Categories
Errors Software www

Using Mastodon with Cloudflare

If you’re using Mastodon with Cloudflare CDN/protection and minify turned on, you’ll notice the site may look broken (after a few visits, when hitting Cloudflare cache).

Yeah, that’s not how it’s supposed to look.

And you’ll notice errors in the webdev tools similar to Failed to find a valid digest in the 'integrity' attribute, with computed SHA-256 integrity:

Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/common-997d98113e1e433a9a9f.js' with computed SHA-256 integrity 'YgEhHmwjKL88zKfUOMt/qRulYurIuHzhn4SZC9QQ5Mg='. The resource has been blocked.
@yeri:1 Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/locale_en-f70344940a5a8f625e92.chunk.js' with computed SHA-256 integrity '1VgpQjY/9w/fgRLw1QH2pfzqr36p3hINvg9ahpBiI2U='. The resource has been blocked.
@yeri:1 Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/public-a52a3460655116c9cf18.chunk.js' with computed SHA-256 integrity 'onh6vHxzykkVgJkiww+OCPk0tKC48KMUD9GVJ8/LKJQ='. The resource has been blocked.

Basically, the sha256 hash doesn’t match the js or css static files.

This happens because Cloudflare minifies those files and thus the hash has been changed.

To get it to work correctly, you’ll need to create a Page Rule via Rules > Page Rules > Create Page Rule with the following info:

The page rule created; in this screenshot, the rule is still turned off.
  • URL: YourMastodonURL.com/packs/*
  • Settings: Auto Minify: off (do not select anything)
  • Rocket Loader: slider off
Details on the page rule. Save and deploy.

Don’t forget to purge your cache via the dashboard (for the Mastodon domain) via Caching > Custom Purge > Hostname > YourMastodonURL.com.

Categories
Linux Software

Mastodon server: email

Always a hassle to get mail delivery to work.

Had a similar problem with a VoIP (Nexmo SMS/call forwarding) tool that just refused to work using local mail servers without a valid cert. Gave up and started using Mailgun. 

Long story short: use something like Mailgun or another provider.

Using localhost SMTP server support seems to be limited if you don’t have working certs. The documentation is also lacking as to what does what. Didn’t figure out how to have it ignore SSL.

This is what worked for me, using Mailgun server:

SMTP_SERVER=smtp.eu.mailgun.org
SMTP_PORT=465
[email protected]
SMTP_PASSWORD=some-password
[email protected]
SMTP_DELIVERY_METHOD=smtp
SMTP_SSL=true
SMTP_ENABLE_STARTTLS_AUTO=false
SMTP_AUTH_METHOD=plain
SMTP_OPENSSL_VERIFY_MODE=none

And it looks like I’m not the only one struggling.

Categories
Linux Software Virtualisation

Feed2Toot

Started looking into a service to auto-post from this blog onto my Mastodon feed. Feed2Toot fit the bill perfectly.

I wanted to run the whole thing from a Docker container, though, so I’ll quickly write a how-to.

This whole thing runs from a Raspberry Pi, as root. No k8s or k3s for me. The path I use is /root/git/feed2toot/, so be sure to modify that to whatever you’re using.

First off, get your credentials for the app. You can either install the Feed2Toot package on a system (i.e. throwaway VM, to keep it clean), or use the Docker container below, but add RUN apk add bash and change the last line to CMD ["bash"] and then chroot into it via docker exec -it feed2toot bash.

This will generate two files (feed2toot_clientcred.txt and feed2toot_usercred.txt). Be sure to save these.

