16 11:14
Techrights-sec /home/gemini/bin/Gemini-Proxy/Cert-Cache/gemini.tecrights.org.pem ?Apr 16 11:15
Techrights-sec$ git diffApr 16 11:17
Techrights-secdiff --git a/Gemini/Gemini-Proxy/gemini-proxy.pl b/Gemini/Gemini-Proxy/gemini-proxy.plApr 16 11:17
Techrights-secindex d861b5e..5c8b4ce 100755Apr 16 11:17
Techrights-sec--- a/Gemini/Gemini-Proxy/gemini-proxy.plApr 16 11:17
Techrights-sec+++ b/Gemini/Gemini-Proxy/gemini-proxy.plApr 16 11:17
Techrights-sec@@ -108,10 +108,10 @@ sub fetch_gemini {Apr 16 11:17
Techrights-sec        Timeout=>2,Apr 16 11:17
Techrights-sec        Proto => 'tcp',Apr 16 11:17
Techrights-sec        # SSL_ca_path => '/home/pi/Certs/',Apr 16 11:17
Techrights-sec-       SSL_ca_file => '/home/gemini/bin/Gemini-Proxy/Cert-Cache/gemini.tecrights.org.pem',Apr 16 11:17
Techrights-sec+       # SSL_ca_file => '/home/gemini/bin/Gemini-Proxy/Cert-Cache/gemini.tecrights.org.pem',Apr 16 11:18
Techrights-sec        SSL_hostname => "gemini.techrights.org",Apr 16 11:18
Techrights-sec-       SSL_verify_mode => SSL_VERIFY_PEER,      # overriden by next line ...Apr 16 11:18
Techrights-sec-       # SSL_verify_mode => SSL_VERIFY_NONE,      # unsafe kludgeApr 16 11:18
Techrights-sec+       # SSL_verify_mode => SSL_VERIFY_PEER,      # overriden by next line ...Apr 16 11:18
Techrights-sec+       SSL_verify_mode => SSL_VERIFY_NONE,      # unsafe kludgeApr 16 11:18
Techrights-sec        )Apr 16 11:18
Techrights-sec        or die("Failed to connect: $!, '$SSL_ERROR'\n");Apr 16 11:18
Techrights-secmaybe the NAT hairpinning (NAT loopback) is causing trouble with the Apr 16 11:20
Techrights-sechost IP + name + SSL combination?Apr 16 11:20
Techrights-secAnyway, try the above diff       Apr 16 11:20
schestowitz-TRit does not appear to be in git, doy ou want me to apply the change manually?Apr 16 11:20
Techrights-sec   Apr 16 11:27
Techrights-secif it's possible  Apr 16 11:27
Techrights-secthanksApr 16 11:27
schestowitz-TRchanging, will restartApr 16 11:27
schestowitz-TR111 access forbidden by rule...Apr 16 11:27
schestowitz2022/04/16 11:23:42 [error] 11909#11909: *111 access forbidden by rule, client: 23.100.232.233, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2012/05/12/antisocial-element-at-microsoft/ HTTP/1.1", host: "gemini.techrights.org", referrer: "http://techrights.org/2012/05/12/antisocial-element-at-microsoft/"Apr 16 11:28
schestowitz2022/04/16 11:24:06 [error] 11909#11909: *112 access forbidden by rule, client: 52.162.211.179, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2018/07/08/striving-to-improve-patent-quality/ HTTP/1.1", host: "gemini.techrights.org", referrer: "http://techrights.org/2018/07/08/striving-to-improve-patent-quality/"Apr 16 11:28
-TechrightsBN/#boycottnovell-techrights.org | Charles Manson, the Unabomber, and Microsoft | TechrightsApr 16 11:28
schestowitz2022/04/16 11:24:52 [error] 11909#11909: *113 FastCGI sent in stderr: "[Sat Apr 16 11:24:52 2022] gemini-proxy.pl: Failed to connect: Resource temporarily unavailable, 'SSL wants a read first'" while reading response header from upstream, client: 81.154.169.249, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/git/files/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.Apr 16 11:28
-TechrightsBN/#boycottnovell-techrights.org | In Spite of Resistance From the Patent Microcosm the USPTO Strives to Improve Patent Quality | TechrightsApr 16 11:28
schestowitzorg", referrer: "http://gemini.techrights.org/proxy?url=gemini://gemini.techrights.org/git/"Apr 16 11:28
