1. 1

    Dunno how I feel about this. I don’t run NextCloud yet but I’ve been considering it, and my experiences running a Mastodon instance for a few months left me unwilling to try again. Maybe they’ve scaled the requirements, footprint and admin surfaces back to a sane level.

    1. 7

      Actually this is a ActivityPub implementation, not a Mastodon one, which actually makes this a little more interesting.

      By using the popular ActivityPub standard, Nextcloud users can subscribe to and share status updates with users in the so-called ‘fediverse’, an interconnected and decentralized network of independently operated servers!

      Mastodon is probably the best known implementation of ActivityPub protocol, but there are actually a bunch of federated applications based around ActivityPub. For example there is also:

      • PeerTube (YouTube-ish)
      • PixelFed (Flickr/imgur-ish)
      • Diaspora (Facebook-ish)

      One of the kind of cool things is that all of these applications are using the same federated publishing protocol, they can federate with each other. I can reply to a thread on PeerTube in Mastodon, and PeerTube will understand it as a reply and display it as such, or you can publish an album on PixelFed and I can see as a posted album in my Diaspora.

      1. 1

        I didn’t realize that Diaspora had joined the Fediverse! Good on them!

      2. 2

        running nextcloud is pretty easy with docker

        1. 2
          1. 1

            Running it might be easy, administrating and keeping it running never is. This goes for pretty much every server software out there.

          2. 1

            I’ve been running NextCloud for years, mainly for the very robust calendar which also happens to have a great UI and stellar integration with other calendar clients (Lightning, Android calendar, iPhone calendar, etc.)

            1. 1

              The post doesn’t seem to say either way whether it’s a reskinned Mastodon server or an independent reimplementation, does it?

              1. 2

                Looking at the source code it looks like it’s a PHP backend like the rest of NextCloud with a Vue.js frontend

                From a cursory inspection it doesn’t look like they’re running all the infra necessary to run a full Mastodon node.

                I suspect but don’t know that you’re actually just using their app to federate from one of their instances they’re running behind the curtain, but again I have no bullet proof evidence on that.

                1. 4

                  ActivityPub is an open standard with some lightweight implementations (Mastodon is not one of them). From my cursory look at the source, I think this is a full activitypub compatible server.

                2. 1

                  No it doesn’t give much detail at all. If it’s a reskinned stock mastodon server, that’s a hefty chunk of infrastructure required to run the thing (PostgresSQL, Redis for Sidekiq, etc.) and a lot of under the hood complexity go wrong.

                  I have mad respect for Eugen and the work they’re doing, but if it is in fact a stock Mastodon server, I’m out. I’m not a Ruby on Rails hacker and don’t have time to become one, and my installation hosed itself pretty hard.

                  1. 1

                    There’s always Pleroma if you want lightweight ActivityPub.

                    1. 1

                      Pieroma is lightweight, but its upgrade story and to a lesser extent its installation story are … Putting it kindly, lightly sketched out :)

                      You have to want to become an Elixir/Phoenix hacker if you really want to run a Pieroma with confidence. Not that that’s a bad thing at all mind, but you should be aware of that before you sign up.

                      At least that was the case a few months ago when my Mastodon instance ate itself.

              1. 6

                Question for the group. If you use Stylus (or used to use Stylish), what do you use it for?

                I headed over the the userstyles.org site and most of the styles seem to be “dark themes” or other cosmetic changes like changing the background of a site. Are there more practical uses of the extension? Can it modify HTML or Javascript (where the real power would be), or is it CSS only?

                1. 27

                  other cosmetic changes like changing the background of a site

                  You call it cosmetic changes, other people call it accessibility.

                  1. 7

                    I use it to tweak the layout of some of the sites I use, like moving a fixed top navbar to the side, and making it smaller. Or making narrow columns wider. Small stuff like that, which make the browsing experience much more bearable. I rarely use the social or sharing aspects of it. I haven’t found anything useful there, and I’m not sharing my tweaks either, because they’re very personal anyway.

                    I rarely use it to hide things, my adblocker can do that more conveniently indeed.

                    1. 6

                      I apply a style of body { max-width: 800px; } on a few blogs that weren’t designed with wide browser windows in mind—they spill text across the entire width of the screen, which makes them really hard to read. (You could use your browser’s “reading mode” to fix this, too, but this CSS change usually does the job without breaking any layouts.)

                      1. 4

                        Now that I’ve started using Dark Reader, I use Stylus for well-made, site-specific dark themes. Previously I was using the Gruvbox Dark Everywhere userstyle, but its shotgun approach leaves much to be desired. Beware: Dark Reader has some major performance issues on Firefox.

                        Edit: My installed themes (which I enable along with Dark Reader after sunset): https://ptpb.pw/nUrG.png

                        Edit 2: Also I enable the Firefox and Tree Style Tabs dark themes. This really needs to get more streamlined.

                        Edit 3: And then I get to enable dark/night mode on sites that support it natively, one-by-one as I visit them. Sigh.

                        1. 2

                          Man, Dark Reader is great. Thanks for bringing my attention to that.

                          1. 1

                            Funny that you mention this. I don’t often long for the days when I had a CSS styling addon installed, but exactly this Dark Reader page made me bob my head back 20cm. That page seems to be made for a mobile phone or tablet screen, not a 27” monitor. Wow.

                          2. 3

                            Fixing fonts on the most obnoxious websites.

                            1. 3

                              I like to use it to remove ads in core apps I use. I’d like to share the styles I create with others who use those apps. I use the free version of toggl, and they have a persistent, animated thing in the bottom-right corner that tells me the benefits of “going pro”. I just made a stylish thing to display: none the element which matches that rule. It’s great.

