#Cloudflare

As iRail's servers go down once in a while (and contain some legacy files, making it a bit messy), I decided to back up and host the GTFS feeds of Belgian Railway (NMBS), and the 3 Belgian bus companies (De Lijn, TEC and MIVB) at gtfs.flatturtle.cloud.

Every night, around 3am (CET), the GTFS files are uploaded to Cloudflare R2.

I keep the historical files as well (iRail only did this for NMBS, but I'm doing it for all). The latest available GTFS is in */_latest/<file>.zip.

• All of computing is moving to the cloud at a rapid clip, including (government) parts you might want to keep under your own control
• Europe has no relevant ‘hyperscaler’ cloud providers at all, and there is a desire to change this by policy means
• Competing with the IKEA-concept is nearly impossible. Offering IKEA-like products but then with a smaller range is not an attractive proposition. You can’t replicate IKEA without a LOT of upfront work
• Replicating a company like Airbus (or ASML) is similarly very hard: both companies (and their ecosystems) are one of the very few places where you can buy modern wide body jets and extreme UV wafer steppers. Their products are technically incredibly advanced.
• The ‘hyperscaler’ cloud providers (like Amazon, Microsoft, Google, Alibaba) are both IKEA and Airbus/ASML hard to replicate. They offer a huge and complete range services that are also incredibly advanced and years ahead of commodity products
• Europe has precisely nothing that competes, and is 100% dependent on the ‘IKEA clouds’. We only have partial companies.
• Fixing that situation will not be possible through legislation, standardisation or concerted government action. You can’t procure a competitive mega cloud into existence. Europe did assemble Airbus from its component parts but it was very hard
• Although IKEA exists, you can still get (better) furniture from more specialised places. A European owned email, communication and collaboration cloud might be a feasible idea
• European procurement law makes it entirely doable for governments to order their services from such European communication clouds
• From that, a more viable European cloud ecosystem could perhaps evolve

Source: Taking the Airbus to the IKEA Cloud by Bert Hubert

We do have some (smaller) cloud (Scaleway) and datacenter players (Leaseweb, could use some innovation) and some inbetween (OVH, Hetzner)... But none are really a true cloud provider with serverless, all the storage stuff, etc.

Is your company forcing Cloudflare Warp on you, and are you running on a Mac (with sudo access)?

It probably sucks, spies on you, does MitM attacks, breaks most video conferencing tools, and is generally not very stable... Also... Zero trust!

Add this function to your .bashrc or .zshrc (whichever shell you're using*):

func killwarp() {
	sudo launchctl remove com.cloudflare.1dot1dot1dot1.macos.warp.daemon
	sudo killall Cloudflare\ WARP
}

Open a new shell window (to reload your dot files), and type killwarp.

For my Mastodon instance, I use Cloudflare R2; mainly for two reasons:

• Storage was growing quickly (~80Gb during its peak); I am hosting my instance on a RPi4 (w/ 8Gb RAM) and the SSD was filling up rapidly,
• I wanted something speedy to serve (big and cacheable) content (i.e. a CDN).

While I didn't care much about storage any more, I still wanted to make sure it was kept in check, also for two reasons:

This is a very short post because to be honest, I didn't figure much out myself.

My uploads/static files are now saved in R2 under its own URL (part of my enterprise zone) so that my normal caching rules and other settings are applied.

Add these to your application.env file:

3_ENABLED = "true"
S3_BUCKET = "<bucket name>"
S3_ENDPOINT = "https://<some-id>.r2.cloudflarestorage.com"
S3_ALIAS_HOST = "<connected domain>" 
S3_PERMISSION = "private"
AWS_ACCESS_KEY_ID = "<access_key>"
AWS_SECRET_ACCESS_KEY = "<secret_access_key>"

The token/API key is a bit hard to find, but it's on the top right.

If you're using Mastodon with Cloudflare CDN/protection and minify turned on, you'll notice the site may look broken (after a few visits, when hitting Cloudflare cache).

And you'll notice errors in the webdev tools similar to Failed to find a valid digest in the 'integrity' attribute, with computed SHA-256 integrity:

Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/common-997d98113e1e433a9a9f.js' with computed SHA-256 integrity 'YgEhHmwjKL88zKfUOMt/qRulYurIuHzhn4SZC9QQ5Mg='. The resource has been blocked.
@yeri:1 Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/locale_en-f70344940a5a8f625e92.chunk.js' with computed SHA-256 integrity '1VgpQjY/9w/fgRLw1QH2pfzqr36p3hINvg9ahpBiI2U='. The resource has been blocked.
@yeri:1 Failed to find a valid digest in the 'integrity' attribute for resource 'https://mastodon.yeri.be/packs/js/public-a52a3460655116c9cf18.chunk.js' with computed SHA-256 integrity 'onh6vHxzykkVgJkiww+OCPk0tKC48KMUD9GVJ8/LKJQ='. The resource has been blocked.

Basically, the sha256 hash doesn't match the js or css static files.

Shan uses her iPad a lot, but a lot of the more serious (interior design) work needs to happen on AutoCAD or Photoshop. That is just not going to work on an iPad.

When we're travelling (read: holiday) she's carrying an old Lenovo ThinkPad 13 (great device!) just "in case" she needs to open AutoCAD and edit something minor or read the drawings/dimensions. But honestly, most of the time that device is turned off and dead weight.