-- Leo's gemini proxy
-- Connecting to jacksonchen666.com:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en
Last updated: 2023-12-29
I'm not sure if I should call this a "privacy policy", since the word "policy" is in there. However, this documents the current practices which are related to your privacy.
The tl;dr is:
Your IP address is logged (up to 4 days)
I am keeping any emails I receive and send forever
I use some external services for my websites
These are used in a wide range of things.
For these websites:
They're hosted with sourcehut pages
SourceHut does log some information. Its configuration is available online.
Applies to all domains and subdomains under:
jacksonchen666.com (except anything listed in the static websites section)
jc666.xyz
jc6.xyz
x7ikq7gwf6vnbvrc7b36nkcxnw7eckwaricmjbdvrajoeql2ccjb5aad.onion
jacksonchen666.i2p
se74m63c22m37zteameiijr5ld3oqrke3pmrrx7xwmbli5thfy3a.b32.i2p
The yggdrasil-network IPv6 address 224:2a:86e7:b0:8727:3e88:c92a:c219
Domains listed above will reach the self-hosted server.
Server logs for server applications (e.g. Mastodon) are default settings. No further information is provided here because I don't know any better.
Server logs configuration for the reverse proxy (i.e. nginx) is the following:
log_format vcombined '$host:$server_port $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
This allows us to see the following information:
Your IP address
What page/resource you have requested
Time of your request
Where you navigated from ("Referrer" information provided by browser)
Your browser User Agent string
The above is just an overview. Below is the exact technical information
logged:
The information logged for HTTP requests are:
Virtual host
Client IP address
Provided username for HTTP authentication
Time of request
The HTTP request type (e.g. GET, POST, etc.)
The HTTP request path (e.g. /)
The HTTP request HTTP version (e.g. HTTP/1.1)
Status code returned to client
Response body measured in bytes sent to client
Referrer AKA where you navigated from (the referrer policy is set to same-origin on jacksonchen666.com)
Provided User Agent
(Modified) Example:
subdomain.jacksonchen666.com:443 192.0.2.231 - - [01/Jan/1970:00:00:00 +0000] "GET / HTTP/1.1" 404 2147483648 "-" "Not a bot, definately not."
The visitor's IP address is 192.0.2.231 in this example.
The logs are stored up to 4 days. They are not included in backups.
Self-hosted Server is located in Hungary.
Information that is logged for every request is:
Time of request
The URL
Server response status code
Stuff after the status code (Gemini protocol specification ยง3.1 "META")
(Modified) Example:
[1970-01-01T00:00:00Z INFO agate] [::ffff:192.168.1.74]:1965 - "gemini://jacksonchen666.com/" 20 "text/gemini;lang=en"
The IP address `192.168.1.74` is not the visitor's IP address.
We create multiple copies of our server and store it on-site and off-site to
prevent complete data loss. That's backups, by the way.
Backups are retained for 4 weeks at maximum. Any backups older than 4 weeks
will be deleted unless it is required (e.g. restoring an old backup).
Rule of thumb: We backup everything. Some things are excluded if deemed not
important/critical to operation.
The backups contain:
- All operating system components and programs
- All services components and programs
- User data generated by use of the services
- Everything else we forgot to specify
The backups do not contain:
- Reverse proxy logs (the thing that handles HTTP(S) requests, and logs it)
We use the following to create, manage, synchronize and store backups:
Migadu handles the emails. (2023-03-31)
Encrypted emails preferred (additional information on the contact page)
Emails received will be removed from the mail servers and stored locally on my computers, retained permanently.
Includes the "Notable other Third-parties' services in use" section
My ISP
Fedora Linux (their repos and distro)
Alpine Linux (their repos and distro)
- [lists sourcehut][lists.sr.ht] for email comments on blog posts
([ToS][sr.ht_TOS] & [privacy][sr.ht_privacy])
How? There isn't something you could opt out of here other than well... Not touching anything related here.
(Ideas are welcome)
These things are included because they have some significance
Namecheap, a domain registrar, used to handle the emails. Not anymore. 2021-07-10/2021-09-06, end date might not be accurate.
Gandi, a domain registrar, used to handle the emails. Not anymore. 2021-08-10/2023-04-02.
Simplelogin's email aliasing used in contact page (from 2022-10-21 to 2023-04-18).
DuckDuckGo's email aliasing service was used for the email contact (from 2021-08-10 to 2022-10-21)
Nameservers and domain registrar also applies, but not the dates. Those dates are for the email service.
On jacksonchen666.com, you were able to submit questions, ideas, and feedback, which are collectively called "Submissions".
We use `git`, a distributed version control tool. Due to the design of `git`, deleting past versions of this website cannot be truly achieved as everyone has a copy of the website including the history, therefore, the data for "Submissions" cannot be completely removed.
The function has been removed from the website, but as stated above, he data cannot be truly removed.
We welcome questions and stuff about our privacy document. You can email us at here:
-- Response ended
-- Page fetched on Fri May 10 01:58:01 2024