                              1. 1

                                Is there an advantage to that over the “block element” feature that exist in most ad blockers?

                                1. 1

                                  I use brave and Firefox which have some built in blocking. I haven’t thought of that, but I’ll take a look!

                              2. 3

                                I used to use Stylish - and a predecessor the name of which has slipped my mind - to reduce the size of the UI in Firefox - smaller tabs, less wasted space -> more space for page content.

                                1. 2

                                  i’m considering using it to shrink the gmail sidebar label font - they recently increased it from the same size as email body text to a size bigger, and it’s very annoying.

                                  1. 1

                                    I sometimes use it to tweak interfaces, like get rid of annoying panels or adding bold to certain elements

                                    1. 1

                                      I just started using this again after forgetting that it existed. Another forum I visit regularly now is ad free and doesn’t waste a bunch of whitespace where these were removed. I created an ironic one for hiding the ads for stylish for android on userstyles.org… :D Also, my day job involves using a console that has a lot of useless (to me) menu items - bye bye.

                                      1. 1

                                        Can it modify HTML or Javascript (where the real power would be), or is it CSS only?

                                        Is it possible for extensions to request access only to modify CSS?

                                        1. 4

                                          CSS can still exfiltrate sensitive page content (albeit attacks are harder to write).

                                          1. 1

                                            If you write your own CSS this is no longer a problem :P.

                                            1. 1

                                              That’s good to know. I’m going to do some reading on this, but do you have anything you recommend?

                                          2. 1

                                            There are two sites I frequent that have awful stylesheets that I can’t stand so I have custom stylesheets that make them look better.

                                          1. 1

                                            I wrote a utility earlier this year (dotenv) that caters to a similar use case (managing dotfiles) but with the added requirement of having customizable and overridable dotfiles. I did that because I found that new hires nerver really configured the command-line tools we use on a daily basis, and I wanted to create a standard configuration that they could still customize. It’s quite new (a few months old), but I use it every day. If you’re interested, let me know what you think of it!

                                            1. 1

                                              There is a bit of namespace pollution for dotenv. There is a dotenv package for ruby, javascript, php, elixir, rust, & python to manage values for .env files.

                                            1. 2

                                              We have the LA Civil court system coming online Tuesday, so I’ll be working on that. I’ll take my birthday is off, but otherwise it making sure we are ready to go out the door.

                                              1. 16

                                                Nothing. And with any luck it will be glorious.

                                                1. 9

                                                  Michael Bolton: You were supposed to come in Saturday. What were you doing?
                                                  Peter Gibbons: Michael, I did nothing. I did absolutely nothing, and it was everything I thought it could be.

                                                  1. 2

                                                    It seems there are 4 kinds of responses one can expect to posts like this:

                                                    1. Programming projects
                                                    2. Personal projects
                                                    3. Personal projects, and a rebellious desire against the culture of doing just programming projects
                                                    4. Doing nothing in particular, and enjoying it.

                                                    Only 3 out of 4 seem felicitous.

                                                  1. 6

                                                    I kind of doubt anyone will read this, but hey here I go.

                                                    There are different sets of documentation, that go in different places.

                                                    1. Getting up and startedreadme.md
                                                      The read me will probably be the first and most often seen piece of your project. This is your sales pitch, this should be a short as possible while including the information required to get up and running.
                                                      • Notices (e.g. this is being deprecated, major version release happening Oct 31th 2018, etc).
                                                      • What is this and why should you care.
                                                      • How to install
                                                      • How to access
                                                      • Where to find stuff
                                                    2. Documentation for classes, methods, etc. → whatever the language specific norm is.
                                                      Commonly this goes into /doc (eg Yard). That being, for languages like Rust or Java I actually prefer the inline documentation. This is often meant for the developers not the consumers.
                                                    3. “I’m trying to do X, how do I?” type questions. → GH Wiki
                                                      Gives a globally accessible page to link to. Also allows for a much less structured way.
                                                    4. Release Notes.Changelog.md
                                                      See Olivier Lacan’s KeepAChangelog.com
                                                    5. Other stuff. → on root if possible
                                                      This is the stuff mentioned in the last point in 1. Stuff like CODE_OF_CONDUCT.md & CONTRIBUTING.md
                                                    1. 2

                                                      hey, I read it! :-) I agree with almost everything, except my reluctance re: the GitHub wiki, which seems to me is hard to open up to contributors.

                                                      1. 1

                                                        That’s actually a really good point, which I don’t have a good answer to.

                                                        You could to a GH pages style resource & reference it in the README file. Aside from that I can’t think of any particularly good solution.

                                                    1. 14

                                                      I don’t totally agree with Stallman on a lot of things but I’m extremely impressed with how much common sense is being applied here. This approach is a lot better than the various codes of conduct bolted on to so many open source projects. Many CoCs are somewhat authoritarian in their tone in that they simply tell you what you can and cannot do without offering any advice about effective communication. (Worse, some projects require you to agree to the CoC, which makes it a binding and enforceable contract whether you realize it or not.)

                                                      1. 5

                                                        It is my understanding that CoCs are meant to communicate in clear language what a community will and will not accept, and the consequences of unacceptable behavior. And perhaps all communities converge to something like a CoC even if it isn’t explicit, e.g. “Do what you like, we don’t moderate here.” Perhaps community organizers can have CoCs and communication guidelines side-by-side and cross-referenced, so that the guidelines come first and the CoC is there for when boundaries are crossed?

