24 Nov 2019 |
| kknickkk joined the room. | 11:46:48 |
Mathijs | Would we like to self-host matrix-static, so we can have public logs at something like logs.f-droid.org? | 14:40:20 |
Mathijs | (view.matrix.org is back, so it's not really required, but it could be nice to have it hosted on f-droid.org) | 14:41:22 |
| mimi89999 joined the room. | 15:27:48 |
Bubu | In reply to@mathijs:matrix.vgorcum.com Would we like to self-host matrix-static, so we can have public logs at something like logs.f-droid.org? Yes! | 17:07:05 |
Mathijs | Right, I have looked in to it, and it should work fine now, except we can't host it on a subpath, so we probably want to add another subdomain. It can be hosted on the same server just fine. | 17:52:34 |
Mathijs | Which raises the question: what subdomain would we want? | 19:10:17 |
uniq | Mathijs: I think logs.f-droid.org is fine, or maybe chatlog.f-droid.org would be a bit more specific? care to start an admin issue? | 20:29:12 |
Mathijs | Yeah, I'll open an issue on gitlab | 20:29:53 |
25 Nov 2019 |
| jochensp1 joined the room. | 02:05:29 |
| jochensp left the room. | 02:08:06 |
_hc | Andreas: seems like you could do that with netcipher without any proprietary services or reflection hacks | 12:18:01 |
_hc | Mathijs: Bubu FYI we're out of credits on the existing host, so you'd need to provide any new disk space or VMs | 12:19:21 |
_hc | the matrix.f-droid.org host | 12:19:30 |
Mathijs | we should be able to host matrix-static on the existing VM, there's enough diskspace and cpu headroom | 12:22:30 |
_hc | just make sure you are ready for that disk size being a hard limit | 12:40:36 |
_hc | unless you move it | 12:40:43 |
Bubu | _hc: thanks for keeping on top of mirror.f-droid.org | 12:52:12 |
Mathijs | In reply to @eighthave:matrix.org just make sure you are ready for that disk size being a hard limit thanks for the heads up! | 13:07:12 |
| [gibot] joined the room. | 13:12:27 |
Andreas | In reply to @eighthave:matrix.org Andreas: seems like you could do that with netcipher without any proprietary services or reflection hacks Interesting. Thanks, I'll have a look at that! | 14:53:58 |
_hc | let me know if you have questions | 14:57:08 |
_hc | if you want to go full TLSv1.3 everywhere, you can use Google's Conscrypt and Guardian Project's new netcipher-conscrypt lib that uniq is currently finalizing | 14:57:39 |
Andreas | In reply to @eighthave:matrix.org if you want to go full TLSv1.3 everywhere, you can use Google's Conscrypt and Guardian Project's new netcipher-conscrypt lib that uniq is currently finalizing I admit that bundling Conscrypt with my app for now goes a bit over the top. At least as long as I can avoid it. | 15:43:00 |
Andreas | _hc: What alternative is the current (released) NetCipher using to ProviderInstaller.installIfNeeded()? I'm under the impression that if you don't do that (or bundle an entire TLS stack) you can't gain any TLS versions or ciphers at all. At least that's the result of 2 days of research and testing, which ultimately resulted in my reflection hack. | 15:46:01 |
_hc | Andreas: with URLConnection, you don't need the reflection hacks. With OkHTTP you might, espcially if its 4.x. With OkHTTP 3.x you can use a "builder": https://github.com/guardianproject/NetCipher/blob/master/sample-okhttp3/src/sample/netcipher/okhttp3/MainActivity.java | 16:23:11 |
_hc | https://github.com/guardianproject/NetCipher/blob/master/netcipher-okhttp3/src/info/guardianproject/netcipher/client/StrongOkHttpClientBuilder.java | 16:23:30 |
| apol joined the room. | 16:48:33 |
Andreas | _hc: Thanks, I already scanned the API. For now, I'm more interested in the internals. Why is OkHttp so different to HTTPUrlConnection? Why does it need ProviderInstaller.installIfNeeded() and HTTPUrlConnection doesn't? Shouldn't it all use the same SSLSocket etc.? | 16:52:19 |
Mathijs | looks like matrix static is working | 22:29:10 |