#development

bashtop is overkill

udp        UNCONN      0           0                154.12.246.30:28015                  0.0.0.0:*
udp        UNCONN      0           0                154.12.246.30:28017                  0.0.0.0:*

So I seem to have an issue of it being UNCONN and not LISTEN/ESTAB

Anybody can help me out here? its preventing me from connecting to my game server

or is it even possible for a UDP to be LISTEN?

no

only TCP can

UDP is connectionless

See here

I see

@viral vale #support message

have you added meta tags

what is that?

nope

you need to add open graph meta tags

thats how Discord knows what to embed

how can i do it

https://www.opengraph.xyz/url/https%3A%2F%2Fcuckobot.online%2F

this should help

fill in the lil form on the right with what you want to show in the embed

probably put https://cdn.discordapp.com/attachments/1119207633405096066/1131602724811702272/cuckoo.png as image URL

Thank you for your help

Go is not that bad tbh

it's just mid

i would use it if i really have to

import discord
from discord.ext import commands
from discord_slash import SlashCommand

intents = discord.Intents.default()
intents.messages = True
intents.guilds = True

bot_token = "dirty"  

bot = commands.Bot(command_prefix=None, intents=intents)
slash = SlashCommand(bot, sync_commands=True)

@bot.event
async def on_ready():
    print(f"Logged in as {bot.user.name}")
    print(f"Bot ID: {bot.user.id}")

@slash.slash(name="create_embed", description="Create a custom embed.")
async def create_embed(ctx, title: str, description: str, color: str, url: str = None, image: str = None, footer: str = None):
    embed = discord.Embed(
        title=title,
        description=description,
        color=int(color, 16),  # Convert hexadecimal color to integer
        url=url,
    )
    if image:
        embed.set_image(url=image)
    embed.set_footer(text=footer)

    await ctx.send(embed=embed)

bot.run(bot_token)

Why

rip domain

anmyways

read the error

This domain may be for sale!

imagine using domains for everything

https://i-am-a.dev/

imagine paying all just for that

oh this was fre lol

.dev is free?

https://porkbun.com/event/freeappdevdomain?coupon=TESTANDCODE

shows $10 but go to checkout with that code, it works

First year free

yes

every free domain does that

still, free for a year is not bad

Yo

Any good & budget friendly vps service u guys could recommend?

google compute engine is free forever (1gb ram, 30gb hdd, 1cpu)

galaxygate is also alright (1gb ram, 20gb hdd, 1 cpu), 2.75 USD per month if you pay yearly

hetzner has really good performance on their vms, but they are a bit more expensive (4-5 EUR per month for 2 cpu 2gb ram)

also contabo, they are known for their ridiculously cheap prices for the bang they offer

oh damn didnt know that

also oracle has a free tier with 20gb ram on their ARM servers

but they randomly terminate your account for no reason

so stay away

AWS does too but one slip up and you've gotta sell your kidney

ig i am getting scammed by paying around 30$ (for 3 months) on namecheap and for their bare minimum specs💀

wtf

yeah most big name hosting providers like namecheap have expensive VPS servers

so they can market it to businesses

💀

namecheap is a webhosting provider, for websites and stuff
vps'es offered by webhosting providers suck hard and are stupid expensive

yeah but downtime is never

for the past 3 months it never was offline

neither are most other actual vps providers

what do you personally use?

almost every single vps provider has a 99.99% SLA guarantee

i have 3 of them atm, google, galaxygate and hetzner

google has my old api, galaxygate has my bots, hetzner has my new api which is WIP

where can i get the google vps, i wanna test it

but somewhere in the future im gonna move my bots to google and terminate the galaxygate one

and for upgrade what are the prices?

google is expensive af outside of the free tier, so dont even think about it

oh lol

its pretty small and minimal so idk

sign up for google compute engine

you will need a credit card to register tho

thats cool

when you create the vm, use these settings:

100% free? for that package

it has to be e2-micro and it has to be in one of those 3 regions

dont want a 100+ $ payment on my card next month💀

technically

its

300 free USD of credits valid for 1 year

then after 1 year, you only pay for excess network usage

ah dope dope

i pay about 10 cents per month

or something

ah lol

1 GB network egress from North America to all region destinations (excluding China and Australia) per month

and what is the traffic on your api like? it can handle it normally?

i havent measured much lately but its around 10-20 reqs per minute

so its more than fine

i would use Hetzner personally

I use 3 diff providers for my API

between 3 nodes, it handles like 7M requests a month

and thats increasing

thanks alot!

nice

im moving to hetzner too, with my new api version

its usually 2m a month but some changes mean its increased a lot

hetzner is better for commercial/pro things

google is better for dev and testing

Node 1: UK - Oracle
Node 2: Canada - OVH
Node 3: Canada - Xenyth

ew oracle

xD

it handles well lol

im hosting one of my new projects on there

range^

and i'll migrate to Hetzner when i get money

are those 3 nodes different parts of your system? like a microservice arch?

or are they 3 copies of the same system

they all run the same API code

ah

just different VPS servers

why two in canada then

idk

woud be better to get regional servers around the world no?

