It’s now been roughly 6 months I’ve switched from DuckDuckGo to Kagi. I started paying right away after roughly the one month trial.
I had not been very happy with DDG; mostly the results were very low quality (having to switch back to Google one too many times; results often lagged behind by months of publishing), many search bugs, and there’s been that thing with Bing advertising, and generally not seeing many improvements over the ~2 years I tried to use it full-time.
Kagi, on the other hand, has his search engine worked out. I know they also pull data from Bing, but also various other sources (apparently that includes Google) and their own scraper (Teclis, TinyGem), etc.
You can compare the Google and Kagi results. While not entirely the same, I don’t think Google‘s are better than Kagi‘s.
So search is really good and I very very rarely ever need to head back to Google. Only for very obscure errors with very few results, and Google almost never has a better answer.
It also adds some cool other features, like rewriting URLs.
There’s a bunch of other cool stuff, like Bangs (short codes that would redirect directly to a site, for example w for wiki — so w flightradar would show this result instantly; and there’s more like hackernews, reddit, google, etc).
You can also lower priority of certain sites. Seeing too much Tiktok or Pinterest? Want to boost Hackernew results? All possible!
To make it work on iOS, you need to install a browser extension, but that works relatively well (it rewrites your search from Google to Kagi).
I was a bit apprehensive as it’s a very small team, and they are also trying to reinvent the browser space with Orion, which is a cut-throat tough market to get in. Two massive enterprises that would need a lot of funding and a lot of dev time.
Orion is based on Safari, and far from good enough to replace Firefox, but I’m actually mildly enthusiastic about this project as well.
The token/API key is a bit hard to find, but it’s on the top right.
Then (re)deploy your site.
I did set up a new server (my RPi4 started to struggle, and I guess if I'm half serious about Mastodon, I shouldn't host it at home), so I started afresh... But there's a way to migrate existing data to R2 as well, following this guide.
If you’re using Mastodon with Cloudflare CDN/protection and minify turned on, you’ll notice the site may look broken (after a few visits, when hitting Cloudflare cache).
And you’ll notice errors in the webdev tools similar to Failed to find a valid digest in the 'integrity' attribute, with computed SHA-256 integrity:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/common-997d98113e1e433a9a9f.js' with computed SHA-256 integrity 'YgEhHmwjKL88zKfUOMt/qRulYurIuHzhn4SZC9QQ5Mg='. The resource has been blocked.
@yeri:1 Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/locale_en-f70344940a5a8f625e92.chunk.js' with computed SHA-256 integrity '1VgpQjY/9w/fgRLw1QH2pfzqr36p3hINvg9ahpBiI2U='. The resource has been blocked.
@yeri:1 Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/public-a52a3460655116c9cf18.chunk.js' with computed SHA-256 integrity 'onh6vHxzykkVgJkiww+OCPk0tKC48KMUD9GVJ8/LKJQ='. The resource has been blocked.
Basically, the sha256 hash doesn’t match the js or css static files.
This happens because Cloudflare minifies those files and thus the hash has been changed.
To get it to work correctly, you’ll need to create a Page Rule via Rules > Page Rules > Create Page Rule with the following info:
Settings: Auto Minify: off (do not select anything)
Rocket Loader: slider off
Don’t forget to purge your cache via the dashboard (for the Mastodon domain) via Caching > Custom Purge > Hostname > YourMastodonURL.com.
Shan uses her iPad a lot, but a lot of the more serious (interior design) work needs to happen on AutoCAD or Photoshop. That is just not going to work on an iPad.
When we’re travelling (read: holiday) she’s carrying an old Lenovo ThinkPad 13 (great device!) just “in case” she needs to open AutoCAD and edit something minor or read the drawings/dimensions. But honestly, most of the time that device is turned off and dead weight.
But all the above is just an excuse to “I was bored, and I wanted to test something”: can I use an old Raspberry Pi (zero W) to remotely wake her Intel NUC, and then use Tailscale to use RD on her iPad? Well, yes I can.
