### Example WebDAV Configuration Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/integrations.md An example of a WebDAV integration configuration, showing how to fill in the details for a Nextcloud instance. ```yaml integrations: - provider: webdav id: fLAME8YBm5uFJ89GKRAFkGjk7hJw0heow045kfhc name: Home Nextcloud address: https://home.example.com/remote.php/dav/files/user42/ username: user42 password: password4242 ``` -------------------------------- ### Install rmfakecloud-proxy on reMarkable 1 & 2 Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/remarkable/setup.md Download the installer script, transfer it to the device via SCP, and execute it to install the rmfakecloud proxy on reMarkable 1 and 2 devices. ```shell scp installer-rm12.sh root@10.11.99.1: ssh root@10.11.99.1 chmod +x ./installer-rm12.sh ./installer-rm12.sh install ``` -------------------------------- ### Install rmfakecloud-proxy on reMarkable Paper Pro & Paper Pro Move Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/remarkable/setup.md Download the installer script, transfer it to the device via SCP, and execute it to install the rmfakecloud proxy on reMarkable Paper Pro and Paper Pro Move devices. ```shell scp installer-rmpro.sh root@10.11.99.1: ssh root@10.11.99.1 chmod +x ./installer-rmpro.sh ./installer-rmpro.sh install ``` -------------------------------- ### Install Helm Chart Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/helm.md Install the rmfakecloud Helm chart using the provided Helm command. Ensure you have configured your variables in `values.yml`. ```bash helm install myrmfakecloud . ``` -------------------------------- ### Create User using kubectl Source: https://github.com/ddvk/rmfakecloud/blob/master/helm/templates/NOTES.txt This example demonstrates how to create a user for the rmfakecloud application. It first identifies a running pod, then executes a command within that pod to set the user, and finally restarts the pod to apply the changes. ```bash export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "rmfakecloud.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") kubectl exec $POD_NAME -- /rmfakecloud-docker setuser -u ddvk -a kubectl delete pods $POD_NAME # Restart the pod ``` -------------------------------- ### Install and Configure rmfakecloud Proxy via toltec Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/remarkable/setup.md Use toltec to install the rmfakecloud proxy and set the upstream URL. The URL must match the server configuration's STORAGE_URL. ```command opkg install rmfakecloud-proxy rmfakecloudctl set-upstream rmfakecloudctl enable ``` -------------------------------- ### Clone Repository and Build rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/source.md Clone the rmfakecloud repository and build the binary using make. Ensure you have Node.js, pnpm, Go, and make installed. ```sh git clone https://github.com/ddvk/rmfakecloud cd rmfakecloud make all ``` -------------------------------- ### Manual Setup with TLS Key and Certificate Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/remarkable/setup.md Configure rmfakecloud to use specific TLS key and certificate files for HTTPS connections and set the STORAGE_URL to a local address. ```shell TLS_KEY=proxy.key TLS_CERT=proxy.crt STORAGE_URL=https://local.appspot.com ``` -------------------------------- ### Create Git Repository of Tree History Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/diff-sync.md Generates a git repository from a `.root.history` file to track tree modifications. Install git before use. ```sh ./history2git15 /var/lib/rmfakecloud/users/ddvk/sync/.root.history ``` -------------------------------- ### Manually Start Xochitl with Logging Source: https://github.com/ddvk/rmfakecloud/blob/master/README.md Stop the Xochitl service and restart it manually with enhanced logging for network-related debugging. This is useful for diagnosing SSL handshake failures. ```bash systemctl stop xochitl QT_LOGGING_RULES=rm.network.*=true xochitl | grep -A3 QUrl ``` -------------------------------- ### Verify Proxy Certificate Source: https://github.com/ddvk/rmfakecloud/blob/master/README.md Check if the proxy's SSL certificate is correctly installed and trusted. This command verifies the certificate against the system's CA certificates. ```bash echo Q | openssl s_client -connect localhost:443 -verify_hostname local.appspot.com -CAfile /etc/ssl/certs/ca-certificates.crt 2>&1 | grep Verify ``` -------------------------------- ### Get Certificate Serial Number (Linux/macOS) Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/external-access.md Use this command on Linux or macOS to extract the serial number from a client certificate file. Ensure OpenSSL is installed. ```bash openssl x509 -in client.crt -noout -serial | cut -d "=" -f2 ``` -------------------------------- ### Modify Device /etc/hosts for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/remarkable/setup.md Manually edit the device's /etc/hosts file to redirect reMarkable cloud domains to a local reverse proxy. This is part of the manual setup