Ok, so there is real potential for PF to become known for it’s porn. That was not the plan

For a while, Tesseract was the most used frontend for lemmynsfw so, lol, I felt that.

If it was a kitchen outlet, it may have been a 20A (2400 watt) circuit. Still, a kettle and space heater at the same time would still have been stressing that.

Did it show you the combined wattage or max out at 1800?

I usually do that, too, but didn’t bother this time since it’s a slightly different model but uses the same motherboard as my old work-issue laptop, and I already knew everything worked in Linux except the fingerprint sensor. Only fired up the W11 install it came with to make sure it wasn’t DOA and wiped it immediately after – I just forgot to check the speakers lol.

Agree. Which is why I get so irrationally annoyed when sharing a good piece of journalism that’s not catering to ad-clicks and the peanut gallery here grabs their torches and pitchforks while shouting “PaYwALL!” despite me posting the gist of the article in the post body (enough to get the gist but not the full article for copyright reasons). It’s one of several reasons why I don’t even bother anymore.

Like, good journalism costs money. That money’s gotta come from somewhere if you want good journalists to be able to eat and keep doing what they do.

I do!

Kubernetes is a nightmare and overkill for most things we need to run, and Docker Swarm is super easy to setup and maintain.

We only use it for one application, though. The app needs to scale horizontally and scale up and down with demand, so I put together a 6 node swarm cluster just for it. Works great, though the auto scaling required some helper scripting.

The thing about these deprecated tools is that the replacements either suck, are too convoluted, don’t give you the same info, or are overly verbose/obtuse.

ifconfig gave you the most relevant information for the network interfaces almost like a dashboard: IP, MAC address, link status, TX/RX packet counts and errors, etc. You can get that with ip but you’ve got to add a bunch of arguments, make multiple calls with different arguments, and it’s still not quite what ifconfig was.

Similarly, iwconfig gave you that same “dashboard” like information for your wireless adapters. I use iw to configure but iwconfig was my go-to for viewing useful information about it. Don’t get me started on how much I hate iw’s syntax and verbosity.

They can pry scp out of my cold dead hands.

At least nftables is syntax-compatible.

When I put the IMEI into OP’s tool, it said I had to go through TMobile to [bootloader] unlock it since it was a retail model.

TMobile said the phone “wasn’t in our system” and couldn’t provide either SIM or bootloader unlock codes.

but I can only find it t-mobile locked. I can carrier unlock it myself

Careful with that assumption. I bought a TMO-locked OP Nord N200 thinking I could do that but even after using it on my account for a year, they say “it’s not in our system” and it remains carrier-locked. Basically when it hit the secondhand market, it was removed from TMO’s system and they have no record of it and cannot carrier-unlock it (or that’s the story that was told to me by 3-4 different people within TMO).

but will I be able to access the boot loader

Depends if you can carrier-unlock it.

https://service.oneplus.com/us/search/search-detail?id=op588

Ban USA politics from this sub please

1080p buffered generously but it worked :) The sweet spot was having it transcode to 720p (yay hardware acceleration). I wasn’t sharing it with anyone at the time, so it was just me watching at work on one phone while using my second phone at home for internet.

Just about anything as long as you don’t need to serve it to hundreds of people simultaneously. Hell, I once hosted Jellyfin over a 3G hotpot and it managed.

Pretty much any web-based app will work fine. Streaming servers (Emby, Plex, Jellyfin, etc) work fine for a few simultaneous people as long as you’re not trying to push 4K or something. 1080p can work fine at 4 Mbps or less (transcoding is your friend here). Chat servers (Matrix, XMPP, etc) are also a good candidate.

I hosted everything I wanted with 30 Mbps upload before I got symmetric fiber.

Not healthcare (thank gods!) but equally esoteric as far as acquiring line-of-business software goes.

Doing so would effectively doxx the org I work for and, by association, me, so no name and shaming this time. They’re not a big player you’d recognize, anyway, and mostly deal with specialty/niche software.

Maybe I should flesh it out into an actual guide. The Nepenthes docs are “meh” at best and completely gloss over integrating it into your stack.

You’ll also need to give it corpus text to generate slop from. I used transcripts from 4 or 5 weird episodes of Voyager (let’s be honest: shit got weird on Voyager lol), mixed with some Jack Handy quotes and a few transcripts of Married…with Children episodes.

https://content.dubvee.org/ is where that bot traffic lands up if you want to see what I’m feeding them.

I’m 100% for bringing back Absolute Candor Janeway.

Thanks!

Mostly there’s three steps involved:

1. Setup Nepenthes to receive the traffic
2. Perform bot detection on inbound requests (I use a regex list and one is provided below)
3. Configure traffic rules in your load balancer / reverse proxy to send the detected bot traffic to Nepenthes instead of the actual backend for the service(s) you run.

