#networks

Then i will start learn low level langauge

@candid lion again, there is a lot to that, what do you want to know

Haha

@candid lion like, idk if you just need help connecting to your AP at home, or if you need help with your countries spectrum usage requirements

what are your opinions on server sent events vs websockets?

https://stackoverflow.com/questions/5195452/websockets-vs-server-sent-events-eventsource#:~:text=Websockets and SSE (Server%20Sent,receive%20data%20from%20the%20browser.&text=SSE%20connections%20can%20only%20push%20data%20to%20the%20browser.

I was just looking for a nice discussion, not just an answer, but thanks anyways!

I used websockets but never used sse so i cant say anything about it 😄

aah ok

I don't like web sockets myself, I prefer gRPC now a days

But they aren't all that supported yet

Yeaps

So if you need to stream, ws it is

Or use WebRTC

woah gRPC looks quite interesting

So if you need to stream, ws it is
@vernal surge thats the thing, you can use SSEs(server sent events) as well

if its just a stream of events

right

Yeah

It depends on your use case

right

But yeah, gRPC is nice :)

That is how I make services communicate now

Wow bro i also make one app for chat wanna see 😛

@serene halo given your interest in security, no way in hell am I running it

That is how I make services communicate now
@vernal surge gRPC just looks like you're calling a method off of an object, but in reality, you're requesting something from the server

its pretty lit

@serene halo given your interest in security, no way in hell am I running it
lol

So I have a ubuntu server, on a work network, trying g to ssh I to it, default port 22, when I try 'ssh root@public-ip'on my ubuntu machine off the network it just sits there not doing anything, but if i change the ssh port and restart service on the server it denies the connection (port not open)

Yeah, essentially that's what rpc is (thus the name - remote procedure call lol)

@coarse epoch any other way to connect? Sounds like you need the logs

I have physical access to the server

To me, it sounds like you are probably hitting your works firewall/router rather than your ubnt box though

Also the ssh times out when I try port 22

But denies on ports thatare closed, making me think ports open,

Do a forward at the fw/router that looks like public:1022 -> ubnt:22

Then try to hit public 1022

If it matters firewall is a Cisco meraki

Yuck lol

But yeah, merakis listen on 22 by default

What is the easiest way to do networking in wireless network?

@coarse epoch if I had to guess, you ssh request isn't even making it to the Ubuntu box

@candid lion still, you aren't giving us enough info to help

What i have to give you

@vernal surge is there a way to check? Im kind of learning this as I go,

@vernal surge https://github.com/MayankFawkes/Open-Chat 😐

I NEED HELP

!!!

Pls

yes you can just drop your question

Someone

@candid lion what are you trying to do

@candid lion reword your question, how you asked it is like how is the best way to drive in car

Im trying to play music on other computer

With code

@candid lion https://www.youtube.com

Ok?

If it's a home network you could use psexec

@candid lion use spotify

SPOTIFY CONNECT SUCKS

@candid lion what os, what code, as much detail as you can give. That is still really vague

So i font use it

haha true bro check my code i did the same thing
you can just do a lil modification in code and make it for yourself

I have windows 10

Acers laptop

So you are just wanting to get a file from another computer in your own network? How are you trying to play it?

Immediately, I'm thinking SMB shares

Idk

Is it possible

?

yes it is

Good

U guys are pros

How ro use SMB shares?

can you tell me how you wanna play music in other computer like with youtube link or the music stored in your pc

How ro use SMB shares?
@candid lion Google python smb

I want to play play my music files from my computer with another computer

You don't need code for that

But you can

How?

Just share the folder and access it from the other computer

How to code it?

yes but only work on local network

Can u give a example?

dude its sharing option in windows

YEA BUT HOW TO CODE IT

!!!

wait leeme find you a video help for it

*code

@candid lion https://bfy.tw/Okyj

if you wanna code then you must have to run one file on other computer is it possible ?

What file

program file

what you code

Ok

It is possible

anything is possible

Lol

bro all you need to code for file sharing

or wait

i have one i coded

Can u show me?

@serene halo well, almost. Try going faster than the speed of light :)

haha

https://gist.github.com/MayankFawkes/66d2330e9510c609860393f4c3f29392 @candid lion

with this you can share files between computers

Thx!

your welcome xD

🙂

I knew it, some people don't want to learn, they just want the answer...

you can message me anytime for help xD

Thanks!

I knew it, some people don't want to learn, they just want the answer...
@vernal surge true but i am not like those you believe right ?

😛

How to learn it?

😦

Joke

@serene halo not that I can tell

bro you have code now you can read and learn

easy peasy

Thats true!

ye 😛

@serene halo not that I can tell
@vernal surge 😮

I can use the same code for everything!

ye just do modify it according to your need

Yea

Thanks a lot for the code!

😄

np your welcome

Thanks!

Bye!

see you xD

@vernal surge so the server definitely allows ssh, I can ssh into it from inside the network but outside the network it just times out

I went into the meraki and even port forwarded to that internal ip on port 22

@coarse epoch use ngrok and forward your port 22

It is forwarded from what I can tell

lan IP is that your local computer's ip ?

The servers IP yes

Don't us port 22

the meraki is intercepting it

I tried non standard ports too same thing

change the public port to something else

something >=1025

Oh shit that worked

lol

So since in learning why does that work

I did public 666 to internal 22

So, the Meraki itself is listening on 22 ... so you can't have multiple public exposures of that

but the meraki can translate any external port to an internal port, not problem, so long at it's not already defined

but you can't change both the pub port and the priv port unless you change the port that the ssh server on the ubuntu box is listening on as well

you can totally do that, but I assume you didn't do that

Strangely when I did earlier it denied it

but also, FWIW, don't use anything <=1024 for external ports, those are "reserved"

also, now that you have SSH exposed to the world ... disable root authentication and password authentication on the ubuntu box

at least for SSH

because in approx. 2 hours, that server will be compromised otherwise

How do I do that?

Sorry, like I said I'm pretty new

Google: Ubuntu disable root ssh and password

But luckily for now the server is just a test machine with notbin bgg critical on it

you will need to generate yourself an SSH key as well to push to the server

And thanks!

If I already did fingerprint will that matter?

i'm less concerned about what is on the box, more about what is on other boxes in your network lol

if it's for work... the real threat is a Ransomware attack ... because they really don't care what is on your network, their guess is, you proabably need it and will pay to have it back

If I already did fingerprint will that matter?
@coarse epoch you mean when you connected to it and had to accept the fingerprint?

Yes

If so, no, that is a different security mechanism

Ah okay

So by default permit root login is prohibit password, should it just be no

you need to generate your own ssh key, push it to the server, make sure you can connect via said key, and then disable passwords

but otherwise, yes lol

https://askubuntu.com/questions/435615/disable-password-authentication-in-ssh

are you on linux or windows?