process. ```hosts 127.0.0.1 hwr-production-dot-remarkable-production.appspot.com 127.0.0.1 service-manager-production-dot-remarkable-production.appspot.com 127.0.0.1 local.appspot.com 127.0.0.1 my.remarkable.com 127.0.0.1 ping.remarkable.com 127.0.0.1 internal.cloud.remarkable.com 127.0.0.1 eu.tectonic.remarkable.com 127.0.0.1 backtrace-proxy.cloud.remarkable.engineering 127.0.0.1 dev.ping.remarkable.com 127.0.0.1 dev.tectonic.remarkable.com 127.0.0.1 dev.internal.cloud.remarkable.com 127.0.0.1 eu.internal.tctn.cloud.remarkable.com ``` -------------------------------- ### Nginx Stream Configuration for MQTT Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/configuration.md Configure Nginx's stream module to forward TCP traffic for MQTT screen sharing. This setup is for reverse proxying MQTT connections. ```nginx stream { upstream mqtt { server rmfakecloud:8883; } server { listen 443; proxy_pass mqtt; proxy_connect_timeout 5s; } } ``` -------------------------------- ### Modify Desktop Client Hosts File Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/remarkable/setup.md Update the hosts file on Windows or Mac to redirect reMarkable cloud domains. This is necessary for desktop client compatibility when using a local rmfakecloud setup. ```hosts # Add the same entries as on the tablet ``` -------------------------------- ### Get Application URL using Helm Template Source: https://github.com/ddvk/rmfakecloud/blob/master/helm/templates/NOTES.txt This snippet shows how to retrieve the application's URL by leveraging Helm's templating engine. It conditionally includes 's' for HTTPS based on ingress TLS settings and iterates through configured hosts and paths. ```helm {{- if .Values.ingress.enabled }} {{- range $host := .Values.ingress.hosts }} {{- range .paths }} http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} {{- end }} {{- end }} {{- end }} ``` -------------------------------- ### Create PFX file and test rmfakecloud (Windows) Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/external-access.md On Windows, combine your client certificate and key into a PFX file using OpenSSL. Then, use curl with the PFX file to access rmfakecloud, which should return the normal rmfakecloud HTML response. ```bash openssl pkcs12 -export -out client.pfx -inkey client.key -in client.crt ``` ```bash curl --cert client.pfx https://rmfakecloud.example.com ``` -------------------------------- ### Configure Local File System Integration Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/integrations.md Add this configuration to your .userprofile to share a dedicated path on your local system. This is experimental and not yet suited for multiple users. ```yaml integrations: - provider: localfs id: [generate some uuid] name: [some name] path: /some/path/with/files ``` -------------------------------- ### Create First User Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/helm.md Create the initial user for rmfakecloud by executing a command within the deployed pod. This command requires the pod name, which is dynamically retrieved. ```bash export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "rmfakecloud.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") kubectl exec $POD_NAME -- /rmfakecloud-docker setuser -u ddvk -a ``` -------------------------------- ### Configure WebDAV Integration Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/integrations.md Add this configuration to your .userprofile to connect to a WebDAV service. Replace placeholders with your specific details. The 'insecure' option can be set to true to skip certificate checks. ```yaml integrations: - provider: webdav id: [generate some uuid] name: [some name] username: [username] password: [password] address: [webdavaddrss] insecure: [true/false] (to skip certificate checks) ``` -------------------------------- ### Create or Update an Admin User with CLI Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/userprofile.md Use the `rmfakecloud setuser` command to create or update a user account. The `-u` flag specifies the username, and the `-a` flag designates the user as an administrator. ```sh rmfakecloud setuser -u ddvk -a ``` -------------------------------- ### Build rmfakecloud Docker Image with Make Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/docker.md This make rule simplifies the process of rebuilding the rmfakecloud Docker image. ```sh make docker ``` -------------------------------- ### Activate Diff Sync for User Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/diff-sync.md Use this command to activate the diff sync feature for a specific user. Ensure the user is set as an admin. ```sh rmfakecloud setuser -u ddvk -a -s ``` -------------------------------- ### Test rmfakecloud with client certificate (Linux/macOS) Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/external-access.md Use this command to verify that your rmfakecloud instance is accessible with a valid client certificate. This should return the normal rmfakecloud HTML response. ```bash curl --cert client.crt --key client.key https://rmfakecloud.example.com ``` -------------------------------- ### systemd Service Unit for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/source.md This systemd service unit file defines how to run rmfakecloud as a system service. It specifies dependencies, execution command, and environment file. ```ini [Unit] Description=rmfakecloud After=network-online.target Wants=network-online.target [Service] ExecStart=/usr/local/bin/rmfakecloud EnvironmentFile=/etc/rmfakecloud.conf [Install] WantedBy=multi-user.target ``` -------------------------------- ### Systemd Service Reload and Restart Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/reverse-proxy/nginx.md After modifying the proxy service configuration, reload the systemd daemon and restart the proxy and xochitl services to apply the changes. ```bash systemctl daemon-reload systemctl start proxy systemctl start xochitl ``` -------------------------------- ### systemd Configuration File for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/source.md Configure rmfakecloud service settings for systemd, including secrets, URLs, ports, and email/HWR API credentials. Replace placeholder values with your actual configurations. ```sh JWT_SECRET_KEY=SOME_KEY STORAGE_URL=http(s)://host.where.rmfakecloud.is.running PORT=80 DATADIR=/usr/local/lib/rmfakecloud LOGLEVEL=info # uncomment if using TLS #PORT=443 #TLS_KEY=/path/to/somekey #TLS_CERT=/path/to/somecert #RM_HTTPS_COOKIE=1 # Email RM_SMTP_SERVER=smtp.gmail.com:465 RM_SMTP_USERNAME=MY_EMAIL_ADDRESS RM_SMTP_PASSWORD=MY_SMTP_OR_APP_PASSWORD # Handwriting recognition RMAPI_HWR_APPLICATIONKEY=SOME_KEY RMAPI_HWR_HMAC=SOME_KEY ``` -------------------------------- ### Test Cloudflare block page (Linux/macOS) Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/external-access.md Use this command to verify that Cloudflare is blocking access without a valid client certificate. This should return the HTML of a Cloudflare block page. ```bash curl https://rmfakecloud.example.com ``` -------------------------------- ### Test Host Connectivity Source: https://github.com/ddvk/rmfakecloud/blob/master/README.md Verify network connectivity to the host machine and the rmfakecloud service. These commands check DNS resolution and HTTP/HTTPS service availability. ```bash ping my.remarkable.com ``` ```bash ping local.remarkable.com ``` ```bash ping thehostpc ``` ```bash wget -qO- http://host:3000 ``` ```bash wget -qO- https://local.appspot.com ``` -------------------------------- ### Clone rmfakecloud Repository Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/helm.md Clone the rmfakecloud repository to access the Helm chart and configuration files. ```bash git clone https://github.com/ddvk/rmfakecloud && cd rmfakecloud/helm ``` -------------------------------- ### Configure rmfakecloud Jail in Fail2ban Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/fail2ban.md Define a Fail2ban jail for rmfakecloud in `/etc/fail2ban/jail.local`. Adjust `_SYSTEMD_UNIT` to match your rmfakecloud service name and choose an appropriate ban action. ```ini [rmfakecloud] enabled = true filter = rmfakecloud action = iptables-multiport[name=HTTP, port="http,https"] journalmatch = _SYSTEMD_UNIT=docker-rmfakecloud.service ``` -------------------------------- ### Check Sync Service Logs Source: https://github.com/ddvk/rmfakecloud/blob/master/README.md View the logs for the rmfakecloud synchronization service. This helps in diagnosing issues related to data synchronization between the device and the cloud. ```bash journalctl -u rm-sync ``` -------------------------------- ### Run rmfakecloud with Docker Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/docker.md Use this command to quickly run the rmfakecloud container for evaluation. It maps port 3000 and automatically removes the container when it exits. ```sh docker run -it --rm -p 3000:3000 ddvk/rmfakecloud ``` -------------------------------- ### OpenRC Service Script for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/source.md This script configures rmfakecloud to run as a service using OpenRC. It specifies the command, arguments, PID file, and logging. ```sh #!/sbin/openrc-run name="rmfakecloud" command="/usr/local/bin/rmfakecloud" command_args="" pidfile="/var/run/rmfakecloud.pid" command_background="yes" output_log="/var/log/messages" error_log="/var/log/messages" depend() { need net localmount } ``` -------------------------------- ### Configure Reverse Proxy with rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/remarkable/setup.md Configure a reverse HTTPS proxy like 'secure' to point to your rmfakecloud API. This involves setting the certificate, key, and the storage URL. ```shell secure -cert proxy.crt -key proxy.key http(s)://host_where_the_api_is_running:someport ``` -------------------------------- ### Execute rmfakecloud CLI Commands in Docker Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/userprofile.md When using the Docker image, execute rmfakecloud CLI commands using `docker exec`. This is a common pattern for interacting with the server's command-line interface within a containerized environment. ```sh