schestowitz2022/04/16 11:26:47 [error] 11909#11909: *117 FastCGI sent in stderr: "[Sat Apr 16 11:26:47 2022] gemini-proxy.pl: Failed to connect: Resource temporarily unavailable, 'SSL wants a read first'" while reading response header from upstream, client: 84.146.40.202, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2021/03/15/duckduckgo-in-2021/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "Apr 16 11:28
schestowitzgemini.techrights.org", referrer: "http://techrights.org/"Apr 16 11:28
-TechrightsBN/#boycottnovell-gemini.techrights.org | Gemini Proxy for TechrightsApr 16 11:28
-TechrightsBN/#boycottnovell-techrights.org | Welcome to TechrightsApr 16 11:28
*DaemonFC (~daemonfc@k5ghkuun6w7re.irc) has joined #boycottnovellApr 16 11:30
Techrights-secis that with the diff?Apr 16 11:38
schestowitz2022/04/16 11:39:50 [warn] 19740#19740: "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/ssl/certs/nginx-selfsigned.crt"Apr 16 11:40
schestowitz2022/04/16 11:39:50 [warn] 19741#19741: "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/ssl/certs/nginx-selfsigned.crt"Apr 16 11:40
schestowitz2022/04/16 11:40:15 [error] 19743#19743: *1 access forbidden by rule, client: 23.100.232.233, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/2010/09/16/microsoft-latin-america-vs-freedom-sw/ HTTP/1.1", host: "gemini.techrights.org", referrer: "http://techrights.org/2010/09/16/microsoft-latin-america-vs-freedom-sw/"Apr 16 11:40
-TechrightsBN/#boycottnovell-techrights.org | Microsoft ‘Pulls a Russia’ in Brazil | TechrightsApr 16 11:40
schestowitz-TRyes, but let me check againApr 16 11:40
schestowitz-TRok, seems like I edited this correctlyApr 16 11:40
schestowitz-TRbtu I've just restarted nginx as wellApr 16 11:40
Techrights-sectry /tmp/gemini-proxy.pl that should be the old versionApr 16 11:52
schestowitz2022/04/16 11:52:38 [error] 20752#20752: *5 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 81.154.169.249, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/git/sloc.gmi HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org", referrer: "http://gemini.techrights.org/proxy?url=gemini://gemini.techrights.org/git/"Apr 16 11:53
schestowitz2022/04/16 11:52:56 [error] 20752#20752: *1 FastCGI sent in stderr: "[Sat Apr 16 11:52:56 2022] gemini-proxy.pl: Failed to connect: Resource temporarily unavailable, 'SSL wants a read first'" while reading response header from upstream, client: 80.220.101.127, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org"Apr 16 11:53
schestowitz2022/04/16 11:53:01 [error] 20752#20752: *5 FastCGI sent in stderr: "[Sat Apr 16 11:53:01 2022] gemini-proxy.pl: Failed to connect: Resource temporarily unavailable, 'SSL wants a read first'" while reading response header from upstream, client: 81.154.169.249, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/git/sloc.gmi HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.Apr 16 11:53
schestowitzorg", referrer: "http://gemini.techrights.org/proxy?url=gemini://gemini.techrights.org/git/"Apr 16 11:53
schestowitz2022/04/16 11:53:10 [error] 20752#20752: *9 FastCGI sent in stderr: "[Sat Apr 16 11:53:10 2022] gemini-proxy.pl: Failed to connect: Resource temporarily unavailable, 'SSL wants a read first'" while reading response header from upstream, client: 80.220.101.127, server: _, request: "GET /proxy?url=gemini://gemini.techrights.org/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/nginx/nginx.gemini.proxy.0.sock:", host: "gemini.techrights.org"Apr 16 11:53
Techrights-secseems to work in place nowApr 16 12:19
Techrights-sechmm now it shows "502 Bad Gateway"Apr 16 12:19
Techrights-secover at gemini.techrights.org Apr 16 12:19
Techrights-secit appears to not be running, according to ps and pgrepApr 16 12:19
schestowitz-TRit died after a whileApr 16 12:19
Techrights-secI am not sure at all what is killing itApr 16 12:25