my plan for the nodes is geo distrubuted but i had to move one of them quickly due to a provider downtime and never fixed it

ah

I have 4 origins allowance on CF Load Balancer for free

so i can add a 4th if i want and I might eventually

nice

its not that it can't handle it, but because its growing a lot and redundancy >>>

is the cf loadbalancer dns-based? it can fallback automatically if one domain does down?

yeah

cool

it pings the API every 30s

and auto marks as down

i just realised node3 is down

im not using cf yet, im still thinking about it

but its auto disabled it

so gonna go fix now

xD

🗿 what

wut

nice

@winter pasture ads in every channel

well 3 channels

close enough

great timing

lmao

lol

perfect node3 back, cloudflare should detect in a sec 🙏

Sus

just removed the old node4, i should probably adjust the weight load balancing lol

1: advertising on this server and posting links for your bot here = ban
2: your bot link will only work after its approved. if its not approved, it only works for you
3: you need to have an actual working bot with actual functions before you add it to top.gg

perfect

i think i use sticky nodes too, so if you use one node it should keep directing similar requests to the same node

critical question, actual crypto gambling discord bot would be illegal right?

yes

well against TOS

and would probably get you terminated

ok we stay away from that then💀

Ogarnij się chłopie i nie klnij już bo mute'a dostaniesz jak tak dalej pójdzie

that sounds way worse than it actually is

yes we know

are you ok?😂

I am ashamed to be Polish in such moments

@harsh nova

hi

all channels

No

I'll deal with the rest when I get home from work

more commonly used to say fuck than whore

poles often use "kurwa mać" to clarify theyre saying fuck than something else

fun fact

Not really, "kurwa mać" is more like english ffs

please state your credentials which authorise you to make such a claim

I'm Polish

okay

send a copy of your polish passport

just confirming

I don't have one

ja pierdole

how come

don't swear at Mac man

I probably still have a photo of the ID card somewhere that I used to verify my bot

Holy shit, I'm old af

bro actually did it 😭

fine you win

nah you a baby

:^)

i swear more and more websites are adding these stupid annoying "before you go" full screen popups when it detects youre moving your mouse towards the close button

didnt used to be like this

pov

sites I block on my pihole

they dont deserve getting visits from me anymore

i am using canvas to display text on an image:

the one above is on my own pc, the one below is my vps. What the fuck is happening

async function addTextToImage(canvas, ctx, text, message, x, y, size, color) {
    try {
      
      ctx.font = size+'px Arial';
      ctx.fillStyle = color;
      ctx.strokeStyle = 'black';
      ctx.lineWidth = 0.3;
      ctx.shadowColor = 'black';
    ctx.shadowOffsetX = 2;
    ctx.shadowOffsetY = 2;
    ctx.shadowBlur = 5;
  
      const textWidth = ctx.measureText(text).width;
      
     
      ctx.fillText(text, x, y);
      ctx.strokeText(text, x, y);
  
    } catch (error) {
      console.error('Error:', error.message);
    }
  }

your server does not have the Arial font

linux by default does not include standard fonts

you have to install it

owjhh wow i see

currently trying to install the microsoft package which should come with arial

only problem is, is that i cannot click fukcing okay

any hotkey i am missing??

enter?

idk try esc, space

Oowh on mac it's control

thank you

I'd refrain from using arial

there are a bunch of similar fonts out there

like open-sans

mfw heart almost dropped

Turns out, MobaXTerm allows passing through your ssh key to the machine you're connecting

so I wanted to ssh to my main server through a small local server in my home network through mobaxterm, wondering why it didnt request any passwords or deny access through missing pubkey

pov: I block all popups

ez fix

block whole size

site

size

smh

shush

Hey guys how do I get the timestamp like #auctions-status ? I want to use it in my bot (discord.js)

There’s different forms that you can look up, but for example <t:unix timestamp:R> is one of them iirc

Like <t:170000000:R>

Yea, It's something ago

alright thank you

<t:1689969719:R>

https://gist.github.com/LeviSnoot/d9147767abeef2f770e9ddcd91eb85aa

also documented on discord's developer docs

xD sorry

Yes, I remembered that I already sent something like this

there is a

fuckin

uber-cli

https://github.com/jaebradley/uber-cli

pls

#play tum ho

#commands

Nice

Sune nhi aaraha meko

@earnest phoenix

nvm

lol

yes my chrome was outdated

still shows this tho

but timeline works now

That error usually occurs if the performance profiling tool is either incompatible with your web browser version, or some extension could be interfering with it, or some security settings might be disallowing it from accessing the web browser's main thread

https://paveldogreat.github.io/WebGL-Fluid-Simulation/ yall know anything similar to this that can be implemented in a site

that's made up, your ssh has no password

simple

give me the ip so i can connect into it

man, I read that as "fluid stimulation"

lol

down bad

does discord intentionally strip U+202E characters from messages as they are sent?

try paste U+202E, type something afterwards, and hit enter

i have a webhook for vote rewards but i have backlisted every ip except a few so i wanted to ask if top.gg ip will remain static for a long time or not?

current ip i am getting requests from 159.203.105.187

Sure

192.168.2.10

Glhf

should be fine

though you should also use the secret to verify its from them

not a great practice a signature would likely be better that the client has to verify but that would be too difficult for the average bot dev

oh i see

also thanks for the ss :)

:)

it seems as though the CSS style tag is not registering at all in my bot page, but I used a few html checker/ viewers and they all seem to show it just fine. Do I need to do something specifically for top.gg for it to work?