                                                        1. 3

                                                          The original motivation by the author of Contributor Covenant was forcing far left politics on folks everywhere. When such people get one passed, they use its broad language to do that. They just talk about obviously bad stuff that few would argue with in lead up to it. Hence, the strong opposition.

                                                          There’s also folks who saw the trend, didnt know/share the political goals, liked emforcing civility, and added one to their project for that reason. That happens, too. Most of the enforcement interpretation comes down to moderators and/or vocal members, though.

                                                          1. 6

                                                            forcing far left politics on folks everywhere

                                                            That’s not what far-left politics is, it’s pretty milquetoast liberalism.

                                                            1. 1

                                                              milquetoast

                                                              I’m not familiar with this word. The dictionary definition doesn’t help me much; what does it mean in the context of politics?

                                                              1. 1

                                                                It means ineffective or inoffensive.

                                                              2. 0

                                                                It depends on who you ask. Maybe geographical area, too. I honestly don’t follow all the terms closely since they themselves become part of political battle and sophism. I try to simplify. Most of what leftists call right-leaning people all oppose that kind of politics. So, it’s best to call it leftist politics of some sort. Most liberals I meet aren’t for systematically controlling peoples’ speech or banning them in every forum or place for their casual remarks in one. Obviously, there’s exceptions where people flip out over something like an N-bomb exposing what person might really think on inside. Most of the time, though, the liberals out here and in lots of places don’t go that far with enforcement. They’re also willing to make practical tradeoffs for greater good even if it sacrifices a bit of ideological purity in decision-making.

                                                                So, these people that put ideology above everything and want universal, constant, severe enforcement are a rare breed compared to majority. At least, from what I can tell. I’d love carefully-worded surveys to get more objective data. If they’re rare, leftist, and stronger on ideology than most, then calling them far leftist is a fair description even if not precise. I think radical leftists or leftist extremists is even better showing the fact that many leftists would argue with their position or actions even supporting their goals. Some might even distance themselves from them in business or politics.

                                                                1. 5

                                                                  This conversation isn’t going anywhere because your understanding of the left is so wildly different than mine. For me, far-left means socialist or communist, not people who shout things on Twitter. I suggest you read Exiting the vampire’s castle by the late Mark Fisher if you want to learn more about this distinction.

                                                                  1. 1

                                                                    Thanks for the reference. Maybe the term has multiple meanings in practice with people using it relative to their own political stances. I might stick with radicals or extremists to avoid confusion.

                                                                  2. 2

                                                                    The use of coercion to make people adhere to their own worldviews is not exclusive to either side of the traditional political spectrum but an orthogonal dimension entirely. There’s a long but ultimately good explanation at https://nintil.com/2017/10/14/yet-another-half-baked-theory-of-the-political-spectrum

                                                                    1. 2

                                                                      Most political theorising and philosophical discourse happens in the anglosphere. And the anglosphere is mostly, by numbers, the United States.

                                                                      There are texts that haven’t even been translated into English that are valuable pieces political theory. Especially from the left. Don’t even get me started on philosophy.

                                                                      Also, Scott Alexander is garbage and if you want any kind of actual political insight you should not be reading him or reactions to him. His personal politics boil down to GamerGate for nerds. Of all the armchair social “theory”, only Moloch is a somewhat good text, but it’s also just a distillation of small bits of Nick Land’s philosophy. If you’re looking for actual insight, read the things that he hates.

                                                                      All this talk of “axes” and “spectrums” are totally useless and trivial, appealing only to people who view politics as some kind of an internet ideological picnic. They get infatuated with ideas themselves, without wider philosophical, historical, and material context, they view them as identity badges, and that leads to confusions and perversions like the political compasses.

                                                                      1. 2

                                                                        re “why do people who want laissez-faire free trade empirically also prefer a strong military”

                                                                        I’ve countered them with exactly that! I told them I don’t support the troops. “What? What?” I told them military wastes money constantly on stuff that’s useless in general or against today’s threats. Most bases and deployments are unnecessary even to a lot of military people. The companies wasting money are protected year after year. None of this is like free market where you have to get useful to people or perish. Then, I suggest maybe they can pay out of their taxes for all the extra bullshit and waste they want while people like me force competition among lean defense contractors that deliver only useful, necessary stuff. We’ll pay less, too. They’re always so shocked and pissed at the concept despite some agreement.

                                                                        re “The common thing between leftists is utilitarianism.”

                                                                        I have said the right is about individualism: follow personal opportunity and responsibility even if failure can kill you. If left is opposite, then them being utilitarian would seem to follow. Liberals out here being willing to loose something every year to improve society’s baseline is something that differentiates us from conservatives. That said, it falls apart with the charitable aspects of conservatives where they’re fine helping people so long as it’s their own private donations given to their choice of recipients. The churches are also usually centers of charity and support in smaller towns, too. They also believe pushing people hard to do their best improves the baseline much like we liberals do with socialist-type activities.

                                                                        So, even this fails to really categorize them.

                                                                        re article in general

                                                                        Emotional, herd behavior as described in the article seem to fit best. Yeah, I might drop left and right for general discussions since their meaning is too diluted. Thanks for this article that does an excellent job illustrating that, too. I’ll keep it.

                                                                        1. 1

                                                                          Liberals out here being willing to loose something every year to improve society’s baseline is something that differentiates us from conservatives.

                                                                          Please stop using these terms like an American, even if you are one. It’s incredibly annoying to see people that say things like ‘liberals hate the free market’.

                                                                  3. 5

                                                                    Most of the strong opposition I’ve seen has been an amorphous blob without much substance to them but vitriol.