Linux

Just generated my key

Pushing it to server now

ok, yeah, just gen your key ssh-keygen -t rsa -b 4096 then ssh-copy-id -i <the public key you just generated> username@ubuntu

Looks like I got it

Asked me for key password then connected me

then ssh -i <your priv key> username@ubuntu

So now to disable passwords right?

it shouldn't ask for a password if you did it correctly

unless you protected your ssh key with a password

I did

ok

then yeah, turn passwords off

there are a LOT more things to do to harden a public linux server, but securing logins is the cost of entry lol

but like you said, it's a test box, so ...

It wouldn't be in the end, but it also at that point only allow the ip I need incoming on that port

check your logs for your running services regularly

will at least tell you if you got pwned or how people are trying to pwn you

number is likely to be high lol

in my experience ... as soon as the box does get owned, they tend to secure it though so no other hackers can get in and use it also lol

So besides the keygen and turning passwords off, and only allowing the ips I need in the port forward what are other things I should do

do you have iptables set up at all?

or ufw

I do not

That would be a good idea

here are just a few lol: https://www.ubuntupit.com/best-linux-hardening-security-tips-a-comprehensive-checklist/

and also, fwiw ... there are a bunch of automated security checks provided by NIST that you can run via an OpenSCAP tool

fail2ban is also great

but probably not that important if you are only using certificate authentication

it's good to know how to harden a linux box, but just so you know ... until you have a reason to, it might be overkill

get your testing out of the way and then start with a fresh box that you can harden and test more with a hardened OS and address issues

then, you have something that is suitable for a production workload

doing too much at once is likely to cause issues anyway lol

But also be aware people constantly scan internet accessible boxes for vulnerabilities

it really comes down to how much you care about the stuff on the machine

yeah ... i like to invision a slider with <SECURE> on one end, and <USABLE> on the other ... it's up to you to decide the level of risk that you can accept

hopefully, you have someone in your organization that can make those decisions for you (as far as risk tollerance) because if not, it's your ass lol

been there, done that, got the t-shirt lol

Using the domain seems to be coming up with the error:

TimeoutError: [WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connectio n failed because connected host has failed to respond

So I assume there is a problem in the DNS setup or it hasn't been updated yet

i wanna build

does a nslookup give you the correct ip @tidal matrix

Did you just make a change?

Just got the domain

does a nslookup give you the correct ip @tidal matrix
@wraith grove Let me check, didnt think of this lol

It just says "Returned Data"

wdym

can you screen shot it

@tidal matrix

Sure

Do I have to fill in the DNS Server, Port and timeouts bit too

in what

nvm am a bit dumb

I was using an online onw

oh okay

yeah nslookup is just a cmd tool

Do I just put in the domain after nslookup

yeah

or you can type it in after running nslookup

Ok so it said "Server: unknown"

Then under Non-authoritative answer it gave me 6 addresses. Three IPV6 and three IPV4

None of those ones are mine though

probably placeholder addresses until the transfer happens

what is your DNS server?

I use cloudflare

1.1.1.1

Yes mine is also cloudflare but google domain

no, i mean you local computer, what DNS server does IT use

Ah as in?

oh sorry your names are so similar

The one it runs in network settings?

ipconfig /all | findstr /R "DNS\ Servers"

or in pwsh, just Get-DnsServer never mind, this is for actual dns servers lol

Comes up with this big string

String of sets of four

Should I send it

yeah

ok, so an IPv6 address

not sure what that is lol

anyway, you probably need to set your DNS to a public one

Looked long for an IPv6 address to me lol

my guess is that it's the ipv6 autoresolve for your router and/or isp

i would set your dns to either 1.1.1.1/1.0.0.1 or 9.9.9.9 or 8.8.8.8/8.8.4.4

My PC DNS?

yes

ok I believe I change it in control panel correct

yup

cool

1.1.1.1 is supposed to be fastest

here are the quad9 instructions https://www.quad9.net/microsoft/

Cool

i've had trouble with 1.1.1.1 before, but that was very early in it's history lol

Ah ok

I'll just use googles 8.8.8.8 for now

Is there any actual difference between 8.8.8.8 and 8.8.4.4

8.8.4.4 is just the backup

Yea but in terms of performance or anything

8.8.4.4 is probably a little slower due to it being the backup, they keep 8.8.8.8 pretty beefed up lol

Understandable

Oh should I change just ipv6

1.1.1.1 has the lowest latency

i'm sure the enduser experience those is negligable at best though

Latency for my application is not much of an issue lmao

well with websites loading as fast as they do it could make a difference

as far as DNS privacy though, 1.1.1.1 is one of the better ones. I try not to feed google any more data than I have to

Fair enough

Ok done

Now what 😂

now do the nslookup again

Ok

Ok comes up with the same thing just now says Server: dns.google

what is your domain?

www.tflserver.com

;; ANSWER SECTION:
www.tflserver.com.    300    IN    A    172.67.223.172
www.tflserver.com.    300    IN    A    104.31.92.1
www.tflserver.com.    300    IN    A    104.31.93.1

Yes that shows for me too but previously showed too

not sure what you are expecting, but this is what 1.1.1.1 shows

Oh really

anyway, so you switched your nameservers to CloudFlare, so did you actually add the DNS records there?

Well tbf I'm not expecting much as I'm a total noob at this lol

Yes

ok, did you leave the proxy slider on for that record

Yes

turn that off

that works well for web, but nothing else really

Ah ok

Done

Great, works now!

;; ANSWER SECTION:
www.tflserver.com.      300     IN      A       90.211.75.79```

Yep

So ig thats all Ill need in my networking quest for now

Thanks so much for the help, I will probably have issues again so I will ask then

But thanks for now!

Yw

At what point in the code execution are you expecting it to print?

anyone got a good tutorial on how to create a register a user in cognito in AWS?

and also does anyone knows how much resources does cognito used when doing a sign in, i keep getting timeout

So cognito is pretty expensive for what it is, but the best tutorials I've ever found were from AWS

And I don't really know what you are asking re: timeouts @paper dagger , cognito is a serverless app and doesn't have the same constraints that ec2 instances have

ah my i've found that my lambda is not connected to the internet and I keep getting timeout as a result of that

hi

any one online in this group

yes @elfin mulch

@paper dagger yeah, that'll do it ... but generally, i have to work pretty hard (or use a misconfigured VPC -- or a purposefully internetless configured VPC) to get a lambda to NOT connect to the internet lol

i really don't know, i might used the default properties hence not setup for connecting to the internet

well ... the "default" vpc IS connected to the internet ... so yeah, not sure what your setup is

@paper dagger How do you know its not connected to the internet

WordPress developer free themes are available for practice https://www.youtube.com/channel/UCxgrw_daH8ae9NmZzKqR03w

me and my friend are trying to communicate with python sockets while one of us runs a client and the other one runs a server. Since we are not on the same network, how can this be done? Thanks

@fresh thistle Thats what port forwarding is for

Hey! I'm having a problem: I'm making a chatroom application with sockets and tkinter for the UI and i have two scripts: server.py and client.py. they both have a UI, the server UI has 2 buttons, one for starting the server and one for stopping the server, and also a list of the connected users. Now, my issue is that when i try connecting to the server from the client, it just cant connect

thus is an error message that i programmed to pop up if it cant connect to the server

After a while of messing with the code, i started getting an error saying that an established connection was aborted

i tried switching ports, adding python to the firewall's allowed apps and even disabling my firewall completely

nothing helped

does anyone have any idea whatsoever about what might be causing this bug?