body {
        color: #1c1933;
        background-color: #246847;
        font-family: Jua;
        font-size: 28px;
        padding: 96px;
      }

for example, none of this is applying. When I paste the whole bot description it goes as message.txt so that's what that is

remove the html and head

oh

only have the style tag in it and the content

and make sure to save, preview is broken

i see i think i went too offical with the html thanks!

if i am inserting 100 items at a time with Mongo, how can I best ensure every _id is unique

since its not liking it atm

Wouldn't it be a good idea to put some sort of disclaimer in the long description editor to tell the users to not put html and/or body tags if they want the style tag to work?

probably

What is your current code?

not the best

it just stops the database from crashing lol

You're generating the IDs yourself? May I ask why?

because i keep getting duplicate object IDs

very unique IDs 👍

Weird, MongoDB should always create a completely unique ID at all times by default, though you can use UUIDs instead which is almost impossible for them to have any duplicates

i would refer to my old code for how i used to do it

but i accidentally deleted it

well no it was on my old ssd before it died

Damn, regardless you can try using the built-in https://nodejs.org/dist/latest-v18.x/docs/api/crypto.html#cryptorandomuuidoptions method

I have a backup-like tunnel between 2 servers: one is where the backups are generated, the other where they are stored
I wanna connect both using sshfs. What sounds better: Mount the sshfs on the server generating the backups or mount the sshfs on the server with the backups, so

server -> backup_server
or backup_server -> server

both will require providing ssh keys

Make sure to set the disableEntropyCache option to true

ooo ok

i tried this

same error

perhaps generate a hash from the data you're providing?

i have a feeling its because its trying to add the data multiple times

because it loops so quick

the date.now will likely only provide the same date for everyone, depending on how much quick this is being handled

https://cdn.capy.host/uploads/471409054594498561/6KcwdysYAEoN.mp4

yeah date.now wont help

lol

unless you wanna go to a millisecond to nanosecond time

well domain + Date.now() should work?

because the domains array has duplicates removed

can you try printing out the domain and the then date.now its trying to add

or you're getting hash collisions, which shouldn't be the case

especially not with sha256

looks fine yeah

excuse the offtopic but

might overengineer this

thats because of wildcard SSL and scanners

ohhh

how about reading /etc/random from linux? does that help?

we commonly see git.git.git.git.git.git.git.git.git.git.git.git.expireddomain.com

im on windows

oh

it will use ubuntu but not atm

the unique part isn't the issue now i dont think

i think its because its attempting to add multiple times

but you are definitely getting date-collisions

because it doesn't know if another loop is handling the >= 100 add

but that wont matter for keys because the domain causes it to be diff

hm i might use bull queue system

add to queue, handle there

yeah its probably better to queue them up

but this though

mongo should handle it

some of the stuff caught in my current scanner is funny

this looks for keywords before logging, whilst this new ssl scanner will basically do a DNS lookup and store the resolved records

and there will be an API to query and find info based on ip, hostname, etc

@spark flint can you run this in your if statement in that loop before calling insertMany()?

console.log(toInsert.find((doc, idx) => toInsert.some((doc_, idx_) => doc_._id === doc._id && idx !== idx_)));

oki doki

It logged undefined all the time?

when it hit that

oop

i increased the threshold to 2500 from 100 so less possible collisions and then it logged the duplicates

Yeah somehow that entry is duplicated

@earnest phoenix works

i remembered my fix from last time

Very nice

NVM jinxed it

i managed to get 10k records before crash

at least storing data works

But note that you can set the ordered option to false in the insertMany() method to continue writing the entire batch while ignoring errors

If that's something you'd use

much better 🔥

using bee-queue

handles it as a queued job now

and prevents duplicates

very swag

🔥

how much space do you have

8tb

fair enough

last server had 100gb and died because out of storage

this won't run out for a while

its an OVH soyoustart server iirc

someone pays for it for me

32gb ram, intel xeon 8 core, 8tb hdd

Hi

any endpoint for checking if user can vote or not?

found it 👍

https://top.gg/api/bots/:bot_id/check

this is for checking last 12 hours vote right?

actually

try tbis

const Topgg = require('@top-gg/sdk')

const uId = message.author.id;
const topgg = new Topgg.Api(client.config.TopggToken) //top.gg token
let voted = await topgg.hasVoted(uId)

it should help

It doesn't really matter if you use top.gg sdk or send a request to the api yourself

sdk is just there to make your life slight easier and imo isn't necessary

its like the difference between windows and linux

sdk is bloated but easier to use 💀

lol

honestly the only thing you gotta worry about is if the site is even up

ohh lemme try with python sdk

I think theres python version

check topgg github account

weird topdotgg sdk automatically installs discord.py .. ig i will just go with the endpoint since i am not actually using discord.py

ah i think its for listening to discord.py bot events

Okie

any endpoint for checking how much time is left before user can vote again

or we have to manage that ourselves by listening to vote POST requests?

yes, I believe so

i used mongodb when i realized im just using it in a relational way so i migrated to postgres

is it normal that github takes up all of the monitors width when looking at a branch other than main? feels weird to me

i mean the top level view of the repo

nope?

