Skip to main content


 



 
The sun is really bringing out the colours at the moment here in Nottinghamshire
Image/photo



 
On our way up Crowden Clough towards the summit of Kinder Scout - the highest point of the Peak District National Park in the UK. #darkpeak #hillwalking #hiking
Image/photo



 
My kids enjoying some easy scrambling up in the Dark Peak (UK) #darkpeak #peakdistrict #scrambling #hiking #outdoors
Image/photo



 
Some #Pleroma questions....

Is it possible to have a profile publicly viewable, but have the 'whole known network' option not publicly viewable on a server? or at least hidden?

The stable release page points to the wiki for installation instructions. The instructions (I'm looking at the ones for Debian based distributions) describe installing via git cloning and doesn't appear to be specifically for the stable release. Should the instructions be different if I'm only wanting the stable release?

@J K 🇯🇵🏴󠁧󠁢󠁳󠁣󠁴󠁿



 

Ringing Roger and Golden Clough


Blog post: https://hillexplorer.com/kinder-scout-ringing-roger-golden-clough/

A short but exciting walk from Edale that takes the direct route up to the gritstone outcrops at Ringing Roger on Kinder Scout, before descending down the tranquil under-used track alongside Golden Clough. Just about suitable for children as I did this with my 4 year old. The track isn’t quite so easy and defined on the way back down and so a fair bit of hand-holding will be in order.

Image/photo

#hillwalking #peakdistrict #edale #kinderscout #outdoors #hiking



 
Another #photo from my journey home. The picture is the River Trent, not too far from #Nottingham
Image/photo



 
Enjoying the views on the way home from work. I've taken the scenic route today which puts an extra 6 miles onto the journey.
Image/photo



 
My son's entry to his schools Easter decorated egg competition.
Image/photo



 
Looks like I'm going to have to transfer my Wordpress site from Mariadb to MySQL. It seems as though MariaDB still lacks the GIS function ST_Distance_Sphere() which I'm going to need for future work. #mariadb #mysql

What do you need this function for?
@Mark

I have a hill summit database with lat and long stored as geometries. I want to be able to quickly query the 5 nearest hills along with distances. There's another less accurate function I can use but really I need the st_distance_sphere for this purpose. Really, postgresql is best for gis stuff but I'm not sure of its overall compatibility with wordpress. All other gis functions I use have been ported, it's just that one that hasn't for some reason. There's a lot of stuff I want to add in future as I now have all the regions, national parks, and areas of outstanding natural beauty stored as polygons/geometries, and all the points for all hills and all trig pillars in the uk. It's been slow developing it though as I try and squeeze this and all my other server work and blog posts into about 90 minutes free time a day.

It's awesome!
@Mark

my website or postgresql? :)

Probably both!
@Mark



 
Just finished installing gitea on my server. A nice painless procedure! #gitea



 
damn... my wordpress site has been hacked.

I saw a headline about that on a German IT website, but I didn't read it since it didn't affect me. But I remember thinking, Wordpress plugins, again? This is exactly what I'm talking about. It has gotten too big, which of course also makes it an attractive target.

indeed. Unfortunately though, the site is more of an outdoors magazine than a simple blog and I've done a lot of customising so its not so easy to change, not when I already have a todo list a mile long. I'm going to have to barricade it a bit better, get modsecurity up and running, and get some malware scanning and file integrity checking going on. I need to take a good look at the other plugins I have too and decide whether I actually need them. It was the plugins fault, but I still probably made it easier for them than it should have been.

I used to use a plugin called WP All-in-one security (I think). It has a pretty good feature set. Have to look it up, when I got my computer back on.




 
@The Lazy Admin Club

Imagine this scenario:

I have a php driven website (eg wordpresss). The webserver runs as user www-root and a php-fpm pool is set up that runs under user:group site1:site1.

Does www-data still need access to the files or can I set my file permissions for the website directory based purely on user site1?

