one of the main reasons SQLite is gaining in popularity is because people are realizing it has higher performance than separate databases in many usecases. Keeping the communication in-process cuts a lot of overhead (network, memcpys). The fact that you also don't have to go through the trouble of configuring a separate service is just a bonus :-)
tripflag
joined 2 years ago
combine it with a service for uploading files to your server, there's dozens of those
Alpine also has the advantage of musl, which is a safer alternative to glibc, at the cost of some performance. So, if anything, I'd expect people to consider alternatives to Alpine for that reason, as alpine is already the best choice for security.
good idea, but a slight correction - mDNS and SSDP are entirely different things, rather SSDP was Microsoft's initial proprietary take on the idea, and mDNS was created as the new and improved standard.
mDNS does multicast (send/receive) on 224.0.0.251 and ff02::fb on port 5353, while SSDP uses 239.255.255.250 on port 1900 as you mentioned.
But I think OP's issue is that they're on different subnets; mDNS expects the server and the client to have a perfectly overlapping subnets inside the same LAN. If the server has 10.0.0.3/16 and 192.168.1.3/24 then the client must also have 10.0.0.7/16 and 192.168.1.7/24. Or, if you can tell the server software exactly which IPs to announce, then that might work too.
there are workarounds to this, using avahi reflector, but that thing is buggy -- specifically you need to disable NSEC on the server, and lock it to either IPv4 or IPv6.
I made some note on additional pitfalls while i was writing my own mDNS and SSDP servers for fun, they're at the bottom of this page: https://ocv.me/copyparty/helptext.html
Absolutely; if I was a company, or hosting something important, or something that was intended for the general public, then I'd agree.
But I'm just an idiot hosting whimsical stuff from my basement, and 99% of it is only of interest for my friends. I know ~everyone in my target audience, and I know that none of them use a VPN for general-purpose browsing.
As it is, I don't mind keeping the door open to the general public, but nothing of value will be lost if I need to pull the plug on some more ASN's to preserve my bandwidth. For example when a guy hopping through a VPN in Sweden decides to download the same zip file thousands of times, wasting terabytes of traffic over a few hours (this happened a week ago).
and filtering malicious traffic is more important to me than you visiting my services, so I guess that makes us even :-)
I've started blocking entire AS from my servers; since I only expect/want traffic from home ISPs it's kinda alright, but still... man
HFSv2 (the windows exe) has publically known unfixed vulnerabilities! Please upgrade to HFSv3 (nodejs, crossplatform). I'm also maintaining a list of other alternatives; https://github.com/9001/copyparty/blob/hovudstraum/docs/versus.md
You could always toss it in a sandbox for some isolation :> but yeah I get you, all of the optional features does mean more code.
It's a shame that browsers make stuff like chunked uploading so tricky, so even just the essentials would be a fair bit of logic -- and you won't get optimal upload speeds without sending chunks in parallel. And the corruption detection is also worth its weight in gold... Ah well, it is what it is hehe
Thanks for the mention :>
Yeah, copyparty was my attempt at solving this issue - a single python-file for receiving uploads of infinitely large files, usually much faster than other alternatives (ftp, sftp, nextcloud, etc.) especially when the physical distance to the uploader is large (hairy routing).
I’m not gonna put an upload on my site, that’s a security nightmare waiting to happen.
curious to hear your specific concerns on this; maybe it's something that's already handled?
You may encounter some confusing errors with MergerFS; depending on your config, any software using SQLite may crash with a scary-sounding "disk I/O error". The quickstart has more info, https://trapexit.github.io/mergerfs/quickstart/
view more: next ›
off topic, but out of curiosity - why ogg (presumably vorbis) in favor of opus? maybe old devices or players, or just haven't made the change yet?
opus is also a xiph project, and is almost entirely transparent at "128kbps" (it's a misnomer for the q4 of vorbis), so it uses way less space for the same quality. I warmly recommend giving it a try if you haven't already.