it looks the same as main

huh weird

im confused what could trigger this

ok there was this option unchecked

but on a branch other than main, do you have the sidebar with the directory contents already in the top level view?

no, that should only be in pages other than the top level view

Is there a way with canvas to like smooth this transition? eg both strokes have a 60° end so it looks connected?

can't you just move the bottom one up a bit so it's a little hidden

but if you want the turn to be smooth you're gonna have to tinker with arcs

and a bit of 🥧

mmmh alr

I'll take a look into that I suppose

luckely I studied math

you can use lineCap

which lets you draw lines with rounded corners

ctx.beginPath();
ctx.moveTo(20, 20);
ctx.lineWidth = 15;
ctx.lineCap = "round";
ctx.lineTo(100, 100);
ctx.stroke();

mmmh yeah I don't think that'll do what I want it to do

try connecting two of those lines together like you did

it will look pretty decent

there's also this

https://developer.mozilla.org/en-US/docs/Web/API/CanvasRenderingContext2D/lineJoin

blocked

don't listen to tim

that's the lazy way

if you do it my way you'll learn some maths

I'm trying to make a hexagonal graph

You have a hexagon with the diagonals drawn. On each diagonal I'm trying to get a point based on the percentage of the graph item. The first line is rather easy since it's straight. But for the diagonal diagonals it's quite hard. I managed to get the x value of the point using this formula:

sin(60°) * sidelength * (1 + percentage)

But finding the y value is way harder I tried by using this formula and alot more.

200 - (1 - percentage / 2) * sidelength / 2

it's also worthy to tell you that I'm working in a 400 x 400 square with the top left corner being (0, 0) and the bottom right (400, 400) the center of the hexagon at (200, 200) and the hexagon is equilateral.

This is what happend now

The diagonals are not parallel to the sides of the hexagon, so the formula to calculate the y value should be 200 - (1 - percentage / 2) * sidelength * sin(60°)

that didn't change anything for some reason

Huh, weird

same thing

I don't understand what is it supposed to do?

Its supposed to get a dot on the second diagonal based on the percentage so I can connect the two

But I need to find the points

you want something like this right?

Yes

How is the x using sin instead of cos?

how did you calcuate the yellow corners?

I mean considering it's a fixed value I don't think it matters does it?

Using some algebra

since you already have the formula for the hexagon points, use the same formula but with a different radius

I’ll send them in a sec

Yeah I didn’t calculate the points with a radius

did you calculate the points using angles?

Hold on heading to pc right now I’ll send the code

    ctx.moveTo(width / 2, offset);
    ctx.lineTo(width - offset, offset + sidelength / 2);
    ctx.lineTo(width - offset, offset + sidelength * 3 / 2);
    ctx.lineTo(width / 2, height - offset);
    ctx.lineTo(offset, offset + sidelength * 3 / 2);
    ctx.lineTo(offset, offset + sidelength / 2);
    ctx.lineTo(width / 2, offset);
    ctx.lineTo(width - offset, offset + sidelength / 2);

does the hexagon have to be slightly flattened?

what do you mean slightly flattened? isn't a 2D figure already flat or am I getting it wrong haha

i mean

slightly more width than height

well I'd prefer it be equilateral but it doesn't matter

is mine not equilateral ;-;

did I mess up my maths

idk maybe its my screen

but it feels a bit wider than it is high

yeah my friend said that aswell

anyway, using circle math will get you equilateral

var x = xPos + Math.cos(angle * Math.PI / 180) * radius;
var y = yPos + Math.sin(angle * Math.PI / 180) * radius;

so you define a center point, then get the x and y positions using a radius and an angle, from that center point

xPos and yPos are center right?

ye

i dont remember if thats the exact formula, i copied from a random SO answer

but i use this a lot in my bot

since it generates circular charts

and then I get the points using the angle right?

so top is 0 and then I add 60° per right?

ye

0 will likely be pointing right

so you will need an offset angle

for example 90 deg offset to make 0 point up

ah yeah

Thank you! It works, am kinda sad I didn't think of doing it myself but now I can also put the text on the correct spots way easier without magic numbering it 😄

Tim always has the best solutions

Does it look better? I'm interested to see the product

well i just had experience with it since i faced similar problems before :)

How do computers do trig? Do they use Taylor polys?

no idea what taylor polys are

but this is what google says

Calculators don't actually use the Taylor series but the CORDIC algorithm to find values of trigonometric functions. The Cordic algorithm is based on thinking of the angle as the phase of a complex number in the complex plane, and then rotating the complex number by multiplying it by a succession of constant values.

the Taylor series expansion of a trigonometric function can be slow to converge, especially for large input values. To improve the accuracy and efficiency of the computations, computers use specialized algorithms, such as the CORDIC (COordinate Rotation DIgital Computer) algorithm or the Taylor series with argument reduction. These algorithms exploit properties of trigonometric functions to reduce the computation to a smaller input range or to minimize the number of terms required from the Taylor series.

