MadaMada
@madamada@snac.void.my
SysAdmin with a simple life..interested in FOSS, FreeBSD, Linux, IPv6, cloud stuff and whatever things that come along the way I find interesting..
MadaMada
@madamada@snac.void.my
please list and/or tell me about every ActivityPub software which is excellent for running a single-user instance!
boosts desired! 
Installing xorg on #freebsd
Alt...
Thinkpad laptop
#FreeBSD15 has an updated blocklistd daemon thanks to efforts from jlduran@ with help from emaste@ & myself, imported from NetBSD https://github.com/zoulasc/blocklist
Blocklistd is an additional hook into sshd from OpenBSD, that tracks failed attempts. It now blocks on failed usernames as well.
I added a small notification 
to the script and get a very satisfying notification every time one of my servers bans a crawler.
I should also extend this so that it handles more than just ssh, but also links into our web crawler detection tooling.
I also want to extend this script so that getting a ban one on server gets you a block on all of them :)
#FreeBSD15 I block these spammers for a week atm.
blocklistd allows you to specify the number of failures before you block (I set this to zero for immediate block) and the duration before the firewall rule is cleared.
As there is also an allowlist for my trusted networks, I’m never at risk of being locked out.
As I roll out 15.0-BETA3 I am also enabling this too. At some point the notifications will be annoying but right now it’s a great deal of satisfaction, hearing them trickle in every couple of hours.
Alt...
a list of notifications from servers of blocked IP ranges.
@dch Good thing to have an easy integration for that. Does it allow to block ranges as well? For IPv6, I usually block the whole /64, as these v6 is assigned in these blocks and even for v4 I am blocking /24 because most (=almost any) of this traffic comes from poorly managed hosters/cloud ranges or dial-up ISP ranges...
@derherrfreitag it would be a trivial charge in https://cgit.freebsd.org/src/tree/libexec/blocklistd-helper/blacklistd-helper?h=releng/15.0 to use a larger mask. But by default it blocks bad IPs not networks.
@dch doesn't crowdsec have modules for blocking both web traffic and ssh stuff?
@esoteric_programmer yes they do also but you are required to trust their systems and share your data with them, it’s not always a win for privacy vs security.
@dch I know postfix is supporting blocklist but what else? I could extend blocklist from only ssh to a wider set of services
@meka ideally I would be able to use blocklistd from external tools, specifically haproxy.
As haproxy has our TLS private keys, it can see inside the URL and query parameters to see what HTTP agents are used, or if we're being probed for SQL injections or wordpress vulns (we don't run WP so thats definitely malicious), and hand that over to blocklistd to perma-ban them.
atm blocklistd has a hard requirement on having access to the incoming file descriptor, and it would be a generally much more useful tool if it had some functionality to at least be able to add & remove externally supplied IP addresses into its database, perhaps extending blocklistctl in some way, or allowing some /dev/blocklist where members of the appropriate UNIX group could insert, query, or remove entries.
@dch I wanted to do the management commands for it years ago. I will have to check my GitHub, maybe I did something. I know I have some dummynet integration from few years back.
What's the difference between this and the existing UseBlacklist in SSH ?
Also, does blocklistd have a retention period before clearing the lists ?
@madamada yep it was renamed upstream in between last FreeBSD releases. jlduran has added the necessary plumbing and release notes so that it should work without config changes but also remind you to update to the new names.
@dch could I inject IPs to block from lua code in nginx? Does it space out the changes in pf (assuming pf is supported) so we don't spend all our time in pf locks when thousands of IPs are added in a split second? Asking for a friend ;)
@ltning atm no and no.
blocklistd‘s current api requires passing the FD in and blocklistd uses that to find the culprit src IP directly.
its a standard pf table insert via shell script https://cgit.freebsd.org/src/tree/libexec/blocklistd-helper/blacklistd-helper#n180
Made my FreeBSD server at Netcup ready to host multiple isolated applications with automatic https via Let's Encrypt.
Internet → Server → PF firewall → Caddy jail (reverse proxy) → Individual application jails
Each app gets its own isolated jail for security, while Caddy handles all the routing and https. PF keeps the front door locked.
All of course with IPv6 first, where every Jail has it's own public IP address and using NAT for legacy IPv4.