                                                                    Yes, I think Coraline handled this poorly, but after the backlash and personal attacks against her I think that’s kind of understandable. I also think the flashpoint of this backlash (Linus) is kind of indicative as well. Linus was a dick. He often provided an entertaining display of brutal honestly which people unconnected to the issue at hand would latch onto. They wouldn’t care about the issue being argued, only Linus’s display of maleficent brutality. I’m cool if you call my idea stupid. I’m less cool when you start calling me ugly.

                                                                    Sooo @nickpsecurity is there anything specific argument you have against these CoC’s?

                                                                    1. 2

                                                                      The CoC’s are specifically designed to enforce one type of politics from a leftist minority in every space on Earth they can. This includes the usual language policing where a tiny portion of America, who may not even be contributors or minority members, attempt to police everyone else’s speech based on their interpretation of what discriminatory or offensive speech is. Even if there’s no overall consensus on that or disagreement by majority and/or dissent by many minority members on specific claims. Despite being “pro” minorities, the minority members who disagree will themselves be chastised or ejected for supporting discrimination. And finally, the author pushes for projects taking up the CoC to enforce it everywhere: good, inclusive behavior in a project doesn’t count if you said something their type of politics doesn’t like on another forum. The best example, where she and her pals showed true colors, was OpalGate with highlight being them trying to set maintainer up to look like they supported child molesters. As usual, they wanted their rules enforced and major contributor removed for ideological reasons with nothing in return for project.

                                                                      A group of them also put me on trial here wanting me banned with one going after user tree. I stopped doing invites to avoid others being targeted and harassed via association with me. I knew political suppression would follow adoption of a CoC that’s designed for political suppression. Like in other situations, those pushing the CoC only talked about over abuses nobody would argue with. Since it’s activism or war to them, they’re always dishonest when getting them adopted (end justifies means). They rarely straight-up say: this is a tool to enforce a specific set of political beliefs about speech, actions, and affiliations on everyone in the project in every space they inhabit with non-conformance leading to admonishment and/or ejection from all with our rules. That’s how they try to use them, though, once adopted. So, I oppose them so such sneaky manipulators have less leverage over their targets.

                                                                      Stallman’s looks really good overall since it just encourages kind and wise behavior. That’s the kind of merit-based, but with kindness and respect, CoC that I was promoting in the past. You don’t need leftist extremist setup to block many bad behaviors in project guidelines. He just illustrated that nicely.

                                                                      1. 2

                                                                        Again: is there specific arguement you have against the CoC?

                                                                        Most of your complaints listed thus far seem to be focused on the personal actions of individuals, not the conduct of the organizations. Paradoxically, this is what you are arguing these people are trying to police.

                                                                        The CoC is scoped to interactions of the organization (both internally and while representing the organization).

                                                                        This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event…

                                                                        You are free to be racist, sexist, or transphobic. It just says don’t do it when you are working in an official capacity.

                                                                        The best example, where she and her pals showed true colors, was OpalGate with highlight being them trying to set maintainer up to look like they supported child molesters.

                                                                        This was a personal action by Coraline to petition the project to remove an very anti-trans contributor. Also they did not try to frame the maintainer to supporter of child molester. When meh declined, they asked what level of behavior would merit ejection. e.g. being a neo-nazi, a rapist, or a child molester.

                                                                        The entire thing very quickly turned into a shit show when people from unrelated to the project flooded arguing there support or in disagreement of the original verdict by meh.

                                                                        Coraline emailed the owner of the project apologizing for the mess, as well as to Elia (the person she petitioned to be removed).

                                                                        A group of them also put me on trial here wanting me banned with one going after user tree. I stopped doing invites to avoid others being targeted and harassed via association with me.

                                                                        Yeah and some people are just dicks. I don’t know what the background on this is, but if they are harassing you, then report then. That is why things like CoCs - exist to codify the conduct between individuals.

                                                                        There is no far left cabal trying to undemocratically control the behavior of people, or at least this isn’t it.

                                                                    2. 3

                                                                      When such people get one passed, they use its broad language to do that.

                                                                      I understand that this is a popular theory among people who oppose the Contributor Covenant. Is there any evidence for it?

                                                                      Most of the enforcement interpretation comes down to moderators and/or vocal members, though.

                                                                      This seems like the “bottom line” for all projects. Accepting a CoC written by someone else isn’t giving up the existing project/community and their standards, it’s just encoding them in a more formal way than most projects have (up until now).

                                                                      1. 2

                                                                        Answered that here.

                                                                        “Accepting a CoC written by someone else isn’t giving up the existing project/community and their standards, it’s just encoding them in a more formal way than most projects have (up until now).”

                                                                        It really doesn’t since most don’t want political domination and control according to specific views by specific groups of people who might not be contributors. That’s what the CoC was designed for, though, as I say in my other comment. The next move they try is getting people that think like them in enforcement positions. Whatever original reason for adoption, the CoC becomes a tool for them to achieve their political goals. Even if those aren’t there yet, they can always get in later to use CoC for its intended purpose.

                                                                        That’s what Ehmke did at Github with quite a backlash. I bet Github’s management weren’t told of Ehmke’s actual goals either: probably just the regular BS of “we’re only trying to stop trolls and haters doing things like N-bombs or saying women can’t code.” Who would argue with a need for better moderation or stopping such people? Hardly anyone with sense given all the toxic behavior. Then, she recruits a crew like her… that would enforce their views on the masses and ignore the outgroups’ complaints. Outgroup mostly being straight, white males that she vilifies that are a huge chunk of tech projects. Politically antagonizing them might mean reducing market share, impact, or image of any tech-focused service she’s working for as they switch sites or services. I bet she didn’t tell executives she intended to cause that and was OK with such results given their ideology trumps everything. In her later write-up, she said all the hate that came in was just because she was trans person basically trying to make people nicer and more inclusive. Nothing more.