Damn

I figured Taylor series weren’t used because of the issue with large input values

Then again since all trig functions repeat you wouldn’t have to have a massive Taylor polynomial to make it work

mathematicians are aliens, prove me wrong

I'll show it after I'm done currently in a league game with a friend haha 😅

yeah they use taylor series, I went to a nokia factory where they showed it so it's an aproximation not an exact value

but iirc the values like 30°, 60° and such are always 100% accurate

I don’t believe so

some angles have exact values

there is a full list of them on wikipedia

but its mostly multiples of 15°, 18°, or 22.5°

https://en.wikipedia.org/wiki/Exact_trigonometric_values#Extended_table_of_exact_values:_Until_360_degrees

Lovely embed

lmao

Well I know the exact values for trig themselves but I’m saying the computer approximations of those values are slightly off

yeah, the "exact values" are all multiples of PI, which is impossible to represent as a finite number

someone online also said this:

For many calculated values they actually use database stored values! These are known as table values. Yes, there is a little database in your calculator! It is a hardwired permanent database built into the electronics or chip of the calculator.

They permanently store a few precalculated values in memory for a few “important” values of the argument. If a user has a different argument, the calculator interpolates. Choosing values for storing depends on the function.

This way they can use trig identities to get more exact values and only use taylor for the “irregular”, less used values

Yeah for calculators it makes sense that they focus more on accuracy

yeah, computers usually focus more on performance

especially in game engines

https://github.com/divideconcept/FastTrigo

final product

nice, now its definitely equilateral

:)

yes 😄

hey do you guys got a weather api or smth like that

that is free ofc

https://open-meteo.com/
https://www.weatherapi.com/

these are cool

i've used the latter before

i use open-meteo but not for weather

lemme guess, the moon?

lol nope

geocoding and elevation

of the moon?

lol nope

i have multiple apis for geocoding and elevation

idk why tbh, i just wanted to support them all

Quem pode me ajuda

#general-int

Tim

@quartz kindle

#general-int for portuguese
here is english only

Ajuda eu divogar meu servidor @quartz kindle

no

Blz

am too late lol

hey does anyone know a good way to export my client from one file to another?

i know about module.exports, but whenever i do that and later on import it, it always states undefined

that means you have circular dependencies

index imports file which imports index which imports file.... ad infinitum

instead, import the exported function objects from said files to the file which has the client

also CJS is outdated, consider using ESM

export = {} // quivalent of module.export
export VAR_NAME; // export variables `import { VAR_NAME } from "path/to/module"`
export default VAR_NAME; // for `import DEFAULT_EXPORT from "path/to/module"`
export function FunctionName() {}; // `import { FunctionName} from "path/to/module"`

// static import
import * as MODULE_NAME from 'path/to/module';
import { exported_symbol as alias } from 'path/to/module';
import DEFAULT_EXPORT from 'path/to/module';
// dynamic import
const imported = await import('path/to/module');

esm sucks

cjs best

ah i see, thanks guys. iT WORKS NOW

it works now*

tell me youre a modern webdev developer without telling me youre a modern web dev developer

can you really require in a website

nah in websites we use global variables

like a real man

stupid gen z web devs

bet they would be shocked if they found out react runs on top of vanilla js

and a virtual dom is only a concept within the react framework

i sound like a 60 year old amiga user afraid of change

i tried the examples but they arent working, do you know like any other resources that have example code where i can just put in the token and it works?

don't just copypaste example code smh

if it didnt work, then you did it wrong

yeah i believe so

and i cant find any like youtube videos or examples to figure out :/

maybe if you show your code we could help

the first line is already wrong

😂

top.gg webhooks are not discord webhooks

damn

is it the topgg token?

nope

where is your bot hosted?

on my computer

then you will need to port forward your router

do you know how to do that?

also, do you have a static ip address?

nope, i also host my main bot on my hetzner cloud server

this is why webhooks suck

is that any different?

was gonna mention this now

yes

damn 3 customer support now

its much better to do it on the server

and not on your computer

much easier

nah webhooks are fine, they're just reverse-apis basically

ok then ill code it as if its on the server and test it on there after

yes

you can do that

ok so what do i need to do

but discord could've chosen a better name for their implementation

so basically,

but annoying bc you need a static ip which is also publicly accessible

you can do this for example: .dbl_webhook("/votes", "password")

well, that's true for any api

then you do to top.gg website, go to your bot's page, click to edit your bot

then go to the webhook options

maybe you dont want to make an api

webhooks are apis

and you put in the webhook url "http://YOUR_HETZNER_SERVER_IP_ADDRESS:YOURPORT/votes"

if you're being technical about it sure but the intention is to inform the client of an event

so i dont rlly count them as apis

the YOURPORT part is what you put here bot.topgg_webhook.run(5000)

nono, not technical, they're literally apis

but instead of you calling a remote service, the remote service is calling you

it says invalid url

and in authorization you put "password"

should i remove the http:/

show what you put

http://IP:YOURPORT/votes

like, show what you actually put there

you can dm me if you want

i just said

the YOURPORT part is what you put here bot.topgg_webhook.run(5000)

lol

🤣

so i put 5000?

so :5000

yes

yeah hm that makes slightly more sense than YOURPORT

a lil bit

http://xxx.xxx.xxx.xxx:5000/votes

yes

now put it in your server

and try running it

should i leave this in the code as bot.dbl_webhook("/votes", "password")

bot.dbl_webhook("/votes", "password")



@bot.event
async def on_dbl_vote(data):
    """An event that is called whenever someone votes for the bot on Top.gg."""
    if data["type"] == "test":
        # this is roughly equivalent to
        # `return await on_dbl_test(data)` in this case
        return bot.dispatch("dbl_test", data)

    print(f"Received a vote:\n{data}")