docker exec rmfakecloud /rmfakecloud-docker special-command ``` -------------------------------- ### Check Proxy Service Status Source: https://github.com/ddvk/rmfakecloud/blob/master/README.md Verify if the proxy service is running and view its logs. Use `systemctl status` for a quick status check or `journalctl` for detailed logs. ```bash systemctl status proxy ``` ```bash journalctl -u proxy ``` -------------------------------- ### Apache Virtual Host Configuration for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/reverse-proxy/apache.md Sets up an Apache virtual host to proxy requests to the rmfakecloud Docker container. It configures SSL, forwards HTTP traffic, and handles WebSocket connections for real-time communication. ```apache LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so ServerName rmfakecloud.mydomain.com SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.key/mydomain.com-fullchain.pem SSLCertificateKeyFile /etc/httpd/conf/ssl.key/mydomain.com-cert.pem ProxyPass / http://localhost:3000/ ProxyPassReverse / http://localhost:3000/ ProxyRequests Off RewriteEngine on RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteCond %{HTTP:Connection} upgrade [NC] RewriteRule ^/?(.*) "ws://localhost:3000/$1" [P,L] ``` -------------------------------- ### Patching Extension Files with sed Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/browser-extension.md This script uses 'sed' to replace default reMarkable cloud URLs with your custom cloud URL within the extension's files. Ensure you have executable permissions for the script. ```bash mycloud=$1 find ./ -type f -exec sed -i "s/https:\/\/internal.cloud.remarkable.com/$mycloud/g" {} \; find ./ -type f -exec sed -i "s/https:\/\/webapp-production-dot-remarkable-production.appspot.com/$mycloud/g" {} \; ``` -------------------------------- ### Define rmfakecloud Filter for Fail2ban Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/fail2ban.md Create a Fail2ban filter configuration in `/etc/fail2ban/filter.d/rmfakecloud.conf` to specify the log pattern that indicates failed login attempts. ```ini [Definition] failregex = ^.*, login failed ip:\s+.*$ ``` -------------------------------- ### Run rmfakecloud with Docker and Persistent Storage Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/docker.md This command runs rmfakecloud with persistent storage by mounting a local './data' directory to '/data' inside the container. It also maps port 8883 and sets a JWT secret key. ```sh docker run -it --rm -p 3000:3000 -p 8883:8883 -v ./data:/data -e JWT_SECRET_KEY='something' ddvk/rmfakecloud ``` -------------------------------- ### Docker Compose Configuration for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/docker.md This docker-compose.yml file defines the rmfakecloud service, including image, container name, restart policy, port mappings, environment file, and volume mounts for persistent data. ```yaml version: "3" services: rmfakecloud: image: ddvk/rmfakecloud container_name: rmfakecloud restart: unless-stopped ports: - "3000:3000" - "8883:8883" env_file: - env volumes: - ./data:/data ``` -------------------------------- ### OpenRC Configuration for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/source.md Configure rmfakecloud service settings for OpenRC, including secrets, URLs, ports, and email/HWR API credentials. Replace placeholder values with your actual configurations. ```sh # Basic settings export JWT_SECRET_KEY=SOME_KEY export STORAGE_URL=http(s)://host.where.rmfakecloud.is.running export PORT=80 export DATADIR=/usr/local/lib/rmfakecloud export LOGLEVEL=info # uncomment if using TLS #export PORT=443 #export TLS_KEY=/path/to/somekey #export TLS_CERT=/path/to/somecert #export RM_HTTPS_COOKIE=1 # Email export RM_SMTP_SERVER=smtp.gmail.com:465 export RM_SMTP_USERNAME=MY_EMAIL_ADDRESS export RM_SMTP_PASSWORD=MY_SMTP_OR_APP_PASSWORD # Handwriting recognition export RMAPI_HWR_APPLICATIONKEY=SOME_KEY export RMAPI_HWR_HMAC=SOME_KEY ``` -------------------------------- ### Reset User Password with CLI Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/userprofile.md To reset a user's password, use the `rmfakecloud setuser` command with the `-u` flag for the username and `-p` flag for the new password. The password input is read securely using `read -s`. ```sh read -s -p "New password: " NEWPASSWD && rmfakecloud setuser -u ddvk -p "${NEWPASSWD}" ``` -------------------------------- ### Reset User Password Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/helm.md Reset a user's password using `kubectl exec`. This command requires the pod name and the new password to be set. ```bash export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "rmfakecloud.