Love how FreeBSD jails make this kind of segmentation so elegant.
#FreeBSD #Jails #SelfHosting #Caddy #ipv4
Alt...
Traffic flow diagram
@Larvitz how did you get public IPv6 in the jails? Were you able to get that working with the /64 you were assigned or did you need to get more? I've struggled with IPv6 and Netcup, and it seems others have too so I'm just curious
@noexec I did carve out a /80 subnet from the /64 and use that for jails. Not elegant but it works.
For some older Jails, I still use ULA addresses (fdXX) and NAT
I want to move away from YouTube Music.
What open source music player are you using on Android?
@daniel Not exactly moving away from YouTube Music, but with OpenTune you at least don't need to pay them or have an account.
@daniel I dont have Android or iOS, but I installed Jellyfin/Sailfin. ;-)
Works good, if you have your own mp3s at home stored.
@daniel I use Ultrasonic which streams from the with the "Music" app on my Nextcloud server. The Nextcloud music app supports both Subsonic and Ampache protocols.
Link: https://f-droid.org/packages/org.moire.ultrasonic
@daniel Not sure if that counts as a music player in your sense. I use
Tempo
https://f-droid.org/packages/com.cappielloantonio.notquitemy.tempo
@daniel None. I don't use any streaming junk. My music is on vinyls, 8-tracks, tapes, bands, CDs and similar things instead of being online. Yes, it may be old-fashioned and at times less practical, but my music played that way has something that the online "high-quality-umpa-umpa" lacks: soul.
@daniel https://f-droid.org/packages/com.poupa.vinylmusicplayer is pretty and has many functionalities.
@daniel Falls du eine Nextcloud Instanz betreibst: https://www.kuketz-blog.de/mp3-streaming-unterwegs-mit-der-nextcloud-music-app-nextcloud-teil-5/
Join & create SimpleX groups!
The directory can now be viewed on our website: https://simplex.chat/directory
@simplex is it supposed to be empty though
@simplex Gladly but I can't. I can't even chat with people because there's a nasty bug with the latest 6.4.5 app version on android.
The keyboard is popping up and hiding constantly on its own like a crazy. There's no way to stop that from happening else than fully reboot the phone. Tested on few different keyboards, few different devices with same results. The app is unusable in such state. Often I can't even login in. That's not good at all! Please fix the issue ASAP!
V.6.5 still had the bug.👎
Well.. got #steam working on #FreeBSD. Not sure how to solve the /compat/linux/dev/shm thing automatically but it's downloading the games.
Alt...
A picture of my i3 desktop running Valve's Steam client on the left-hand side of the screen which is downloading Portal 2 and Skyrim. On the right-hand side is a terminal window with fastfetch text showing the system is running FreeBSD 14.3-RELEASE-p3.
Outcome of testing #Steam on #FreeBSD:
1. Downloading and installing games was painful. Steam would crash with some monitor file descriptor assert error. I had to start Steam multiple times to install a game
2. Running games is impossible:
"lsu-bwrap-stub.rb: Bubblewrap doesn't work on FreeBSD. Select LSU chroot or Legacy Runtime in the game compatibility settings"
Selecting Legacy Runtime made Portal 2 run but the graphics are all messed up and stuttery.. setting graphics to 1920x1080 made the game and Steam crash out. Why back in and getting loads of graphics corruption.
Skyrim didn't run at all no matter what I tried.
Sadly this experiment didn't go well.
It's not quite there yet..but it's getting there bit by bit..
Hopefully FreeBSD 15-RELEASE will be an upgrade to all that..
Hey #FreeBSD friends: Is there some kind of severe rate/connection throttling in base sshd? I was able to connect once and then since then, it hangs. Off I telnet to port 22 I do get a banner but the key exchange just hangs and I get a connection reset after a while.
Am I better off disabling the base sshd and install openssh server?
Netgate sponsors the modernisation of the FreeBSD variant of pf(4)
FreeBSD 15.0 is expected to bring noticeable improvements to its pf(4) variant. This will also benefit pfSense and OPNsense.
5 days to go!
Secure e-mail stack with OpenSMTPD, Rspamd, Dovecot – on FreeBSD.
