@eyedeekay
&Irc2PGuest88200
&zzz
+R4SAS
+RN
+StormyCloud
+T3s|4
+acetone
+dr|z3d
+eche|off
+hagen
+mareki2p
+orignal
+postman
+radakayot
+segfault
+snex
+wodencafe
Arch2
Danny
DeltaOreo
FreeB
FreefallHeavens
Irc2PGuest59134
Irc2PGuest59581
Irc2PGuest64993
Irc2PGuest70083
Irc2PGuest96449
Onn4l7h
Onn4|7h
Sisyphus
Sleepy
T3s|4_
aeiou
ardu
b3t4f4c3___
b4dab00m
bak83_
boonst
cumlord
death
dr4wd3
duck
enoxa
eyedeekay_bnc
not_bob_afk
onon_
phil1
phobos_
pisslord
poriori_
profetikla
qend-irc2p
rapidash
shiver_1
solidx66
u5657
uop23ip
w8rabbit
x74a6
eyedeekay
There it is. reseed's back.
zzz
eyedeekay, no
zzz
Test failed for reseed2.i2p.net: java.io.IOException: unknown signer: echelon@mail.i2p for content type: reseed
zzz
java.io.IOException: unknown signer: echelon@mail.i2p for content type: reseed
zzz
Version: 1745474060 (Apr 24, 2025, 7:54 AM)
zzz
Signer: echelon@mail.i2p
zzz
SigType: RSA_SHA512_4096
zzz
Content: RESEED
zzz
FileType: ZIP
zzz
eyedeekay, pushing to i2p.www still fails, and to I2P_Website doesn't work any more either
zzz
and still awaiting github to be synced so the website gets updated
eyedeekay
Both should be fixed(again) now
eyedeekay
OK looks like I didn't migrate ech's sig over to the debian package successful;, shouldn't be too hard to fix
zzz
eyedeekay, pushing to i2p.www works again, thanks
eyedeekay
No problem sorry about the trouble
eyedeekay
I'll get the rest of that reseed taken care of shortly
zzz
pushing remains strangely slow, in between the 'total' line and the 'processing 1 references' line (which gitlab didn't do) it hangs for several seconds
zzz
dont know if some hook you've added?
zzz
ok I finally see yesterday's commits on github, thanks
zzz
so I'm no longer stuck, as long as you'll keep syncing periodically
eyedeekay
I've got a few things to iron out left, not sure why it's being slightly slower, there's actually one less poorly-designed hook in this setup
eyedeekay
Only thing I can think of that is significantly changed for ssh is that gitlab used a builtin ssh server called `gliderlabs/ssh` and gitea calls out to opensshd
zzz
do you see that gitea is putting red X's on commits saying "some checks failed, repo-sync (push) has been cancelled:
eyedeekay
Yes I do, apparently gitea is capable of running github actions, which I did not know yesterday, and it's trying to run the CI sync actions in reverse
eyedeekay
It's on my list for today :)
zzz
ooh yeah turn that off
eyedeekay
Yeah, wholly useless, it's gone soon
eyedeekay
I'm actually just going to delete and rewrite those CI jobs entirely, migrating broke them anyway
zzz
I see you got the DNS switched over
zzz
you said you did a custom home page? don't see it
zzz
and on the i2p side the home page is an activity page which seems odd, but maybe because I'm signed in?
dr|z3d
yeah, different page when you're signed in.
zzz
lets see...
