We got back from Karlsruhe. Germany is sooooo flat.
I’m still into net news! It’s the technology that powered Usenet.
Campaign Wiki has a read-only public web front end: https://campaignwiki.org/news – you need an account in order to post. If you’re interested, send me an email. Contact has all the info you need.
Usenet was conceived in 1979 and publicly established in 1980, … over a decade before the World Wide Web went online (and thus before the general public received access to the Internet), making it one of the oldest computer network communications systems still in widespread use. – Usenet
You can learn more about Usenet clients here:
slrn … pine/alpine … Emacs … lynx … tin … Thunderbird – Usenet News
The two other servers I have checked out are cosmic.voyage (Science Fiction writing) and news.tildeverse.org (Tilde Servers). If you have lynx installed, you can get a glimpse of if all:
lynx news://news.tildeverse.org lynx news://cosmic.voyage lynx news://campaignwiki.org
Cosmic Voyage also carries Tildeverse news groups and Campaign Wiki news groups.
Campaign Wiki also carries Cosmic Voyage news groups.
None of these sites are hooked up to the existing Usenet.
If you’re interested in chatting about it, I’m discussing this stuff with users xwindows and tomasino on the `#netnews` channel on tilde.chat. That’s right, we’re using IRC!
You can use IRC via a web client. I run one for you to use, if you are just getting started. More information here: Chat. For network settings use the following:
Click connect.
Once you have an account on one of the participating news server (like mine), you can also install your “leaf node” news server. It’s not a “full” server but it uses your account and keeps outgoing articles you or the other people using it together with you write, posting what you wrote and retrieving new news. In a way, using it this way it’s like other batch oriented protocols at the time: incoming mails are fetched via POP, then you disconnect, write all your mails and “send” them, but your local MTA can’t deliver the mails so they are queued.
#News
NewsTap is a powerful Usenet Newsreader for the iPad, iPhone and the iPod Touch. – NewsTap (Usenet Newsreader)
I also need to remember John Goerzen.
The quux.org public NNCP relay
The quux.org Usenet peering (over NNTP and NNCP)
Wrote myself a little fish function for reading and posting on Cosmic Voyage. Put this in `~/.config/fish/conf.d/news.fish` or the like:
function cosmic-tin --description 'Read news on cosmic.voyage'
ssh -L 3119:localhost:119 -f cosmic.voyage sleep 10
tin -p 3119 -g localhost -f /home/alex/.newsrc-cosmic
end
My `~/.ssh/config` has the user to use for cosmic.voyage which is why the ssh command up there doesn’t need one:
Host cosmic.voyage User kensanata
I should set up stunnel so that people can use NNTPS instead of just NNTP.
Campaign Wiki uses Let’s Encrypt for the certificates, and it’s managed by mod_md.
So I created `/etc/stunnel/nntps.conf` as follows:
[nntps] accept = 563 connect = 119 key = /etc/apache2/md/domains/campaignwiki.org/privkey.pem cert = /etc/apache2/md/domains/campaignwiki.org/pubcert.pem
(See below for a fixed version.)
Enable the service and start it:
systemctl enable stunnel4 systemctl start stunnel4
Test it:
gnutls-cli campaignwiki.org:563
It gives me a line to the news server! Yay!
I guess it needs to be restarted when the cert gets changed?
Adding to my `/etc/apache2/hook.sh`, somewhere: `systemctl reload stunnel4`. See below for more.
This is `/etc/stunnel/nntps.conf`:
root@sibirocobombus:~# cat /etc/stunnel/nntps.conf debug = info [nntps] accept = 563 setuid = news setgid = news exec = /usr/lib/news/bin/nnrpd key = /etc/apache2/md/domains/campaignwiki.org/privkey.pem cert = /etc/apache2/md/domains/campaignwiki.org/pubcert.pem
For my Apache setup: I let it handle Let's Encrypt. That is to say, the site config file starts with this line:
MDomain campaignwiki.org www.campaignwiki.org chat.campaignwiki.org talk.campaignwiki.org
There's an Apache config file that has these two lines:
MDCertificateAgreement accepted MDMessageCmd /etc/apache2/hook.sh
And the hook shell script reloads stunnel when the new certs are installed:
#!/bin/bash
domain_dir=/etc/apache2/md/domains
if [ -z "$2" ]; then
echo Needs event and domain, e.g. hook.sh installed alexschroeder.ch
exit
fi
event="$1"
domain="$2"
if [ $event == "installed" ]; then
# Possibly reloading once for every domain in very short order? 🤔
service apache2 reload
if [ $domain == "alexschroeder.ch" ]; then
echo "Regenerating monit's .pem file..."
cat $domain_dir/$domain/*.pem > /etc/ssl/localcerts/alexschroeder.ch.all.pem
systemctl reload monit
elif [ $domain == "campaignwiki.org" ]; then
echo "Importing certs for prosody..."
cat $domain_dir/$domain/privkey.pem > /etc/prosody/certs/campaignwiki.org.privkey.pem
cat $domain_dir/$domain/pubcert.pem > /etc/prosody/certs/campaignwiki.org.fullchain.pem
chown prosody:prosody /etc/prosody/certs/*.pem
systemctl reload prosody
echo "Importing certs for ngircd..."
cat $domain_dir/$domain/privkey.pem > /etc/ngircd/key.pem
cat $domain_dir/$domain/pubcert.pem > /etc/ngircd/cert.pem
chown irc:irc /etc/ngircd/*.pem
systemctl reload ngircd
echo "Reloading stunnel..."
systemctl reload stunnel4
fi
echo "Granting permissions to the ssl-cert group..."
chmod g+r $domain_dir/$domain/*.pem
fi