1.  

    This is an old article – we’re using NixOS on all our systems at work, and it all started on AWS in 2019. NixOS was resizing the volume and there were no issue with AWS integration. The only annoyance is that the AMIs created by the NixOs team are created sometime early after the cut and never updated. So as one approaches the next release, and wants to upgrade the system, there will be a lot of fetching. Also, sometimes the AMI will be late to arrive :)

    And, God, do not try to run Nix in Docker! It’s really, not, REALLY bad idea!

    Oh, yes, totally bad idea. Docker is for isolating the dependencies of a system and packaging them together. Nix is a packaging system that ensures you have all the dependencies you declared ready when you want to run your tool. Why using the same tools (or, why zip the tar.gz archive?). I just think the author of the article belongs to the class of people that mixes up Docker with VMs…

    1. 1

      I built a small internal tool at $work to automate our NixOS deployments that integrates with Terraform. Still want to push to open source it, but simply haven’t had time to work on it lately.

      The setup we have is that secrets are defined in Nix lang but not part of any derivation. (Like nixops, I believe.) We then make them available in /run/secrets during activation only. Regular activation scripts are used to install them wherever needed.

      (Minor obstacle is that we always need to check existence, because activation runs are not always initiated by our tool.)

      1. 2

        We (not royal we, but my team) also built something that helps out deployments and integrates with Terraform, but didn’t have time to open-source it. It’s mostly based on https://github.com/tweag/terraform-nixos, but we had to rework the whole process of sending secrets to hosts (Terraform is not great when copying, as it leaves files around). For us, the secrets are defined in Terraform, and stored in the terraform state, but during the deployment they are stored on the remote machine, outside of nix store. The downside is that we have to redeploy on every secret change (which is simple), and ensure the services reload (which is not so simple).

        1. 1

          Our setup is different from the Tweag approach in that we have a server/agent setup. A Terraform provider uploads a flake to the server which builds it, instead of building locally on the machine running Terraform. We pass secrets and other variables from Terraform to Nix by injecting a vars.json into the flake as we upload. Once the build completes, an agent (running on the target machine) downloads and activates the configuration.

          Service reload is still an issue yes, because the Nix activation doesn’t notice any change if just secrets were updated. I still have to tackle it, but was thinking of adding a hash of (a subset of) secrets in, for example, the systemd unit as a comment. Just so that the file (and derivation) changes, and Nix understands it needs to give it a restart.

          1. 2

            We keep a secret per file/service and then this helps a bit:

            systemd.paths = {
              # we rely on this to detect changes to keys and
              # automatically trigger the restart of the service
              hydra-server-watcher = {
                wantedBy = [ "multi-user.target" ];
                pathConfig = {
                  PathChanged = [ "/var/keys/admin_password" ];
                };
              };
            };
            ...
            systemd.services = {
              hydra-server-watcher = {
                description = "Restart hydra-server on credentials change";
                wantedBy = [ "multi-user.target" ];
                after = [ "network.target" ];
                serviceConfig = {
                  Type = "oneshot";
                  ExecStart = "${pkgs.systemd}/bin/systemctl restart hydra-server.service";
                };
              };
            };
            

            I forgot why we couldn’t rely just on systemd.paths. This works reasonably well, however we sometimes run into nginx not reloading on the latest Let’s Encrypt certificates (they are also pushed from the deployer, via Terraform, as our machines don’t have access to the internet, so we can’t use http challenge).

      1. 1

        Nice approach! I like the exploration via systemd, as I learned something new there :)

        I have a question about storing secrets: in mkSecretOnDisk function, wouldn’t this:

        age -a -r "${key}" -o $out ${source}
        

        store the secret in plaintext on the builder? For doing builds on the local machine, this might not be an issue for you, I would assume.

        1. 7

          Quicksilver is another open source launcher for macOS. What does this project aim to do differently?

          1. 2

            Hmm, I hadn’t heard about this project before. Thanks for the link.

            It turns out that there is only one difference between it and spotter - spotter is a cross-platform application which will be released also on windows.

            1. 6

              Quicksilver was the app that inspired Alfred, LaunchBar, Gnome-Do, and I think much of the “launcher” market.

              It was a fantastic app in its heyday, but unfortunately lost some of it’s quality as macOS progressed and it didn’t quite keep up. It also depended on compiled, typically Objective-C, plugins, which is not how most newer plugin systems are working now, with Node, Python, Lua, etc, being more typical.

              1. 3

                I remember using LaunchBar in the Mac OS 7 days (mid-1990s). It well pre-dates Quicksilver.

              2. 3

                Another open source thing like Alfred is Albert, might be worth checking out for further inspiration.

                1. 2

                  Great app, but looks ugly tbh

              3. 2

                I’ve been using Quicksilver for the past 15 years, and I just can’t switch to anything else. I might not be using it’s full potential, but for quickly starting an app or getting me contacts/calculations/files, it’s invaluable.

                1. 2

                  Man, I had no idea Quicksilver was still alive and kicking. I seem to remember it being dead awhile back, which is when I switched to Alfred.

                1. 28

                  Any of y’all want me to throw my hat in the ring?

                  Another time. :)

                  Okay fisch. I’ll try. If enough folks are interested I’ll shoot an app in.

                  1. 40

                    friendlysock is pretty much the only user who I have mentally flagged as consistently antagonistic and obnoxious, generally to the detriment of friendly and civil discussion. Other users may have particular topics which they feel sufficiently strongly about that they occasionally get a little antagonistic responding to criticism. With friendlysock, I see unnecessarily inflammatory comments often enough that I now mentally think, “ugh, I won’t bother reading this comment chain, it looks like another friendlysock spat”. If you can’t moderate your own comments, I don’t think you’d be good at moderating other peoples.

                    So if you really want our opinions, no, I do not want you to throw your hat into the ring.

                    1. 24

                      Strong disagree. friendlysock consistently engages in civil and friendly discussion, even when finding himself on the other side of an argument with someone whose political convictions make them feel they shouldn’t even attempt to be civil and friendly. I’ve never seen him make a comment I think could fairly be called unnecessarily inflammatory (and I say this as someone who has disagreed with him in the past). I generally enjoy seeing his posts and think he’s a good contributor to the site.

                      1. 29

                        You’re painting a picture where angersock is the civil one who just so happens to be constantly surrounded by people mad at him.

                        That’s wrong: angersock frequently accuses others or entire communities of bad faith and assumes a position of authority he doesn’t have when saying content doesn’t belong here (do I even need to link that one?).

                        I’ve rarely seen anybody argue with angersock twice. That alone should be pretty damning: The only constant in arguments involving angersock is he himself.

                        One can be inflammatory, incite flamewars and toxic communication while saving face by “remaining civil”. I’m not sure how much of it was intended in /u/Thra11’s post, but to me the point is that angersock remains civil, but brings incivility.

                        That is not to say that he doesn’t try his best, and I don’t think he does any of this on purpose (though I am really not sure). But I really don’t think he is cut out for this job, and given the comment ratio on his top-post vs the rest of the thread, I think he would be quite a controversial mod to say the least.

                        1. 14

                          It’s also missing the point: One can be inflammatory, incite flamewars and toxic communication while saving face by “remaining civil”.

                          That form of trolling is called Sea-lioning. http://wondermark.com/1k62/

                          1. 12

                            I strongly disagree that how friendlysock has been showing up here can be seen as a form of sealioning.

                            1. 8

                              It still blows my mind that not only do some people think the woman rather than the sea-lion was the sympathetic character in that comic, but that there are enough such people for “sea-lioning” to have become a meme.

                              1. 7

                                I suspect it’s because many people use public social media for private conversations with their friends (as they would speak while walking about town). A stranger injecting themselves into the conversation to demand your time and attention (regardless of how righteous they are) is unwanted and weird.

                                1. 5

                                  I was puzzled by that as well. There were enough of us that the author wrote a three paragraph clarification on the errata page. It’s possibly worth reading the explanation there. I’d summarize it as “the sea lion is a stand-in for people who behave a certain way and the woman’s objection is based on that behavior”.

                                  1. 5

                                    It’s pretty fitting, I think. Most people who cry “sea lioning” are just upset that someone responded to their public statements.

                                  2. 6

                                    I only have this comic as reference for as to what sealioning means, but the situation I see with angersock is not one where he actively seeks out people to engage in stupid arguments with. Maybe the term has evolved beyond that specific example, but then, without a new real definition, it has lost its meaning.

                                    1. 3

                                      The term has not lost its meaning, it has always been used to refer to people who make unwelcomed responses to publicly made statements.

                                  3. 8

                                    My own interactions with ‘sock have actually been pretty good, even in cases where we disagreed (as in this thread), and I don’t off-hand recall seeing and recent(ish) comments where I was “sjeez ’sock, relax mate”.

                                    But I also skip most Rust stories, as I don’t have a lot of interest in Rust (not at the moment anyway), and that link is indeed very much a “sjeez ’sock, relax mate” type of conversation.

                                    Point being: I guess people have a limited/biased view of ’sock (or any other members, for that matter) based on which stories they read and comment on. I certainly do, because I never would have seen that comment if you had not linked it here.

                                    1. 2

                                      do I even need to link that one?

                                      Would be helpful for people like me who aren’t as deep in the day-to-day of lobste.rs.

                                      1. 4

                                        It appears lobste.rs has some sort of retention on the index of comments per user, but here’s the most recent examples (not the best ones):

                                        All of those assume a place of authority and tell others how to use the site.

                                    2. 4

                                      In all fairness, this was not always the case (see also why I’m friendlysock instead of angersock), and even as recently as that Rust thread a few days ago I can still be more inflammatory than is helpful (less charitably: I can be a shithead). I’m no saint.

                                      1. 4

                                        and yet, gestures frantically below

                                      2. 6

                                        I would have to concur with this

                                      3. 34

                                        I personally would prefer not to have a moderator who thinks having Nazis participating is a fine idea (https://lobste.rs/s/nulfct/problem_with_code_conduct#c_dwa6s5). “You could exclude neither [Nazis nor the target of Nazis], and let them sort it out themselves elsewhere. Indeed, seeing each other in a context that doesn’t constantly reinforce their ideology might serve to build bridges and mellow both sides.”

                                        Seeing as my grandmother was almost murdered by Nazis the “mellowing both sides” bit did not go over well with me.

                                        1. 22

                                          It’s taken me quite some time to form a response.

                                          Here in Bloomington, IN, last year and the year prior, we had to deal with a real Nazi problem in our city. It was BAD. https://www.nytimes.com/2019/08/18/us/indiana-farmers-market-white-supremacy.html

                                          We have had a city govt run farmers market near the city square. It was on the largest walking/biking/running trail the city has.. It really was an amazing market.

                                          Then, the Unicorn Riot discord hack happened. Normally, this would oust Nazies and similar ideology. Except this time, it ousted a lady by the name of Sarah Dye, a farmowner and a stall vendor at the farmers market. It only outed the first name in the general vicinity and owned a farm - I was the one who found her account on Youtube by the name of Volkmom, and got her banned from the other 2 farmers market boards she was on. I forwarded the videos to their boards. They compared her voice to her damning videos.

                                          However, Bloomington IN doubled down, claiming 1st amendment concerns. Peaceful protests to Dye and the city were done… And the cops arrested the peaceful protesters, up to and including the president of low barrier homeless shelters - dressed as a purple unicorn ( https://www.thedailybeast.com/unicorns-arrested-at-protest-of-white-supremacy-at-bloomington-indianas-farmers-market ).

                                          And since Dye was being defended by the city, we had other undesirables show up. Other neonazies did. So did the 3 percent’ers. But when the 3%ers showed up, they were armed to the teeth, with AR15’s strapped to them, handguns (plural), zipties, and more. There was no question - they were not peaceful. They wanted to make a show of force that they were present to support their kind. Having them all show up shat on the very idea of the farmer’s market of inclusivity and coming together over shared food.