Here’s a rough guide I commented a while back: https://dubvee.org/comment/5198738

Here’s the post link at lemmy.world which should have that comment visible: https://lemmy.world/post/40374746

You’ll have to resolve my comment link on your instance since my instance is set to private now, but in case that doesn’t work, here’s the text of it:

So, I set this up recently and agree with all of your points about the actual integration being glossed over.

I already had bot detection setup in my Nginx config, so adding Nepenthes was just changing the behavior of that. Previously, I had just returned either 404 or 444 to those requests but now it redirects them to Nepenthes.

Rather than trying to do rewrites and pretend the Nepenthes content is under my app’s URL namespace, I just do a redirect which the bot crawlers tend to follow just fine.

There’s several parts to this to keep my config sane. Each of those are in include files.

• An include file that looks at the user agent, compares it to a list of bot UA regexes, and sets a variable to either 0 or 1. By itself, that include file doesn’t do anything more than set that variable. This allows me to have it as a global config without having it apply to every virtual host.

• An include file that performs the action if a variable is set to true. This has to be included in the server portion of each virtual host where I want the bot traffic to go to Nepenthes. If this isn’t included in a virtual host’s server block, then bot traffic is allowed.

• A virtual host where the Nepenthes content is presented. I run a subdomain (content.mydomain.xyz). You could also do this as a path off of your protected domain, but this works for me and keeps my already complex config from getting any worse. Plus, it was easier to integrate into my existing bot config. Had I not already had that, I would have run it off of a path (and may go back and do that when I have time to mess with it again).

The map-bot-user-agents.conf is included in the http section of Nginx and applies to all virtual hosts. You can either include this in the main nginx.conf or at the top (above the server section) in your individual virtual host config file(s).

The deny-disallowed.conf is included individually in each virtual hosts’s server section. Even though the bot detection is global, if the virtual host’s server section does not include the action file, then nothing is done.

Files

# Map bot user agents
## Sets the $ua_disallowed variable to 0 or 1 depending on the user agent. Non-bot UAs are 0, bots are 1