Can you post the code for accepting the connection on the server side

yeah sure i actually have the repo of the code

https://github.com/dsnk24/saint-chatapp

hold up bad link

https://github.com/dsnk24/saint-chatroom

there we go

https://bandit.readthedocs.io/en/latest/plugins/b104_hardcoded_bind_all_interfaces.html should I bother with this if I want my socket server to be accessible to outter connections on my vps

correct channel for a question about the requests library and bs4?

probably

ok so i just started a tutorial about that thought it would be sth nice and new

so i created a soup which worked perfectly, now i tried to search for sth in the soup with soup.find(id="productTitle") but its just returning None

dunno why its returning None

@neon hinge Unrelated but

startBtn = tk.Button(topFrame, text='Start Server', command=lambda : start_server())

can be replaced with

startBtn = tk.Button(topFrame, text='Start Server', command=start_server)

other than that, are you sure your code is getting to sock.accept()? Use some debugging and/or print statements to find out

Server.pypy sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.bind((socket.gethostname(),10000)) sock.listen() Client.py```py
server = str(input(Color.GOLD + "Server: " + Color.WHITE))
port = int(input(Color.GOLD + "Port: " + Color.WHITE))
socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
socket.connect((server, port))

im typing `127.0.0.1` to server in client.py
if anyone will answer, can you ping me ?

let's say i do something like this:

import time
import requests

def api_fetch():
    return requests.get('https://api.example.net/streaming_data', stream=True)

def main():
    resp = api_fetch()
    time.sleep(30.0)
    for line in resp.iter_lines(decode_unicode=True):
        print(line)

what happens at the network level while i'm sitting there blocking my python program for 30 seconds? is this just holding an HTTP connection open? or is the OS already receiving and buffering data?

similarly, what happens if the requests.Response is not .closed promptly? e.g.

import time
import requests

def api_fetch():
    return requests.get('https://api.example.net/streaming_data', stream=True)

def main():
    resp = api_fetch()
    for line in resp.iter_lines(decode_unicode=True):
        print(line)
    time.sleep(30.0)

the resp object won't be cleaned up by the cpython gc for a long time in this case, what happens then? am i being a bad actor w/ respect to the server?

i see that requests.Response supports being used as a context manager (and aiohttp mandates the use of a context manager in its API) -- when would i actually need to care about making sure the response is "closed"?

If you set stream to True when making a request, Requests cannot release the connection back to the pool unless you consume all the data or call Response.close. This can lead to inefficiency with connections. If you find yourself partially reading request bodies (or not reading them at all) while using stream=True, you should make the request within a with statement to ensure it’s always closed:
https://2.python-requests.org/en/master/user/advanced/#id2
found this in the docs

@ me if you have any additional insight on this, especially w/ respect to the first question

So not that I'm complaining, but why does it seem that every beginner seems to default to websockets here?

It's quite simple and straightforward

You can just listen for websocket events and execute functions when the events are fired

Additionally, there are simple functions like emit and send that just send messages to all clients if you choose

I dont get why people use the websockets module so much tho

hey ppl
I wanted to ask if
it would be good to use an UDP server for a chat room or may I continue with a TCP server??

id say tcp

UDP is very fast, but also unreliable, so data packets sent via UDP may get lost or end up corrupted. in something like a chatroom server, you need reliability more than anything else because you need the users messages to arrive to everyone else intact

so i recommmend sticking with TCP

TCP also guarantees correct ordering, which can be important in some situations

hey all

hey

I'm having difficulty receiving web sockets from another network

client and server are working on local

but I wasn't able to connect client to the server over the Internet

I'll send pictures when i get home

Firewalls also block a lot of UDP traffic so a UDP solution would have to take that into account

So here are my files:

Server.py:

client.py:

This only works on local host and only one machine. How can I make it work over the internet (with use of public ip address)?

your server needs to bind to 0.0.0.0 as the host addr

I feel like we need a Pin of basic WS troubleshooting ... the "don't use localhost" thing seems to come up every day

😄

you can also use loopback address 127.0.0.1

Thanks for the help

I will try it

loopback doesn't allow you to connect outside your network (or outside of your own machine for that matter)

so "localhost" and "127.0.0.1" are no goes if you want another machine to connect

technically, i guess a 169 address could work, but that is like pissing upwind and hoping not to get wet 😄

if you have a webserver that can proxy requests to your localhost server, then yes, you can do that, but now we are getting advanced 😄

is there any chance that firewall would block the connection?

there is every chance of that

I have linux hosting

anything I can do with that?

for linux, check either ufw if ubuntu, or iptables and ip6tables on just about every other distro

and then if you are hosted, there is a really, really good chance that there is a network level "firewall" (or security group if we are talking AWS) that you need to open your ports on

but unless you are using 0.0.0.0 or the actual IP address of your interface for the bind address, none of it will work

all I want to do is send a string of 5 characters to another computer 😦 😄

sure, but to do that, you need to do all of the networking prereqs

yeahh

string of 5 characters or a whole-ass application, same reqs

a nonsense question

would this work:

the server and client communicating via a text file stored on FTP server 😄

one uploads a file the other downloads

there would be some weird timing things to work out, but probably

cause if it works it would same me lots of headaches

will try it

that is REALLY REALLY insecure though

haha

i know

Fwiw, I don't know what you are trying to accomplish other than messing around, but don't assume learning that particular pattern will help you in a job search lol

haha

it is for a hobby project

the plan is to send quantize keystrokes of two computers together

so when one clicks the other one clicks

hope it makes sense

Think of a software like team viewer with a difference : server user is not sharing it's screen but only its keystrokes and the client performs the keystrokes automatically upon receiving. use case: this allows two users to play a specific video at the same time even if they have the video on two different platforms (e.g one as a file and one on netflix). since when server user clicks on play with LMB the client user clicks on play with LMB and the video plays.

I will try to use the websocket for it so no worries

I was just wondering if its possible to connect a website using the same domain I have that also points to my server?

The one I was talking about earlier

there are a few ways to do that

A) just host the website on the same server, or on the same network if its behind a NAT, so they share an IP

B) use subdomains

C) have your server send a redirect for http traffic (to a subdomain)

@tidal matrix

Ah ok cool thats what I was thinking about! Redirect the website traffic to a subdomain!