                                          We (public) finally solved this by deprecating the city run market, and a new market was made by a non-profit org. All the vendors showed up here, with exception of Sarah Dye and her stall. And unlike the city market, visible weaponry wasn’t allowed. And being in Indiana, people will pack heat; but it can at least be diminished.

                                          When nobody knew she was a Nazi and she didn’t do anything suspicious publicly, it was uneventful and peaceful. People just bought their groceries and all was good. The moment it was known, all the dregs, white nationalists, neonazies, kkk, and similar moved in to support “their kind”. We all literally had to abandon and regroup to get them to stop.

                                          If you don’t strongly deal with white nationalist groups, they’ll eat you out of house and home, run everyone off, and leave you with a shell of a community. I’ve seen it happen locally how it progresses in real life… and damned if I’ll let it happen to communities I’m currently a moderator of.

                                          1. 21

                                            Forgive me for being dense, but my reading of this is that everything was quiet and peaceful until you went out of your way to dox a Nazi and get her kicked out, and then people decided to protest a lawful application of the 1st Amendment, and then counter-protests happened, and a bunch of ugliness occurred, and then after all this you got the original market back less one Nazi.

                                            If this is an accurate reading (and it may not be!), how could one not conclude that everything was fine until you got a bee in your bonnet about somebody being a Nazi in their free time? How is everything that followed not your fault? That being the case…how is all of the following ugliness not the result of the efforts to purge a secret Nazi?

                                            My desire to follow rules of topicality and civility is very much due to a desire to avoid that sort of protest-counterprotest stuff that harms communities more than it helps.

                                            1. 22

                                              how could one not conclude that everything was fine until you got a bee in your bonnet about somebody being a Nazi in their free time? How is everything that followed not your fault?

                                              Who escalated to violence? The white nationalists did. Arguing that the exposers of secret Nazis are at fault is the argument employed by domestic abusers. “Woman, why do you make me beat you? Why do you do this to me?”

                                              I know you’re arguing in good faith. But please do not try to justify violence from this crowd. They proved that they weren’t standing on moral high ground when they showed up with firearms and zipties.

                                              The violent response from white nationalists to nonviolent protests should prove just how much of a charade their pearl-clutching about “muh free speech” really is.

                                              1. 13

                                                Forgive me for being dense, but my reading of this is that everything was quiet and peaceful until you went out of your way to dox a Nazi and get her kicked out, and then people decided to protest a lawful application of the 1st Amendment, and then counter-protests happened, and a bunch of ugliness occurred, and then after all this you got the original market back less on Nazi.

                                                More specifically, there was already an anti-nazi campaign locally going against her with what I considered shaky proof. Many of us were very hesitant to engage in protests in person or online, without solid proof. I used my OSINT skills and was able to positively identify that it was her. Had it not been, I would have also said so. I’m not going to engage in a protest against an individual unless I’m damned sure I can prove it… And I proved it beyond a reasonable doubt.

                                                Speaking to “and then people decided to protest a lawful application of the 1st Amendment, and then counter-protests happened”…

                                                The problem was that the city was supporting the nazi speech AND show of force, while arresting peaceful (non-weapon-possessing) protestors. If the city had applied equal force to both sides, there would have been less of an issue with respect to 1FA.

                                                If this is an accurate reading (and it may not be!), how could one not conclude that everything was fine until you got a bee in your bonnet about somebody being a Nazi in their free time? How is everything that followed not your fault? That being the case…how is all of the following ugliness not the result of the efforts to purge a secret Nazi?

                                                You’re extrapolating and assuming when you don’t have the information.

                                                My desire to follow rules of topicality and civility is very much due to a desire to avoid that sort of protest-counterprotest stuff that harms communities more than it helps.

                                                This sort of civility is similar to Sea-lioning ( http://wondermark.com/1k62/ ).

                                                Simply put, there is no civility when discussing people who want to murder people (and have done so) who differ only in race, skin color, or sexuality.

                                                1. 20

                                                  Over and over and over again the same “both sides are at fault” message, Nazis and their victims. You simply cannot get yourself to say “let’s leave Nazis out”, huh.

                                                  1. 12

                                                    A few questions to make sure I understand your arguments:

                                                    • Assuming Lobste.rs vows to leave the Nazi out, who is going to decide which user is a Nazi? What is the definition of a Nazi?
                                                    • Since we’re bound to leave the Nazi out, how can we ensure that there won’t be a “leave the Y out”, where “Y” can be muslim from Saudi Arabia, Palantir developers (are they morally superior to Nazis?), Steven Pinker, Noam Chomsky and everyone else group X doesn’t like ?

                                                    ps. This discussion is not new by any means. It is a hard discussion, Karl Popper wrote extensively about this exact issue.

                                                    1. 8

                                                      Thank you for your observation.

                                                      For me, I can’t help but notice that even if we say “Okay let’s get rid of the Nazis”, we still have the question of who is a Nazi?

                                                      Form a practical standpoint: half of my country (US) voted for Trump, for whatever reason. That makes them some flavor of Republican–or worse. It is not a stretch (and is pretty common in various circles) to see any affiliation with Republicans as basically being a Nazi.

                                                      If half of Lobsters is from the US, this means that like a quarter of the users–based on back-of-the-envelope calculations–are Nazis and should be banned, for being Nazis.

                                                      If we just ban based on civility and topicality, we get to sidestep this issue.

                                                        1. 7

                                                          Any of the comments that article references are clearly outside decorum and, if posted here, would warrant administrative action.

                                                          1. 8

                                                            Weev is a public figure. Weev was banned from gab. Weev could participate anonymously on lobsters. If weev wants to post here as weev, is that OK?

                                                            1. 8

                                                              Why wouldn’t it be, if he follows the rules and isn’t an asshole and contributes to on-topic discussion?

                                                              It being weev, I imagine it would be less than an hour before he gets banned for saying stupid Nazi shit, but might as well give the fellow a chance.

                                                              Our purpose here isn’t to punish people for actions in other communities; our purpose is to discuss technology.

                                                              1. 5

                                                                Weev is a public figure known for being a Nazi. For weev to be named as weev, it’s the same as https://lobste.rs/u/neonazi .

                                                                Weev could go by a different name to participate in lobsters.

                                                                1. 0

                                                                  Pretty sure there are many internet users with that nickname - most probably are unaware of some rando from US. To be honest I never heard about that guy until today. If he would have an account here I would judge him by what he writes here without crosschecking him across other sites. Who does that?!

                                                    2. 7

                                                      I won’t say it because I don’t believe it.

                                                      I would rather have a polite Nazi talking to me about technology than either a rude not-Nazi talking about technology or a polite not-Nazi talking about not-technology. As somebody mentioned above re: the Nazi variant of the Turing test…a sufficiently polite and topical Nazi is indistinguishable from a normal user, because they’re presumably not talking about Nazi shit and picking on Nazi victims.

                                                      If they are, the rules of civility and topicality give a handy way–and a more uniform way–of dealing with them. Even better, it gives a way of dealing with them that doesn’t give them the recourse of saying “Well you’re just doing this because you hate Nazis”, or “You’re just doing this because you support SJWs”, etc. I can point at the rules and say “You were off-topic and being uncivil. I don’t need to believe anything about Nazis or your relationship with that ideology to get rid of you.”

                                                      1. 22

                                                        Apparently you definition of civility includes telling me and other Jews to “mellow out” about people wanting to murder us. No thanks.

                                                        1. -9

                                                          Do you want to murder them, given that you (by my reading here) believe they are a clear and present danger to you and yours?

                                                          1. 17

                                                            This is too far. There are diminishing returns now on this conversation and also both of you seem to have lost perspective that this post is about finding new moderators because pushcx might be under huge moderator load - you’re not helping. At the least, take this to a different venue or to personal chat to hash it out and bring back here any positive results.

                                                            @itamarst You are talking about a subject which is understandably extremely sensitive and important to you. I think everyone can and would acknowledge the pain that you and your family must have gone through, and it is a failing of people in this conversation that that is not the first and most obvious point to be reiterated and repeated without fail. We all must acknowledge that terrible things have happened and that we want to take positive actions to prevent them happening again. That being said you are grossly not applying good faith in a situation where one person’s actions seem to have been offensive to you, and you are bringing a subject that is most definitely off topic for lobste.rs into this space. In relation to the former, you could have chosen a much more amicable way of bringing your point forward such as: Quoting friendlysock, explaining how you reacted to and felt when you read his comment and asking friendlysock to confirm if that was his intention and to clarify his meaning if it was. You definitely could have done that constructively inside the context which was friendlysock applying to be a moderator, so you could have phrased your question in a way relevant to this topic. No one would ever question your pain or your discomfort at seeing discussions of a group of people that brought great harm to your family and by extension pain to you; you do not have to not be angry, or not be in pain; but having the expectation that you can bring this up in this way in this space and the outcome be constructive is poor judgement: whether or not this was a motivation, you are not going to get personal resolution to political issues that cause you pain on lobste.rs.

                                                            @friendlysock Whatever your position you are grossly failing to take a step back and acknowledge itamarst’s point where he is now, not where you think he should be or how you think his point relates to lobste.rs. If you keep doubling down on your position, itamarst has to double down on his. This does not seem like rocket science. Whether this is on topic or not, when someone has gone to the effort and made themselves vulnerable by presenting something they are angry or in pain about, particualrly if it’s such a HUGE subject as this with so much emotion attached, step 1 is acknowledge that and consider your position in relation to what they said. You have no idea how they feel and you can not begin to understand their position so if they are offering you this level of confrontation the most you can do is acknowledge and listen. You don’t have to take responsibility for having caused their pain - no one is calling you a nazi or accusing you of murdering people, but you do have to acknowledge that they felt a particular way after reading what you wrote, and if you want to, you can explore that, but with about 1000 times more sensitivity. Acknowledgement and reiteration of your fundamental positions as they relate to lobste.rs, or moderation on lobste.rs would perhaps be a way to frame your position, if you’re interested in doing that.

                                                            1. 16

                                                              “Good faith” only goes far when some spends so much effort explaining how important it is we include Nazis in our discussions. Especially when they want to be a mod.

                                                              And really the whole point of the exercise is mod policy. As I’ve said before, in other discussions, you gotta pick a side. And the clearer friendlysock’s opinions, the clearer the choice pushcx has to make.

                                                            2. 13

                                                              Enough is enough. You are bullying itamarst with repeated emotional manipulation by way of a topic that has violently effected them, apparently so that you can get them to call for killings on a thread in which you nominated yourself to moderate the community in pursuit of civility. Are you done trolling yet?

                                                              1. 6

                                                                Do you want to murder them

                                                                Come on, this is too much.

                                                                1. 6

                                                                  No, of course not.

                                                      2. 32

                                                        no offence, but I find that “mellowing both sides” is a very legit goal. seeing as I’ve spent most of my life in a warzone, this goes very well with me. I’m not jewish, but I’ve had multiple run-ins with Neo-Nazis due to the way I look and where I escaped the war to. I used to hang out in this bar that was split in half, one of it was extreme leftists, and the other were staunch Nazis, some not even Neo. we were all fucked, so we just drank together in a weird peace of sorts. one of the Neo-Nazis never liked the fact that I started hanging out there, and was constantly hostile, and due to past experiences I had to often stay alert and make sure to be ready for whatever may come, but the beer was cheap mind you and the weed was good.

                                                        one of the Neo-Nazis in particular was this big guy who had it so clear in his eyes that he’d like to beat the shit out of me to prove his worth or whatever. I didn’t care as this was the least of my worries (at that time). one of the old men I used to hang out with was a programmer as well, so we’d get high and discuss all sorts of computer things. one day the convo came to Blender and 3D modelling, and all of a sudden this big guy who never wanted to exchange a word with me and rather punches came and started talking about Blender with love in his eyes instead of hate, after a couple of hours of that he threw the shittiest but unfortunately the most fitting line of all:

                                                        “your people aren’t too bad after all.”