                                                                        Den of jackals they are. I consider any rules they create to be tainted and subversive by default. Double so if I see them used for political subversion. Let each community make their own rules codified from their existing practices like you said. They can draw on language from any source. Just be honest about goals, discuss it, vote on it, and so on. Then, what sticks they commit to. Lobsters already has a non-political-domination CoC that I follow: unwritten but illustrated by admin/mod responses to comments in various threads. It maintains civility and reduces visibility of problematic comments without outright suppression of dissent. Bans are only when necessary about behavior on this site, not others with other rules. Much better. As usual, I’ll add that the fact that this site runs so well is an argument in favor of such non-political CoC’s being able to do the job. Add Stallman’s to the list or as a start on another one.

                                                                        1. 1

                                                                          I can see that you feel very strongly about this, and I don’t want to inflame this argument at all, but I do want to point a couple of things out.

                                                                          The replies above mention a number of examples of things Coraline Ada-Ehmke or “her people” have done. For the most part, they don’t involve adoption of CoCs or the Contributor Covenant.

                                                                          In the “OpalGate” thread I agree a lot of unpleasant and angry things got said. I suggest a substantial part of that was people arguing from the basis of what they personally felt the project’s standards should be, and “arguing past each other” as a result. In the end the maintainers adopted a code of conduct for the project which clarified “the standard this project will be run against”. The person who was the subject of the original post is still a core maintainer today. This seems to me like a pretty mild outcome - the project’s standards are no longer in dispute, and noone got banned…?

                                                                          (I’m not arguing that the ends necessarily justified the means here, but I am genuinely trying to understand what the catastrophic consequences of adopting CoCs are, as I don’t see them.)

                                                                          Regarding the actual Contributor Covenant, I’ve read it carefully a number of times now and I don’t see how “thin end of the wedge” or “far-left politics” arguments follow from the text of the actual document. It has a Scope section which clearly excludes people’s activities outside the project. Under “Our Responsibilities” it makes it clear that banning is only one possible outcome and is entirely at the discretion of project maintainers. These are the same fundamental power relationships that a project without a CoC has, only now it’s made clear rather than implicit/vague.

                                                                    3. 1

                                                                      Nobody ever had a problem with projects that had rules. Everything had rules. Forums had rules, mailing lists had rules, IRC channels had rules. People had issues with specific rules, but if I’ve ever seen a complaint about the very idea of having rules I don’t remember it.

                                                                      The backlash against contributor covenants is not as simply as people not wanting rules. Having rules against being racist or sexist or whatever isn’t new or unusual or what people have a problem with. What people usually have a problem with is when they’re busy minding their own business writing code and someone turns up and demands they accept a list of rules that they’ve written, usually based on some grievance they have with someone in the project for something they’ve done outside the project.

                                                                      Frankly, people don’t like being told what they should be doing and why what they’re doing is wrong by people that aren’t part of their community. And that’s the very essence of contributor convenants: you should do things in this way because we say so, and because if you don’t you’re an evil sexist white male chauvinist pig that likes pushing women away from projects and it’s your fault that women earn less.

                                                                  1. 2

                                                                    Work

                                                                    I currently work for an attorney service company. We have the largest court system in the US coming online in a couple of weeks so finishing up a few loose tickets & prepping for the wave of madness of the release.

                                                                    Personal

                                                                    I just found out that my VPS provider had an entire raid array failure which slagged my personal machine, soooo probably that.
                                                                    On a related note: Anyone have a recommendation for a VPS?

                                                                    1. 3

                                                                      I’m currently using a Macbook Air from 2013. I got it fully specced at the time but I’m starting to run up against the limitations of my machine.

                                                                      I’ve been eyeing a new machine for a while and making the plunge to switch back to a linux based machine. I have about 5 pages worth of orgmode notes detailing hardware wishlist, replacement software for current workflow, & prospective machines. Currently my top 2 contenders are the X1 Carbon & X1 Carbon Extreme, but I still have reservations about both. X1 for the limitation of 16gb or ram and the UHD 620 GPU & the X1 Extreme which I’m worried about the Nvidia GPU & it being relatively untested at this point.

                                                                      Work has offered several times to buy a new machine, but I like the whole BYOD thing. We are also a small shop & the dev team runs on macs & I’m a huge fan of the new Mac keyboards or trackpads. It also only solves the work part of it, as I don’t want to use a work machine to do work on personal projects.

                                                                      For you I’d recommend checking out an older T series from Lenovo’s Thinkpad line or the System 76 machines, both of which sound like they may fit your bill .

                                                                      1. 5

                                                                        I just bought a cheap Raspberry Pi Zero and I’ll try to use it as an audio bluetooth receiver, recycling an external USB sound card I don’t use anymore. I think I’ll use Alpine Linux, it seems commonly used on embedded hardware and I had a great experience with Alpine inside Docker containers.

                                                                        I’m also doing this because most bluetooth receivers can’t be renamed (they’re all named “SomeBrand Bluetooth Adapter Thingy” while anyone would prefer seeing the name of the room they’re placed in) and I’m somewhat concerned with non-upgradeable IOT devices.

                                                                        I’ve also an unbelievable amount of things to debug and improve on GitHub.

                                                                        1. 4

                                                                          If you get something up and running, I would love to see a writeup posted here. I’ve got a Pi Zero W with a DAC hat that I’ve been meaning to do this with for almost a year now.