schestowitz-TRnothing has changed on the server aroudund then except sudoers and tc in scriptsApr 16 12:25
schestowitz-TRit also became a lot slower to respondApr 16 12:29
schestowitz-TRit used to be very snappyApr 16 12:30
schestowitz-TRnow, even when it works, it can take several secondsApr 16 12:30
schestowitz-TRlxer has just posted some github crapApr 16 12:30
schestowitz-TRthey don't like their readersApr 16 12:30
*Noisytoot has quit (Ping timeout: 2m30s)Apr 16 12:33
Techrights-secI presume something has changed in the environment?Apr 16 12:41
Techrights-sectechrights.orgApr 16 12:44
Techrights-secgemini.techrights.org is an alias for home.techrights.org.Apr 16 12:44
Techrights-sechome.techrights.org has address 81.154.169.249Apr 16 12:44
Techrights-secreal    0m1.503sApr 16 12:44
Techrights-secuser    0m0.027sApr 16 12:44
Techrights-secsys     0m0.027sApr 16 12:44
Techrights-sec1.5 seconds :(Apr 16 12:44
Techrights-secthinkingApr 16 12:44
Techrights-sec$ time host gemini.techrights.orgApr 16 12:44
Techrights-secgemini.techrights.org is an alias for home.techrights.org.Apr 16 12:44
Techrights-sechome.techrights.org has address 81.154.169.249Apr 16 12:44
Techrights-secreal    0m1.503sApr 16 12:44
Techrights-secuser    0m0.027sApr 16 12:44
Techrights-secsys     0m0.027sApr 16 12:44
schestowitz-TRafaik, i could only see issues after 2 months of smooth sailing around the time we added c to the video update script and Apr 16 12:44
schestowitz-TRthe capsule update scriptApr 16 12:44
schestowitz-TRsome days later I also killed and restarted ipfsApr 16 12:45
schestowitz-TRbecause of the connection issuesApr 16 12:45
schestowitz-TRwhich left me using the wifi on another channelApr 16 12:45
schestowitz-TRbut that was days afterApr 16 12:45
schestowitz-TRI think that was days after the proxy isuesApr 16 12:45
Techrights-secthinkingApr 16 12:45
Techrights-secIt's an intermittent problemApr 16 12:45
schestowitzgemini   pts/8        tmux(5296).%12   Sat Apr 16 10:08    gone - no logoutApr 16 12:59
schestowitz-TRis this you?Apr 16 12:59
Techrights-sec probablyApr 16 13:21
Techrights-secI have gemini with tmux atmApr 16 13:21
schestowitz-TRI think that around the 10th was the first time I needed to restart ngnix but then I realisedApr 16 13:23
schestowitz-TRthe proxy server needed to be restarted after 1 montk, 30 daysApr 16 13:23
schestowitz-TRsometimes it takes a couple of minutes just to restartApr 16 13:23
schestowitz-TRbut pages were then slow to loadApr 16 13:23
schestowitz-TRand it would not be the last restart needed, I think another was needed later in the same dayApr 16 13:23
schestowitz-TRevewn if I got it to self-healApr 16 13:27
schestowitz-TRthat would still not explain why it got so much slowerApr 16 13:27
schestowitz-TRand I suspect that the slowness is the cause of the crashes or is related to itApr 16 13:27
schestowitz-TRthe capsule, gemini://, is super fact from hereApr 16 13:27
schestowitz-TRthe proxy is notApr 16 13:27
Techrights-secackApr 16 13:30
Techrights-secthe capsule does not use DNS though, the proxy does at least one lookup perApr 16 13:30
Techrights-secrequestApr 16 13:30
Techrights-secthe requests seem to take well oveer 1 second for DNSApr 16 13:30
Techrights-secso that might be part of the problem or just one symptomApr 16 13:30
Techrights-sec$ time host gemini.techrights.orgApr 16 13:30
Techrights-secgemini.techrights.org is an alias for home.techrights.org.Apr 16 13:30
Techrights-sechome.techrights.org has address 81.154.169.249Apr 16 13:30
Techrights-secreal    0m5.109sApr 16 13:30
Techrights-secuser    0m0.021sApr 16 13:30
Techrights-secsys     0m0.051sApr 16 13:30