I could host it on the same server but idk how incoming connections from the client would be dealt with

well I assume they would be on different ports

your webserver would be listening on port 80, the other server on whatever other port

thats the same way you could do it with different machines on the same network, port forward 80 to the webserver, the other port to the server

@tidal matrix yeah, just point another resource record at the web server (e.g. - www)

thats the same way you could do it with different machines on the same network, port forward 80 to the webserver, the other port to the server
@thorn stratus Completely forgot about ports 😂 🤦‍♂️

@tidal matrix yeah, just point another resource record at the web server (e.g. - www)
@vernal surge Yes I could also do that

Or if you want to run it on the same server, yeah, just use another port (like 80 or 443 lol)

Yea haha, thanks

Was just wondering, won't implement it for a while

Yup, I only own about 5 domains but they each have hundreds of resource records and sub domains and sub sub domains lol

Woah, how do you manage them

Well, most are associated with kubernetes

In english? 😂

Lol kubernetes is a container orchistration platform

Ah ok, had a quick search what that is too 😂

With the exception of the auto generated node/pod dns names, all of my dns is codified though

Terraform specifically

If I expose a port to the internet but there's no server listening, can an attacker do anything?

@fickle gull well the attacker can communicate with your computer directly, so it's less safe, but generally no

It's very low risk

That's what I thought, thank you

Just wanted to make sure

I'M BACK!

@ember ledge

Wb? Lol

Sup @vernal surge

@serene halo howdy

I am good bro

And now i can make the tcp packet successful lol

The problem was with Pseudo Header

I was creating wrong header checksum

Good to hear maybe lol

Lol

if you have a webserver that can proxy requests to your localhost server, then yes, you can do that, but now we are getting advanced 😄
@vernal surge ngrok should suffice though right

i'm making a proxy for that exact reason and it's hella fun

i'd use ngrok too, but i need to have the same address ALWAYS, and to not have time limits for what i'm doing

I'M BACK!
@undone gust oooooooo, thats nice 😄

hell yeah

Has anyone read "Computer Networks" (Tanenbaum & Wetherrall, 5th edition)? Is it a good introduction to how networks work?

@lofty bough I have not lol. Despite the Cisco slant, I learned most of what I know from them ¯_(ツ)_/¯

So how do I point my domain to a site I made using a provider

I used a provider and made a site, so how do I use the same domain with it

For example if I used a subdomain I could do

server.tflserver.com leads to the IPV4

and tflserver.com leads to the website

But it only allows me to use a URL for subdomain redirects

What to you mean by 'leads to the IPv4'?

What to you mean by 'leads to the IPv4'?
@lofty bough My server IP

@tidal matrix were you able to figure it out?

Nope 😦

pointing your domain to an IP uses DNS

Yes

so it would depend on your DNS provider

Am using Google

for hosting and dns?

Actually ig dns is now cloudflare too

So Cloudflare for DNS

alright so you'd just add an A record pointing your domain or subdomain to the IP of your server

Yes so I have that setup

But how do I make it point to a website too

so you don't point a domain to a website. you point a domain to an IP

when you go to a url in your browser like google.com the browser is going to automatically try to connect to a port on your behalf

if https then 443

if http then 80

so on the server you need to run a webserver that can respond to those requests on the appropriate port

I'm trying to display a continuous ping (ping ip -t) in tkinter's textbox using subprocess. I've looked at options using the os library too and just can't wrap my head around making it seem like a live feed. Some pointers just to get me in the right direction would be much appreciated

Yes, my problem is my website provider I made the website with (to save time) only lets me connect via name servers or "pointing"

what provider are you using?

Wix

ah so you're just trying to point to a static site hosted on wix?

Yes

okay, so what are you trying to do with subdomains?

point at a different route?

No clue honestly 😂

i guess to back up, what are you trying to do

haha

So if I enter: tflserver.com in a browser it takes me to the website

But if I use server.tflserver.com in a client, it connects with the server

@violet pebble that doesn't really seem specific to networking but you probably want to run the ping in a separate thread and end the output from subprocess into a queue that you can consume from another thread for your application

and what do you want server.tflserver.com to do?

@violet pebble that doesn't really seem specific to networking but you probably want to run the ping in a separate thread and end the output from subprocess into a queue that you can consume from another thread for your application
@tall olive I have multiprocessing imported. I intend to go down the route with netmiko, but just trying to contain the 'challenge' to a minimal as I think once I figure this part out I can do the rest 😄

@vernal surge You active?

Real quick question

I am trying to get a discord bot to communicate with a flask website through sockets. I don't really know how to do this. I can establish a connection, but I don't know how to check if the bot has received information from the website and I don't know how to check if the website has received information from the bot. Does anyone know how to do this?

@tidal matrix I am now lol

Hey you guys. I was wondering if any of you are interested in working on a Bot Project? I would be happy to speak with you about the project if you are.

@ember ledge fwiw, I think websockets is probably the wrong way to go about this communication, although possible, json would probably be easier

@wild verge does it have to do with networking?

If this is the wrong chat, I apologize. I was not sure what would be the best chat. I am new to the server.

@wild verge there is an entire channel dedicated to using python for bots: #discord-bots

@ember ledge fwiw, I think websockets is probably the wrong way to go about this communication, although possible, json would probably be easier
@vernal surge well, the thing is, I need to be able to fetch things like all of the roles in a server, or all of the online members

@vernal surge | Thank you, brother.

@ember ledge ok... Yeah, still not a problem lol

ok, so you want me to store literally all of the server data in a json file?

@ember ledge nope, just request it at the time it's needed

Discord has a json api as well

yes, but how would I know to add it without a connection?

Do what?

I don't understand what you are trying to say

What does your website actually need to do

It's kind of like any bot with a website where you can control the bot

Ok, control what exactly

I don't care about other bots, what are YOU trying to do lol

Like, if it's just like a configuration file for the bot to connect, then json is probably totally the right thing to do, you would collect the info on the site, and then run your new bot provisioning (because you can't share credentials) using those configs, I say json because I assume these are different machines

Let me give you an example

What if I want to add a moderation role to the mod? Well, I would have to get which roles are already moderation roles, that's easy, I already have a json file for that, but I would also have to get all of the roles in the server to list them out as options

Ok... Sounds pretty standard so far

Although I question the "I already have a json for that"

Usually, you make as many requests as you need to get your info, load them into a dict, and pull out whatever you need to do your processing

You can do some caching and stuff if you are getting a lot of hits, but otherwise, just make all the requests

It sounds do me like you probably need to bone up on inter-service communication a bit imo

What do you mean by "requests"

When someone needs that info, request that info from the server

How would I do that?