                                                        we actually continued conversing after that and went through a couple of his traumas and why he ended up on the path he ended up on. I by no means expect everyone suffering from oppression to engage in such antics with their oppressors, but I’d rather the ones who can’t, let the one who can, do what they gotta do.

                                                        at the very least, you can try to not monopolize suffering under your own school of thought, and within only your own context.

                                                        this is probably my last comment here for a while, so feel free to PM if you wanna discuss this further. I am also very sad to hear about your grandma, it sucks to be almost murdered, it sucks to see people you love get murdered, and it sucks to see people you love commit murder, but that shit happens on all sides of aisle.

                                                        dehumanize one, and you dehumanize all, I find.

                                                        fucking hell, I need a beer.

                                                        1. 25

                                                          Thank you for sharing! I think that’s slightly missing the point, though:

                                                          1. The issue was with “both sides”. Why do I need to “mellow” if someone wants to murder me?
                                                          2. You are describing a truce backed by violence. And that might work for some, but the more common case is people not going into the bar at all, because they don’t feel safe.

                                                          I’m sure many Nazis have reasons for how they ended up where they are (though in the US a lot of them aren’t suffering at all, they’re upper middle class or rich). Maybe hanging out with Nazis will make them change their mind. I doubt it, but it’s possible.

                                                          But given the choice between making a safe environment for everyone, and letting some Nazis in in the vague hope they will learn something and lots of other people choosing not to participate, I’d rather choose the latter former.

                                                        2. 10

                                                          You know, I can sympathise with your viewpoint here, especially as a Muslim in the current global climate, but the problem I see is that this seems to be leading to such extreme echo chambers, that it makes people say things like what one user in the thread you linked said:

                                                          Feminists believe that women are as human and as entitled to agency and dignity as men are; MRAs believe that women are inferior to men and should be enslaved.

                                                          This is such an absurd statement to make without backing up and so patently false; the only way someone can believe this is by being fed a constant diet of lies people who really hate MRAs instead of just speaking to MRAs directly.

                                                          Suddenly, we’re not just banning Nazis who want to kill you and me and our entire family trees, we’re banning practicing religious people who aren’t willing to rewrite their holy scripture or reinterpret it to suit people’s desires, we’re banning critics of said religious folks who believe baby penises should remain intact — hey, they’re MRAs, right?; whatever, they must be islamophobes or antisemites either way — we’re banning critics of affirmative action, we’re banning all manner of people with valid and not so valid positions or arguments.

                                                          We don’t discriminate on truth, we discriminate on whether it’s comfortable or not to a select group of people. People who can’t discriminate between a belief like, “men and women have roughly equal average IQ, but the distribution is wider for men, so the ratio of men to women at Google is roughly what we’d expect if Google were selecting for such and such IQ” — responding with such inanity as “do the women at Google not belong there, then?” — and a belief like, “women are inferior to men and so should be enslaved to them”.

                                                          1. 20

                                                            I think that if I were on a rocketry forum I’d be interested in hearing what Wernher von Braun had to say (not merely a Nazi, but an officer in the SS). If I were on a forum about filesystems, I’d be happy to talk to Hans Reiser. If I were given the opportunity, I think that Konrad Zuse (not a Nazi, but certainly a collaborator) would have interesting things to say about electromechanical computer design.

                                                            I’d be more than happy to throw any of them out if they start going into politics or murder, but if they have useful expertise and follow the rules of decorum, they should have a place.

                                                            1. 15

                                                              Let me put it like this: if Hans Reiser would join a forum where Nina Reiser’s brother (or sister, close friend, etc.) would also participate, would you think it’s reasonable if they would object to this?

                                                              It’s not hard to see how this would also extend to neo-Nazis (as in, literal neo-Nazis, who looked at the Holocaust and thought that all of that was just a spiffing good idea); would you enjoy interacting with someone who literally wants to kill you and everyone like you and worships an attempt to do exactly that? Are many people not a victim of these people’s actions just as much as Nina’s Reiser’s brother is? Would you happily discus webdesign best practices with the person running StormFront or some other neo-Nazi website?

                                                              I’m not so sure if “it’s limited to just technical conversation” is really all that important, never mind that this is too limited of a view of Lobsters IMHO, as it’s a community centred around technical topics.

                                                              For all we know Reiser or the StormFront maintainer are already participating on Lobsters anonymously. We can’t really prevent that because the only alternative would be to actively vet members. But if you know you’re talking to the StormFront webmaster then … yeah, I’d rather not.

                                                              I’m not suggesting that we implement some sort of wrongthink policy or anything of the sort; you put forth the extreme scenarios so I’m replying to those, and in more realistic scenarios things tend to be some shade of grey. If someone on Twitter said “I don’t like people of religion/ethnicity/identity X” then that would probably be okay; as in, I won’t like them more for it, but I see no reason to ban them here for just that. But I do think all of this is a bit more complicated than you put forth.

                                                              1. 18

                                                                Would you happily discus webdesign best practices with the person running StormFront or some other neo-Nazi website?

                                                                Let’s apply a variant of the Turing Test to this: if people from the interactions alone cannot tell whether they are made by a regular person or a Nazi, then the poster/commenter can be regarded as worthwhile talking to as any other normal person.

                                                                1. 5

                                                                  Yes. Nobodies forced to use real names on lobsters. If someone posts anonymously, respect it. Don’t dox.

                                                                  It’s not the same if he/she uses their neo-Nazi name. Lobsters has no moral obligation to be known as the place where neo-Nazis hang out.

                                                                  1. 10

                                                                    Yeah I think there’s a bit of a straw man being thrown around in some of these discussions about being randomly chosen as the target of doxxing. It’s pretty easy to be anonymous on this website.

                                                                    To even be perceived as a member of a hate group on a site like this would require affirmative signaling to one’s peers that they hold hateful views towards other members of the community for their birth-given human characteristics, which seems like a good enough reason to remove such a user in the first place.

                                                                    1. 3

                                                                      Yes. Nobodies forced to use real names on lobsters. If someone posts anonymously, respect it. Don’t dox.

                                                                      Yes, I pretty much said as much later on: “We can’t really prevent that because the only alternative would be to actively vet members” (that this isn’t feasible isn’t stated explicitly, but it’s pretty clear to everyone that it’s not).

                                                                      I think both you and @ewintr have missed the point of my reply; this entire discussion is fairly hypothetical because of course no neo-Nazi is going to link to their StormFront account on their Lobsters profile (or Gab, or wherever these people hang out these days). I just wanted to point out why having known neo-Nazis on Lobsters is something that people would object to, and why some people would choose not to visit Lobsters if this were the case.

                                                                      1. 3

                                                                        No. You’re wrong. It won’t remain hypothetical. Look at how many people got caught from the 6th based on social media.

                                                                  2. 6

                                                                    would you think it’s reasonable if they would object to this

                                                                    I totally would understand why they might object to this. Then again, dude was put into prison and served his time. According to the law, he has received his punishment. Anything further is just extrajudicial retribution–understandable but not lawful.

                                                                    would you enjoy interacting with someone who literally wants to kill you and everyone like you and worships an attempt to do exactly that?

                                                                    If they were polite and solved my problem, sure. It’d be weird, but I’d rather have the help than not. The second they started going on about that other stuff, I’d report them cheerfully.

                                                                    For all we know Reiser or the StormFront maintainer are already participating on Lobsters anonymously.

                                                                    Exactly. For the dedicated opposition, this kneejerk intolerance serves no real obstacle–and can even be really useful as a leveraging point to disrupt a community. It’s like people have never played Among Us.

                                                                    but I see no reason to ban them here for just that.

                                                                    The problem is, several Lobsters I believe would be more than happy to do that, and would want it in a CoC. Further, where do you draw the line? How much Nazi is too Nazi? How little pedophilia is acceptable? I don’t want to make those calls–I’d rather focus on the (much simpler) tests of a) has this user treated other users respectfully in this space and b) has this user stayed on-topic. If followed, I believe those two rules are sufficient to guarantee a good time for everybody.

                                                                    But if you know you’re talking to the StormFront webmaster then … yeah, I’d rather not.

                                                                    As an aside, the world-wide experts in decentralization are about to all be, or keep company with, some really distasteful people. Ignoring their experience because they’re icky strikes me as a waste.

                                                                    1. 4

                                                                      The Reiser case is a bit more complicated, as I agree criminals should be given a second chance. However, it’s not unreasonable for victims of the crime to still harbour (strong) feelings of animosity; I don’t think that’s “extrajudicial retribution”. I don’t think that many people would happily chat with their sister’s murderer about filesystems after they served their time.

                                                                      At any rate, I only mentioned Reiser to illustrate the perpetrator/victim relationship, as it’s so clear in this case. I was tempted to leave that out entirely as it’s quite a different case from neo-Nazis.

                                                                      would you enjoy interacting with someone who literally wants to kill you and everyone like you and worships an attempt to do exactly that?

                                                                      If they were polite and solved my problem, sure. It’d be weird, but I’d rather have the help than not. The second they started going on about that other stuff, I’d report them cheerfully.

                                                                      Alright, fair enough. But it’s not hard to see how other people would make a different choice here.

                                                                      where do you draw the line? How much Nazi is too Nazi? How little pedophilia is acceptable?

                                                                      I don’t have clear answers to that; but this is a kind of reasoning I don’t really like. Maybe there’s a better name for this, but I like to call the “it’s hard fallacy”, which goes like: “it is hard to draw a line, therefore, we should not draw a line at all”.

                                                                      I’ve seen the same type of reasoning in conversations about civility. It can be really hard to draw a clear line about what is or isn’t acceptable, but that doesn’t mean we shouldn’t try at all. Clearly there should a line somewhere otherwise people replying with just “you’re a cunt” would be “acceptable”, and I think we can agree that it’s not. You can also see this fallacy in some other (political) topics.

                                                                      I’m not actually in favour of banning people for off-site behaviour unless it’s particularly egregious, such as active neo-Nazis, and even then I’d have to carefully look at the specific case at hand. In general I think the bar should be pretty high for this, but I do think there is a bar … somewhere.

                                                                      I mean, do you really expect black people or Jewish members to happily interact with people we happen to know are neo-Nazis or KKK members? If someone in your local soccer club is a great bloke and fun to hang out with, and then you discover he’s a Grand Hobbit Ghoul in the KKK (or whatever ridiculous ranks they have) then you would continue that relationship as-if nothing happened (and before you answer “yes I would”, would you expect everyone to do so, including your black teammates?)

                                                                  3. 16

                                                                    The problem, of course, is that then you lose all the people who don’t want to hang out with Nazis, or with people (like Hans Reiser) who murdered their wife.

                                                                    1. 25

                                                                      In an online forum for talking about X, I’d much rather have a room full of people who may be assholes elsewhere talking politely about X than I would a room full of people who might be lovely elsewhere being assholes in my forum because of something completely unrelated to X.

                                                                      1. 7

                                                                        Thank you for this succinct explanation.

                                                                      2. 12

                                                                        On the internet, no one knows you’re a dog.

                                                                        Who’s to say what someone’s intentions are? If people start causing problems, by all means remove them. The alternative is doxxing everyone who joins lobsters or digging up dirt, is that somehow a better alternative?

                                                                        I get it, no one wants to share a board with Nazis or murderers. I don’t either. But this social equivalent of a preemptive strike has the potential to be way worse.

                                                                        1. 11

                                                                          A good rule of thumb, in programming and elsewhere, is to always consider at least three solutions to any problem. There are in fact other solutions beyond the false dichotomy “doxxing everyone” and “accepting everyone”, one common one being a Code of Conduct. Personally I would go with “you must pass this very bar to participate”.

                                                                          1. 7

                                                                            Just because a comparison of two solutions are presented doesn’t mean you have to jump to “this is a false dichotomy.” Also, I thought we already had that with the lobsters rules? How does a code of conduct actually differ?

                                                                            1. 15

                                                                              Well, friendlysock apparently can compare Nazis as somehow equivalent to their victims (both sides apparently need to “mellow”). Most CoC would involve kicking him out for that.