zzz
not a custom page there either
zzz
was promised for Tuesday night, looks like hasn't happened yet
eyedeekay
Feed page is what you see when you're logged in, I didn't get to the custom home page yet
eyedeekay
I can drop one of our logos in there real quick though
zzz
keep it simple for the scrapers, I'd guess you'll be adding some captcha soon
zzz
I haven't announced it on twitter yet, didn't know you had the DNS part done
eyedeekay
Yeah I'll be exploring some scraper-related options soon, they got busy with a quickness
zzz
the cloudflare one that's on the linux git now with some js proof of work is interesting
eyedeekay
Yeah it is, might look into that
zzz
as long as it's on the clearnet side only
eyedeekay
Yeah the i2p-side will get something, but it won't be POW based or anything like that
zzz
on the MRs, let me know when you either migrate the MRs, or decide you're not going to and I should recreate them
eyedeekay
I actually think I might have some good options for bot-spotting without POW, the bots that are scraping right now are looking for stuff that doesn't exist on the site anymore that nobody wanted in the first place
eyedeekay
It's *very* obvious who's a bot
eyedeekay
Maybe it won't work forever but it might work for a while
zzz
looks like all my MR branches came over, so I don't need to repush them
eyedeekay
Yeah repository contents should be fully available regardless, if it survived the gitlab purge script it should be available on github
eyedeekay
*gitea
zzz
lol I had put MLDSA dests in my addressbook as a test but that was before we flopped the sigtypes
zzz
so now they failed to read and effectively corrupted the whole addressbook
zzz
had to fix blockfile so it wouldn't croak
zzz
so then the blockfile repaired itself, I readded the dests, all good
zzz
required PQ research: PQ Wireguard, what they actually did, not the old paper referenced in our proposal:
zzz
what they're doing is WILDLY different from our plans
zzz
it's a Noise KK handshake with classic mceliese static keys (500KB each, not on wire) and Kyber512 eph. keys
zzz
then they create a "biscuit" (cookie/token) and some output feeds in as the preshared key for the standard wireguard IK
zzz
two extra round trips I think
zzz
but obviously we can't do KK
zzz
or 500KB static keys
zzz
eyedeekay, I triple checked that github has the updates from yesterday, but the website doesn't have them, did you change anything on the website? you said you verified it's pulling from github so probably not?
eyedeekay
I didn't change anything, I'm up in that server in my other workspace though so I'll just pop over and see what's what...
eyedeekay
OK I just forced the updater to run and it worked so it's not that
eyedeekay
But it did fetch changes so it was failing before so it's something about how it runs automatically...
zzz
ok
zzz
altonen, FYI one of our reseeds is currently serving up files with the wrong signer, may be causing your issues
zzz
eyedeekay said he'd fix it later today
altonen
thanks for letting me know, i haven't seen/heard of any issues yet
altonen
which signer?
zzz
reseed2.i2p.net is coming back signed by echelon@mail.i2p which is an old key, should be echelon3@mail.i2p
altonen
ok ty
zzz
actually I'm just assuming it's the old key, not the new key, but we lookup the cert by signer name so we fail unknown signer
zzz
thanks eyedeekay I can see my recent changes on the website now
eyedeekay
speaking of which that should be resolved now
eyedeekay
the reseed thing
zzz
ok let's see, stand by
zzz
yup, all fixed
altonen
nice
eyedeekay
Excellent
zzz
I believe that leaves diva to upgrade his reseed impl, haven't heard from him since january, I'll poke him on twitter
eyedeekay
I couldn't get their packaging system to behave IIRC
eyedeekay
within their fork
zzz
actually he's not too bad atm
zzz
Test passed for reseed.diva.exchange, returned 77 router infos
zzz
Router infos included 1 with versions before 0.9.59 and 9 unreachable
eyedeekay
Could be worse
zzz
actually I'm not sure if diva.exchange on twitter is konrad. I'll just send him another email
zzz
altonen, eyedeekay, orignal, R4SAS, dr|z3d, see your email for the new reseed
altonen
ty!
dr|z3d
10-4, zzz
eyedeekay
thanks
zzz
altonen, also, if you aren't, you should force ipv4 for reseeding, several reseeds are known to be unresponsive on ipv6
zzz
there's only so much cat-herding I have the energy for
altonen
i'll need to check but i might run into additional issues with these new reseeds, i was just about to respond to you on github
altonen
creativecowpat has CA:TRUE in their cert and rustls doesn't like it at all, openssl is fine
altonen
i either have to drop creativecowpat or switch to openssl
zzz
yeah that one, and the new one, are selfsigned, as I said in the other ticket
zzz
by far easiest just to comment them out, you have bigger fish to fry
zzz
CA:true is, I think, how you make a selfsigned cert, but if that's somehow wrong, let me know
zzz
CA:TRUE is in the letsencrypt root, so it seems right
altonen
i need to look into it a bit more but i'll let you konw
altonen
same thing with this new cert as well fwiw
zzz
no need to keep me informed, do your thing, I'm just posting stuff as I find it