@movq@www.uninformativ.de Yes, you can only get a number in the US or Canada for now.

@mckinley@mckinley.cc I figured it out: Digital License Plates Considered Harmful

Nice photo of the burning sky!

@stigatle@yarn.stigatle.no Gonna miss your lovely ocean scenery, but we’ll do something about that soon™ 😅 I believe I do still intend to build an external fully supported Twtxt<->ActivityPub bridge, so ya never know, you might just be back and ya’d never know 😅

@stigatle@yarn.stigatle.no Just saw this 😱 Sad to see you go mate 😢

@movq@www.uninformativ.de I think I misunderstood some aspects of Wireguard as mentioned here, not 100% sure, but so far things are much happier now with assigning /32(s) as Tunnel IP(s) for Peers and being a bit more thoughtful about the AllowedIPs 🤞 I’m only playing around with 3 devices right now, my core router (RouterOS), an Ubuntu 22.04 VM over at Vultr and my iPhone.

I think this is what I was missing in my understanding:

In other words, when sending packets, the list of allowed IPs behaves as a sort of routing table, and when > receiving packets, the list of allowed IPs behaves as a sort of access control list.

This is what we call a Cryptokey Routing Table: the simple association of public keys and allowed IPs.

@movq@www.uninformativ.de 😍

@movq@www.uninformativ.de What’s your setup like? How many peers? How are they configured? (if you can share)

Hmmm really not getting this at al 🤦‍♂️ So far things appear to be a bit more stable, but the only changes I made was to assign addresses to peers of the form 172.30.0.X/32 instead of 172.30.0.X/24 and setting AllowedIPs to 0.0.0.0/0 for mobile peers (phones, etc) and X.X.X.X/24, Y.Y.Y.Y/24 for more static peers (remote VMs) where X and Y are the LAN and Wireguard subnets.

Hmm when I said “Wireguard is kind of cool” in this twt now I’m not so sure 😢 I can’t get “stable tunnels” to freak’n stay up, survive reboots, survive random disconnections, etc. This is nuts 🤦‍♂️

Huh hmm Boring Proxy actually uses SSH under the hood (written in Go) for the tunnelling 🤔 Clever, I would have done the same if I hadn’t learned about Wireguard 😅

@mckinley@twtxt.net Now that I have real experience with Wireguard, I’m seriously thinking about building my own “Cloudflare” replacement infra 😅 – And commodifying that somehow. Boring Proxy kind of does this too, but I may have a slightly different takes on things 🤔

Wireguard is incredible.

boringproxy/boringproxy: Simple tunneling reverse proxy with a fast web UI and auto HTTPS. Designed for self-hosters.

fractalnetworksco/selfhosted-gateway: Route HTTPS traffic to local Docker containers through a cloud VPS over WireGuard. Ideal for self-hosting behind CGNAT.

@movq@www.uninformativ.de what’s your Fedi handle?

I’ve set PersistentKeepAlive = 25 on both side. Let’s see if that improves things a bit…

@movq@www.uninformativ.de Wow that is wicked cool! 😅

@movq@www.uninformativ.de Only problem I seem to have is the connection keeps dropping out and never re-connecting until I forcefully disconnect/reconnect one side. Hmm 🤔

Wireguard is kind of cool 👌

@lyse@lyse.isobeef.org Hahahahaha 🤣🤣🤣

@movq@www.uninformativ.de Oh nothing has changed for me 🤣 I stay away from humans as much as possible, never shake hands, refuse to use public transport, etc, etc

@lyse@lyse.isobeef.org

Finally, in this day and age I do enjoy that I’m not reachable everywhere

This is the primary reason why I NEVER install “Work” apps on my iPhone. I’ve gotten into the habit for many years now, never to mix work and personal stuff. If I’m not on my Work Macbook, I’m not available – end of story.

@lyse@lyse.isobeef.org Off-by-one eh? 😅