                                                                              1. 6

                                                                                I don’t agree with the comparison and I don’t think friendlysock would be a good mod based on the fact that he could draw it. I just want to put this out there though - if there was a felon, Nazi or other unsavory person who could provide some insight into problems I’m trying to solve then I would still have an open ear so long as they stay on topic and don’t bring up their unrelated interests. Not doing so seems short sighted.

                                                                                Most Codes of Conduct are pretty crappy btw. Ruby has a good one, nearly all of the others are too suffocating.

                                                                                1. 2

                                                                                  I think both you and @itamarst may be missing something in how I wrote that–and that’s on me for articulating incorrectly.

                                                                                  My point was not to draw equivalence between those groups. My point was that everybody has some outgroup that they would prefer to see kicked out.

                                                                                2. 4

                                                                                  Maybe you should resolve that with friendlysock, then. Not going to fan these flames anymore.

                                                                            2. 9

                                                                              How is it “pre-emptive strike” to just not want to hang out with people you don’t like?

                                                                              This isn’t like…. the seat of government. This is a place to talk with people. Absolutely nobody is under any obligation to listen to people (short of mods basically “kicking people out”). There is zero moral requirement to listen to “varied viewpoints” or have an open mind.

                                                                              EDIT: And pointing to a previous declaration of moderation wishes as “digging up dirt” in a conversation about mod applications is rich. Are we supposed to just treat every conversation in some weird vacuum even when it comes to something so obviously relevant? I know you’re saying this in good faith but how is that not fair game?

                                                                              And like… you know what? These people that get doxxed or whatever? They are the ones that are vocal about their opinions. That’s how you even know that they are these kinds of people. If they kept their mouth shut we wouldn’t even be able to know!

                                                                              I’m tired of being lectured about how I’m the bad person for not wanting to deal with people who not only are (IMO) morally bad people, but also don’t have the social IQ to keep it to themselves.

                                                                              1. 10

                                                                                These people that get doxxed or whatever? They are the ones that are vocal about their opinions.

                                                                                Alright, where does the dirt digging stop, then? Everyone that’s somehow associated as commenting in this thread, supportive or otherwise? Because they may somehow have an agenda too?

                                                                                Dude, you’re not the bad person. No one’s saying you are. I’m just done with communities that engage in shit slinging, doxxing, and public shaming rather than actual discussion in good faith.

                                                                                Anyway, peace out, lobsters. N-gate was right about you.

                                                                                1. 4

                                                                                  I had someone PM me with personal details about myself while using a randomized username on reddit a few years back because I said that I didn’t think Ohio State was very good that year. People dox and dig up dirt for varied reasons. The nazi thing is an extreme example of that, but it happens for all sorts of other strange reasons as well.

                                                                                  I no longer use Reddit because of that event, and now I try to stick to a minimal set of social sites (like this one) where it’s obvious who I am if you search my username or look at my profile.

                                                                                  I don’t think you should feel obligated to listen to someone’s viewpoint if it’s non-technical (or even if it is technical really), but in this forum, the less I know about people, the better. I like hearing opinions or thoughts on tech without knowing who they are. I can’t control how they think or feel otherwise.

                                                                              2. 5

                                                                                Are you asking for Lobsters (and its mods, etc.) to:

                                                                                • Explicitly condemn Nazism, white supremacy, and murder
                                                                                • Ban anyone who publicly espouses these ideas, on or off our site
                                                                                1. 23

                                                                                  You write as if that would be some kind of absurd idea, when it seems quite sensible to me..?

                                                                                  1. 9

                                                                                    thank you for objecting to that.

                                                                                    reductio ad absurdem requires absurdity, and I’m not used to seeing “explicitly condemn Nazism” held forth as obviously absurd.

                                                                                    1. 5

                                                                                      It seems absurd to me because it’s kind of a given. Not every site needs to say “hey don’t murder people” for me to feel good about using it. It’s a general human sentiment that murder is bad. Explicitly stating it and only targeting those viewpoints makes me wonder why we aren’t explicitly denouncing every type of supremacy, nativism, genocide, rape, etc.

                                                                                      But I do think banning people who espouse any of those views (spoken or unspoken) on the site is not only warranted, but should also lead to a probationary period for the person who invited them.

                                                                                      1. 6

                                                                                        I don’t think we need to make a list of things we don’t agree with. But I do think that we should be clear that people who are known for their malicious activities (e.g. support for murder or racism) are not welcome here.

                                                                                      2. -1

                                                                                        Putting this bluntly, the second one is stupid and anyone who argues for it is stupid. On or off our site? What the hell. Maybe in person I could logic my way into thinking that it’s ok but online? Thousands of miles away with no immediate threat to my wellbeing?

                                                                                        Online there’s always going to be that one jerk who doxes someone else for wrong-think and it’ll start with this.

                                                                                        1. 12

                                                                                          Thank you for proving your commitment to the cause of rational discussion by calling me stupid.

                                                                                          The thing is, we want Lobsters to be a place where all people are welcome. If we allow known neo-nazis to hang out with us, then people that feel threatened by those neo-nazis won’t come here. Sure, it’s not a threat to them per se, but why would you want to spend your free time talking to people that literally want you dead?

                                                                                          Being a neo-nazi is a choice. Belonging to a minority group isn’t. We should give the neo-nazis the boot and welcome the members of minority groups.

                                                                                          1. 5

                                                                                            why would you want to spend your free time talking to people that literally want you dead?

                                                                                            Because they have information I want and are capable of staying on topic for the site I’m on. I do not care what they do anywhere else. It is incredibly vexing that people are making me defend the scum of humanity.

                                                                                            I believe all people are welcome on lobste.rs if they’re not talking about tons of off-topic stuff and spewing out hate while they’re here.

                                                                                            1. 13

                                                                                              Do you also want information from people who, for example, would feel uncomfortable sharing a discussion forum with neo-nazis?

                                                                                              This isn’t value-neutral, we have a choice to make: either we welcome the neo-nazis, or we welcome the people-who-don’t-want-to-talk-to-neo-nazis. I know who’s getting my vote.

                                                                                              1. 5

                                                                                                This isn’t value-neutral

                                                                                                I reject that premise.

                                                                                                The nazi stuff should not enter the flow of conversation for nearly any thread on lobste.rs. The only reason we’re discussing it now because this is a meta thread and it was brought up by itamarst. If he hadn’t then we’d not know and not care.

                                                                                                So I think that if we actually talk about the things that we thought we were going to talk about when we were invited in the first place there won’t be any issues with your first sentence.

                                                                                          2. 7

                                                                                            Please don’t call other users or standpoints stupid. It’s okay to disagree, it’s even better to providing reasoning, but name-calling never helps.

                                                                                      3. 6

                                                                                        You only lose the people who care more about Nazi status more than technology–and they’d doubtless be happier elsewhere, in a community that puts ideology and identity above knowledge and civility. I’ve made my peace with that.

                                                                                        I don’t think that you can fundamentally ensure that people always feel welcome, and there is no surer road to ruin than to cater to everybody’s exclusionary preferences. Everybody has a reason to hate Nazis, or furries, or Republicans, or women, or whatever–the only way a community grows and flourishes is by providing people the space and protocols to interact without requiring alignment on those things.

                                                                                        Don’t want to take up more space here on it, but am happy to continue discussing in DMs with whoever would like to.

                                                                                        1. 33

                                                                                          The fact that you seem to define “civility” as - roughly speaking - some sort of shallow politeness enabling us all to chum it up with nazis so long as we’re speaking about computers, rather than as good citizenship and strong community built on respect for one’s peers suggests to me that you’d be a terrible moderator.

                                                                                          1. 19

                                                                                            Agreed, that kind of response seems like it comes from a place of privilege. As in, “this doesn’t concern me too much, what’s the big idea?”

                                                                                            It’s been interesting to see convos here and elsewhere around accepting views that are rooted in hate but somehow we should all just suck it up because that’s “fair.” I’m often the only Black person in cis-White male dominated spaces so this is nothing new to me. Just…interesting to see this play out in the open for the first time.

                                                                                            Confronted with the knowledge of one’s privilege blinding oneself to what the disenfranchised has known to be true for eons is fascinating to watch/read.

                                                                                            1. 5

                                                                                              I’ll politely point out that my view would extend, were the conversations civil and on-topic, to folks like Malcolm X or Newton or Seale–not just stuffy old white dudes.

                                                                                              I think that, as John Perry Barlow observed, we here in cyberspace have the opportunity to transcend the strife we were all born into. Part of that means evaluating people based on their behaviour and not on what we think about their beliefs.

                                                                                              Edit: fixed rather embarrassing misattribution.

                                                                                              1. 11

                                                                                                (Davos is a place in Switzerland. That piece was authored by John Perry Barlow. I recommend the movie Hypernormalisation, there’s a very interesting part featuring Barlow and the other technolibertarians, discussing the connections to the counter-culture movement in the 60s)

                                                                                                I cannot help but find this sort of cyber-utopianism incredibly naïve. Things that happen on the internet can and do have effects on people in the real world. It’s been a long, long time since “just walk away from the screen, just close your eyes” was a genuine take to have.

                                                                                                1. 4

                                                                                                  Thanks for catching that, still waking up.

                                                                                                  It’s a naive approach, but that’s kinda the point right? Like, should we not strive to live in that more ideal, simpler, better world?

                                                                                            2. 2

                                                                                              good citizenship

                                                                                              What do you mean by this?

                                                                                              I agree btw.

                                                                                            3. 18

                                                                                              Everybody has a reason to hate Nazis, or furries, or Republicans, or women, or whatever

                                                                                              I think you may be lumping together several dissimilar attitudes here.

                                                                                              I do not think lobste.rs is suffering from including “the wrong people” or anything like that. We probably do have some people with terrible opinions, but it doesn’t leak into our usual discussions.

                                                                                              However, I do think it would be bad to have a mod to express the attitude that “some people hate Nazis, some people hate women. A pox on both their houses!”

                                                                                              I say “express” because I am not saying what you really think is “hating women is equivalent to hating Nazis”. But a mod has to be careful.

                                                                                        2. 6

                                                                                          Why stop with Nazis? If anyone shows any Nazi propaganda, they should be out. But let’s extend it to all other groups that cause harm to others. Any member of US army should be gone, heck, they didn’t try to kill my grandma, they killed my relatives, which were civilians (and they are still killing others in my country due to depleted uranium that was used in bombings). Also all the members of tech companies that help these strikes (looking at you, Microsoft et al).

                                                                                          Obviously, I’m exaggerating here to show a point that if we only look at membership of a group to exclude someone, we might also start extending the groups, as various people can/are affected. Personally, I don’t care which group people belong to, as long as they are not a threat to my family and are trying to help (or are just plain neutral) — which I think plenty of people here are, and that’s the main reason I come to this site.

                                                                                          1. 8

                                                                                            We did exactly this when a Palantir showed up to show a neat thing. It was one of the most shameful things I’ve seen in my time here.

                                                                                            1. 5

                                                                                              You are not exaggerating at all.

                                                                                              1. 2

                                                                                                This reads like the opposite-day version of “First they came…” by Martin Niemöller.

                                                                                                1. 1

                                                                                                  That is a great poem that I have only heard so far paraphrased. Thanks for sharing! However, it has been a rough week for me, so I don’t get the “opposite-day version” part, could you elaborate?

                                                                                              2. 4

                                                                                                Circumstances under which I would be OK with an Actual Nazi participating (both conditions must hold):

                                                                                                1. User does not reveal themselves to be a Nazi on the site, either by explicit statement or in the way they act, and
                                                                                                2. User is not notoriously a Nazi externally to the site, either for having done something terrible or by making themselves a “public figure” wrt their viewpoints.

                                                                                                If someone behaves themselves on the site, and their behavior on the site does not create distress for others, I don’t see why people should be encourage in shitstirring. (If it is inevitable that someone’s presence will create distress, regardless of the behavior of anyone on the site, I would strongly suggest they use a pseudonym.)