@bot.event
async def on_dbl_test(data):
    """An event that is called whenever someone tests the webhook system for your bot on Top.gg."""
    print(f"Received a test vote:\n{data}")

yes

you can change password to whatver you want

as long as you put the same thing in your code and in the topgg options

you still need the webhookmanager part, dont remove it

bot.topgg_webhook = topgg.WebhookManager(bot).dbl_webhook("/votes", "password")

@bot.event
async def on_dbl_vote(data):
    """An event that is called whenever someone votes for the bot on Top.gg."""
    if data["type"] == "test":
        # this is roughly equivalent to
        # `return await on_dbl_test(data)` in this case
        return bot.dispatch("dbl_test", data)

    print(f"Received a vote:\n{data}")


@bot.event
async def on_dbl_test(data):
    """An event that is called whenever someone tests the webhook system for your bot on Top.gg."""
    print(f"Received a test vote:\n{data}")


# The port must be a number between 1024 and 49151.
bot.topgg_webhook.run(5000)  # this method can be awaited as well
bot.run(token)

YES!!!!

the test worked!

👍

Thanks so much for helping me

np

anyone good with react and could help me with something?

https://dontasktoask.com

lmao

should'nt have posted that

webhook

someone just spammed it with the nword

goddamn

well yeah, always delete the webhook if u ever leak it in a big public server

same for tokens

lmao

i regret using mongo

☠️

this is taking ages

like its been 2 mins already ☠️

SELECT count(*) FROM dnsRecords u.u

anyway, how many docs are there?

i can tell you in a sec

well might be a few minutes

lmao

its gonna be in the millions

i have hit the 15min mark

final result: 42 documents

its still querying

dont databases update a count value somewhere?

if no, just make your own? and update it on every insert/delete

i tried to cancel the query and now i can't SSH in

https://cdn.capy.host/uploads/471409054594498561/mxDKunHs0lS8.png

stuck on thius

nvm im in now

just took time

gonna reboot server

lmao

what db is that?

like what type?

like mongo or pgsql

mongo

or whatever else

ah

lmao take a look at this

https://www.mongodb.com/community/forums/t/countdocuments-is-extremly-slow/207357/12

dude's query takes 1 hour to complete

lol

its a 32gb ram 8 core 8tb hdd server

i might move to postgres for this

or just store your own count value and update it yourself

or that

I have a mongodb PSA Cluster with 2 shards :

Centos 7.9
16GB RAM
4CPU
mongod 6.0.1
This is how looks my main collection :
STORAGE SIZE: 248.29GB
TOTAL DOCUMENTS: 3564898
INDEXES TOTAL SIZE: 4.74GB

[mongos] db> function a() {
… print(Date())
… print(db.dataset.countDocuments({_id:{$ne:null}}))
… print(Date())
… }
[Function: a]
[mongos] db> a()
Sat Jan 07 2023 15:59:43 GMT+0000 (Coordinated Universal Time)
3571253
Sat Jan 07 2023 17:01:44 GMT+0000 (Coordinated Universal Time)

lmao

1 hour to run countDocuments on 3 million docs

this is probably at the 10 million+ mark

gonna take 5 hours

:^)

thats only like 2 days worth of data too

did you try countDocuments on an indexed key?

like countDocuments({some indexed key: some value that all documents have})

nope

i should try that

they all have the same data structure so

can't SSH now

https://cdn.capy.host/uploads/471409054594498561/BHpCxsbPeO0v.png

Server is overloaded with counting

MDoS

Mongo Denial of Sevice

ok im back in

lol

"I'm in"

mongo loaded instantly this time

just requrying

i think because theres no writing happening

only reading now

IT QUERIED

65 MILLION

BAHAHAH

AYO

yesus

thats only 2-3 days of data too

this is how it works

every time a new SSL cert is issued, this queries either google, cloudflare or cleanbrowsing DNS and stores that in the DB

meaning you can map sites overtime

aka phishing sites

and also allows us to search for sites by IP

where do you get the SSL event from?

is that on a public api?

yes

its a public open source websocket server

i am going to start self hosting my own one again, i selfhosted myself and since there aren't thousands of other people listening to the WS i got the results faster myself

cool

https://certstream.calidog.io/

you can run a whois service

nah

whois is domain data which is not provided

99% of whois servers are slow as fuck

i have a whois API anyone can use anyways but its erroring a lot because of registrars being shit

https://api.phish.gg/fetch/domain/google.com

https://api.phish.gg/fetch/domain/top.gg

nah more like an ssl whois

ah

true

for ssl data for given ips/domains

i dont store the cert details but i could

i could provide a reverse IP lookup service

ye

its also an easy way to find live domains

i just need to fix the code to change DB

30 mins of querying before i had to reboot the server is bad

come to pogstres

i did originally start using postgres

but it did not want to install on my pc

so i gave up

lol, figured it out directly after the msg

if you use mongo and dont wanna crash your server when quering alot of data, do it in chunks bro and have a sleeper after each chunk

whats the best way to ensure people cant duplicate money by sending two requests at the same time (if that even applies to nodejs)?
my idea was that for some database queries I make a queue that works through the queries one after the other but that doesnt sound very performant even with a 0.1ms db ping.