#EuroBSDConAdvent #EuroBSDCon #BSD #FreeBSD #OpenBSD #NetBSD #DragonFlyBSD #ZFS #PF #RunBSD
@stefano 5 days to go until what?
Re Zimbra, I think it lives on as Carbonio developed by your own paesani at Zextras. There's commercial support available, too.
@Nux It's the EuroBSDConAdvent calendar, so 5 days to EuroBSDCon 🙂
Zimbra is still Open Source, they just don't provide the builds anymore - but you can build it yourself.
Carbonio is another software - a Zimbra fork.
@stefano Oh, how lovely, have a nice time there! Hope to catch up with the slides and recordings, would love to come in person at some point.
Re Zimbra, I think it lost a lot of credibility when exchanging so many hands. My gut prefers Zextras atm.
@Nux I agree, all those ownership changes didn't look good at all. More, they seem more oriented towards providing software and services to "the big cloud players" so they're not focused on self-hosting anymore. And it's a shame.
About Zextras - I've very good reasons to avoid dealing with them. This could be one of the future horror stories on my blog...
@stefano what about fail2ban for your mailserver setup to prevent constant mailserver requests with different passwords?
@drheho This article just covers the basics - of course, the server should be hardened, both at firewall level (limiting the requests, connections, etc.) and using solutions like fail2ban. But I didn't want to go too deep.
@stefano would it be possible to maybe see an advanced server tutorial/dokumentation sometime which addresses this
An alternative for those that want the heavy lifting done automatically can checkout iRedMail
I don’t understand the value of consumer VPNs. Can someone explain it to me?
We do pretty much everything over SSL these days. Definitely everything that matters. That provides confidentiality, so network intermediaries can’t see the data, and server authentication, so they can’t impersonate the server.
Yes, DNS is the exception, it’s not encrypted, but more and more browsers and other user agents are building in DoH and DoT, and even enabling it by default.
So, given all that, what do general purpose VPNs add? What am I missing? Are they just security theater marketing? Or do they bundle other security features like anti-malware etc, and the term “VPN” now means a bundle of miscellaneous endpoint security features, like (shudder) anti-virus used to?
Want to watch a streaming tv series but it's not available in your region, a VPN can help..
In countries like China where most things are blocked, how do you access say, Youtube ? A VPN..
And the lists goes on..
A VPN used to be a thing that links two or more networks together..oh how much it has grown..
I use it all the time when I am on a public network..simply because I trust my own network more..
For the FN Keys, it seems only the volume keys work 😞
For Wifi, 2.4G works, associates quickly.. but for 5G with the same passphrase, it tries to associate and fails 😞
But no worries, just trying this out to see what works and what doesn't..
@madamada when xlibre?
@madamada here is the NYC*BUG dmesgd page for your laptop. Perhaps you may find helpful information among the entries:
https://dmesgd.nycbug.org/dmesgd?do=index&fts=Thinkpad+T480
git
tayga
make/gcc compiler
a NAT64 service running on your local network (Tayga/Jool)
mkdir staging
cd staging
git clone https://github.com/apalrd/tayga.git
cd tayga
make
make install
cat /etc/tayga.conf
tun-device clat
ipv4-addr 192.0.0.2
ipv6-addr 2001:db8:feed::65
map 192.0.0.1 2001:db8:feed::64
prefix 64:ff9b::/96 # NAT64 prefix
Replace 2001:db8:feed with your /64 GUA prefix.
You can use Cloudflare's 2606:4700:4700::64 as the DNS4 resolver.
