admin22. 08. 2025 03:44:07
1266×966
(18.4 kiB)
🚬
admin
's posts
page 2 of 24
21. 08. 2025 01:39:15
664×765
(37.1 kiB)
From now on, you can search on FITstagram.
Search returns posts for which the search query is contained in either the post name, descriptions or the comments.
Right now, only a table with the post names is returned. But you can preview the image when hovering over the post name.
Unfortunately, mobile users cannot use this preview functionality yet.
Newest posts are on top.
admin Now search also returns post for which tags match.
admin Now search also returns post where the image text content matches.
16. 08. 2025 07:02:59
5000×5000
(429.2 kiB)
FITstagram now supports passkeys!
Features:
- Unlimited number of passkeys
- You can name each passkey
- For each passkey, you can allow it for passwordless sign-in (otherwise it's just an alternative to TOTP-based 2FA)
Limitations:
- Unlike TOTP, passkey 2nd factor isn't required for a password change. If you don't have TOTP-based two-factor authentication, then someone could hijack your session and change your password without a second factor, even if you have a passkey.
- You cannot have a passkey for optional paswordless sign-in (if you have passkeys in your account, you're always going to need a second factor to log in: either TOTP or one of the passkeys).
These limitations are the reason why only users with TOTP two-factor authentication can create passkeys.
Picture by Freepik: https://www.freepik.com/free-vector/3d-cartoon-style-bunch-keys-icon-white-background-realistic-modern-keys-new-apartment-house-hotel-room-ring-flat-vector-illustration-entrance-security-property-concept_42331751.htm
admin Note: All of the passkeys are required to be "resident" passkeys. This improves usability and reliability, however, it comes with limitations. For example, it means that yubikeys can apparently only be used via USB, not NFC
14. 08. 2025 01:37:05
732×983
(52.5 kiB)
https://vitapavlik.cz/hiddenfiles/fitstagram-admin-pgp-key-declaration-2025-08-14.pdf
In this file, I declare that the PGP key I currently use to sign pictures on FITstagram is mine.
This file is signed with my other, more trustworthy identity. It carries a certificate issued to me by the Czech PostSignum authority. According to the European regulation eIDAS, it has the equivalent legal effect as a handwritten signature.
Verify the signature by opening the file in an apropriate pdf viewer (for example Microsoft Edge or Adobe Acrobat). Alternatively, use https://verifysignature.eu/
More information on Qualified Electronic Signatures (QES): https://en.wikipedia.org/wiki/Qualified_electronic_signature
14. 08. 2025 00:01:05
594×491
(33.0 kiB)
FITstagram was configured to allow HTTP/3. Not only that, it advertises the HTTP/3 capability with a Alt-Svc header. This is whats called Application Layer Protocol Negotiation (ALPN). This means that the browser first accesses the site via HTTP/1.1 or HTTP/2, but after that, the follow-up resources are accessed via HTTP/3. Upon reload, the whole site is accessed via HTTP/3.
FITstagram's Alt-Svc header can be seen here https://iis.vitapavlik.cz/p/9849f4b689324304b286924cab056961
Alt-Svc header on MDN docs https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Alt-Svc
ALPN on MDN docs https://developer.mozilla.org/en-US/docs/Glossary/ALPN
13. 08. 2025 23:53:40
761×569
(36.7 kiB)
FITstagram recently moved to a new cloud provider with IPv6 connectivity. Therefore it is now IPv6 enabled 🎉
Notice the remote address in the screenshot is an IPv6 address.
admin You can also notice the Alt-Svc header. This is also a recent addition. More on that here https://iis.vitapavlik.cz/p/a8e701cff9eb47219defdbc8047de6d4
page 2 of 24
view admin's keys
admin
vtipné