*DaemonFC has quit (Quit: Leaving)Apr 16 13:30
Techrights-secthat's from your RPiApr 16 13:36
Techrights-sec[Apr 16 13:36
Techrights-secperhaps, if they overlap just right; yes it varies a lot but is always slowApr 16 13:36
schestowitz-TRif I run this from my machine or root at pi it's a lot faster\Apr 16 13:37
schestowitz-TRoh, actually it varies from the piApr 16 13:37
schestowitz-TReven over a second sometimesApr 16 13:37
schestowitz-TROK, so I think it narrows down the issueApr 16 13:37
schestowitz-TRmaybe a TC thingApr 16 13:37
schestowitz-TRis it possible that at one point two scripts called the tc script at the same time, resulting in a bad state?Apr 16 13:37
schestowitz-TRi have just run tc-0shaper-06Apr 16 13:37
schestowitz-TRand the response is fasterApr 16 13:37
schestowitz-TRwait, it is no faster, it varies a lotApr 16 13:37
schestowitz-TReven over 6 secs at one pointApr 16 13:37
schestowitz-TRso I think this is def. the source of the problemApr 16 13:37
Techrights-seclikelyApr 16 13:40
schestowitz-TRvideo updates run tc swapperApr 16 13:42
schestowitz-TRthey start every three hours past 20Apr 16 13:42
schestowitz-TRplanet every 3 hours but no tc thereApr 16 13:42
schestowitz-TRit looks like you commented out the global rrss updaterApr 16 13:42
schestowitz-TRso it runs every hour, past 6Apr 16 13:43
schestowitz-TRthe commented out bit says every 3 hoursApr 16 13:43
schestowitz-TRwas this change recent?Apr 16 13:43
schestowitz-TRcrontab -l | grep updaterApr 16 13:45
schestowitz-TRthis would reduce reliability as it increases the chance of a stale lock fileApr 16 13:45
schestowitz-TRsometimes I run a ls comment to check the time of the latest lockApr 16 13:45
schestowitz-TR and manually remove it if it's oldApr 16 13:45
Techrights-secnot that recent. I mentioned it but did not update the text as I was waitingApr 16 13:45
Techrights-secto see if it caused an increase in reliable updates.  Too often the updatesApr 16 13:45
Techrights-sechang and then fail.Apr 16 13:45
Techrights-secThat's another problem to track down, the scripts are supposed to remove theApr 16 13:45
Techrights-sectheir lockfiles upon exit regardless of the reason for exitingApr 16 13:45
schestowitz-TRi think what we have here is another 'blessing in disguise' (like with obs after noisetorch issue)Apr 16 13:48
schestowitz-TRas the proxy issue is def. connected to lookup latecy, which it can eventualyl choke onApr 16 13:48
schestowitz-TRand to tackle this issue we can also ackle the lockfile issue and tcApr 16 13:48
schestowitz-TRoverlapping scripts can contribute to the issue, I thinkApr 16 13:48
Techrights-secI've already relabled the lockfiles so that each script uses a unique nameApr 16 13:48
schestowitz-TRone thing i've noticed is, sometimes the scripts do not terminateApr 16 13:50
schestowitz-TRthey leave ffprobe behindApr 16 13:50
schestowitz-TRand also leave themselves behindApr 16 13:50
schestowitz-TRan hour ago I killed manually several "updaters"Apr 16 13:50
schestowitz-TRthey might be the reason lock files are left behindApr 16 13:50
schestowitz-TRso in a sense our pileup of scripts with system calls maybe made its way to the proxyApr 16 13:50
schestowitz-TRand the proxy issue is just a symptomApr 16 13:50
schestowitz-TRhence not predictableApr 16 13:50
schestowitz-TRbut I suppose more robust after some code changesApr 16 13:50
Techrights-secyes, I was just thinking of that tooApr 16 13:50
schestowitz-TRYes, I got the same, but it's OK nowApr 16 13:53
schestowitz-TRI was about to ask if you ran some commandApr 16 13:53
Techrights-secDNS is not supposed to take 6 secondsApr 16 13:53