                                                                                                “Nazi” is an unlikely and hyperbolic example, but I’ve seen people go and seek out damning information of one sort or another about a member of a community (including doxxing them), and then make it a thing. It wouldn’t have been a thing, and wouldn’t have caused stress to members of oppressed populations, if they didn’t do that! By digging, they’ve actually caused harm. So my rule would be that the notoriety has to originate externally or via direct actions on the site, or you just incentivize this ugly community antipattern.

                                                                                                (Some of my ancestors were murdered by Actual Nazis or had to emigrate to avoid them, in case you need that for my opinion to be valid.)

                                                                                                ((EDIT: I don’t want to be a mod, though.))

                                                                                              3. 8

                                                                                                Maybe don’t apply if you’re seeking to do if because you think it’s what people want you to do… Someone with that personality might be inclined to lose interest before their term is up if they think popular opinion is drifting away from them…

                                                                                                1. 22

                                                                                                  My reasoning–and I’ve always held this position–is that anybody seeking such a position is either a lunatic, a tyrant, or both, and not to be trusted. Myself included.

                                                                                                  That said…

                                                                                                  Look, if we’re down to just one moderator, that’s a rough gig. That, plus the current state of the world, makes me worry for the site focus and discussion culture of Lobsters, and if I can help I’m happy to do so–and pushcx is welcome to shitcan and ban me (and will likely do so with great relish) at will should I fail in my duties.

                                                                                                  Asking for sufficient votes before appliying is me, in effect, getting a gauge of if the community would agree to abide. As we’ve seen in my country this year, the legitimacy of government ultimately stems from the consent of the governed.

                                                                                                  1. 11

                                                                                                    And as I’ve seen in my country (US) this year, it’s wise not to give power to folks who are in it for the attention :P

                                                                                                    1. 5

                                                                                                      I personally (and I have a decidedly average number of internet points) like the way your postings changed when your nick changed to friendly. That change shows an appreciation of your past and new styles that I would like to see in moderators.

                                                                                                    2. 2

                                                                                                      TBH asking to be upvoted seems like a bit of a conflict of interest with wanting to be a mod… as friendlysock said

                                                                                                    3. 7

                                                                                                      :(

                                                                                                      1. 1

                                                                                                        Yeah, that sh script is an overkill.

                                                                                                        1. 1

                                                                                                          More than overkill, it’s actually quite silly. Should a grep implementation be allowed to use grep? If so, why not just run grep $@ which AFAIK is functionally equivalent (except it allows more options)? So many questions…

                                                                                                      1. 2

                                                                                                        Though this article I discovered Backstage and I’m just amazed. One of the big problems I had in the past is exactly what the article describes – all tasks become increasingly long, because one doesn’t know where to look for the information. For example, a simple thing as tickets – when every team uses a different ticketing system, it become annoying to submit bug reports or ask for features.

                                                                                                        1. 1

                                                                                                          Consider mosh, screen, or tmux. Double for tmux if the remote side runs OpenBSD since I believe it’s in the default install. Also double for tmux when the local side runs Mac OS and you use iTerm as your terminal emulator. On Mac OS use tmux’s -CC option which hides the tmux ‘in-band trigger’ issue transparently for you.

                                                                                                          1. 4

                                                                                                            My understanding of the article and the sleuthing the author did is that neither mosh, nor screen, nor tmux would help. He’s copying large files, and the problem was that misconfigured carrier grade NAT was killing the SSH connection before the official TCP timeout.

                                                                                                            1. 2

                                                                                                              I am by no means an expert on this, but I think that though screen and tmux would both be ineffective mosh might solve the issue. The former are terminal multiplexers, meant to manage and resume sessions – so not fixing the problem.

                                                                                                              Mosh, however, is a different protocol that ditches TCP altogether in favor of UDP and thus AFAIK will not be affected by the timeout.

                                                                                                              1. 2

                                                                                                                I’m not sure you could do file copies over mosh, even like the author did using netcat.

                                                                                                          1. 1

                                                                                                            Would git’s compression and packing interfere with Borg’s compression and deduplication if you wanted to back up a bunch of bare git repositories?

                                                                                                            1. 4

                                                                                                              It wouldn’t interfere with it per se, but you can’t further compress data that has already been compressed, so Borg’s compression won’t be able to make the already-compressed data smaller and might make it marginally larger because of the overhead associated with compression headers (although I believe Borg is smart enough to not try to compress data it detects is already compressed). Certainly nothing will break - I’ve used Borg with compression settings on datasets that include already-compressed data (e.g. video files) without any issues other than not reducing the total data size very much.

                                                                                                              1. 1

                                                                                                                Compression can increase data size with already-compressed data, but not by a very large factor.

                                                                                                              2. 1

                                                                                                                It might be worth avoiding letting git re-pack too often, although I don’t know if this is accurate. Possibly something you’d like to look into.

                                                                                                                1. 1

                                                                                                                  I have not used Borg Backup for this purpose but used other compression programs as part of other backup systems. It doesn’t interfere, just doesn’t help much, as other comments have asserted. Happy to explain more if you like.

                                                                                                                  1. 1

                                                                                                                    Would it make sense to backup git repositories if one uses any of the forges? I’ve stopped backing up any of the .git folders as I’m assuming/hoping the work will survive on the forges even if something happens to my machine (that’s why I’m backing the working tree). Background: we had limited backup space at the company I worked for, and less files meant faster backups.

                                                                                                                    1. 1

                                                                                                                      In my case I am hosting a (personal) git forge, so I do throw the backups in borg as well. I have noticed no issues with doing this. I’m still well below my backup cap though.

                                                                                                                  1. -3

                                                                                                                    Calling someone’s workstation a battlestation is not nice. I hope people are not doing their jobs while thinking they have to fight everyday. And if your workstation is an actual battlestation, please find a different career, one without sowing destruction.

                                                                                                                    1. 8

                                                                                                                      Linguistically, it’s derived from video gaming culture, rather than a literal battle.

                                                                                                                      1. 2

                                                                                                                        Thanks for clarifying, I didn’t know the term was used in gaming.

                                                                                                                        Still, for example, ricing derives from the car tuning culture, but it still doesn’t make it good to use.

                                                                                                                      2. -4

                                                                                                                        Omg, again somebody feels bad. Guys, guys, guys. Men, deal with it. It’s battlestation.

                                                                                                                      1. 2

                                                                                                                        Really cool project, thanks for sharing! I’m looking forward to trying it out on one of my projects later this year.

                                                                                                                        While looking at the documentation, I’ve seen a couple of things I’m curious about:

                                                                                                                        • Why did you decide to go with /~ for a integer division? Since the host language is Python, wouldn’t it make more consistent to have the same operator?
                                                                                                                        • Is list application list{ code } structured that way to mimic functions (func foo(x) { code })?
                                                                                                                        1. 2

                                                                                                                          I’m glad you like it!

                                                                                                                          I wanted to the syntax to follow Javascript/Go as much as possible, which means // should signify a comment. I’m open to suggestions, but personally I think /~ is a pretty good symbol for it.

                                                                                                                          Is list application list{ code } structured that way to mimic functions (func foo(x) { code })?

                                                                                                                          No, they are different constructs. The first one returns all the fields and only allows expressions, while the second one only returns the last, and allows statements too (like imports, or assigning variables)

                                                                                                                        1. 13

                                                                                                                          The license is interesting; I can’t recall ever seeing this before. Is that something you added yourself? If I search for “Interface-Protection Clause” then it just turns up this project.

                                                                                                                          It’s kind of contradictory though, because first it says:

                                                                                                                          Without limiting other conditions in the License, the grant of rights under the License will not include, and the License does not grant to you, right to Sell the Software.

                                                                                                                          But then in the MIT license:

                                                                                                                          Permission is hereby granted [..] to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software.

                                                                                                                          Wouldn’t it be clearer to just modify/write a new license instead of putting a clause on top which contradicts the next clause?

                                                                                                                          1. 6

                                                                                                                            Good to notice. Then it is neither free software nor open-source.

                                                                                                                            1. 4

                                                                                                                              It is free to use, and the source is available for everyone to see and modify.

                                                                                                                              1. 19

                                                                                                                                This license will ensure that nobody will touch this software.

                                                                                                                                1. 9

                                                                                                                                  I don’t see why; it doesn’t restrict almost any use case, and I don’t see any fundamental objections, and minor issues of language (if any) are fixable. Who cares about some arbitrary list that some arbitrary organisation made decades ago?

                                                                                                                                  1. 4

                                                                                                                                    It essentially makes it against the license to pay anyone else to make modifications of the software, and that could include employees.

                                                                                                                                    That arbitrary list is fundamental to the essence of the license, so who cares? The legal department cares.

                                                                                                                                    1. 4

                                                                                                                                      It essentially makes it against the license to pay anyone else to make modifications of the software

                                                                                                                                      What makes you think so?

                                                                                                                                      1. 3

                                                                                                                                        For purposes of the foregoing, “Sell” means practicing any or all of the rights granted to you under the License to provide to third parties, for a fee or other consideration (including without limitation fees for hosting the Software), a product or service whose value depends, entirely or substantially, on the third party having access to the interface of the Software.

                                                                                                                                        So this would seem to limit any ability to retrieve monetary compensation for any of the rights later listed in the license: “including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software,”

                                                                                                                                        1. 4

                                                                                                                                          “Sell” means … a product or service whose value depends, entirely or substantially, on the third party having access to the interface of the Software.

                                                                                                                                          If the Preql language itself isn’t a substantial part of your product (and in most cases, it wouldn’t be), then you’re not selling it, the clause doesn’t apply, and your license is effectively MIT.

                                                                                                                                          1. 8

                                                                                                                                            If the Preql language itself isn’t a substantial part of your product (and in most cases, it wouldn’t be)

                                                                                                                                            Imagine that you are in that position – author of such product or a manager. How could you be sure that it is „not a substantial part“?

                                                                                                                                            1. 1

                                                                                                                                              If you are not sure, then it probably is. I don’t see how it could become such, unless it’s on purpose.

                                                                                                                                  2. 2

                                                                                                                                    I hope you’re wrong.

                                                                                                                                    1. 16

                                                                                                                                      Not a lawyer, but in many of the companies I worked for, there was a whitelist of licences. If we wanted to use something and license is on the whitelist, we were free to do so. If the license is on another list, if we build a good enough case and endure several meetings with managers, we could use it. If the license is completely new, that means involving lawyers, which almost no one bothered to do and people just went looking for other stuff or implementing things from scratch.

                                                                                                                                      1. 7

                                                                                                                                        I know you don’t create these policies and that it’s not your intention to say exactly this, but what you’re saying pretty much comes down to “gimme free labour or I don’t want it” in practice.

                                                                                                                                        1. 10

                                                                                                                                          I doubt it’s about it being free; most companies would gladly shell out money to buy nonfree software, yet still be very wary about using code under a legally untested or unclear license. It’s all about ass-covering; companies are terrified they might get sued by some patent troll or copyright holder (think stuff like Oracle suing Google over their reimplementation of the Java APIs).

                                                                                                                                          1. 6

                                                                                                                                            Yes, exactly. Most of the companies I worked for were even requiring that we pay for support (when it existed), as any downtime costs money. As you nicely put, it’s all about risk mitigation – no one want to have their reputation tarnished or involved lawyers, as it means loss of money or reputation.

                                                                                                                                            1. 5

                                                                                                                                              Yeah, but how would you actually convince them to pay you if you use a standard open source license? There’s no obligation at all to pay anything, and in practice most won’t, or throw only breadcrumbs your way.

