Thanks. Hope you like it.

Thanks. Just a small correction. The API isn’t really REST, it’s REST-ish but probably closer to JSON-RPC.

Hope you like it.

That could be, but I don’t think that it should be relied upon. The shortener itself can execute malicious code, so that kind of security is, in my opinion, essentially theatre. I’d just say that don’t click on links that you don’t trust.

This project is for own use/use with friends/family/internally in an org etc., where trust isn’t an issue. Of course, I cannot stop anyone from using it in any other way that they see fit. It can help shorten annoying long links for ease of sharing, but that’s it.

It seems that I’d still need to modify net.ipv4.ip_unprivileged_port_start=80 in sysctl, which I don’t want to do. If I do it, the socket isn’t even strictly necessary.

Just a couple of friends use it. But I’d like to use this as a learning opportunity and do it the proper way. It seems that if I turn of masquerade in general, and use firewalld fine-grained rules to enable it when I actually need it, I might be able to achieve what I want. I’ll post an update to the original post if I can get it to work.

This is interesting. I need to figure out how it works for podman and it’ll be the perfect setup.

I think it’s the masquerade that’s causing problems for me. I have to keep it enabled since I’m running a tailscale exit node. But maybe I can selectively disable it here.

But that just makes most ports unprivileged. That is a solution, but less preferred than my current one.

I mentioned in the post that it seems to make the client IP opaque to caddy.

শুনে ভালো লাগলো যে এটা কারো চোখে পড়েছে। নয়তো সবাইকে বোঝাতে হয় কি নাম, কেন নাম। আসলে বাঙালী প্রোগ্রামার খুব বেশি চিনি না।

I’m happy that you like it. Any kind of analytics or logging is decidedly against my stated policy for this project, so I won’t be adding it. But I understand that some might need it, and in that case, one should look at more comprehensive solutions like YOURLS.

It’s just a way to advertise, I think. I’ve found myself putting more trust in projects written in Rust or Go, than say, JavaScript.

Hmm, so that might be out of scope here. But I can try to do some kind of 2FA, shouldn’t be much of an issue, really. It’s just that I never thought a link shortener needed 2FA protection since the links will be publicly shared anyway.

I don’t understand much about OIDC either. But I’ll keep it in mind. Thanks.

Unnecessary to me, I guess.

Thank you for the kind words.

Won’t lie, the main reason that I stuck to a vanilla frontend approach is because I didn’t know what else to do. I’ve never been a frontend dev, and never wish to be one. So I looked at an older project, and started by trying to replicate it. In hindsight, it was probably a good decision. The backend is more intentional though, and I do try to keep things simple and clean.

I’m already aware of a few small UI oddities. There were quite a few changes in the frontend, so I kind of expect these. Please let me know if you see anything weird. You can comment here, or open a bug report. I expect to do a patch release by tomorrow.

deleted by creator

It was just a matter of setting the correct user. In most cases, user: 1000:1000 should fix it.