You can also try to run Feed2Toot at least once to make sure it’s working and to fine-tune your ini file. This is mine:

[mastodon]
instance_url=https://mastodon.yeri.be
; Here you need the two files created by register_feed2toot_app
user_credentials=/etc/feed2toot/feed2toot_usercred.txt
client_credentials=/etc/feed2toot/feed2toot_clientcred.txt
; Default visibility is public, but you can override it:
; toot_visibility=unlisted

[cache]
cachefile=/feed2toot/feed2toot.db
cache_limit=10000

[lock]
lock_file=/var/lock/feed2toot.lock
lock_timeout=3600

[rss]
uri=https://yeri.be/feed
; uri_list=/feed2toot/rsslist.txt
toot={title} {link}
; toot_max_len=500
title_pattern=Open Source
title_pattern_case_sensitive=true
no_uri_pattern_no_global_pattern=true
; ignore_ssl=false

[hashtaglist]
; several_words_hashtags_list=/feed2toot/hashtags.txt
; no_tags_in_toot=false

[feedparser]
; accept_bozo_exceptions=true

[media]
; custom=/var/lib/feed2toot/media/logo.png

I have three other files to make this work, first off Dockerfile:

FROM python:3.6-alpine
RUN pip3 install feed2toot && mkdir -p /etc/feed2toot/
COPY feed2toot.ini feed2toot_clientcred.txt feed2toot_usercred.txt /etc/feed2toot/
VOLUME /feed2toot/
CMD ["feed2toot", "-c", "/etc/feed2toot/feed2toot.ini"]

The script I run to build the container (start.sh):

#!/bin/bash
git pull

BASEIMAGE=`cat Dockerfile | grep FROM | awk '{print $2}'`
docker pull $BASEIMAGE
docker stop feed2toot
docker rm feed2toot
docker build -t feed2toot .
./run.sh

And finally, the script to run the container every so often (run.sh):

#!/bin/bash
docker run -d --rm -v /srv/mastodon/feed2toot/:/feed2toot/ --name feed2toot feed2toot

This will save the database file under /srv/mastodon/, to preserve states across rebuilds.

Note that once Feed2Toot runs, it’ll exit, and the container will be stopped. So it does not automatically run all the time.

So, you’ll want to run this every so often. You can add a file to /etc/cron.d/ to run it, for example, every six hours:

#
# cron-jobs for feed2toot
#

MAILTO=root

0 */6 * * *		root	if [ -x /root/git/feed2toot/run.sh ]; then /root/git/feed2toot/run.sh >/dev/null; fi

That’s it. Should do the trick. It’ll now post stuff from your RSS feed onto your timeline.

Oh, and Jeroen has a good post about Mastodon.

Categories
Software

The pandemic is over: kill the QR menu

The QR-code menu—which you access by scanning a black-and-white square with your smartphone—has taken off ever since. It may dominate going forward. But I hope not, because I detest those digital menus. Never mind dying peacefully in my sleep; I want to go out while sitting in a restaurant on my 100th birthday, an aperitif in my left hand and a paper menu in my right. And as eager as I’ll be for heaven if I’m lucky enough to stand on its threshold, I want one last downward glance at a paramedic prying the menu from my fist. In that better future, where old-school menus endure, I’ll go to my urn happy that coming generations will still begin meals meeting one another’s eyes across a table instead of staring at a screen.

Source: The Atlantic

Every single restaurant in Singapore uses these terrible, crappy UI, QR code menus. They suck. It’s time for them to die in a fire. The pandemic is over and there’s no reason for them to be used.

I need to use my phone, I can’t easily discuss with my party on who is ordering what by showing and sharing a menu, the internet often sucks, and the page fails to load (or takes forever), the UI is broken on a tiny screen (text/ingredients are not fully shown, impossible to scan through a one-pager with 100s of items), some restaurants explicitly ask you to order only from one phone (imagine having two phones ordering food! Nuclear disaster!!) and some of those apps/sites clear the cart when going “back” in the browser, and each have their own, terrible, UI built differently taking forever to figure it out).

Even worse are those menus where you need to fill in your credit card to pre-pay (god forbid using Apple/Google Pay) that block copying and pasting numbers (out of 1password) or clear the input field every time you tab out of the browser and for example into 1password). AAAARGGHHH.

For now, we can’t escape them, but I will happily get out of my way to avoid a restaurant that uses QR codes and get into one that provides a proper menu.

Categories
Software

DALL-E: Mythical creatures