Techrights-secFailed to connect to the server: dial tcp 81.154.  169.249:1965: i/o timeout.Apr 16 13:53
Techrights-sec^geminiApr 16 13:53
Techrights-secI tried lsof but don't have any use of itApr 16 13:57
schestowitz-TRmaybe reset tc if such a concept exists?Apr 16 14:00
schestowitz-TRuntil we get saner dns again?Apr 16 14:00
Techrights-secI tried lsof but don't have any use of itApr 16 14:00
Techrights-secthe tc scripts should clear the queuesApr 16 14:00
schestowitz-TRis it you running tcpdump?Apr 16 14:09
schestowitz-TRprocess 15593Apr 16 14:09
schestowitz-TRthe pi is clocking more than 1MB/sec sometimesApr 16 14:09
schestowitz-TRso I think that might choke all traffic inc. DNSApr 16 14:09
schestowitz-TRnot sure, let me shrottle it moreApr 16 14:09
Techrights-secIPFS? Apr 16 14:09
schestowitz-TRshutting down ipfs to testApr 16 14:18
schestowitz-TRnow the proxy seems snappierApr 16 14:18
schestowitz-TRI wonder if ipfs itself became more b/w-heavyApr 16 14:18
schestowitz-TRI did not notice anything different on other machinesApr 16 14:18
schestowitz-TRrestarting ipfsApr 16 14:18
schestowitz-TRits traffic level are saner, for nowApr 16 14:18
schestowitz-TRand the proxy is responsive and fastApr 16 14:18
Techrights-sec        ackApr 16 14:18
schestowitz-TRi suppose the fuller effect will be known when scripts run with tc in them but I think we at least have a far betterApr 16 14:20
schestowitz-TRunderstanding now of what goes onApr 16 14:20
schestowitz-TRaccording to my router the pi down about 10gb a day up+downApr 16 14:21
Techrights-secwhich ports is that distributed oveer?  Apr 16 14:21
Techrights-secIs most IPFS?Apr 16 14:21
schestowitz-TRfor sure, but there is no breakdown by port numbers etc.Apr 16 14:22
schestowitz-TRI'm going to monitor the services and things for the next few hoursApr 16 14:22
schestowitz-TRit seems like the proxy is at least fast again and does not fall over, for now...Apr 16 14:22
schestowitz-TRafaik, in technical terms we're doing many things other capsules do not doApr 16 14:22
schestowitz-TRso we are in the area of "undocumented"Apr 16 14:22
*Noisytoot (~noisytoot@y56qsb6r6yg94.irc) has joined #boycottnovellApr 16 14:24
Techrights-secackApr 16 14:25
*u-amarsh04 has quit (Quit: Konversation terminated!)Apr 16 17:15
*u-amarsh04 has quit (Quit: Konversation terminated!)Apr 16 17:15
schestowitz-TRhttps://nitter.eu/FOSSForce/status/1515352822946086914#mApr 16 17:20
-TechrightsBN/#boycottnovell-nitter.eu | FOSS Force (@FOSSForce): "GNU Core Utilities: coreutils-9.1 released | Tux Machines https://buff.ly/3Og74pB" | nitterApr 16 17:20
schestowitz-TRhttps://nitter.eu/geeknik/status/1515345773856182278#mApr 16 17:21
-TechrightsBN/#boycottnovell-nitter.eu | Geeknik`s {🌤}; Farm (@geeknik): "What’s New in Fedora 36 http://www.tuxmachines.org/node/163768" | nitterApr 16 17:21
schestowitz-TRhttps://nitter.eu/BrideOfLinux/status/1515329239632986119#mApr 16 17:21
-TechrightsBN/#boycottnovell-nitter.eu | Christine Hall (@BrideOfLinux): "Still kicking after all these years: GNU Core Utilities: coreutils-9.1 released | Tux Machines https://buff.ly/3Og74pB" | nitterApr 16 17:21
schestowitz-TRbacking upo pi:/home to external usb at the momentApr 16 18:25
schestowitz-TRthe usb backup holds the whole system inclluding OSApr 16 18:25
schestowitz-TRwe have not made many changes at that levelApr 16 18:25
schestowitz-TRregarding the proxy, I need to manually restart it every now and then every 30 minutes or soApr 16 18:25
schestowitz-TRso we did not fix the issue, but we better understand what the issue isApr 16 18:25
schestowitz-TRand when it runs, the lag is at least minimalApr 16 18:25
schestowitz-TRas beforeApr 16 18:25