atomic operations and versioning

for a financial thing, logging would also help

it depends how you want to ensure the uniqueness of a transaction

how exactly would atomic operations help in my scenario?

dont they just make sure something fully happens

yes, you need to combine it with a method of ensuring uniqueness

for example a transaction id or versioning

You could also do a queue system

So it only processes one at a time and prevents duplicate requests

I use bee-queue personally and it’s great

also if all you want to prevent is "duplicating" money, atomic operations alone already prevent that

do you have an example scenario or something?

not really, I just want to make sure noone somehow gets more money than they added

people can send eachother money and order services

which db are you using?

both of those actions are probably vunerable I would guess

postgres

use a transaction

that way, changing multiple user's values and stuff will be done as a single operation, and not multiple operations

it will ensure that the money added to one user will be fully removed from the other user as well

if either operation fails, everything gets rolled back

will I still have to do queuing with that?

like if I get two requests for the same thing at the exact same time

use something to identify them

for example make a hash of the user ids and the value or items being transfered

I mean I store all transactions in the db already so every transaction has an id

so that if the same transfer is attempted more than once, you will be able to see it

ahhh

you mean that

it needs to be something that is not reusable

so you dont incorrectly catch two legitimate transactions of the same value

you can add something like a rounded timestamp

or

you dont need any of that

if you just limit the users to one operation per second

:^)

so ratelimiting?

ye

basically

if your db is 0.1ms

alr

1 second rate limit is plenty

ig I gotta implement better ratelimiting in my webserver then

do i need to be careful about what characters go in a URL fragment? or does the browser not process those at all and i can throw in whatever i want

the browser is well protected, what matters is how you use those fragments in your frontend code (or backend)

well, meaning "will it screw with the data i get out of it"

at most it will encode them as url entities

but you'll have to test it

if you want to be preventive, you can encode it yourself, and then decode it

encodeURIComponent / decodeURIComponent

yknow what I hate about js

the fact that you never know if a function can throw

I found it out the hard way

like I never wouldve guessed decodeURIComponent could throw

would be nice if ts would fix that somehow

its well documented tho

the problem is noone is gonna read docs for every function you use

i do lmao

🧐

i read the docs for everything im unsure of

well I was quite sure decode would just provide the original input if it failed

jsdoc has a @throws thingy

ts itself doesnt seem to have anything for exceptions

I thought no @throws = no throw

ye

I mean a lib author can just not add it but its the @types/node package, I would expect it to have it

who's in charge of those types? is it done by the ts team itself?

or by definitelytyped?

def typed I think

so you could PR them

me when discord double-encodes it

what

lmao

the % character always gets reencoded

do you need to customize any more about a ratelimit

its dumb

i wouldnt even go that far

just set a timer on a user id that deletes itself after 1 second

if timer already exists, reject

its for my webserver package, It needs to be diverse

i see

does this make sense

basically I never use setTimeout / setInterval and just do all checks / clears on the next request the ip makes

(with a background job that runs like every min that does some cleaning too to prevent a mem leak)

yeah thats fair

how are you planning on temporarily blocking the user?

by just ending the request with a 429 and not executing route handlers

i meant how will you mark the user as blocked so the api knows to 429 them

actually you probably just have some user object

I check their hits every time they make an request, if hits are higher than max allowed on route and end time isnt reached yet they get their end time increased and marked as "got penalty" so they dont get multiple penalties

Hey guys, anybody able to help me with some top.gg API intergration. Looking to change the cooldown of a command, depending on if somebody has voted that day or not.

Bot's in discord.py, currently using hybrid commands, and handling command cooldown via built in method.

    @commands.hybrid_command(brief="Claim a random card for your collection.")
    @commands.cooldown(1, 600, commands.BucketType.user)```

server {
    listen 80;
    server_name mailcon.cringe.dev; // The actual mailcow dashboard, not really relevant after I ditched the cloudflare proxy
    server_name mail.cringe.dev;
    server_name autodiscover.*;
    server_name autoconfig.*;
    location / {
        proxy_pass http://some-internal.ip:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_connect_timeout 5s;
        proxy_read_timeout 5s;
    }

    # Add these lines to enable SSL
    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/hopefuls.de/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/hopefuls.de/privkey.pem;
}

I forgor the server_name of hopefuls.de lol

what in the fuck

why are you doing server_name over and over

you can put that all into one

also your server_name is set to cringe.dev is this what you actually set it to?

I first used nginx in prod 3 days ago

If so your ssl cert indeed does not match mail.cringe.dev

you registered it for mail.hopefuls.de

the certificate should cover *.hopefuls.de, aswell as *.cringe.dev

seems like it doesn't

then shid certbot

try setting it to hopefuls.de

and fix those server_names

suffer

looks cursed looking at them all split up

😭

Also if you are using nginx as a reverse proxy did you follow the tutorial for it?