#!/usr/bin/env bashExample output should look like this:echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
echo 2 > /proc/sys/net/ipv6/conf/eth0/accept_ra
echo 1 > /proc/sys/net/ipv6/conf/eth0/proxy_ndpip neigh add proxy 2001:db8:feed::64 dev eth0
ip neigh add proxy 2001:db8:feed::65 dev eth0tayga -c /etc/tayga.conf --mktun
ip link set dev clat up
ip addr add 192.0.0.1/29 dev clat
ip route add default dev clat mtu 1260
ip route add 2001:db8:feed::64/127 dev clattayga -c /etc/tayga.conf
root@skully:~# ip a s dev clatEnjoy 🙂
5: clat: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 500
link/none
inet 192.0.0.1/29 scope global clat
valid_lft forever preferred_lft forever
inet6 fe80::cbdf:afeb:7379:bd0a/64 scope link stable-privacy
valid_lft forever preferred_lft forever
root@skully:~# ping -c 3 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=52 time=13.0 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=52 time=16.6 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=52 time=13.7 ms--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 13.008/14.429/16.557/1.532 ms
Plasma 6 on #FreeBSD simply reboots the machine after an hour or so. Nothing heavy running on the machine. Sadly no logs, core files etc. just reboots. Don't have the energy to look into this now. Sadly, the desktops are all Linux first and bring in a lot of Linuxisms. I used to use i3 earlier but these days I don't want to tweak config files. GNUstep? Lumina?
My choices are XFCE or LXDE. Both are lightweight and serves my needs. For me, I look at the programs that are must have's regardless of either DE or WM, which are quite minimal..
A terminal, browser, media player, torrent client, pdf reader, file manager, editor, and a screenshot program.
Most of my time is spent in the terminal..
The perfect DE/WM for me are the one's where you rarely have to mess around with that much. It should just work and not get in the way of you spending that time on productive/leisure things that matter most.
@madamada agreed. I wouldn't call xfce lightweight though. last I checked, a fresh empty plasma desktop weighs only slightly more.
Unlike VMs my #FreeBSD #jails don’t need a ssh server. I just connect to the host and pass tmuxjail.sh <jailname> to log into each one.
https://gist.lema.org/santiago/6384991f0ad447cca4327af6935e469c
@madamada Yeah it’s not necessary most of the time unless you have to give access to someone who doesn’t also own the host machine.
It’s one case where the default influenced my behavior. My default LXCs in proxmox come with sshd by default and jails did not so I adapted.
In my case all VMs are in a VLAN at home and only the remote frontend can hit them with http(s) via a tunnel so having a ssh service or not doesn’t matter much as it’s not reachable from the outside.
I’m going to be running an experiment… I’ll turn off the archaic IPv4 stack on my home network.
No NAT64.
How long will I last?
- - -
Je vais faire une petite expérience… je vais désactiver l’archaïque pile IPv4 sur mon réseau domestique.
Pas de NAT64!
Combien de temps je vais l’endurer?
| <1 day/jour: | 0 |
| 1 day/jour – 1 week/semaine: | 0 |
| 1-2 weeks/semaines: | 0 |
| >2 weeks/semaines: | 0 |
So, the answer: 1 day and 8 minutes.
Things got progressively worse as the day went on. This morning, I still had bidirectional messaging (SMS/MMS). Now, I can only receive messages, not send any (mobile service is unreliable at my place).
Also, I don’t have email anymore.
- - -
Donc, la réponse: 1 jour et 8 minutes.
Ça s’est détérioré au cours de la journée. Ce matin, j’avais encore les textos bidirectionnels. Maintenant, je ne pense que les recevoir, pas en envoyer.
I will note that some news services like CBC are unavailable unless you know French.
It felt zen not to read news 😁
- - -
Je noterai que certains services de nouvelles comme Radio-Canada étaient indisponibles à moins de connaître le français.
C’était très zen de ne pas lire l’actualité 😁
@EdwinG can your try again with https://gitlab.com/miyurusankalpa/IPv6-dns-server or https://codeberg.org/IPv6-Monostack/delegacy-rpz
For lot of websites IPv6 can be forced.
So this binds to [::]:53 ? I would like to use this along side Unbound if possible..
I don’t usually promote personal projects here, but I’ll give it a try.
Meet Tocaia, a minimalist, cross-platform TUI Gopher client written in C89 for POSIX systems.
It even supports Haiku.
Pull requests and bug reports are welcome! =)
https://github.com/manipuladordedados/tocaia
#gopher #TUI #haikuos #FreeBSD #NetBSD #OpenBSD #smolweb #retrocomputing #programming
@xinqu it would be helpful if it was explain why not and what were the problems encountered.
@EF Of course, and I really wish I had more time for that. But at the moment, I need a laptop that "just works" so I didn't spend much time troubleshooting.
What I remember: WiFi works, but only occasionally - one time the WiFi-Interface is "UP" but has "no link" (according to dhclient). After the next reboot, everything is fine.