It depends - is the webserver going to be accessing any of the files directly? In many cases you'll still have some kind of static file access that the webserver is going to need access to.

I was thinking from a security perspective. It doesn't seem good practice to have multiple sites all writable by the same user. So if the webserver still needs read access then maybe a chown site1:www-data and a chmod 640 would be most suitable (unless it needs to be public readable)?

or alternatively, chown site1:site1, chmod 640, and add www-data to the site1 group. I've just read that if it's an upload directory, then the webserver will also need write access. But surely if it's a php driven site, uploads are going to be performed via a php script so its the pool user that requires write permissions?

I would generally try to have as little writable as possible by either the FPM user or the web server. I was going to suggest exactly what you mentioned in your last comment about adding the web server user to the user's group. You could also add the FPM user to the user's group, too.

And I say this in the 'general' sense because in the case of my friendica node, for example, that's the only purpose of the server, so the FPM instance runs as the user who owns all of the Friendica code. nginx doesn't have any special permission or group access, so things have to be world readable for it.



 
A successful day playing with the server. Now have Nginx with modsecurity, geoip2, brotli, and openssl1.1.1 support. The OWASP core ruleset seems to be playing nicely with my wordpress site at the moment... all pages loading fine and no whitelisting or exclusions needed yet. I've yet to log into the backend though. When I have my free time back after the weekend, I'll have a go applying it to the #friendica site

#nginx #modsecurity



 
Just doing a bit of reading at the moment on Mariadb transactional isolation levels, and wondered what the recommended choice is for a Friendica system? It seems that most popular database systems are set to READ COMMITED by default, but not mysql which is set to READ REPEATABLE.

#friendica #mysql #mariadb

@Michael Vogel Any ideas on this? Or doesn't it really matter either way? Reason I ask is that I'm also hosting Nextcloud, and the guide I'm reading for that installation advises that I change to READ COMMITED. I was wondering if I should change it for that site only, or whether to change the actual mysql default.

I guess that READ COMMITED is faster, but I haven't tested it out.



 
Just watched Velvet Buzzsaw. Classic 5/10 movie... interesting enough to see through to the end, forgettable enough that I won't remember a thing about it by tomorrow morning.

#movie



 
So I've started documenting everything I've done on my server to get it where it is...mainly because I've decided to start again from scratch when I eventually move to a dedicated server. The mail server section is long. Very long. Can't really publish it either at the mo as there's far too much plagiarism :) More for my own reference until I find the time to rewrite it all in my own words. It's basically many already existing tutorials merged together with a few tweaks where I've fixed things or implemented it slightly differently. It describes setting up postfix, dovecot, sieve, postfixadmin, along with securing it, strengthening it against spam, and integrating it with rspamd and clamav (with extra 3rd party signatures). All based on Ubuntu 18.04. I suspect that the next document I write describing MariaDB, PHP-FPM, Apache backend, Nginx reverse proxy, and Varnish is going to be longer still. Good job I find it interesting!

#vps #postfix #selfhosted #documentation



 
#news #bioplastic #sustainability



 
Part 2:
The Framingham Heart Study, Part 2: The Framingham Observation

Part 3:
The Framingham Heart Study, Part 3: Framingham’s Presentational Flaws—Bias or Fraud?

#health #heartdisease #cholesterol

The data clearly showed no relation between dietary intake of either fat or cholesterol and the subjects’ level of cholesteremia (cholesterol in the blood) or their experience of CHD. Those data were never properly published because the findings were contrary to the position held by the NHLBI.
Exactly. Fake science.

It's a good article, but I think he missed the cover-up of the real cause of heart disease- sugar. And they still don't get it. But the effect is the same- lower the total cholesterol in the body, and you lower it mostly in the brain - which is something like 27% cholesterol. Low cholesterol levels in the brain increase the risk of Alzheimers. The body actually needs cholesterol.

Interesting. I always thought there was something weird with their analysis from what I heard about the study.