                                                                          1. 3

                                                                            I have a Pi-0W running volumio with Airplay, DNLA, & spotify connect. To the best of my knowledge being able to use it as a bluetooth receiver is still a work in progress, but there are several people documenting how they got it working on their system.

                                                                          2. 2

                                                                            I had no idea Alpine Linux worked on RbPi

                                                                          1. 6

                                                                            Fighting my losing fight against entropy; e.g. cleaning my apartment.

                                                                            I’m also going to try playing Shroud of the Avatar with my dad. It runs terribly on my machine, and I’m not a huge fan of online games, but my dad loves & I’m mainly playing it to spend time with him.

                                                                            Also working on my congressional outreach tool that seems to just be dragging on & on & on.

                                                                            1. 8

                                                                              I’m going on a weekend holiday to Tbilisi, Georgia! Also I’m continuing hacking on NewBusinessMonitor. Sending letters through the service works now, but I haven’t opened it to everyone else yet. I’ll do that this weekend.

                                                                              I’m super happy with it. I’m able to just click on companies to send personalised sales letters to them in the post. I’ve sent 103 sales letters in the past two days!

                                                                              1. 2

                                                                                გამარჯობა! Enjoy some Khachapuri for me. Or don’t if its not your cup of tea.

                                                                                1. 2

                                                                                  How could it not be anyone’s cup of tea? I don’t believe in miracles but if I did, Georgian food would be a great example.

                                                                                  I had soko and shkmeruli for dinner, and it was an absolute triumph.

                                                                                2. 1

                                                                                  Mmm, you get to enjoy awesome Georgian food. Enjoy!

                                                                                1. 9

                                                                                  I have been a mac user since the beige-toasters. There is no chance I would buy a computer with “DRM” crap preventing me from repairing it.

                                                                                  1. 2

                                                                                    Didn’t the beige toasters require an Apple-licensed tool to open or was that an urban legend spread in the besieged Amiga community?

                                                                                    1. 5

                                                                                      It’s correct, they used Torx screws for the case: teardown.

                                                                                      1. 3

                                                                                        I just bought a torx screwdriver from Lowe’s last week. I’d hardly consider that to be locking users out of their hardware.

                                                                                        1. 3

                                                                                          They were hard to come by in 1984.

                                                                                          1. 3

                                                                                            Yet infinitely easier to bypass than software DRM.

                                                                                            1. 2

                                                                                              I started repairing Macs in 89 and had several torx screwdrivers so by then, they were easy to get.

                                                                                              1. 1

                                                                                                Good point.

                                                                                            2. 3

                                                                                              Tri-Point and Pentalobe are two common currently examples of this.

                                                                                              In highschool/college I worked at an authorized repair shop for Apple. Torx are great honestly. They are easier to work with and less likely to strip than Philips. Tripoint & Pentalobe are a nightmare to work with, which is why they are often not used internally.

                                                                                              1. 3

                                                                                                Torx is just a better type of allen bolt

                                                                                                1. 3

                                                                                                  Indeed, there’s valid reasons to use Torx.

                                                                                          1. 27

                                                                                            I use https://protonmail.com. I wanted a Gmail alternative that was private and fully encrypted. I pay for the plus model so I can use my domain, I did not want the hassle or expense of a self-hosted model. I have been completely happy with Protonmail. I have used them since they were in beta.

                                                                                            1. 7

                                                                                              Yes, +1 for ProtonMail. From the small research I’ve done, they’re the most secure email provider. I also use my own domain.

                                                                                              1. 5

                                                                                                ProtonMail is great. The search function is a little bit slow, but since its encrypted at rest it kind of has to be.

                                                                                                There are a couple of features that are great. The one I get the most use out of is having multiple address connect to the same email account. I have several email addresses, one for personal use, one used for signing up accounts, one for newsletters (or other noisy notifications), one scoped to projects, etc.

                                                                                                There is also ProtonMail’s Bridge that gets around some of the security issues with IMAP/POP creating a connection over TLS, which then locally runs a IMAP/POP server on your machine.

                                                                                                They have also had their OpenPGPjs (A opensource PGP impl in JS) library audited.(1)

                                                                                                2 major caveats for anyone who is considering an encrypted email service is that

                                                                                                1. Email is inherently insecure. It is hitting protonmails server in plain text possibly without StartTLS.
                                                                                                2. You are probably going to forfeit some functionality for the this feature.

                                                                                                1: It wasn’t directly them, more the community around OpenPGPjs, which they are part of. I’m also unsure of the original ownership of this project, but that can get muddied with opensource sometimes.

                                                                                                1. 3

                                                                                                  I also use protonmail, no particular complaints about it.

                                                                                                  1. 3

                                                                                                    I have the Visionary plan and seamlessly migrated my email to them - including my whole archive which goes back about 13 years or so, once the bridge was out.

                                                                                                    It’s a very nice and simple web client, and the apps are good enough that they just work for my parents.

                                                                                                    Overall, I like it very much.

                                                                                                  1. 25

                                                                                                    I give away Sidekiq and sell Sidekiq Enterprise. If you use Ruby/Rails, it’s the standard. https://sidekiq.org

                                                                                                    1. 3

                                                                                                      it’s the standard

                                                                                                      For a very good reason. Wonderful piece of software. Thanks @mperham!

                                                                                                      1. 2

                                                                                                        Woah thats awesome. I have been using sidekiq lots. Great bit of software.

                                                                                                        1. 1

                                                                                                          Hey @mperham!

                                                                                                          Thanks for all of your code. I’ve used and loved several of your projects.

                                                                                                          Out of curiosity what is the current status of Faktory? It sounded like an interesting project, but the rate of development looks like it kind of cratered last Dec.