                                                                                                                                              I’m absolutely not a money-driven person, but “sending back patches” puts just as little bread on the table as “make me free stuff for exposure” does for artists. I feel a lot of people are rather naïve about this. Sure, open source ideals and all of that are wonderful and in a perfect world we’d all be happily coding together and paying our fair share. But not everyone is playing by the same rulebook here. Jeff Bezos’ goal is to make profit, nothing more, nothing less. If he can make profit by paying you $1 instead of $10 while netting $100k then he will have no qualms in doing so. He doesn’t care one iota if that $1 is a living wage or anywhere near “fair” or proportional. Jeff Bezos is hardly an outlier here.

                                                                                                                                              How much money does CodeYellow send to Debian, PostgreSQL, PHP, Laraval, and all the other projects you use (assuming you still work there)? Perhaps CodeYellow is better most – that would be nice – but all companies I worked for that amount was literally “$0”. And sure, CodeYellow provides plenty of added value, but just as a builder pays for their raw materials, it doesn’t strike me as unreasonable that CodeYellow (and AWS, etc. etc.) also pays for them.

                                                                                                                                              At any rate, if you’re concerned about the non-standard license then you can simple contact the author to buy a different one. Sure, it’s a bit more effort, but you can’t have your cake and eat it too.

                                                                                                                                              1. 2

                                                                                                                                                Yeah, but how would you actually convince them to pay you if you use a standard open source license?

                                                                                                                                                That’s one of the great unsolved problems of our age. I think there are some nice initiatives around (like for example GitHub’s sponsoring option) but they’re not gaining a lot of traction yet.

                                                                                                                                                There’s also the question of distribution: how do you fairly distribute any payment/sponsorship across a large open source project? One-man projects are a different story of course, but a lot of the widely used projects are multi-person efforts.

                                                                                                                                                I’m absolutely not a money-driven person, but “sending back patches” puts just as little bread on the table as “make me free stuff for exposure” does for artists. I feel a lot of people are rather naïve about this.

                                                                                                                                                Totally agree on this. For myself, open source was always more about freedom of source and didn’t care as much about money, but then the vast majority of companies don’t subscribe to these ideals and just take the free software and lock it away. And it could be argued the world would be a much better place if people would be able to make a living off of free software, because it would mean more viable free software could make its way into the hands of actual users, and less developers would feel like they’d have to work on proprietary software to support their free software producing “hobby”.

                                                                                                                                                How much money does CodeYellow send to Debian, PostgreSQL, PHP, Laravel, and all the other projects you use (assuming you still work there)?

                                                                                                                                                I left a couple of months ago, I’m now working at bevuta IT on a project for the EU, which is likely to be open sourced.

                                                                                                                                                Code Yellow actually sponsored a CI test server for the CHICKEN project and of course I was paid to work on some open source projects of our own. But I agree with you, most companies don’t pay at all, and as far as I remember, Code Yellow did not sponsor any of the projects we were actually using day to day (unless you count the odd code contribution and bugfix) that weren’t developed in-house.

                                                                                                                                                1. 5

                                                                                                                                                  I think GitHub sponsors is great and I don’t want to knock it, but it’s also not really a viable business model. You certainly can make a living out of it (people are), but it’s not easy, mostly works well for individual devs (rather than business), and is not suitable for all projects either (generally only for “user visible” projects, and even thn only for “dev users”, rather than the general population).

                                                                                                                                                  Take something like vim-go for example; the current maintainer nets $102/month (the previous maintainer got a bit more, about $400/month IIRC). All of that is nice pocket change, but is it really in proportion to the usage? Even with just 5,000 companies using it (probably a low estimate) times $1/month we would be talking about $5k/month. We could discus what a “fair” amount would be exactly for a long time, but these are tiny investments, and if you consider your devs will get a better editor in return it’s an investment that will actually give you a return too.

                                                                                                                                                  The entire world and their mother is running OpenSSH, but OpenBSD still gets in to intermittent financial troubles. They run on $300k/year (2020 fundraising goal; CAD, about 240k USD), which may sound like a lot, but this is the salary of what, one dev in silicon valley? Maybe two? Even by the lower European wages we’d be talking about ~4 devs. Spread out over all users of the software this is nothing. The kind of money you won’t even bother picking up if you drop it.

                                                                                                                                                  If every company would pay $1 for ever open source tool, library, or application they use we’d be talking about a $100-$200/month investment, at the most, and often probably much smaller (let’s ignore npm and it’s 20k dependencies, that’s a special problem). This wouldn’t solve everything, but it’s a simple start.

                                                                                                                                                  Yet it’s not happening; not even close. In my observation most people sponsoring projects tend to be private individuals like you and me, who care about these things. I feel a big reason it’s not happening is because companies don’t have to and just can’t be bothered. So what you need is the proverbial “stick behind the door”, which is what these kind of licenses are. It’s sad that this is needed, but it is what it is.

                                                                                                                                                  Or, maybe, what we need is a single organisation that you can tell “we use these projects” and pay that $100/month (or whatever is appropriate), and they distribute it to the projects. This would certainly simplify the administration and burden for the companies, as well as lower payment processing overhead and the like. One would imagine that something like the FSF would do that, but they seem more concerned with their crusade to fight the Open Source pagan heretics, or something, and the OSI doesn’t seem to be doing much at all except bicker amongst themselves and write blogspam.

                                                                                                                                                  It’s kind of hilariously sad that GitHub Sponsors is an initiative from a company mostly writing proprietary software. I’m not a purist and don’t see it as a terribly great problem as such, but my irony meter is going in to overload.

                                                                                                                                                  For myself, open source was always more about freedom of source and didn’t care as much about money

                                                                                                                                                  Yeah, I don’t really care about it as an end-goal either; just as a means to ensure viability.

                                                                                                                                                  I left a couple of months ago, I’m now working at bevuta IT on a project for the EU, which is likely to be open sourced.

                                                                                                                                                  Aha, nice; it mentions that “CHICKEN Scheme is one of our favourite programming languages” :-) Looks like Felix is working there as well?

                                                                                                                                                  1. 4

                                                                                                                                                    Looks like we’re in total agreement about this.

                                                                                                                                                    So what you need is the proverbial “stick behind the door”, which is what these kind of licenses are. It’s sad that this is needed, but it is what it is.

                                                                                                                                                    Here you run into the problem that these licenses are “new” and untested in court, so legal departments won’t touch them with a ten-foot pole. It also doesn’t help that they don’t match the OSI’s criteria (or the FSF’s), which such licenses won’t be endorsed by trusted parties.

                                                                                                                                                    maybe, what we need is a single organisation that you can tell “we use these projects” and pay that $100/month (or whatever is appropriate), and they distribute it to the projects.

                                                                                                                                                    This sounds like a good solution and something the FSF (or FSFe) could be doing. Have you contacted them to suggest something like this? It seems that recently the FSF is doing some good advocacy (like the public money, public code campaign and the ethical tech giving guide) instead of just preaching to the choir like they used to.

                                                                                                                                                    Aha, nice; it mentions that “CHICKEN Scheme is one of our favourite programming languages” :-) Looks like Felix is working there as well?

                                                                                                                                                    Yep, I have several colleagues that I’ve known for a while and am happy to finally be working with them!

                                                                                                                                                    1. 1

                                                                                                                                                      While I’ve argued the that FSF/OSI should do more direct funding of projects many times before, I didn’t have that specific idea until I wrote that comment. So, no, I haven’t contacted them yet :-) You’re the first I told it to! Consider yourself special!

                                                                                                                                                      I hope to finish my article about this soon™; I’ll be sure to post it to those kind of channels as well. It’s good to hear the FSF is improving (finally…)

                                                                                                                                                      As for the license, you can still sell access to a more standard license if you want, like SQLite does (even though it’s public domain).

                                                                                                                                            2. 5

                                                                                                                                              This is exactly how corporations or software departments often work. If something is free of charge, they will use it. Why not? On the other hand, they are usually ready to pay for proprietary software or external services. So the strong copyleft + dual-licensing is the way to go. Your software will then fall in the „proprietary software“ category for them, but it is no problem. Their lawyers will be happy in the same way as if the company buys a license for Photoshop, AutoCAD, Oracle DB, Total Commander, WinRAR etc. and you will get money.

                                                                                                                                          2. 3

                                                                                                                                            Well with regular software licensed in common open source ways, nobody else is prevented from modifying it or hosting it for a fee. You have essentially limited the users of to exactly one person who can do anything involving any kind of money for the software. That is a non-starter for almost anyone outside of the plain hobbyists - and it effectively preventing any adoption besides a few insignificant users.

                                                                                                                                            Looking at the license, it isn’t entirely clear what “interface of the Software” means either.

                                                                                                                                            1. 4

                                                                                                                                              Then I think you misunderstood.

                                                                                                                                              It is possible to create commercial software that uses Preql, with or without modifications, and sell it however you want. The only limitation is that in that case, you can’t provide the language itself to your users (i.e. the interface). That restricts specific use-cases, such as offering it as a cloud service to developers, or selling a Preql plugin to existing database software.

                                                                                                                                              1. 2

                                                                                                                                                It is possible to create commercial software that uses Preql, with or without modifications, and sell it however you want.

                                                                                                                                                you can’t provide the language itself to your users (i.e. the interface).

                                                                                                                                                Can you explain what exactly that means? How do I include the language without modifications but not provide the language to the users??

                                                                                                                                                1. 6

                                                                                                                                                  It means you can’t provide a product which is built around the ability for users to use the language directly.

                                                                                                                                                  Integrating it in your desktop or web app and selling that is okay.

                                                                                                                                                  Making AWS SuperQL™® or CloudPostMyMariaSQLiteBlockchainML++ which are essentially cloud versions of of Preql (and thus expose the language/interface to users directly, as a major feature) would not be okay.

                                                                                                                                                  In short, it’s intended to prevent exploitation from these kind of people, as they have done before and will undoubtedly continue to do in the future.

                                                                                                                                                  1. 3

                                                                                                                                                    Let’s say you are writing a product that uses Preql to save and fetch user data from the database. It is called from internal routines, that respond to unrelated user activity. In that case, there is no reason for the user to ever write any Preql code, which means he isn’t being given access to the language. In that case, Preql can be used under MIT conditions, and you can sell your product without a worry.

                                                                                                                                          3. 3

                                                                                                                                            “free to use” and “free software” are not the same thing. I don’t know if your rider actually excludes you from being free software or not.

                                                                                                                                        2. 6

                                                                                                                                          I’ve spent a lot of time thinking about the license, and I could not find anything that fit what I wanted. It’s a long discussion, but I believe the popular licenses are flawed, in that they don’t properly support those who want to be able to write open-source for a living.

                                                                                                                                          The one that came the closest was The Commons Clause (https://commonsclause.com/), and I modified it. But the “contradiction” you mention was already there, purposely put by a well-respected lawyer.

                                                                                                                                          Wouldn’t it be clearer to just modify/write a new license

                                                                                                                                          Maybe I think too much like a programmer, but I don’t see why I shouldn’t write my license using a “library license”, well-tested and recognized, instead of reinventing the entire wheel from scratch.

                                                                                                                                          1. 23

                                                                                                                                            Maybe I think too much like a programmer, but I don’t see why I shouldn’t write my license using a “library license”, well-tested and recognized, instead of reinventing the entire wheel from scratch.

                                                                                                                                            This is akin to having a lawyer write your auth code.

                                                                                                                                            1. 3

                                                                                                                                              Right; fair enough. I had temporarily forgotten about the Commons Clause 😅 I never really liked the “tacking on” of that either, but if it works (legally speaking), it works, so whatever.

                                                                                                                                              I think your license and modifications to the Commons Clause make sense, by the way; by removing the “consulting/ support services related to the Software” and changing “whose value derives, entirely or substantially, from the functionality of the Software” to “the third party having access to the interface of the Software” it limits the scope a lot to what you actually want to prevent.

                                                                                                                                              That being said; I’m very far removed from being a lawyer. Perhaps @kemitchell wants to chime in?

                                                                                                                                              1. 3

                                                                                                                                                don’t properly support those who want to be able to write open-source for a living.