I would have to have a connection to the bot to request that info from the server

hi

@tidal matrix I am now lol
@vernal surge Lol

Ok so I saw an SRV record I may need but honestly I'm so confused

My website provider needs me to point an A and CNAME record at it

So how do I make another A record for my server

@tidal matrix above your dns records in CF, there are blank boxes, just type in there shrug

Yea but how would the client be redirected then

Like wouldn't it clash with the A record for the website?

@tidal matrix https://support.cloudflare.com/hc/en-us/articles/360019093151-Managing-DNS-records-in-Cloudflare

@tidal matrix what are you trying to do? Unless you are trying to add the same record name, you are fine

An A record to my server IP
An A record to the website
A CNAME record to the website

So I wouldn't do both the a/cname to your website

But I want to make the A record to my server IP a subdomain that redirects. But it only lets me do subdomain > domain not subdomain > IP

Ah is only one fine?

But yeah, you can't redirect directly to an ip

F

But yeah, in the case of wix, cname is fine

Ok cool and should I just delete the records in google dns cause im using cloudflare

I assume you have a paid account though, otherwise, wix gets really broken

Yes wix without premium is pretty bad

But yeah, you can't redirect directly to an ip
At least not with cloudflare

@tidal matrix it really sounds like you need to study up on DNS though

I do but I don't think I'll ever use it again 😂

I'm trying to make a chat server, and I'm trying to make it so the connections are wrapped in TLS.

I've tested the TLS socket wrap in code with just a client-server connection, and it works perfectly

However, on my chat server program I'm getting the error ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:2607) on the client side and ssl.SSLError: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:2273) on the server side

Now I'm reconsidering how to do this, is it proper to have both clients connect to the server with TLS? Do I need a X.509 cert for this?

@kind salmon preferably you would do certs lol

@vernal surge Do you mind walking me through how I should approach this?

@kind salmon now a days, it's easier to download and run autocert to get a letsencrypt cert

But you need to do that with either nginx or Apache

Alright

I've worked with those before so that shouldn't be too much of an issue

Cool beans, I think there is an autocert library, but it's just safer to use an external server

I personally like nginx

Alright, once I have the cert how would I go about connecting the two clients?

Run the server with your tls cert, then you would just connect to the secured server

Nothing else really to do

Hmm, I have the problem though that when it's bouncing messages between clients it refuses to work

However, on my chat server program I'm getting the error ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:2607) on the client side and ssl.SSLError: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:2273) on the server side

These are my two most common errors

Why would I be getting those errors?

@vernal surge

Tls v1.0 is deprecated

I wasn't using TLSv1.0 though, I was using py ssl_version=ssl.PROTOCOL_TLS

Ok, what is that constant, I'm not in front of a terminal

It picks a version of TLS

I think the latest unless the other party doesn't support it

In this case both parties did

and that worked when it was just a client-server connection which is weird

I wouldn't do anything other than 1.2/1.3 these days

But apparently the connection was downgraded to v1

It throws the same error when ssl.PROTOCOL_TLSv1_2

What OS?

Windows 10

Run this on the client print(ssl.OPENSSL_VERSION)

I'm not sure if the windows version uses openssl or not

sure one sec starting up my venv

But worth a shot

The virtualenv OPENSSL is different than the windows one

OpenSSL 1.0.2k  26 Jan 2017

Hmm

Same for the server?

Yup

Sounds like I need to spin up a VM. But yeah, something is going south during the negotiation

It's just weird because that works normally

This is random but do you guys use Vscode?

PyCharm

I tend to use vim myself

Oh vim alright on windows?

No, fedora here

Oh ok but where do your files save by default?

What? Lol

I'm new to vim and I always have to cd to Desktop if I want my vim files to be on the desktop

Like where does vim save your files by default?

It saves them wherever they exist lol

Or you can save as

I meant new files

If you want to create a new file on vim where will it save?

Wherever you save it lol

So if you do a vim C:\whatever.txt, it will create that and when you :wq it saves it

When you say vim C:\whatever.txt, do you type that in the terminal?

Yes

Oh what if I open vim and not by the terminal

and I save a file by :w

Do you do that or nah

How else can you open vim in windows?

It's a program so you can just search it and open it

Regardless, the save as is just :w C:\whatever.txt

Alright thanks I'll try that

Also do you add plugins to vim

Or do you keep the default look

I keep the look, but yes I do use plugins, but only for syntax highlighting and stuff

I guess they plugins have a few more features, but I don't use them really

do you use gVim by chance?

Don't know what that is, but it sounds like a gui, so probably not

Yeah it's a gui. Ight thanks for the help

@ember ledge the files get saved wherever vim opens by default

basically, the current working directory of vim

I think you can run :pwd or :cwd or something in vim and it will tell you

save-as (:w path/to/file.txt) will save the file where you want (if relative, then resolved against cwd)

@warm burrow Alright when I run :pwd, it says C:\Users\Titan

So how can I change that to something like the desktop?

edit the shortcut file used to launch vim

idr where start menu stores stuff

So move the shortcut to the desktop?

Also, when you say the save-as is :w path/to/file.txt

How would I write it if I want it in Desktop?

:w Desktop/to/new_file.py

Would that work?

@warm burrow

hold up lmao

:w Desktop/to/new_file.py
@ember ledge that would save it inside a folder called to on your desktop

Oh so it would be path/Desktop/new_file.py

So move the shortcut to the desktop?
@ember ledge well the thing used to launch vim is a shortcut file, right? right click and go to properties

there should be like a field called working directory or something

right click the entry in start menu

Oh so it would be path/Desktop/new_file.py
@ember ledge that will put it in C:\Users\Titan\path\Desktop\new_file.py which I don't think you want

just do :w Desktop\new_file.py

path/to/stuff is a common placeholder when you are referring to a file path

Alright I just tried the :wDesktop\new_file.py

But it seems to not be a python file

Acc nvm I'm dumb thanks

add a space lmao

Also are you using VIm on windows @warm burrow

I'm on linux

several years ago I used to

Oh I c then what does the vimrc do?

it's basically a config file for vim

vim reads it when it starts up

so you can do things like change vim settings and load plugins

and they will get applied each time you launch vim

the vimrc file is in C:\Users\Titan\vimrc right?

I believe

Would you mind helping me setup a vim plugin (Seoul256)?

I'm a noob and I kinda dislike the vim look

sorry, I have no clue how to help with that

Oh alright thanks for the help though

👍

If you use vim8 there is no need for a plugin manager anymore fwiw

What's vim8? I use vim 82

V8 or higher

oh I c

Is there a vim server you guys know?

Vim server?

Discord server

Oh, yeah not sure, not sure there is enough to talk about for a dedicated server lol

Good point

@warm burrow Also do you know tthis line of code won't work when I run it on vim?