X works (I tried to no-Wayland variant)! But when I close the lid and open it again, the Laptop is 'bricked' Blank screen, does not react to anything (CTRL-ALT-Fx e.g.). This was the main reason I gave up.
I choose xfce: No battery indicator, no backlight control (although the cli command `backlight` worked!). Maybe there were just a few xfce-packages missing - but I had no experience with xfce so I didn't know where to look for solutions.
I'll buy the same laptop again soon, because I can get them very inexpensive at the moment and it works perfectly with Fedora. Then I have a backup and I can try again with #FreeBSD
The FreeBSD Foundation has allocated efforts to improve this now, so time will tell..
I'll probably wait for the next 2-3 years and come back to check on things again.. Until then, I'll stick to what I use now or I'll probably just install some flavor of Linux and be done..
So as a "normal" #FreeBSD user, you can't run pw user mod -s /usr/local/bin/bash yourself but you can chsh -s /usr/local/bin/bash yourself. I don't see the coherance here.
Yes, chpass is '+s' when pw is not. But I still have difficulty understanding -1- the reason for pw to exist when other commands already do and -2- why not applying the same kind of permission to both command(s set).
See man pw(8), chsh(1) for more details.
OVH VPS is limited with only one IPv6 so I can't run FreeBSD jails with each an IPv6. Too sad.
Contabo VPS have an IPv6 /64 but I can't get it to work with FreeBSD (Linux works). Too sad.
I have to find a VPS provider with similar cost than OVH or Contabo which works with FreeBSD.
@madamada Currently without any jail, IPv6/64 on Contabo VPS does not work with default router address in /etc/rc.conf: ipv6_defaultrouter="fe80::1%vtnet0"
(See https://forums.freebsd.org/threads/cant-get-ipv6-working-reliably-on-contabo-vps-freebsd-13-1.87611/post-712140 for further information)
![[?]](https://media.mstdn.io/mstdn-media/accounts/avatars/000/075/187/original/2110d7d986acdcb9.jpeg)
![[?]](https://snac.void.my/madamada/s/avatar-db29b53530cce56ebd89a06f3456f9e4.png){kind=avatar}
![[?]](https://ftp.ieji.de/accounts/avatars/115/332/811/659/342/276/original/2cbbfed6d5735efe.png)
![[?]](https://media.bsd.network/accounts/avatars/000/026/574/original/5af518149372faf1.jpeg)
![[?]](https://bonn.social/system/accounts/avatars/108/137/685/316/728/644/original/10d7e759e512473a.png)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/112/919/932/844/981/125/original/a0f0c89808997d9c.jpg)
![[?]](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAEAAAABAAQAAAACCEkxzAAAAUUlEQVQoz43R0QkAMQwCUDdw/y3dwEvsvzlL4X1IoQkAisKmwfAFT3RgJHbQezpSRoXEqeqCL9BJBf7h3QbOCCxV5EVWMEMwG7K1/WODtlvxAYTtEsDU9F34AAAAAElFTkSuQmCC)
![[?]](https://media.bsd.network/accounts/avatars/000/011/717/original/579dcbe9e0c23d23.png)
![[?]](https://pleroma.anduin.net/media/e42775318fd38a77b2c02300192e27e61861443424849feef9767918512fac8b.png?name=blob.png)
![[?]](https://media.mas.to/accounts/avatars/109/305/338/648/131/404/original/ad5cf0a1596fb5ce.jpg)
![[?]](https://masto.a0s.de/system/accounts/avatars/109/263/940/627/736/113/original/58b4b65023dea9bb.jpeg)
![[?]](https://ipv6.social/system/accounts/avatars/109/267/917/602/685/335/original/1cc9d1e32a1c6faa.jpg)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/115/276/840/417/131/111/original/507e2134cf9f2a8d.webp)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/114/297/956/004/654/172/original/0c0e93c4f253d08b.jpeg)
![[?]](https://gultsch.social/system/accounts/avatars/109/251/109/761/754/612/original/d92faa645be2333a.jpg)