                                                                                                                                                I recommend using a strong copyleft license (GPLv3 or AGPL) and dual-licensing. You can sell licenses that allows use inside proprietary software or services (that do not provide source code and rights to the end-user).

                                                                                                                                                And if someone complies with the copyleft license and provides all the rights and code to the end-user and make some money while doing it – does it harm you in any way?

                                                                                                                                                1. 2

                                                                                                                                                  What the commons clause claims in its FAQ vs what it says in its content are very different. To quote the clause itself:

                                                                                                                                                  For purposes of the foregoing, “Sell” means practicing any or all of the rights granted to you under the License to provide to third parties, for a fee or other consideration (including without limitation fees for hosting or consulting/ support services related to the Software), a product or service whose value derives, entirely or substantially, from the functionality of the Software. Any license notice or attribution required by the License must also include this Commons Clause License Condition notice.

                                                                                                                                                  I specifically want to call out this bit:

                                                                                                                                                  a product or service whose value derives, entirely or substantially, from the functionality of the Software.

                                                                                                                                                  What does “substantially” mean? When does use of software under the commons clause become substantial enough to be in violation of the license? More than anything, lawyers hate ambiguity. This line is very ambiguous.

                                                                                                                                                  Your modified version of the license reads:

                                                                                                                                                  a product or service whose value depends, entirely or substantially, on the third party having access to the interface

                                                                                                                                                  “Access” is not defined. One could argue that “access” means that the code paths are being exercised by code available to a third party. This modification, in my opinion, is more restrictive and more ambiguous than the original commons clause.

                                                                                                                                                  I understand that your objective is to prevent this from being repackaged and sold directly as a product. This is a pretty hot topic in general right now and I’d say no one has quite figured it out. That said, based on my experience with 3p OSS licensing, no company would knowingly accept this license for any use case. Commons clause is already a tough sell and the modifications made make it near impossible. If you’re open to feedback, I would strongly consider using the Commons Clause language without modification.

                                                                                                                                                  1. 2

                                                                                                                                                    Thanks, I appreciate the feedback. I was also concerned about the meaning of substantially, but since it only applies to access to the interface, that shouldn’t be a problem. I suppose I can be more specific about the use of the word “access”. In essence, it can be solved by being described as a dataflow query (i.e. taint analysis).

                                                                                                                                                    But the Commons Clause, as it is, is too restrictive, and will drive away many of the early adopters.

                                                                                                                                                    I’m definitely open to feedback. Like you said, no one has figured it out yet. And I might change my license in the future. But at the moment, I don’t see an alternative.

                                                                                                                                                  2. 2

                                                                                                                                                    Maybe I think too much like a programmer, but I don’t see why I shouldn’t write my license using a “library license”, well-tested and recognized, instead of reinventing the entire wheel from scratch.

                                                                                                                                                    Common practice is that amendments* to a license loosens original rules and adds more rights to the licensee. So using a name of a well-known license as your „library license“ and adding a restricting amendment is at least confusing.

                                                                                                                                                    Using the name of an original free software / open-source license is quite parasitic and harmful. Common users will see Apache or MIT + something else that they do not read. Yes, it is their fault that they do not read and understand it fully. But I consider it unethical to exploit someone else’s mistakes this way. Such common users will then doubt whether Apache, MIT or any other free software license grants them rights that it actually grants them.

                                                                                                                                                    Nobody prevents you from creating a new license or a new category of software. But please, do not exploit existing licenses and categories, well known-names and do not confuse users.

                                                                                                                                                    *) for example the Classpath Exception that could be added to GPLv2 – licensee can do everything allowed by GPLv2 + something else allowed by the amendment.

                                                                                                                                                    1. 1

                                                                                                                                                      Have you thought about using something like https://spdx.org/licenses/BUSL-1.1.html ?

                                                                                                                                                  1. 15

                                                                                                                                                    One of the main reasons they list as hindrance is that Gentoo doesn’t allow OpenSSL and LibreSSL to coexist. What the article doesn’t mention that there is another distro that offers LibreSSL and that’s NixOS, where those two happily co-exist.

                                                                                                                                                    1. 5

                                                                                                                                                      I’ve settled on Markdown documents + pandoc. Yes, even LaTeX turned out to be too fiddly for the pure english + no images writing I do nowadays for which Markdown is perfect.

                                                                                                                                                      1. 2

                                                                                                                                                        Do you have any formulas or graphs in your prose? Do you use references and footnotes?

                                                                                                                                                        If not, then yes, LaTeX is pretty fiddly for simple use.

                                                                                                                                                      1. 25

                                                                                                                                                        Pro tip: this applies to you if you’re a business too. Kubernetes is a problem as much as it is a solution.

                                                                                                                                                        Uptime is achieved by having more understanding and control over the deployment environment but kubernetes takes that away. It attracts middle managers and CTOs because it seems like a silver bullet without getting your hands dirty but in reality it introduces so much chaos and indirections into your stack that you end up worse off than before, and all the while you’re emptying your pockets for this experience.

                                                                                                                                                        Just run your shit on a computer like normal, it’ll work fine.

                                                                                                                                                        1. 9

                                                                                                                                                          This is true, but let’s not forget that Kubernetes also has some benefits.

                                                                                                                                                          Self-healing. That’s what I miss the most with a pure NixOS deployment. If the VM goes down, it requires manual intervention to be restored. I haven’t seen good solutions proposed for that yet. Maybe uptimerobot triggering the CI when the host goes down is enough. Then the CI can run terraform apply or some other provisioning script.

                                                                                                                                                          Zero-downtime deployment. This is not super necessary for personal infrastructures but is quite important for production environments.

                                                                                                                                                          Per pod IP. It’s quite nice not to have to worry about port clashes between services. I think this can be solved by using IPv6 as each host automatically gets a range of IPs to play with.

                                                                                                                                                          Auto-scaling. Again not super necessary for personal infrastructure but it’s nice to be able to scale beyond one host, and not to have to worry on which host one service lives.

                                                                                                                                                          1. 6

                                                                                                                                                            Did anyone tried using Nomad for personal projects? It has self-healing and with the raw runner one can run executables directly on NixOS without needing any containers. I have not tried it myself (yet), but would be keen on hearing the experiences.

                                                                                                                                                            1. 3

                                                                                                                                                              I am experimenting with the Hashiscorp stack while off for the holidays. I just brought up a vagrant box (1GB ram) with Consul, Docker and Nomad runing (no jobs yet) and the overhead looks okay:

                                                                                                                                                                            total        used        free      shared  buff/cache   available
                                                                                                                                                              Mem:          981Mi       225Mi       132Mi       0.0Ki       622Mi       604Mi
                                                                                                                                                              Swap:         1.9Gi       7.0Mi       1.9Gi
                                                                                                                                                              

                                                                                                                                                              but probably too high to fit Postgres, Traefik or Fabio and a Rails app into it as well, but 2GB will probably be lots (I am kind of cheap so the less resources the better).

                                                                                                                                                              I have a side project running in ‘prod’ using Docker (for Postgres and my Rails app) along with Caddy running as a systemd service but it’s kind of a one off machine so I’d like to move towards something like Terraform (next up on the list to get running) for bring up and Nomad for the reasons you want something like that.

                                                                                                                                                              But… the question that does keep running through the back of my head, do I need even Nomad/Docker? For a prod env? Yes, it’s probably worth the extra complexity and overhead but for personal stuff? Probably not… Netlify, Heroku, etc are pretty easy and offer free tiers.

                                                                                                                                                              1. 1

                                                                                                                                                                I was thinking about doing this but I haven’t done due diligence on it yet. Mostly because I only have 2 droplets right now and nobody depends on what’s running on them.

                                                                                                                                                              2. 1

                                                                                                                                                                If you’re willing to go the Amazon route, EC2 has offered most of that for years. Rather than using the container as an abstraction, treat the VM as a container: run one main process per VM. And you then get autoscaling, zero downtime deploys, self-healing, and per-VM IPs.

                                                                                                                                                                TBH I think K8s is a step backwards for most orgs compared to just using cloud VMs, assuming you’re also running K8s in a cloud environment.

                                                                                                                                                                1. 2

                                                                                                                                                                  That’s a good point. And if you don’t care about uptime too much, autoscaling + spot instances is a pretty good fit.

                                                                                                                                                                  The main downside is that a load-balancer is already ~15.-/month if I remember correctly. And the cost can explode quite quickly on AWS. It takes quite a bit of planning and effort to keep the cost super low.

                                                                                                                                                              3. 5

                                                                                                                                                                IMO, Kubernetes’ main advantage isn’t in that it “manages services”. From that POV, everything you say is 100% spot-on. It simply moves complexity around, rather than reducing it.

                                                                                                                                                                The reason I like Kubernetes is something entirely different: It more or less forces a new, more robust application design.

                                                                                                                                                                Of course, many people try to shoe-horn their legacy applications into Kubernetes (the author running git in K8s appears to be one example), and this just adds more pain.

                                                                                                                                                                Use K8s for the right reasons, and for the right applications, and I think it’s appropriate. It gets a lot of negative press for people who try to use it for “everything”, and wonder why it’s not the panacea they were expecting.

                                                                                                                                                                1. 5

                                                                                                                                                                  I disagree that k8s forces more robust application design; fewer moving parts are usually a strong indicator of reliability.

                                                                                                                                                                  Additionally, I think k8s removes some of the pain of microservices–in the same way that a local anathestic makes it easier to keep your hand in boiling water–that would normally help people reconsider their use.

                                                                                                                                                                2. 5

                                                                                                                                                                  And overhead. Those monster yaml files are absurd in so many levels.

                                                                                                                                                                  1. 2

                                                                                                                                                                    Just run your shit on a computer like normal, it’ll work fine.

                                                                                                                                                                    I think that’s an over-simplification. @zimbatm’s comment makes good points about self-healing and zero-downtime deployment. True, Kubernetes isn’t necessary for those things; an EC2 auto-scaling group would be another option. But one does need something more than just running a service on a single, fixed computer.

                                                                                                                                                                    1. 3

                                                                                                                                                                      But one does need something more than just running a service on a single, fixed computer.

                                                                                                                                                                      I respectfully disagree…worked at a place which made millions over a few years with a single comically overloaded DO droplet.

                                                                                                                                                                      We eventually made it a little happier by moving to hosted services for Mongo and giving it a slightly beefier machine, but otherwise it was fine.

                                                                                                                                                                      The single machine design made things a lot easier to reason about, fix, and made CI/CD simpler to implement as well.

                                                                                                                                                                      Servers with the right provider can stay up pretty well.

                                                                                                                                                                      1. 2

                                                                                                                                                                        Servers with the right provider can stay up pretty well.

                                                                                                                                                                        I was one of the victims of the DDOS that hit Linode on Christmas day (edit: in 2015; didn’t mean to omit that). DO and Vultr haven’t had perfect uptime either. So I’d rather not rely on single, static server deployments any more than I have to.

                                                                                                                                                                        1. 2

                                                                                                                                                                          I don’t see how your situation/solution negates the statement.

                                                                                                                                                                          You’ve simply traded one “something” (Kubernetes) with another (“the right provider”, and all that entails–probably redundant power supplies, network connections, hot-swappable hard drives, etc, etc).

                                                                                                                                                                          The complexity still exists, just at a different layer of abstraction. I’ll grant you that it does make reasoning about the application simpler, but it makes reasoning about the hardware platform, and peripheral concerns, much more complex. Of course that can be appropriate, but it isn’t always.

                                                                                                                                                                          I’m also unsure how a company’s profit margin figures into a discussion about service architectures…

                                                                                                                                                                          1. 5

                                                                                                                                                                            I’m also unsure how a company’s profit margin figures into a discussion about service architectures…

                                                                                                                                                                            There is no engineering without dollar signs in the equation. The only reason we’re being paid to play with shiny computers is to deliver business value–and while I’m sure a lot of “engineers” are happy to ignore the profit-motive of their host, it is very unwise to do so.

                                                                                                                                                                            I’ll grant you that it does make reasoning about the application simpler, but it makes reasoning about the hardware platform, and peripheral concerns, much more complex.