It's a simple input to enter your name but when I run :w !python I get this error

vims :! does not take stdin

What's that?

stdlin?

stdin is standard input, which where input reads from

Oh so how can I run my code so I can have an input

you could either C-z into your command line, type python filename.py, then type fg to get back to vim, or use some vim shell emulator (not sure if any exist)

What's C-z

Ctrl+z

Oh what does fg do?

I typed fg in my command line but it doesn't work

Sorry I'm still learning VIm

what does it say?

I'm on windows btw

ah, that explains why you cannot use bash commands

surprised Ctrl+z did anything

So I guess I just have to type vim and hope back in vim?

I guess, but I would suggest just having a second command line in the same folder as your vim and just alt+tabbing

I say just a lot

I don't think I can have a command line in the same folder as my vim

But I'll just pin it to my taskbar and open it

Also, is there an ideal location to put my code files?

Or is it just a matter or preference

mostly preference, I just put them whereever

Ideally they are organized in their own folder

What's a good way to support multiple http servers in a project? E.g. have a dev server using http.server but use uWSGI in production? Like how django works. I will just go read django source if I have to. hoping someone can tell me "oh yeah that is X. use X." heh.

@rough roost lol, you pretty well described the solution yourself

I did? heh so just abstract it myself?

I guess "use django" could be a solution. it's heaver than I want.

I would just do gunicorn, it has a dev and prod mode, but you can do the two styles as mentioned

aha! I didn't realize there was a WSGI with a dev mode heh duh thanks this makes lots of sense

Or just use flask, the flask dev server is already devmode ready and you can easily do a WSGI entrypoint for anything else

Lots of options, just depends on what you are doing

making an API. or more pedantically making a domain specific language that outputs HTTP based CRUD or other kinds of APIs. rapid API development. it's kind-of working. busy writing lots of python inside templates. it's slow going and confusing. but I am determined haha.

Lol

I tend not to use python for APIs because it's such a pain to do validation correctly when a static type language fixes a whole class of problems for free lol

or use FastAPI for REST APIs

I've not used fastapi, I need to look into it

yeah built in typing is a thing it has and validation which can be extended by the user. free built in json typing too if you use the CRUD engine. it does a lot with a few lines of domain specific code. it's tuned for the CRUD case, you just declare some classes with typed fields that get stored backend by SQLAlchemy. other than that you can just make endpoint functions do whatever you want. main point though is to support POST/PATCH/GET/DELETE and storage of objects with just a few lines of code. you can extend/build on it however you need to customize things, it's got built in template support like a big preprocessor thing. it works fantastically well and I have pretty complete test coverage for it. the main problem I have with it so far, besides the templates being somewhat confusing, is authentication. no idea how to do it yet.

not to mention it doesn't come with alot of fluff, big fan of specific use case libraries over big broad ones

you don't have to sell me on anything I've been thinking about how I want this thing to be for many years and finally started implementing it. I don't want a Python library, I would have chosen that haha. despite the similarities to fastapi this thing isn't actually python specific. this is just one implementation. the parser tool itself and a different implementation are written in javascript. the idea being you mostly specify your API and just fine tune things in language of choice.

hoping if I can get the ball rolling other implementations even in lower level languages like go and rust might be possible and maybe once it's working I can get some help building it. but you know, for now it's just a pet project.

conn.send(f'password:'.encode())
try:
data = conn.recv(4096)
decoded = data.decode()
if not decoded:
pass
password = decoded.replace("\n", "")
password = password.replace(" ", "")
correct_pw = "root"
print(type(password))
print(type(correct_pw))
print(password)
print(correct_pw)
if password == correct_pw:
print("correct")
doests return correct?

does the requests library, or urllib3, do any caching/buffering of tcp requests?

i'm trying to stream a HTTP response with requests.post('http://api.example.net/fancy-endpoint', stream=True), but the bulk of the loading time seems to be the initial request, and fetching the data is nearly instant

and i've been assured by the maintainer of the endpoint that they are writing their output directly to the socket on the server end and not performing any caching or buffering on their side

does this mean i also need to read raw data off the socket? or am i just misuing requests/urllib3?

here's the code i'm using

import json
from time import perf_counter

import requests


def query_scrapinghub(http_session, data, timeout=30):
    params = {'timeout': timeout}

    results = []
    elapsed_times = []

    t0 = perf_counter()

    try:
        with http_session.post(endpoint, stream=True, params=params, json=data) as resp:
            t1 = perf_counter()
            elapsed_times.append(t1 - t0)
            print(f'HTTP status {resp.status_code}: {resp.reason}')

            if resp.status_code == 200:
                t0 = t1
                for line in resp.iter_lines(decode_unicode=True):
                    t1 = perf_counter()
                    elapsed_times.append(t1 - t0)
                    t0 = t1

                    line = line.strip()
                    if line:
                        results.append(json.loads(line))
    except Exception as exc:
        print(exc)

    return {
        'result_data': results,
        'elapsed_times': elapsed_times
    }

from what i can see in the requests source code, iter_lines reads data in chunks of 512 bytes at a time until it hits a \n, so requests itself is only buffering at most 512 bytes at a time

and if i take the api developer at their word, the only remaining culprits are somewhere lower in the network stack on my client side

i have reproduced this issue on both windows and linux if that helps

Looking at the docs you are correct, it should:

Get the headers, status code etc...
then as you iterate
read part of the request body 512 bytes at a time (internally) until it gets a \n

@thorny locust is this structured Json data or is just raw

in the case of it being raw you might find its being slow because the only \n will be the end of the body

@gloomy root im passing a python dict to json=

oh, the data they are sending is newline delimited json

have you tried using itercontent instead?

which doesnt keep fetching until it hits a \n?

im not concenred with it being "slow" as much as im concerned with how it appears to be pre-loading based on elapsed times

ah

naively i would expect the times to be something like:

• initial request - 1-2 seconds
• each line - 1-2 seconds

instead its like:

• initial request - 12 seconds
• each line - 0.001 seconds

as for itercontent, i can try it. but i'd just end up copying the source code because i really do need to read as little extra data as possible

the use case here is that we are basically keeping an elapsed timer, and if we wait too long on the client we just cut off the request

do you have an example endpoint we could see?

i could mock up a response

{"name": "foo", "request_id": 123, "content": "BLOB OF TEXT"}\n
{"name": "bar", "request_id": 123, "content": "BLOB OF TEXT"}\n
{"name": "baz", "request_id": 123, "content": "BLOB OF TEXT"}\n

the server should be generating and sending each of those one at a time

so we're 100% sure the reponse its getting has \n and its not just being cut off internally

what do you mean cut off?