                                                                                                          1. 2

                                                                                                            It’s under active development but summer has been slow due to family issues. Latest:

                                                                                                            https://mastodon.xyz/@mperham/100583959557092421

                                                                                                        1. 5
                                                                                                          Personal
                                                                                                          1. Work on Congressional outreach tool:
                                                                                                            I’ve gotten most of the hard part out of the way. APIs to the Census and Propublica API are done. At this point I just need to finish the front end, and stop bikeshedding on the design.
                                                                                                          2. eBooks as private podcast RSS feed:
                                                                                                            This is mainly meant as an application to learn go. Very early stages.
                                                                                                          Work
                                                                                                          1. Diagnosis issue with beta version that seems to only effect a small group of users located in UT. It seems to effect less than 1% of users located in UT, and doesn’t seem to be an issue for users in other states.
                                                                                                          1. 5

                                                                                                            Trying to get up to speed with Kubernetes and the whole ecosystem around it. Got a small cluster running with Kubespray, Rook for storage management and an Nginx Ingress controller. Certificate management, Network Policies, RBAC, Monitoring and so on still need a lot of work and learning on my side. I hope to get a MySQL Galera cluster and Wordpress to run with OpenID connect via Keycloak by the end of the week.

                                                                                                            Besides that I should start to apply for a new job :)

                                                                                                            1. 2

                                                                                                              Redhat has a podcast series called PodCTL if you are interested.

                                                                                                              Its largely produced by the team behind OpenShift & there has been somewhat of a lull in production & production quality in recent months.

                                                                                                            1. 17

                                                                                                              Standups should not

                                                                                                              • Try to resolve an issue live
                                                                                                                Don’t try to trouble shoot something or hash out details in a standup. Use the standup to report it, then grab someone after the meeting. Otherwise you are wasting everyone time. This one drives me nuts as it seems to happen in my stand ups all the time.

                                                                                                              • Include a measure of how productive you are.
                                                                                                                If you need that measure there are burn downs. Also its generally a good idea to not include any unnecessary management, as that does tend things to devolve into ‘make yesterday sound productive’ as @pab said.

                                                                                                              • Be longer than 1 minute per person.
                                                                                                                You want to report your current position, and where you are going. If it takes you more than 60 seconds to report this you are probably running into the prior two bullet points.

                                                                                                              • Be longer than 10 minutes in total.
                                                                                                                You don’t want to give time for devs to glaze over. If its taking longer either brevity is suffering from loquacious individuals, or the team may be getting too big.

                                                                                                              • Happen prior to caffeination, lunch adjacent (unless team eats together), or near EOD
                                                                                                                Stands ups should facilitate follow up communication between members. You want people be alert enough to help, but during a time where they wanting to wrap something because they have something else to do at that time.

                                                                                                              1. 2

                                                                                                                Yup. I think you hit the nail on the head. I did stand ups years ago as project lead. First 5-10 mins of work: 1) what are you doing 2) any foreseeable pain points, connect with your peers that your tasks need you to coordinate on.

                                                                                                                Done. Everyone thought they were extremely productive (to my knowledge).

                                                                                                                1. 2

                                                                                                                  Some tools that we use to achieve these goals:

                                                                                                                  • It is always OK and preferable for someone to say “can we / you continue this discussion after the daily?”. Not everything that is currently interesting and relevant you is that to everyone. It is very easy to forget this when you get excited!

                                                                                                                  • Keep everything short: It is OK if there is nothing peculiar happening or you don’t need input/help!

                                                                                                                  • Always briefly go through every task which has been worked on since last daily. From end of the process pipeline to the beginning (in our current case: task moved to production -> tasks moved to ready -> tasks moved to review -> tasks moved to in progress -> stories taken to in progress -> stories groomed to backlog). There is couple reasons for this “backwards” order. First it gives personal productivity measure (I deployed/did stuff that needs review/etc). Secondly it creates natural pull for people to review and take new tasks/stories to be worked on, which removes insane amount of that fruitless “is this the next thing, or this, or this” kind of conversation. Having physical kanban wall makes this really easy by the way.

                                                                                                                  • First couple items in the tip of the backlog are in strict priority order, so when previous story is done one just needs to take next one to be worked on. No need to converse about this during daily.

                                                                                                                  • Pick a time when daily starts. Be very strict about this. Making others to wait is rude, no one is that important.

                                                                                                                  Currently our team is 16 people, our dailies take 5 to 15 minutes. Depending on how much churn there has been.

                                                                                                                  1. 1

                                                                                                                    FYI The first known recorded standup from the highly productive Borland Quattro pro team was an hour long. Standups should be mini planner meetings, not status meetings.

                                                                                                                  1. 4
                                                                                                                    Personal
                                                                                                                    1. I’m working on a personal congressional outreach project based around ProPublica’s Congressional API.
                                                                                                                    2. Tweaking my kubenetes cluster.
                                                                                                                    Work
                                                                                                                    1. Finishing up our first major UI overhaul.
                                                                                                                    1. 14

                                                                                                                      The Cambridge Analytics scandal has prompted me to delete Facebook and be much more aware of my privacy. I know that deleting Facebook is now a “cool” thing to do now, but it’s been a difficult decision. I still had many friends there that I have no other means of contacting. Ads have gotten much scarier recently, perfectly retargeted among services, so I was getting mentally ready for this. But stealing data for political purposes is where I draw the line.

                                                                                                                      I’ve also replaced google with DuckDuckGo, and am planning on changing my email provider too. But I don’t know if it’s going to be futile. I still shop on amazon and use many other irreplaceable services like google maps.

