vinyl-cache/code.vinyl-cache.org
vinyl-cache/code.vinyl-cache.org
9
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Information about this server
5 commits 1 branch 0 tags 34 KiB
Find a file
Exact
slink 70e451cb52 Mention themes
2026-03-04 16:30:12 +01:00
README.md Mention themes 2026-03-04 16:30:12 +01:00

README.md

code.vinyl-cache.org

Information about this server

Web UI

Theme

If you are a registered user and prefer different web UI colors, go to Settings / Appearance, where you can select an alternative theme. We have kept all the themes which forgejo provides in addition to the light and dark Vinyl Cache themes.

Deliberate configuration to minimize attack surface

This server configured to break and/or limit some functionality to lower the attack surface and keep abusive clients out.

The principles governing this configuration effort are to

  • allow free, anonymous public read only access to all open resources,
  • accept compromises regarding performance for anonymous access where justified, and
  • not limit functionality for legitimate users, or only as a last resort.

If you are a legitimate user and experience issues, please reach out via mastodon or email slink at uplex with a u dot de.

Following is an overview of configuration aspects which might be relevant

Caching for anonymous access

Content served for anonymous access is getting cached quite aggressively, with the exception of the HEAD object of git repositories.

The effect to the user is that updates become visible with a (substantial) delay. This also affects RSS feeds in particular.

Depending on feedback we might revise cache TTLs, but they will not go away.

Feel free to open an issue if this impacts you in a particularly relevant way.

GIT access via HTTPS

  • pushing via HTTPS is not supported. Use ssh.
  • HTTP Authentication is not supported. Use ssh.
  • The Smart Protocol is deliberately disabled, because the dumb protocol has a substantially smaller attack surface. Superficial tests seem to suggest that, for our setup, the dumb protocol is not slower in any relevant way.

URLs

  • URLs get sanitized and if you request a non-canonical URL, you might receive a 301

Cookies

  • Cookies receive an extra signature and enforced expiry. If, as a logged in user, you experience issues, please clear cookies. If that does not help, open an issue.

Who is welcome and who is not

We welcome all human users with a genuine interest in Vinyl Cache, but if you are a machine of any kind or a human interested in exploitng FOSS, we want you to stay away and we might implement counter-measures to make sure you understand this message.

Invitations

If you are a genuinely interested human, we welcome you to register an account. In order to avoid massive moderation efforts, we implemented an invitation feature, such that a special link is required for account registration.

If you need the invitation link, please reach out to an existing user and ask them to check Settings/Invitations.

To all existing users: Please help keep the bots out! and be very considerate where you share invitation links.

If this method fails, we might be forced to further restrict means to gain access.