Idk, sometimes some things 'helpfully' format and wrap the data

1 sec

and yes the output is definitely formatted correctly

the problem im having is that requests.post(..., stream=True) takes 12 seconds, before i have even read a single byte of output, then reading the output is nearly instantaneous. which defeats the purpose of streaming the response in the first place

we also want to be able to do something like, "fetch a line of data, run some algorithm on it, then determine if we need more"

In my attempt to test something ive accidentally crashed my server

heh

true i should try testing this locally

does anyone know how to connect to a remote server in the file explorer plz @ me in reply

well this

idk some 1 million lines or something idk

seems to fetch it how you would espect

okay well i cant go any higher than this really

without running out of memory

windows10™️

@gloomy root what if you make the lines like 1000 characters long?

fill each line with a bunch of garbage json

then send only 20 of them from the server

im doing it atm

i tried todo like 1,000 chars long and a million lines but so much bloat on my pc not enough RAM

heh

you see how my function is taking elapsed time around requests.post and then around each iteration of iter_lines? thats the big question here

if your test setup replicates my problem then its clearly python and not the server

i appreciate the help btw

are you just using the http server built into python for this?

i whipped up a little flask project

i could use my own server but that got its own issues rn lol

okay well for me,
it appears to be working

using a GET request tho

the initial request is instant

then as i iterate through it gets each line individually til it gets to line 9999999

do you mind sharing the flask code

from flask import Flask, Response
import json

app = Flask(__name__)


test_data = (json.dumps({"hello": "world", "data": "foo"}) * 100 + "\n") * 100_000

@app.route("/")
def test():
    return Response(status=200, content_type="application/json", response=test_data)


if __name__ == '__main__':
    app.run("0.0.0.0")```

ignore the application/json type

using:

import requests
import time


start = time.perf_counter()
r = requests.get("http://127.0.0.1:5000/", stream=True)
stop = time.perf_counter() - start
print(r.status_code, "time took: ", stop * 1000, "ms")


start = time.perf_counter()
lines = []
for i, line in enumerate(r.iter_lines()):
   lines.append(line)
stop = time.perf_counter() - start
print("time took: ", stop * 1000, "ms")```

i got:

200 time took:  136.1731 ms
time took:  5289.9407 ms

same result if i use POST

thanks a lot

i can work with this

nice toy flask app, i'll keep this in mind next time i need to prove a point to a vendor 😛

Flask is very handy for whipping up quick test beds

i strongly suspect that their server code is buggy

so i'm going to basically have to mock up response data from a fake version of their server

if you get the whole thing as content rather than streaming it

then show them that the odd response times are their problem, not ours

and do count("\n") how many \n's does it show

i know it has the correct number of newlines because it's being parsed correctly

if it were being wrapped each line would no longer be valid json

and it would all break

at least... i think so. i can check it either way

hmm ig

it is a weird issue tbh

but stream is definitely working in my tests

if i make the server serve a single line the fetch takes so far a very long time

it hasnt actually returned yet

i just sent a long and data-heavy email back to the vendor

thanks again

np

I am making a program that will be able to detect if a tcp conection is true on a certain process, but i cant figure out the best way to do it

your message doesnt make much sense

you mean see which process is sending which tcp packets or?

yeah

@gloomy root

@gloomy root check it out https://paste.pythondiscord.com/ipokobuzap.py

0.51127
0.5146139590069652
[0.503018541727215, 0.50418451288715, 0.5041157817468047, 0.5042929076589644, 0.5042273788712919, 0.5052136657759547, 0.5040050055831671, 0.5040497384034097, 0.5040661687962711, 0.5050655892118812, 0.5037602442316711, 0.5040175737813115, 0.5040626651607454, 0.5041330060921609, 0.5042021297849715, 0.5040653310716152, 0.5041115409694612, 0.5040644682012498, 0.5046259891241789, 0.002560105174779892]

the output ^ no evidence of pre-fetching or buffering/caching here

get rekt vendor

oops i left out the ''.join in the data generator but whatever

The Harvard Pandemic Policython is an online competition August 28-30 for anyone to write proposals for policy-based solutions to today's most pressing challenges. Over the course of 48 hours, policython competitors, in teams of three to five members, will hear from community partners, federal agencies, and international organizations, receive guidance from leading academics whilst writing proposals, and submit their policy memos to policymakers. Policy track winners win $1000 each. Learn more and apply at: https://policython.com/.

i want to start python ai with tensorflow
but which point i should start?

or any suggesttion of good yt channel or website

i'm making a "tool" similar to ngrok (a proxy), and on the echo server i tried to open 2 sockets, one to connect to the main server of the proxy, and one to connect to the normal server that should connect to some client via the proxy

but i can't open 2 sockets in 1 program apparently

how do i circumvent this?

a simple explanation of what i'm making would be

SERVER <----> ECHO-SERVER (on the server's pc) <----> MAIN PROXY SERVER (the one that has to be reachable) <----> ECHO-CLIENT (on the client's pc) <----> CLIENT

i'm making this because i need to be able to connect the server and the client together but they're not exactly reachable, so i need something to forward the messages, i used to use ngrok but its links are temporary and not always the same, which are requisites for me [also please ping me when you answer]

Why does it not work
from telnetlib import Telnet
tn = Telnet('192.168.86.166')

@rugged fiber open cmd and type ipconfig and check your ipv4 ip address i'm guessing you just got it wrong lmao

192.168.86.166

?

thats what it returns and im on linux running ifconfig

yeah then idk what's the problem lmao

i also know nothing about telnet though

Hi guys

I had been trying to create a chat app but it is not working when I use 2 different machines

It says that the server took too much time to respond

Please help

@thorny dove Without knowning anything of your code ... first, check that your server isn't bound and listening on localhost or 127.0.0.1 ... those addresses are local to the machine only. If you want, you can bind the server to your local IP address or to 0.0.0.0, which is all routable IP addresses on the host.
Second, verify that you don't have a local firewall (OS or AV) that is blocking the port that you are trying to listen on (this is very dependent on OS so I can't offer any better generic advice).
In addition, you will have to point your client code to the actual IP address of the server (you can't use 0.0.0.0 on the client).
If you are trying to communicate over the internet, you have to set up port forwarding on your router to enable this and then point the client to the PUBLIC ip address of the server.
If you are hosting the server in the public cloud, you will need to set up your firewall rules appropriately and likewise, point the client at the PUBLIC ip address of your hosted server.

@rugged fiber I must emplor you not to use telnet if you can avoid it. Use paramiko and SSH.

@undone gust What is the point in running this on the same service? Any reason not to make them seperate services and just avoid the issue all together?

