Software on Apple platforms that makes use of the File Provider API
| Software | Platform | Used | Notes |
|---|---|---|---|
| Dropbox | macOS, iOS | yes | help |
| OneDrive | macOS | yes | |
| Google Drive | macOS | yes | help |
| NextCloud | macOS | no | in development |
gwire
gwire
/ mail_gnuttls_x509_fail.md
Last active
January 10, 2023 13:04
Mail delivery failure due to GnuTLS X.509 validation
I quite commonly see undelivered mail to [email protected] on the outgoing mail queue. (DSNs and out-of-office replies with empty senders - so not critical mail.)
(The Twitter mail is recieved by en25.com/eloqua.net which is infrastructure for "Oracle Eloqua Marketing Cloud".)
This isn’t a new issue, but I thought I’d drop a note in public about it.
If I run exim4 -v -M on a delivery attempt I can see that it disconnects immediately after attempting to establish a STARTTLS session, so falls back to retrying without TLS.
SMTP<< 220 P01SNJ018.eloqua.net Microsoft ESMTP MAIL Service, Version: 10.0.14393.4169 ready at Tue, 10 Jan 2023 05:50:33 -0500
gwire
/ wordpress_login_throttle_nginx.md
Created
December 13, 2022 22:43
Rate-limiting WordPress login attempts with nginx
One annoyance of running a publically-accessible WordPress site is the bots that attempt to rapidly try thousands of login attempts via /wp-login.php.
Even if none of the guesses are ever likely to work, the site will waste resources running PHP and SQL to confirm that to be the case.
A barrier to these drive-by hack attempts can be added using nginx's http_limit_req, where rate limiting is applied only to POST requests for the login page, not affecting the rest of the site.
-
In
/etc/nginx/conf.d/login-limit.confwe create the zoneLOGINLIMIT.1mis the size of the shared memory zone for tracking requests, and15r/mlimits to 15 requests per minute (ie 1 every 4 seconds).
gwire
/ download_missing_avatars.rb
Last active
December 2, 2022 18:19
Download missing mastodon avatars to the cache
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # Remote mastodon accounts can be refreshed with the command | |
| # tootctl accounts refresh --all | |
| # https://docs.joinmastodon.org/admin/tootctl/#accounts-refresh | |
| # however, tootctl was having issues, so I ended up writing a this | |
| # helper script to scan a mastodon cache for missing avatar/header images | |
| # prioritising recently active accounts, and download directly | |
| # |
gwire
/ wordpress_social_rel.php
Last active
November 21, 2022 10:24
Adding rel="me" to WordPress social link block items
gwire
/ nginx_webfinger.md
Last active
November 19, 2022 10:34
A simple webfinger service using nginx
My assumption is that you should be able to discover Mastodon accounts by searching for email addresses, which should in turn query webfinger.
So for a domain that isn't hosting Mastodon, you can set up a webfinger server. Or you can just hand code some json files and serve them using nginx.
Rather than look into installing a webfinger server, I just initially want to serve up the json files directly from nginx.
- Set up a redirect under
example.com(as suggested in RFC 7033)
location = /.well-known/host-meta {
Email Message-Id: headers generated by Outlook servers use domains that appear to incorporate
- AAA: a three character geographic region
- PPPP: either "PRXX" when appended to city, "PRDXX" appended to region where XX is a small value 01-99
- ...or PXXX where XXX appears to be a unique value 001-999
- BB: a two character "city" code
- C: a value appended to BB 0-9 or A-Z
- MM: "MB" or "01MB", not sure what this is
- DDDD: a value 0001-9999 server identifier? customer?
- X: seemingly random value 0-9a-z (which you'd expect in a Message-Id)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # quick script to iterate through the parliament contact API and outputs email details | |
| # in the from "name,party,email" for each current Commons member | |
| import sys | |
| import json | |
| import requests | |
| import re |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl "https://lda.data.parliament.uk/commonsmembers.json?_pageSize=800"| jq -r '.result.items[]|"\(.fullName._value),\(.party._value)"' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## these are the IPFS gateways I've seen most frequently in spam/phishing. | |
| ## Others can be found via https://ipfs.github.io/public-gateway-checker/ | |
| ## We assume the string "/ipfs/" followed by a Base36/Base32 string of at least 20 chars is an IPFS url. | |
| uri __URI_IPFS_LIKELY m,/ipfs/[a-z0-9]{20,}=?,i | |
| uri __URI_IPFS_1 m,://ipfs.io/ipfs/,i | |
| uri __URI_IPFS_2 m,://ipfs.fleek.co/ipfs/,i | |
| meta HEX_IPFS_URI ( __URI_IPFS_1 || __URI_IPFS_2 ) | |
| describe HEX_IPFS_URI Contains a known IPFS public gateway URI |