Yeah

the reverse proxies are all working fine so far

I see

Mine looks entirely different from yours

wdym

Ill show you one sec

I'll give another try regarding ssl

since mailcow seems to want me to drop the certificates into assets/ssl

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name mail.aarondye.dev autodiscover.* autoconfig.*;

    ssl_certificate /etc/ssl/certs/aarondye.dev.pem;
    ssl_certificate_key /etc/ssl/private/aarondye.dev.key;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;

    ssl_verify_client on;
    ssl_client_certificate /etc/ssl/certs/cloudflare.crt;
    
    ssl_protocols TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
    ssl_prefer_server_ciphers off;
    
    location /Microsoft-Server-ActiveSync {
        proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_connect_timeout 75;
        proxy_send_timeout 3650;
        proxy_read_timeout 3650;
        proxy_buffers 64 512k;
        client_body_buffer_size 512k;
        client_max_body_size 0;
    }
    location / {
        proxy_pass http://127.0.0.1:8080/;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_buffer_size 128k;
        proxy_buffers 64 512k;
        proxy_busy_buffers_size 512k;
    }
}

ok well it sent my mailcow conf has a file but ignore it

this is my nginx

yeah I have separate configs for everything

👀

thats all for mailcow

Its primarily so I can 1 visit it on the web

2 sign in to my email on say outlook or gmail

yeah thing being

I mainly had everything ssl on cloudflare

I also just put this in my conf.d folder instead of sites-available

All my ssl is through cloudflare as well

I use Origin CA certs

not letsencrypt

ohh

so you essentially have a certificate on cloudflares end and one on your end

or how should I understand it

You register the cert on cloudflare's end and it gives you the pem and key file contents that you have to save yourself

and then you put those on your vps and have nginx look for it

It covers my main domain and all subdomains

yeah this is too huge brain for me

https://developers.cloudflare.com/ssl/origin-configuration/origin-ca

so I found out what the issue is

Oh?

turns out, when I originally installed mailcow, acme still kicked in and somehow managed to get a certificate?

so that certificate obviously expired and mailcow apparently sent that out

So now re-checking the mail certificate, seems to verify it correctly now

so seeing if it works entirely now

yeah see, this covers *.cringe.dev and *.hopefuls.de

this is still worrying though

eh should be fine

we'll se

e

fuck

yeah now its unable to get local issuer certificate

for fuck sake istg

Welcome to the world of owning your own mailserver

the networking behind it is a pain sometimes

are you guys seeing this proposal https://rupertbenwiser.github.io/Web-Environment-Integrity/

this will essentially let websites, especially google and other large players verify your environment to make sure they are happy with it or not

the same thing is basically done with androids and hardware backed attestation which is used for an app to 100% know a user is rooted or not or has modified their system

but google wants to bring it to every web browser

meh

pretty sure on android theres this security chip that resembles a TPM which is relatively tamper proof and generates a cryptographically signed token for google to verify
if you do any modification like open the bootloader or root it, the thing gets tripped and will fail all your safetynet/integrity checks

ios deals with jailbreak detection in their apps. My jobs app literally banned me from using it (To view my schedule n shit) just because my Iphone is jailbroken. Not like I can do anything to your precious employee app anyways with it but so be it.

yeah thats the thing that plagues android as well, google doesnt want you to be rooted (you cant use google wallet if you fail safetynet too)

they, and all apps that make use of it claim its for "security reasons", whether they are blindly following the consensus that rooting is "insecure" and "dangerous" or dont like your freedom

I jailbreak for freedom. I theme out my phone

some nice apps only display a warning that your phone is rooted on first start but let you use the app anyways

my bank app does that but i know other banks flat out block rooted phones

fuck it, im just gonna use the full chain

see if that does something

nope dies entirely

fun

Honestly all I can say is have fun figuring it out cause I don't even know at this point

thing is, the certificate works fine

but apparently

        Certificate #1 of 1 (sent by MX):
Cert VALIDATION ERROR(S): unable to get local issuer certificate
This may help: What Is An Intermediate Certificate
So email is encrypted but the recipient domain is not verified

hm

i setup my own mail server and never had an issue with certificates

literally just made a letsencrypt cert and passed it to the mail server

@sharp geyser did it

guess how

had to fucking merge my certificate with the fullchain

dying inside

SMTP AUTH extension not supported by server.

YES works

fucking hell

you ever just

have a docker image

"be recommended"

but their documentation entirely refers to the by source installation

fuck them

is this MiaB by any chance

No clue what that is, but its another web-based docker thing

trying to run behind a proxy

its using django

continuously hitting csrfs, even though the headers are passed through

fun

mailinabox

nah

oh ok

nothing like that

cant tell you whatz

but yes

yeye

hoping debug will help

at least I fixed the email thing

fairs

why not

exactly

:c

dm me it

😉

Ok cloudflare

where do I view my block rules again

lmao why did I create this

finally I can ufw my 80 ports again to only allow cf

swag

yeah for some reason i thought you needed to be in a server to use the webhook or that its "public" lmao, ofc i wouldnt leak a token xD

thats what they all say anyways

Ok

why in the actual hell is tsserver so slow

its loading for up to 8 minutes at times

is there any way to make it faster

if its needed Id use a different editor too

hey is there an ai or api that i can give HUGE text and that it returns the personnality and what he might like

or things like that

One message removed from a suspended account.

One message removed from a suspended account.

One message removed from a suspended account.

One message removed from a suspended account.

One message removed from a suspended account.

One message removed from a suspended account.

why are you coal

One message removed from a suspended account.

did santa give you coal for chrismas?

bad grill