map $http_user_agent $ua_disallowed {
    default 		0;
    "~PerplexityBot"	1;
    "~PetalBot"		1;
    "~applebot"		1;
    "~compatible; zot"	1;
    "~Meta"		1;
    "~SurdotlyBot"	1;
    "~zgrab"		1;
    "~OAI-SearchBot"	1;
    "~Protopage"	1;
    "~Google-Test"	1;
    "~BacklinksExtendedBot" 1;
    "~microsoft-for-startups" 1;
    "~CCBot"		1;
    "~ClaudeBot"	1;
    "~VelenPublicWebCrawler"	1;
    "~WellKnownBot"	1;
    #"~python-requests"	1;
    "~bitdiscovery"	1;
    "~bingbot"		1;
    "~SemrushBot" 	1;
    "~Bytespider" 	1;
    "~AhrefsBot" 	1;
    "~AwarioBot"	1;
#    "~Poduptime" 	1;
    "~GPTBot" 		1;
    "~DotBot"	 	1;
    "~ImagesiftBot"	1;
    "~Amazonbot"	1;
    "~GuzzleHttp" 	1;
    "~DataForSeoBot" 	1;
    "~StractBot"	1;
    "~Googlebot"	1;
    "~Barkrowler"	1;
    "~SeznamBot"	1;
    "~FriendlyCrawler"	1;
    "~facebookexternalhit" 1;
    "~*(?i)(80legs|360Spider|Aboundex|Abonti|Acunetix|^AIBOT|^Alexibot|Alligator|AllSubmitter|Apexoo|^asterias|^attach|^BackDoorBot|^BackStreet|^BackWeb|Badass|Bandit|Baid|Baiduspider|^BatchFTP|^Bigfoot|^Black.Hole|^BlackWidow|BlackWidow|^BlowFish|Blow|^BotALot|Buddy|^BuiltBotTough|
^Bullseye|^BunnySlippers|BBBike|^Cegbfeieh|^CheeseBot|^CherryPicker|^ChinaClaw|^Cogentbot|CPython|Collector|cognitiveseo|Copier|^CopyRightCheck|^cosmos|^Crescent|CSHttp|^Custo|^Demon|^Devil|^DISCo|^DIIbot|discobot|^DittoSpyder|Download.Demon|Download.Devil|Download.Wonder|^dragonfl
y|^Drip|^eCatch|^EasyDL|^ebingbong|^EirGrabber|^EmailCollector|^EmailSiphon|^EmailWolf|^EroCrawler|^Exabot|^Express|Extractor|^EyeNetIE|FHscan|^FHscan|^flunky|^Foobot|^FrontPage|GalaxyBot|^gotit|Grabber|^GrabNet|^Grafula|^Harvest|^HEADMasterSEO|^hloader|^HMView|^HTTrack|httrack|HTT
rack|htmlparser|^humanlinks|^IlseBot|Image.Stripper|Image.Sucker|imagefetch|^InfoNaviRobot|^InfoTekies|^Intelliseek|^InterGET|^Iria|^Jakarta|^JennyBot|^JetCar|JikeSpider|^JOC|^JustView|^Jyxobot|^Kenjin.Spider|^Keyword.Density|libwww|^larbin|LeechFTP|LeechGet|^LexiBot|^lftp|^libWeb|
^likse|^LinkextractorPro|^LinkScan|^LNSpiderguy|^LinkWalker|msnbot|MSIECrawler|MJ12bot|MegaIndex|^Magnet|^Mag-Net|^MarkWatch|Mass.Downloader|masscan|^Mata.Hari|^Memo|^MIIxpc|^NAMEPROTECT|^Navroad|^NearSite|^NetAnts|^Netcraft|^NetMechanic|^NetSpider|^NetZIP|^NextGenSearchBot|^NICErs
PRO|^niki-bot|^NimbleCrawler|^Nimbostratus-Bot|^Ninja|^Nmap|nmap|^NPbot|Offline.Explorer|Offline.Navigator|OpenLinkProfiler|^Octopus|^Openfind|^OutfoxBot|Pixray|probethenet|proximic|^PageGrabber|^pavuk|^pcBrowser|^Pockey|^ProPowerBot|^ProWebWalker|^psbot|^Pump|python-requests\/|^Qu
eryN.Metasearch|^RealDownload|Reaper|^Reaper|^Ripper|Ripper|Recorder|^ReGet|^RepoMonkey|^RMA|scanbot|SEOkicks-Robot|seoscanners|^Stripper|^Sucker|Siphon|Siteimprove|^SiteSnagger|SiteSucker|^SlySearch|^SmartDownload|^Snake|^Snapbot|^Snoopy|Sosospider|^sogou|spbot|^SpaceBison|^spanne
r|^SpankBot|Spinn4r|^Sqworm|Sqworm|Stripper|Sucker|^SuperBot|SuperHTTP|^SuperHTTP|^Surfbot|^suzuran|^Szukacz|^tAkeOut|^Teleport|^Telesoft|^TurnitinBot|^The.Intraformant|^TheNomad|^TightTwatBot|^Titan|^True_Robot|^turingos|^TurnitinBot|^URLy.Warning|^Vacuum|^VCI|VidibleScraper|^Void
EYE|^WebAuto|^WebBandit|^WebCopier|^WebEnhancer|^WebFetch|^Web.Image.Collector|^WebLeacher|^WebmasterWorldForumBot|WebPix|^WebReaper|^WebSauger|Website.eXtractor|^Webster|WebShag|^WebStripper|WebSucker|^WebWhacker|^WebZIP|Whack|Whacker|^Widow|Widow|WinHTTrack|^WISENutbot|WWWOFFLE|^
WWWOFFLE|^WWW-Collector-E|^Xaldon|^Xenu|^Zade|^Zeus|ZmEu|^Zyborg|SemrushBot|^WebFuck|^MJ12bot|^majestic12|^WallpapersHD)" 1;

}

# Deny disallowed user agents
if ($ua_disallowed) { 
    # This redirects them to the Nepenthes domain. So far, pretty much all the bot crawlers have been happy to accept the redirect and crawl the tarpit continuously 
	return 301 https://content.mydomain.xyz/;
}

I was blocking them but decided to shunt their traffic to Nepenthes instead. There’s usually 3-4 different bots thrashing around in there at any given time.

If you have the resources, I highly recommend it.

“Install and run our uninstall utility” is also equally frustrating and common lol.

Yep, been there. Thankfully that particular boondoggle fizzled out at the “Expect me to fix everything for them (despite not being involve in any of the above)” step because I refused. Normally me refusing wouldn’t fly, but vendor’s instructions required configuring Remote Desktop Services in a way that clearly and blatantly violated Microsoft’s licensing terms and non-IT group did not want to pay for the requisite number of license seats and vendor insisted you did not need RDS licenses for this scenario (spoiler: you totally do).

I think the non-IT group still has a contract with [shitty robotic process automation vendor], though, but we just washed our hands of it and the non-IT group uses their cloud version.

I’ve debated reporting that company to Microsoft for license violations because I just hate them (I have their deployment instructions and emails as proof) but I’ve just stopped caring and am not quite petty enough to do so lol.