                                                                                                                                                                            That engineering still has to be done, if you’re going to do it at all. If you decide to reason about it, do you want to be able to shell into a box and lay hands on it immediately, or hope that your k8s setup hasn’t lost its damn mind in addition to whatever could be wrong with the app?

                                                                                                                                                                            You’ve simply traded one “something” (Kubernetes) with another (“the right provider”, and all that entails–probably redundant power supplies, network connections, hot-swappable hard drives, etc, etc).

                                                                                                                                                                            The complexity of picking which hosting provider you want to use (ignoring colocation issues) is orders and order of magnitudes less than learning and handling k8s. Hosting is basically a commodity at this point, and barring the occasional amazingly stupid thing among the common names there’s a baseline of competency you can count on.

                                                                                                                                                                            People have been sold this idea that hosting a simple server means racking it and all the craziness of datacenters and whatnot, and it’s just a ten spot and an ssh key and you’re like 50% of the way there. It isn’t rocket surgery.

                                                                                                                                                                          2. 1

                                                                                                                                                                            can you share more details about this?

                                                                                                                                                                            I’ve always been impressed by teams/companies maintaining a very small fleet of servers but I’ve never heard of any successful company running a single VM.

                                                                                                                                                                            1. 4

                                                                                                                                                                              It was a boring little Ubuntu server if I recall correctly, I think like a 40USD general purpose instance. The second team had hacked together an impressive if somewhat janky system using the BEAM ecosystem, the first team had built the original platform in Meteor, both ran on the same box along with Mongo and supporting software. The system held under load (mostly, more about that in a second), and worked fine for its role in e-commerce stuff. S3 was used (as one does), and eventually as I said we moved to hosted options for database stuff…things that are worth paying for. Cloudflare for static assets, eventually.

                                                                                                                                                                              What was the business environment?

                                                                                                                                                                              Second CTO and fourth engineering team (when I was hired) had the mandate to ship some features and put out a bunch of fires. Third CTO and fifth engineering team (who were an amazing bunch and we’re still tight) shifted more to features and cleaning up technical debt. CEO (who grudgingly has my respect after other stupid things I’ve seen in other orgs) was very stingy about money, but also paid well. We were smart and well-compensated (well, basically) developers told to make do with little operational budget, and while the poor little server was pegged in the red for most of its brutish life, it wasn’t drowned in bullshit. CEO kept us super lean and focused on making the money funnel happy, and didn’t give a shit about technical features unless there was a dollar amount attached. This initially was vexing, but after a while the wisdom of the approach became apparent: we weathered changes in market conditions better without a bunch of outstanding bills, we had more independence from investors (for better or worse), and honestly the work was just a hell of a lot more interesting due in no small part to the limitations we worked under. This is key.

                                                                                                                                                                              What problems did we have?

                                                                                                                                                                              Support could be annoying, and I learned a lot about monitoring on that job during a week where the third CTO showed me how to setup Datadog and similar tooling to help figure out why we had intermittent outages–eventual solution was a cronjob to kill off a bloated process before it became too poorly behaved and brought down the box. The thing is, though, we had a good enough customer success team that I don’t think we even lost that much revenue, possibly none. That week did literally have a day or two of us watching graphs and manually kicking over stuff just in time, which was a bit stressful, but I’d take a month of that over sitting in meetings and fighting matrix management to get something deployed with Jenkins onto a half-baked k8s platform and fighting with Prometheus and Grafana and all that other bullshit…as a purely random example, of course. >:|

                                                                                                                                                                              The sore spots we had were basically just solved by moving particular resource-hungry things (database mainly) to hosting–the real value of which was having nice tooling around backups and monitoring, and which moving to k8s or similar wouldn’t have helped with. And again, it was only after a few years of profitable growth that it traffic hit a point where that migration even seemed reasonable.

                                                                                                                                                                              I think we eventually moved off of the droplet and onto an Amazon EC2 instance to make storage tweaks easier, but we weren’t using them in any way different than we’d use any other barebones hosting provider.

                                                                                                                                                                              1. 4

                                                                                                                                                                                Did that one instance ever go completely down (becoming unreachable due to a networking issue also counts), either due to an unforeseen problem or scheduled maintenance by the hosting provider? If so, did the company have a procedure for bringing a replacement online in a timely fashion? If not, then I’d say you all just got very lucky.

                                                                                                                                                                                1. 1

                                                                                                                                                                                  Yes, and yes–the restart procedure became a lot simpler once we’d switched over to EC2 and had a hot spare available…but again, nothing terribly complicated and we had runbooks for everything because of the team dynamics (notice the five generations of engineering teams over the course of about as many years?). As a bonus, in the final generation I was around for we were able to hire a bunch of juniors and actually teach them enough to level them up.

                                                                                                                                                                                  About this “got very lucky” part…

                                                                                                                                                                                  I’ve worked on systems that had to have all of the 9s (healthcare). I’ve worked on systems, like this, that frankly had a pretty normal (9-5, M-F) operating window. Most developers I know are a little too precious about downtime–nobody’s gonna die if they can’t get to their stupid online app, most customers–if you’re delivering value at a price point they need and you aren’t specifically competing on reliability–will put up with inconvenience if your customer success people treat them well.

                                                                                                                                                                                  Everybody is scared that their stupid Uber-for-birdwatching or whatever app might be down for a whole hour once a month. Who the fuck cares? Most of these apps aren’t even monetizing their users properly (notice I didn’t say customers), so the odd duck that gets left in the lurch gets a hug and a coupon and you know what–the world keeps turning!

                                                                                                                                                                                  Ours is meant to be a boring profession with simple tools and innovation tokens spent wisely on real business problems–and if there aren’t real business problems, they should be spent making developers’ lives easier and lowering business costs. I have yet to see k8s deliver on any of this for systems that don’t require lots of servers.

                                                                                                                                                                                  (Oh, and speaking of…is it cheaper to fuck around with k8s and all of that, or just to pay Heroku to do it all for you? People are positively baffling in what they decide to spend money on.)

                                                                                                                                                                                2. 1

                                                                                                                                                                                  eventual solution was a cronjob to kill off a bloated process before it became too poorly behaved and brought down the box … That week did literally have a day or two of us watching graphs and manually kicking over stuff just in time, which was a bit stressful,…

                                                                                                                                                                                  It sounds like you were acting like human OOM killers, or more generally speaking manual resource limiters of those badly-behaved processes. Would it be fair to say that sort of thing would be done today by systemd through its cgroups resource management functionality?

                                                                                                                                                                                  1. 1

                                                                                                                                                                                    We probably could’ve solved it through systemd with Limit* settings–we had that available at the time. For us, we had some other things (features on fire, some other stuff) that took priority, so just leaving a dashboard open and checking it every hour or two wasn’t too bad until somebody had the spare cycles to do the full fix.

                                                                                                                                                                        1. 3

                                                                                                                                                                          This is quite an amazing article, which takes time to read (cca 2hrs). I highlighted it because it’s explanation of modulo arithmetic and the approach of solving a set of linear congruences is so clear. The implementation is somewhat over the top for advent of code problems, but I think Amos just wanted to have fun with an unusual, off the beaten path approach. Insightful and worth reading.

                                                                                                                                                                          1. 14

                                                                                                                                                                            I come across this website every one in a while, usually when working on something gaming related. It has fantastic content, explaining things really well. Go take a look!

                                                                                                                                                                            1. 5

                                                                                                                                                                              It’s a treasure trove of great information. I stumbled upon that site when I was working on the 24th problem for the advent of code 2020.

                                                                                                                                                                              1. 4

                                                                                                                                                                                I discovered this site during AoC 2018, which was heavily “game” focused with lots of pathing.

                                                                                                                                                                            1. 11

                                                                                                                                                                              A dark mode did exist but it was reverted:

                                                                                                                                                                              https://github.com/lobsters/lobsters/pull/823 https://github.com/lobsters/lobsters/commit/65b0b3422d71432db4d3b78f15fd46133a120caf .

                                                                                                                                                                              Firefox support is mentioned but Chrom{e,ium} isn’t any better - in the name of intuitive user experience, no theme selection UI is exposed on the desktop builds, unlike on mobile builds.

                                                                                                                                                                              The irc channel is a good place to talk about this kind of stuff: https://lobste.rs/chat

                                                                                                                                                                              1. 2

                                                                                                                                                                                Why was it reverted? What needs to happen for it to come back?

                                                                                                                                                                                1. 8

                                                                                                                                                                                  Firefox support is half-baked. There’s no user or devtool UI to toggle between states, inspecting an element always shows the style for ::selection instead of the element, and it lists the name of a color variable with no way to see the value of the variable or where it is set. Punting until it’s debuggable.

                                                                                                                                                                                  1. 8

                                                                                                                                                                                    There is now a feature flagged button for toggling this in Firefox devtools, and it’s on track for being enabled by default. https://stackoverflow.com/a/60481298

                                                                                                                                                                                    1. 8

                                                                                                                                                                                      Thanks for quoting this. I just wanted to post to confirm this is the latest state on it. Someone volunteered to do it, the tooling isn’t quite ready, but it’s a popular request and I look forward to merging it when it’s maintainable.

                                                                                                                                                                                      Though I don’t look forward to another round of the bikeshedding that immediately popped up in the few hours this was live, and would appreciate it if folks with strong opinions on the exact colors of dark mode express them on the PR before merge. And obviously, the easiest way to see your opinion reflected on the site is to create the PR and help get it over the line. :)

                                                                                                                                                                                    2. 2

                                                                                                                                                                                      IIRC there was a lot of bike shedding on the colors and also there’s browser support stuff too.

                                                                                                                                                                                      To be honest I think part of this is that in the grand scheme of things there are more time sensitive/higher payoff work that can go into lobsters for the amount of effort dark mode was becoming.

                                                                                                                                                                                      1. 3

                                                                                                                                                                                        I threw the dark mode together in a few hours, wasn’t a big deal to be honest.

                                                                                                                                                                                    3. 2

                                                                                                                                                                                      On that note, are there any alternate user stylesheets that folks have made that they would like to share? Dark Mode or otherwise.

                                                                                                                                                                                      1. 5

                                                                                                                                                                                        darkreader works but the colorscheme is kinda meh. I turn it on at night.

                                                                                                                                                                                        1. 1

                                                                                                                                                                                          What plugin do you use for alt style sheets?

                                                                                                                                                                                          1. 1

                                                                                                                                                                                            You can use greasemonkey to inject the css content at certain nodes or on page load, I am not aware of one someone has created for dark mode in lobste.rs. If someone has created the css I would be happy to make a greasemonkey script for it.

                                                                                                                                                                                            1. 1

                                                                                                                                                                                              I use Stylus myself

                                                                                                                                                                                            2. 1

                                                                                                                                                                                              You can load the dark-mode CSS I wrote for lobste.rs into the Stylus extension: https://pastebin.com/raw/tQfN73az

                                                                                                                                                                                            3. 2

                                                                                                                                                                                              It’s a pity the link to the chat is not on the top line of the page. I only now find about it :/

                                                                                                                                                                                            1. 5

                                                                                                                                                                                              These are so lovely, pity there is no effort to restore all these machines, especially Saratov.

                                                                                                                                                                                              1. 12

                                                                                                                                                                                                Maybe because the dark mode is not that great for our eyes?

                                                                                                                                                                                                1. 2

                                                                                                                                                                                                  Absolutely (and thanks for posting a link to my blog! :)) it’s not great for your eyes, but it’s about giving users the choice.

                                                                                                                                                                                                  I don’t use dark mode 90% of the time, but from time to time it’s nice to have the ability to switch if you want to.

                                                                                                                                                                                                  Plus, some people prefer it. :)

                                                                                                                                                                                                  1. 6

                                                                                                                                                                                                    With all due respect, some random guy saying it’s bad for me, won’t change my personal experience of how much better it feels when the color-scheme is right.