@rain viper this question is probably better in #data-science-and-ml

wait what do you mean

services?

oh i think i understand

the main proxy server uses a couple of "protocols" to do stuff, like register new servers, new connections, close them, ask to accept said new connections, or tell the client if the server accepted or not, and new messages obviously, obviously i'm not going to integrate them in every server program that i make, so i'm going to make an echo-server that knows the protocols and handles them (the ones that it needs, that is), that stays on the same pc as the server, that way it acts as a "server", it can talk with the main proxy server using its protocols, and then it just forwards everything back and forth

if you just send data to the server it doesn't do anything, you have to send 1 byte with the action id (for example new message), then send the message as you would usually

@vernal surge

@undone gust I think tcp sockets are bound to the thread, so I think you could probably just open up a few threads to do what you are wanting to do. In your case, using some real mutex guarded action to communicate between threads is advised lol

what's a real mutex guarded action

also so all i have to do is instead of opening the sockets in the main thread i should do it in another thread? that's easy, especially since i use 1 thread per socket anyway in the echo-server

ah, they are called "thread locks" in python

ok i'll google it

thanks for the help bro, i'll tell you if it works

👍

Hey @thorny dove!

Hey @thorny dove!

Can someone recommend a good tutorial on creating a scalable website using microservice tech (ex: docker, kubernetes, etc)?

I'm actually interested in that too

since I'm considering some microservices action myself at the moment

You create a container, tell Kubernetes to deploy it behind a load balancer with multiple instances

well that's what i've been reading but I want to find a tutorial where someone creates an api gateway that is in a container that can talk to an auth server to authenticate the requests and link to other services

right now i am looking at express-gateway.io

more complex then you need

but something like that

ive spent 6 months on a flask server and it got to the point where the code base was so bulkly that I am scrapping the whole thing for something more scalable and better

it wasn't some small website portfolio

ok

so build API

this is all APIs for SPAs

if you have Flask, it's likely not to work with Microservices

if you have a python microservice then you'd use flask, node then express, and so on

what.....

they would all be in docker containers

not sure why you would use flask vs other REST API stuff like FastAPI or other language offerings

but you would have multiple FLASK API sites with routing engine

the framework doesn't really matter as long as it communicates with http

sure

but my point, microservices are mostly REST exchanges with each other

yeah

browser front end is generally Javascript

well for the front end I would just serve a compiled react app

Javascript

it would be completely isolated from the backend

well id use ts but yeah

and the react app would communicate with the gateway

it's Javascript

and express-gateway is fine

but I would learn whole Microservice thing before you add express-gateway middleware

ive fiddled around with docker compose so i kinda get the guist of it

kubernetes Load balancer should be able to handle right hand request routing

i just wish there was like a yt series that would explain how to do all of this

idc if it is 10 hours i just want to learn it

its all diagrams of what u need

it's not hard, you build microservices, you build containers for them (if you want), you use a load balancer to route it all

https://i.stack.imgur.com/x5sgl.png

but kubernetes isn't required

or containers for that matter, it's just most common way of doing it

ive seen a bunch of those diagrams but there isn't that much on actually building it

because it's pretty simple at basic level

yeah ik but I want to get into the lower levels

I'm giving you most low level

that is high level

reason there isn't a guide is depends on what you need on how you do it

authentication, users, databases, file systems, background jobs, etc

all of it haha

because all of those are swapable

authenication could be whatever, users could be whatever, database could be whatever (or most of REST API don't use databases)

or a combo of databases, some of them may use SQLite for caching, rest are backed with MSSQL

i mean like if you're using express-gateway, how do you link it to an auth server

microservice at it's most basic level is just REST API that are dedicated to one thing and they reach out to other REST APIs for information when they need it

that communicates to a user db

I don't use Express-Gateway so I don't know it exactly

and again, it's middleware, I wouldn't learn with it

well u will evenutually

or i will

problem with learning specific tech, is a company might use other tech, you want to know the concepts before dealing with stuff that abstracts it away

what im reading is it directs a route like /users/ to 127.0.0.1:8081

yes, that's call a load balancer, they mostly all do that

i get what they do but the way to learn it is to make them

ngnix can do it I'm sure

IIS can do it

https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/

yeah i've heard nginx is good for that

but i dont want each service to have to get the authed user for each request

it would be nice for the gateway to do that and then pass it to the service

Authentication is nice to understand

you basically get token and pass it around with each request

but then the service would have to get a user from the token

if it cares to

like id like the gateway to do all that and then just say this is the user trying to make the request

but then the questions is how do you verify that it is comming from the gateway instead of someone else

if the gateway is just routing to different ports then u cant do that

you probably restrict access to containers to gateway only

yeah

but how

Firewall?

a container will have open ports

but idk how to restrict that to only the gateway

BTW, there is system called JSON Web Tokens where you can encode data you need and each service just has to verify it

https://en.wikipedia.org/wiki/JSON_Web_Token

That's what Discord does

ik what jwt is but you can't remove access once a token is made

Token self expires

and if it's critical service, you double check it

so maybe use some sort of token for verifying a request is made from the gateway...

but not for the acutal user auth

🤦

No

bc im gonna use cookies for that

why not

You isolate the containers behind a firewall that only gateway can access

so only give the gateway public access

yes

so with docker u map ips like 80:8080

version: '3'

services:
  gateway:
    build: ./gateway
    volumes:
      - ./gateway:/usr/src/app
    ports:
      - 80:8080

like that

thats my docker-compose file

you could do ports or use networks

and volumes for what?

idk i was just following documentation

No

bad docker compose

don't do volumes

is that only for live reload

unless that's for express-gateway

it is

nevermind

lol ok

rock on with your bad self

have fun with express gateway

I've never heard of express gateway

The only gateway I've ever used in a production deployment was Kong, but that was terrible. Istio did a far better job. Nginx as an ingress I see often as well.

ive gotten express gateway to talk to an auth microservice but now im trying to figure out how to pass an authed user to another miroservice. i was thinking about setting the uid as a header in the request

@restive blaze @vernal surge

Please don't ping me at midnight...

sorry < 3

i am really confused about why the packets arent sent to the client with my raknet implementation and i only get packets from the client since ive ported everything from pocketmine’s raknet implementation (http://github.com/mfdgaming/raknetpy.git)

anyone that cna help me on sockets?

getting an issue on select.select

rdy_read, rdy_write, sock_err = select.select([self.client_sock, ], [self.client_sock, ], [], 5)
ValueError: file descriptor cannot be a negative integer (-1)
``` my issue is laying here for some reason

What? Show a minimum reproducible example

Helllo , we're trying to have a portal to host challenges over the portal all year long , does anyone have suggestions for the cheapest and easily scalable web services that we can use?

Im sorry if Im not clear, here's something that we're trying to implement , https://pwnable.tw/ -> something similar

@dusk sparrow well, that depends on what you are running. But generally, I suggest S3 (or equivalent) for static assets, and serverless functions for more dynamic things, but there are obvious break even points where serverless actually costs more than running a VM. If scalability matters more, go with a K8s offering

@vernal surge actually scalability , performance and cost effectiveness are all important

Then yes, I would go with kubernetes personally

the link that i shared does its job very effectively

https://pwnable.tw/donate/

they're hosting all the services with just that much amount

are they also using kubernetes only?

Doubtful, those look like AWS EC2 prices