schestowitz-TRI've now cleaned ALL my RSS feeds except the patent stuff!Apr 16 18:25
schestowitz-TRbackup during the holiday is a priorityApr 16 18:25
Techrights-secackApr 16 18:25
Techrights-secmaybe a cron job.  I suppose it should be rewritten to have several parallelApr 16 18:25
Techrights-secprocesses going.Apr 16 18:25
Techrights-secSo that if one slows down or has to wait, other connections can still happen.Apr 16 18:25
schestowitz-TRyes, before cronn ing everything I just want to better understand the uptime Apr 16 18:25
schestowitz-TRit did run perfectly OK for 2 monthsApr 16 18:25
schestowitz-TRthe pi is immensely valuable to meApr 16 18:32
schestowitz-TRwith it, my "working notes" get replicated to 3 placesApr 16 18:32
schestowitz-TRexternal usb, pi, and desktop over ssh with cacheApr 16 18:32
schestowitz-TRit's now in another floor, upstairsApr 16 18:32
schestowitz-TRif ipfs goes down and I'm afak, I will knowApr 16 18:32
schestowitz-TRblinkingApr 16 18:32
schestowitz-TRover gemini it has served about 4 million pagesApr 16 18:32
schestowitz-TRand over ipfs TBs of data Apr 16 18:32
schestowitz-TRrianne uses hers for work, with a 28-inch screen and lots of monitoring, 2 or 3 VPNsApr 16 18:32
schestowitz-TRit is used even when I'm on shift (rpi400)Apr 16 18:32
Techrights-secexcellent!Apr 16 18:32
Techrights-secackApr 16 18:32
Techrights-secI suppose the soldering will never be convenient to tryApr 16 18:32
Techrights-secyay!Apr 16 18:32
schestowitz-TRat the moment I cannot think of a use for buttons on the device as even a reboot button wouldApr 16 18:33
schestowitz-TRnever get usedApr 16 18:33
schestowitz-TRso from a practical POV, it's a case of "wait, I'll find use for it later on... maybe anotherApr 16 18:33
schestowitz-TRdevice"Apr 16 18:33
Techrights-secShe has a model 400?Apr 16 18:34
Techrights-secyes there are other "HAT"s which can do the button thing without needing    Apr 16 18:34
Techrights-secto be solderedApr 16 18:34
schestowitz-TRso far since the morning no lock fiels got 'jammed'Apr 16 18:35
schestowitz-TRi think at one point I'll run some script to 'clean up' orphaned and incomplete runsApr 16 18:35
schestowitz-TRffmpeg probes etc.Apr 16 18:35
Techrights-secgreatApr 16 18:36
schestowitz-TRrecently I noticed we get about 20-30% more unique IPs in gemini then lastt yearApr 16 18:38
schestowitz-TRtakern on a daily basisApr 16 18:38
schestowitz-TRdrew is taking a break for gemini to spend more time smokign weed :-)Apr 16 18:38
schestowitz-TR*from geminiApr 16 18:38
schestowitz-TRThat's fine, he made some good tools for ir and it's still growing, I put more nad moreApr 16 18:38
schestowitz-TRin Daily LinksApr 16 18:38
Techrights-sec:/Apr 16 18:38
schestowitz-TRI've finally sorted out the microphone or sound quality on the new laptopApr 16 21:59
schestowitz-TRbut only after I had recoreded a couple with terrible quality Apr 16 21:59
*u-amarsh04 (~amarsh04@joseon-rmogvn.g0d7.dtdf.mc4289.IP) has joined #boycottnovellApr 16 22:17
*u-amarsh04 (~amarsh04@v6xmmrhxmbafc.irc) has joined #boycottnovellApr 16 22:17
*u-amarsh04 has quit (connection closed)Apr 16 22:40
*u-amarsh04 has quit (Connection closed)Apr 16 22:40
schestowitz-TRI sepent about an our trying to hack obs into doing webm as outputApr 16 23:16
schestowitz-TRI think due to a lack of CPU/GPU capacity this won't be possibleApr 16 23:16
schestowitz-TRas it cannot keep upApr 16 23:16
schestowitz-TRunless it is sound only Apr 16 23:16
psydruidIntel/AMD won't work for the GPU offloading part?Apr 16 23:57

Generated by irclog2html.py 2.6 | ䷉ find the plain text version at this address (HTTP) or in Gemini (how to use Gemini) with a full GemText version.