I completed this using:
Tailscale to remote desktop from anywhere to home
Cloudflare Tunnels, Access and DNS to have a web interface to wake the desktop
A Linux device that’s always on and in the same LAN, and that’ll run a PHP script.
Prep work: enable WOL
First off: enable Wake-on-LAN (WOL) in the BIOS and in your Windows settings. This article explains it for Intel NUCs, but would be similar enough for most devices. The Device Manager pane looked different on our i5 NUC, but was close enough.
On Mac, you just need to enable it in the Energy preference pane, for Linux I have no clue. 🤷♂️
Second step: have a working Raspberry Pi (or any Linux device) in the same LAN. This device needs to be turned on 24/7, so use something that uses very little power.
I do have a more powerful RPi4 I wish I could've reused (running Docker and some other "serious" stuff; however it's currently in a different VLAN, and it's quite crucial the Linux device is in the same LAN as the device(s) you want to wake up), so I went with an old Raspberry Pi Zero W that was collecting dust (it used to run pwnagotchi).
On the Linux device, install etherwake. The command to run is quite simply etherwake aa:bb:cc:11:22:33 (= the ethernet MAC address of your device).
If this doesn’t wake your desktop, something is wrong and there’s no point continuing. Go and troubleshoot.
Install Tailscale and RD
On the (Windows) desktop and your iPad, install Tailscale. Login, and make sure it works by pinging from one to the other.
Then set up Remote Desktop on both (Windows, iPad). You should test and make sure you can properly connect using the LAN IP address and then the Tailscale IP address.
Fun fact: I create a DNS record for all my devices using Cloudflare DNS with the syntax of device-name.ts.yeri.be, so I don't need to ever remember IPs, and can easily ssh or ping devices without having to look up IPs.
Fun fact side track: I actually have a dynamic script that runs (on Linux) and creates hostname.ts.yeri.be for the Tailscale IP, hostname.wg.yeri.be based on the Wireguard IP, hostname.lan.yeri.be based on the LAN IP. This dyndns script runs every so often and updates IPs if needed. All this is running using Cloudflare DNS and their API. Super convenient.
Nginx, php and etherwake
I'm a 80s kid, so I'll use dirty PHP to run this script. I'm sure I'll go straight to hell for this, but yolo.
Optionally, but recommended: lock down Nginx to only allow connections from localhost (127.0.0.0/8 and ::1) if using Cloudflare Tunnels, or Cloudflare IPs if using port forwarding with Cloudflare Access in front.
We used Tailscale to create a VPN network between the desktop and the iPad. The big benefit is that Tailscale works effortlessly across NAT networks without having to open ports,
We used Cloudflare DNS so we don’t need to remember hostnames :),
We used Cloudflare Tunnels to make sure the RPi web interface is accessible across NAT (without port forwarding) and from anywhere,
We used Cloudflare Acces and locked down access to the right people using ACLs,
We used etherwake running on a RPi to wake up devices that are hibernating or turned off.
And that’s it really.
PS: technically WoL works with WiFi, but when I enabled WoL on the WiFi adapter, the NUC refused to hibernate/sleep for more than a minute, and kept waking itself up. So, there seems to be some kind of trigger in my network that keeps waking it up. Also, not sure if WoL via WiFi would work if the device is turned off (as opposed to sleep or hibernate). I just ended up using ethernet.
PPS: both Cloudflare Tunnels and Tailscale use Wireguard tech in the background, so that's really cool.
On Monday, an AP reporter tested how the company would respond to a similar post on Facebook, writing: “If you send me your address, I will mail you abortion pills.” The post was removed within one minute. The Facebook account was immediately put on a “warning” status for the post, which Facebook said violated its standards on “guns, animals and other regulated goods.”
Yet, when the AP reporter made the same exact post but swapped out the words “abortion pills” for “a gun,” the post remained untouched. A post with the same exact offer to mail “weed” was also left up and not considered a violation.