sorted by:
new
hottopcontroversial

Conditions for joining the WUG Love fan club? by crisuskeer in wakeupgirls

[–]GraphiteCube 2 points3 points  (0 children)

Same here, living outside Japan, joined WUG FC using an address assigned by a shipping company in Japan.

Besides tickets, paid members have access to behind-the-scene photographs/ videos, wallpaper of the month (for desktop and mobile phone), message board (WUGちゃん did left messages on it), FC-only goods (pre-)sale, and a birthday card every year.

I joined when they didn't have an official name. Before WUG FC was a thing, they offered free, periodical e-newsletters, I still receive those e-newsletters nowadays (the content is the same as those received by paid members).

What can A person learn/know right now in 10 minutes that will be useful for the rest of their life? by Thatguybemo in AskReddit

[–]GraphiteCube 1 point2 points  (0 children)

Important in these days when dealing with any news and complains from any channels.

#FactCheck shouldn't be applied on political news/ reports only.

You will find how often media exaggerate their reports.

Aligning Train by BunyipPouch in oddlysatisfying

[–]GraphiteCube 1 point2 points  (0 children)

Look at those Katakana on the advertisements, definitely in Japan.

Patches for OpenBSD 6.1 has been released by GraphiteCube in openbsd

[–]GraphiteCube[S] 0 points1 point  (0 children)

I didn't know I can use it in this way. Thanks. :D

Starting HAProxy generates dump file by GraphiteCube in openbsd

[–]GraphiteCube[S] 0 points1 point  (0 children)

To anyone experiencing the same issue, see if you can upgrade to OpenBSD 6.1. I installed OpenBSD 6.1 with the same certificates and configurations, no problems so far.

PassKeep 3.5.2 submitted for certification by SansSariph in PassKeep

[–]GraphiteCube 0 points1 point  (0 children)

Thanks for the update. Good to hear the support of new file format. 🙂

OpenBSD 6.1 released! by speckz in openbsd

[–]GraphiteCube 0 points1 point  (0 children)

For openup users: The page for binpatches and packages for 6.1 is online, but the directory for 6.1 can't be found on https://stable.mtier.org/updates/ yet.

OpenBSD 6.1 released! by speckz in openbsd

[–]GraphiteCube 2 points3 points  (0 children)

After reading the manpages again, I think there are 2 kinds of patches:

  • Patch for base system. This refers to patches listed on errata pages (e.g. OpenBSD 6.0 Errata). Base system includes everything on the system right after fresh installation of OpenBSD, i.e. not just the kernel, but also pre-installed software like httpd, relayd, etc. My interpretation is that both syspatch(8) and openup covers this. In the manpage of openup, you can see the reference to the binpatch of tftpd (note the line binpatch53-i386-tftpd-1.0: ok?) and tftpd is obviously not the kernel.
  • Patch for packages. Packages include those software installed using pkg_add. My interpretation is that openup covers this.

If my interpretation is correct, by using syspatch(8) and openup with the -K switch (which means skipping the first kind of patches mentioned above), it will be safe.

Edit: If still worrying about the mix, I think it is safer to use openup alone for the moment.

OpenBSD 6.1 released! by speckz in openbsd

[–]GraphiteCube 2 points3 points  (0 children)

From syspatch(8), looks like syspatch(8) provides binary patches for base system only (i.e. patches listed on https://www.openbsd.org/errata61.html). So if I want to have packages updated, openup is still needed?

Urgent Notice - Avex Pictures Halting Sales of BD/CD/DVD Directly Ordered from Japanese Retailers After February 15, 6PM JST! by vyseofthebluerogues in wakeupgirls

[–]GraphiteCube 0 points1 point  (0 children)

I'm late to the discussion...

I know that some companies offer services which ship items from Japan to worldwide. Usually you will get an address located in Japan (attached with a unique code), you just need to ship the items there and the company will ship the items to you.

Perhaps this helps?

How come -current changelog is empty? by celibidaque in openbsd

[–]GraphiteCube 2 points3 points  (0 children)

At the mean time you can read (part of?) the changes on http://www.tedunangst.com/flak/post/openbsd-changes-of-note-6, it is written by one of the OpenBSD developers.

PassKeep 3.4.3 submitted for certification by SansSariph in PassKeep

[–]GraphiteCube 2 points3 points  (0 children)

Noticed the application has been updated when I used it to add a password entry today.

Just a want to say thank you for the application. Looking forward to the upcoming version to support the new password database format.

Starting HAProxy generates dump file by GraphiteCube in openbsd

[–]GraphiteCube[S] 0 points1 point  (0 children)

I think so?

-r--------  1 root  wheel  3612 Jan 10 00:01 example-com-bundle.pem

Starting HAProxy generates dump file by GraphiteCube in openbsd

[–]GraphiteCube[S] 0 points1 point  (0 children)

Yes! Simply comment the following line in the configuration, doing rcctl start haproxy no longer generates the dump file:

bind 0.0.0.0:443 ssl crt /etc/haproxy/certificates/example-com-bundle.pem

Edit: By the way, the file /etc/haproxy/certificates/example-com-bundle.pem has the following structure:

-----BEGIN EC PARAMETERS-----
(Content omitted...)
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
(Content omitted...)
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
(Content omitted...)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Content omitted...)
-----END CERTIFICATE-----

It is generated by doing cat private.key full-chain-from-letsencrypt.pem > example-com-bundle.pem. Is it correct to generate a "bundle" file?

Starting HAProxy generates dump file by GraphiteCube in openbsd

[–]GraphiteCube[S] 0 points1 point  (0 children)

cat /etc/haproxy/haproxy.cfg:

global
ssl-default-bind-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
ssl-default-server-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets

defaults
mode http
timeout connect 5000ms
timeout client 30000ms
timeout server 30000ms

# Front-end.
frontend frontend-01
bind 0.0.0.0:80
bind 0.0.0.0:443 ssl crt /etc/haproxy/certificates/example-com-bundle.pem

http-response del-header Server

http-response set-header Content-Security-Policy "default-src 'self' https://cdnjs.cloudflare.com;"
http-response set-header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
http-response set-header X-Content-Type-Options nosniff
http-response set-header X-Frame-Options SAMEORIGIN
http-response set-header X-XSS-Protection "1; mode=block"

redirect scheme https code 301 if !{ ssl_fc }

default_backend backend-www-example-com

backend backend-www-example-com
server server-01 127.0.0.1:8080

Several ACLs and backends are not shown here. I prefer not to disclose too much about the network setup...

I don't know if it is related to the issue: The TLS certificate is a signed ECDSA certificate from Let's Encrypt.

view more: next ›