Oh really? Nice, that’s news to me. Last I checked (admittedly not recently) it needed a bunch of 32-bit libraries installed to even start the client.

Since we’re talking about Steam here for example, Valve have not even bothered to release a 64-bit x86 client, let alone Arm client, except for Mac.

Gentoo can do this with Portage sets. They’re essentially a more simple way of creating a meta package which just installs other packages. And you can also write config packages which installs configuration for other packages.

Hm, okay, that does sound like the real client IP will get lost and every connection will appear to come from the proxy then. It would be good if that were passed somehow. My current setup adds the X-Forwarded-For header for example.

Oh interesting, I’ll have to look into that. Is this with that “proxy protocol” I’ve seen mentioned? If not, does this preserve it pass through the client socket address?

Tbf, technically data is still decrypted at the reverse proxy and then re-encrypted. So if someone manages to reconfigure the proxy or read its memory somehow they could read traffic in plain text.

However then since they have to control the VPS, they could also get a new cert for that domain (at least the way I’ve configured it) even if it was passed as is to the real host via a tunnel and read the plaintext data that way, so I don’t think a tunnel protects against anything.

If someone manages to get root (!) access on this VPS it’s over either way.

Yes, you can just use a reverse proxy for IPv4 only and point it to the IPv6 upstream. That is what I do, with a separate DNS record which then combines the two. See the DNS records for id.knifepoint.net (CNAME), http.vineta.knifepoint.net (AAAA, A) and vineta.knifepoint.net (AAAA).

The reverse proxy config and certificate management is set up with NixOS, if it helps: https://git.dblsaiko.net/systems/tree/nixos/defaults/v4proxy.nix https://git.dblsaiko.net/systems/tree/nixos/modules/sys2x/v4proxy.nix

The experimental status is more about that not everything is implemented yet (not that everything can be implemented, for example due to HTML not being oriented around having multiple pages in a document), so you have to write a bit of raw HTML sometimes. This is an example of how raw HTML looks, it’s the shell for my webpage.

There’s experimental HTML support. I’m using Typst as a static site builder for my website.

I’ve started doing this recently. It’s fun, I’m also scanning the album covers and manually typing in the lyrics from the booklet in the CD in addition to all the other track metadata haha

Two different rDNS names, for stuff that uses it. For example if you want to run mail and an IRC bouncer under different domain names.

Lists with 100k items? Impressive. I can see how with a document like that it will run out of memory. Is it a stack overflow? You could try increasing the stack size in that case.

As a Typst enjoyer I have to say this isn’t it imo from a quick look at the readme. Typst’s mix of markup and code modes is excellently designed and a high bar for anything to beat, and this looks like it doesn’t come remotely close. (I do have to say, I also heavily dislike Markdown in general)

One notification like this and your app immediately gets notification permission revoked on my phone (if not uninstalled).

Yup, anything you can come up with will only work as well as putting “Delete after reading.” in the mail. You have to trust the recipient.

This is for display, not data processing.

Also guess what, journalctl formats date like “May 21 00:48:56” (probably according to system locale). Why would you sort your log files alphabetically? They should already be in chronological order.

Yeah, that’s fair. When verified beforehand, and what it discovered is an actual issue, why not. It does overwhelmingly attract people who have no idea what they’re doing and then submit bogus reports because it looks good to them though.

No. RFC 2822 (short format) is also great. “20 Mar 2025”

Daniel Stenberg has banned AI-edited bug reports from cURL because they were exclusively nonsense and just wasted their time. Just because it gets a hit once doesn’t mean it’s good at this either.