                                                                                                                      Again, I’m not a privacy freak. I try to find a middle ground between convenience and privacy, so these changes are hard for me

                                                                                                                      Any recommendations for a balanced solution?

                                                                                                                      1. 6

                                                                                                                        Whereas I’m about to have to get back on Facebook after being off quite a long time. I’ve simply missed too many opportunities among local friends and family info since they just refuse to get off it. Once it has them in certain numbers, they find it most convenient to post on it. That’s on top of the psychological manipulations Facebook uses to keep them there. I’ll still use alternatives, stay signed out, block JS, etc for everything I can. I will have to use it for some things for best effect.

                                                                                                                        The most interesting thing about leaving, though, was their schemes get more obvious. They tried to get me back in with fake notifications that had nothing to do with me. They’d look like those that pop up when someone responds to you but you’re not in the thread at all. They started with an attractive, Hispanic woman I’ve never seen from across the country that some friend knew. Gradually expanded to more attractive women on my Facebook but who I haven’t talked to in years or rarely like (not in my feed much). The next wave involved more friends and family I do talk to a lot. Eventually, the notifications were a mix of the exact people I’d be looking at and folks I’ve at least Liked a lot. I originally got nearly 100 notifications in (a week?) or something. Memory straining. Last time I signed in, there was something like 200-300 of them that took forever to skim with only a handful even real messages given folks knew I was avoiding Facebook.

                                                                                                                        So, that whole process was creepy as hell. Especially watching it go from strangers I guess it thought I’d like to talk to or date to people I’m cool with to close friends. A lure much like the Sirens’ song. Fortunately, it didn’t work. Instead, the services’ grip on my family and social opportunities locally are what might make me get back on. The older forms of leverage just in new medium. (sighs)

                                                                                                                        1. 3

                                                                                                                          It kind of depends on what you are trying to prevent. There are some easy wins through

                                                                                                                          1. As of March 2017 US ISPs automatically opt you in to Customer Proprietary Network Information. ISPs can sell this information to 3rd parties.. You can still opt out of these.
                                                                                                                            Look for CPNI opt out with your ISP.
                                                                                                                            https://duckduckgo.com/?q=cpni+opt+out&t=ffab&ia=web

                                                                                                                          2. uBlock Origin / uMatrix are great for blocking tracking systems.
                                                                                                                            These do affect sites who make they’re money based on ads however.

                                                                                                                          3. Opt out of personalized adverting when possible
                                                                                                                            Reddit, Twitter, even Google give you an option for this.

                                                                                                                          4. Revoke Unneeded Accesses
                                                                                                                            https://myaccount.google.com/u/1/permissions https://myaccount.google.com/u/1/device-activity
                                                                                                                            https://myaccount.google.com/u/1/privacycheckup
                                                                                                                            https://twitter.com/settings/applications

                                                                                                                          5. Make your browser difficult to fingerprint.
                                                                                                                            EFF has a tool called panopticlick that can show you how common your browser’s fingerprint is. I locked down what I could (there should be instructions on panopticlick’s site), and added an extension that cycles through various common user-agents. It might sound like overkill, its not onerous to do.

                                                                                                                          6. Don’t store longterm cookies.
                                                                                                                            I actually disabled this mostly. I still blocked for 3rd parties, but first party cookies are allowed now. Using a hardware key or password vault makes signing easy, but ironically the part that killed this for me more sites supporting 2FA. I use Cookie AutoDelete for Firefox.

                                                                                                                          7. Change your DNS provider.
                                                                                                                            I don’t have a good suggestion for this one. I use quad-9, but I don’t really know enough to say whether or not I trust them.

                                                                                                                          1. 2

                                                                                                                            Unlike an email or web server, setting up a resolving only DNS server is quite painless. I do this at home and rarely have issues. And if I do, I can reset it at whim instead of trying to fight with tech support.

                                                                                                                          2. 1

                                                                                                                            I pay $40/year for Protonmail. It is fantastic.

                                                                                                                            As for Facebook, why delete? It is actually a benefit to have an online presence for your identity, but you need to be careful with what about yourself you share. If you don’t take your online identity, someone else will. This is exactly why I’ve registered my name as a domain and kept it for years now. It is just another “string of evidence” that I am who I say I am on the internet.

                                                                                                                            My FB is just a profile picture now and nothing else. I have set my privacy settings to basically super locked down.

                                                                                                                            When it comes to socializing, there is little you can do to not be tracked. The only thing you can do is “poison the well” with fake information and keep important communication on secure channels (i.e. encrypted email, encrypted chat applications).

                                                                                                                            1. 1

                                                                                                                              I removed Facebook about 6 years ago and recently switched to Firefox beta and DDG. Gmail has had serious sticking power for me, though. I’ve had several fits and starts of switching email over the years but my Gmail is so intertwined with my identity nothing else has ever stuck.

                                                                                                                              It is possible to switch, I’m sure, but in my case, I have never committed quite enough to pull it off.

                                                                                                                              1. 3

                                                                                                                                When I got off gmail, it took about two years before I wasn’t getting anything useful forwarded to my new identity.

                                                                                                                                Setting up forwarding was quite painless and everything went smoothly otherwise. The sooner you start…

                                                                                                                                1. 2

                                                                                                                                  When I looked into it, everone was suggesting FastMail if the new service needs longevity and speed. It’s in a Five Eyes country but usually safest to assume they get your stuff anyway if not using high-security software. The E2E services are nice but might not stick around. Ive found availability and message integrity to be more inportant for me than confidentiality.

                                                                                                                                  People can always GPG-encrypt a file with a message if they’re worried about confidentiality. Alternatively, ask me to set up another secure medium. Some do.