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") kubectl exec $POD_NAME -- /rmfakecloud-docker setuser -u ddvk -p "${NEWPASSWD}" ``` -------------------------------- ### Docker Compose Configuration for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/reverse-proxy/apache.md Defines the services, network mode, image, container name, restart policy, ports, environment file, and volumes for the rmfakecloud Docker container. Ensure `network_mode: host` is used for the container to access the mail server. ```yaml version: "3.4" services: rmfakecloud: network_mode: host image: ddvk/rmfakecloud container_name: rmfakecloud restart: unless-stopped ports: - 3000:3000 env_file: - env volumes: - /home/remarkable/rmfakecloud/data:/data ``` -------------------------------- ### Update rmfakecloud Proxy Service Configuration Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/reverse-proxy/nginx.md Modify the systemd service file for the rmfakecloud proxy to point to the new HTTPS URL. This ensures the client connects securely. ```bash nano /etc/systemd/system/proxy.service ``` ```bash ... ExecStart=/home/root/scripts/rmfakecloud/secure -cert /home/root/scripts/rmfakecloud/proxy.crt -key /home/root/scripts/rmfakecloud/proxy.key https://rmfakecloud.server.net ... ``` -------------------------------- ### Environment Variables for rmfakecloud Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/reverse-proxy/apache.md Configuration settings for rmfakecloud, including API keys, storage URL, port, log level, SMTP server details, and a JWT secret key. It is crucial to set a unique `JWT_SECRET_KEY` for security. ```env RMAPI_HWR_APPLICATIONKEY=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX RMAPI_HWR_HMAC=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX STORAGE_URL=https://rmfakecloud.mydomain.com PORT=3000 LOGLEVEL=debug RM_SMTP_SERVER=127.0.0.1:465 RM_SMTP_USERNAME= RM_SMTP_PASSWORD= RM_SMTP_FROM=ReMarkable selfhosted JWT_SECRET_KEY=YouReallyShouldSetThisInConfigAndNotLeaveItThisStaticValueExampl RM_SMTP_INSECURE_TLS=true ``` -------------------------------- ### Export STORAGE_URL Environment Variable Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/reverse-proxy/nginx.md Set the STORAGE_URL environment variable on the server to the public-facing HTTPS URL of your rmfakecloud instance. This is necessary for correct client-side operation. ```bash export STORAGE_URL=https://rmfakecloud.server.net ``` -------------------------------- ### Traefik TCP Router Configuration for MQTT Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/configuration.md Set up Traefik as a TCP router to handle MQTT screen sharing traffic. This configuration defines how Traefik listens for and forwards MQTT connections. ```yaml tcp: routers: mqtt: rule: "HostSNI(`*`)" service: mqtt entryPoints: - mqtt services: mqtt: loadBalancer: servers: - address: "rmfakecloud:8883" entryPoints: mqtt: address: ":443" ``` -------------------------------- ### Limit Git Repository to Latest Modifications Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/diff-sync.md Creates a git repository of the tree history, but only includes the latest specified number of modifications. This is useful for large histories. ```sh ./history2git15 -tail 20 /var/lib/rmfakecloud/users/ddvk/sync/.root.history ``` -------------------------------- ### Relink Lost Files Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/usage/diff-sync.md Restores files to their state at a specific historical root index. Ensure rmfakecloud is stopped before running to prevent corruption. The `DATA_DIR` environment variable should match your rmfakecloud configuration. ```sh DATA_DIR=/var/lib/rmfakecloud ./relink15 -user ddvk -root-hash 1c0ee6fb7fde7d09dd25b954dd9f23f950d9e25f1fbc661ca18aebf40bb14a00 "Notebook 42" "My calendar.pdf" ``` -------------------------------- ### Cloudflare Security Rule for mTLS Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/external-access.md This expression blocks requests that do not present a valid, verified, and non-revoked client certificate matching the specified serial number and host. Use this to enforce mTLS-like behavior. ```perl ( cf.tls_client_auth.cert_serial ne "SERIAL_NUMBER" or not cf.tls_client_auth.cert_verified or not cf.tls_client_auth.cert_presented or cf.tls_client_auth.cert_revoked ) and http.host contains "rmfakecloud.example.com" ``` -------------------------------- ### Nginx Server Block for rmfakecloud HTTPS Source: https://github.com/ddvk/rmfakecloud/blob/master/docs/install/reverse-proxy/nginx.md This configuration enables HTTPS for rmfakecloud, handles large file uploads, and ensures websocket connections are properly proxied. It requires Certbot for SSL certificate management. ```nginx server { # increase max request size (for large PDFs) client_max_body_size 200M; server_name rmfakecloud.server.net; client_body_buffer_size 1280K; proxy_buffering off; proxy_request_buffering off; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/rmfakecloud.server.net/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/rmfakecloud.server.net/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot location / { proxy_pass http://localhost:3000/; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect http:// https://; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } upstream ws-backend { # enable sticky session based on IP ip_hash; server localhost:3000; } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.