![[?]](https://cdn.fosstodon.org/accounts/avatars/109/035/999/535/260/675/original/cb18ad025824e166.png)
![[?]](https://m.efg-ober-ramstadt.de/system/accounts/avatars/110/956/815/833/792/009/original/66451239db266fb6.jpg)
![[?]](https://files.mastodon.social/accounts/avatars/001/079/171/original/ddd098f4a1bf4690.jpg)
![[?]](https://lavraievie.social/system/accounts/avatars/108/198/855/828/223/610/original/c91eec52d6ca3eb3.jpg)
![[?]](https://files.mastodon.social/accounts/avatars/000/287/033/original/50e3c65a9c6a635e.png)
![[?]](https://metroholografix.ca/system/accounts/avatars/113/693/497/687/169/085/original/1c93c78540d71a29.png)
![[?]](https://media.mstdn.io/mstdn-media/accounts/avatars/000/318/571/original/273bb2d9a7b69745.png)
![[?]](https://files.mastodon.social/accounts/avatars/000/151/413/original/04587857c9d8fb19.jpg)
![[?]](https://media.ua-fediland.de/accounts/avatars/113/642/466/675/126/401/original/39447e3629cc09a5.png)
![[?]](https://hannover.town/system/accounts/avatars/109/751/468/645/331/932/original/850524210dacdf88.jpg)
![[?]](https://fedifreu.de/system/accounts/avatars/112/894/204/864/701/341/original/16779b35811b3720.png)
![[?]](https://toot.matereal.eu/system/accounts/avatars/000/000/001/original/ea2fa926b133b85a.png)
![[?]](https://media.kanoa.de/accounts/avatars/112/644/276/445/380/748/original/d63a4d1b29f9a4f1.jpg)
![[?]](https://cdn.masto.host/dudosocial/accounts/avatars/114/604/037/106/587/361/original/d21e2f7ce4d1633a.png)
![[?]](https://files.mastodon.social/accounts/avatars/108/619/463/746/856/738/original/2d1391dfa52efde1.png)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/114/417/949/389/036/581/original/2b177cf56b4aa323.jpeg)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/113/673/890/154/879/794/original/b86b9e9e718d3233.jpg)
![[?]](https://social.heise.de/system/accounts/avatars/112/881/119/160/228/266/original/baf7ad72ec92f728.jpg)
sysop ![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/110/740/169/477/916/693/original/dfa8f1b9beefa405.png)
![[?]](https://cdn.fosstodon.org/accounts/avatars/109/295/874/696/581/372/original/acad72cda733fbce.png)
![[?]](https://files.mastodon.social/accounts/avatars/109/309/109/893/059/057/original/1208ebc371b53f10.png)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/114/439/967/181/871/365/original/9c94f4a4076e444d.jpg)
![[?]](https://snarfed.org/ryan_profile_medium.jpg)
![[?]](https://mitra.social/media/6a785bf7dd05f61c3590e8935aa49156a499ac30fd1e402f79e7e164adb36e2c.png)
![[?]](https://media.fedi.my.id/pglx/accounts/avatars/109/295/775/342/065/475/original/fcb607924cf5851f.jpg)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/110/756/096/859/935/506/original/90f3df31d8a07d56.png)
![[?]](https://files.mastodon.online/accounts/avatars/000/031/889/original/b8c911c64aee8826.png)
![[?]](https://social.mkj.earth/system/accounts/avatars/111/473/009/011/879/066/original/d16bfb0f7e7efe1b.png)
![[?]](https://gone.lema.org/fileserver/01AGG3YT2F4M3S9YGAKRQAP768/attachment/original/01K2QJ616KA8K531FV56FRH7A3.png)
👾![[?]](https://mstdn-media.moimeme.ca/accounts/avatars/112/839/198/878/411/686/original/5d2418cebf5a7279.png)
![[?]](https://mastodon.sdf.org/system/accounts/avatars/108/110/544/204/050/244/original/ede5b9e75b684337.jpg)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/114/659/248/674/846/907/original/9f72973d3202d97c.png)
![[?]](https://gts.tumfatig.net/fileserver/01FJ093H6Y5VGN20G998J7KN1M/attachment/original/01JZTJV1P9RVJ502PCXKN68R1F.jpeg)
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/114/619/469/034/785/231/original/12584f88ce171a79.png)