1. 3

    Sounds a bit buzzwordy, but from a tech perspective I’m currently at a cross-roads where I need to get proficient at applied ML, as well as kubernetes (moving on from beloved docker swarm). Both are perfectly justified, pinky promise.

    I’m also learning practical marketing on the spot for a side project I’m working on, and expect more ad-hoc learning to happen throughout 2020. Looking forward to the next year and decade!

    1. 1

      Regarding ML and k8s, I wrote almost the same stuff!

      1. 1

        Just saw your other answer re k8s. I’m mainly agree with the points you’re making, with a little extra twist specific to my situation: Coming from Docker swarm (I have a few servers I’m managing), I was surprised to see the gap to fill isn’t that large to get some k8s proficiency. That and Docker Enterprise being sold to private equity really makes the case to move away from swarm. Nomad, Mesos and friends have either too little marketshare (and thus resources), or are too large and require much more than a team of 1. Let’s see how does that turn out.

        So to me it’s really about trying to get something practical out of k8s (and same applies for ML)

      2. 1

        I’m also learning practical marketing on the spot for a side project I’m working on

        That sounds fun! I’m also getting more and more into marketing for my own side project so it’s interesting to talk to other developers in the same boat.

        Are you learning mostly by doing or following some resource? Also, what’s the side project if I may ask?

        1. 1

          Mostly by doing things that do not scale (a cliché but it’s true).

          My experience in past projects and similar efforts is that resources are either only useful after your project is in cruising speed, or if it’s a common knowledge business (say dropshipping to pick an easy example).

          Each project requires its own impulse to kick start it and from what I see it’s an art more than a science.

          What I’m trying right now concretely is to discover segments for which my side project is delivering value, and engaging with people from that segment to validate and understand their needs. Will see what comes after, once I figure this stage out!

          The project in question is Monitoro (all feedback is welcome!)

          Interested to know about yours as well! Is it a business, or an open-source project, or both? :D

          1. 1

            Monitoro looks very useful. Your approach to discover segments and engage with them sounds reasonable. Are you planning something else for discovery as well?

            I’m working on Developer to Manager. It’s a side-project/business that I started working on last year. It did generate some revenue this year, but I’m trying to figure out if I can somehow make that revenue consistent instead of every now and then. At the same time, I’m getting myself into the SEO rabbit-hole, which is also an interesting world to discover. Feedback welcome! :)

            1. 1

              Monitoro looks very useful.

              How do you see yourself using it? (just exploring how other people perceive it)

              I’m working on Developer to Manager.

              That’s a great niche, and looks like you’re executing great on it, kudos! SEO is indeed a world on its own, and it’s next on my checklist (I’m thinking of following some ideas from Zapier’s book).

              Out of curiosity, if you’re fine sharing, what’s the order of magnitude of subscribers that you currently have, and what percentage are generating revenue?

      1. 3

        I’ve toyed with something similar before:

        an sqlite database that stores my music listening history, synced periodically from my music player with a cron job, managed via a database admin native app, and serving a few cool facts on a web page served by node-red (such as my most listened to artists and genres for the day and week).

        Didn’t go very far though, but the idea is always in the backburner.

        1. 3

          Working on an essential, non engineering part of a project. And working hard to resist the temptation to implement good to have features instead.

          1. 2

            I miss the https://en.wikipedia.org/wiki/CHIP_(computer) - I wish this cheap, small SoCs could lead to similar, and fully open, SBCs

            1. 2

              if anyone is interested, i still have one or two chips somewhere and in the eu shipping them shouldn’t be too expensive.

              1. 1

                I am actually! Might even take your offer on both of them if nobody else voices their interest! I’m located in Berlin. Currently out of town but should be back soon.

                How can we organise this?

                1. 1

                  Might even take your offer on both of them if nobody else voices their interest!

                  maybe i’ve even got three, i have to check the box first. :)

                  checked the box, it’s three, one with the baseplate-“case” and one spare baseplate: https://imgur.com/a/VUWpCXA

                  How can we organise this?

                  i guess the easiest way would be using lobsters-pm to discuss further details.

                  1. 1

                    Oh yeah perfect CHIP HA cluster here we come :D

              2. 1

                Not sure if it quite meets the goals of “fully open”, but I recently learned about https://wiki.pine64.org/index.php/ROCK64 and it seems to be going in the right direction. They use closed-source CPU’s and such, natch, but they seem to put work into making open-source drivers for them and publish all of the specs and designs.

                1. 1

                  I actually got my hands on 4 of the suckers and two pocketchips! It’s a shame that my kernel hacker alpha board is stuck in a bootloop. I have an arduino coming home for Christmas, so hopefully I can debug it back to life over serial.

                  I still use one of the chip boards for testing WebAssembly stuff. Go’s cross-compilation powers are great.

                  1. 0

                    My Docker Swarm home cluster run over a bunch of CHIPs

                  1. 2

                    It’s unfortunate destructuring is a bit verbose, for someone spoiled by JS. Nevertheless I’m looking forward to try out these shiny new toys!

                    1. 7

                      I don’t want to be the one debugging a service that refuses to boot up in the middle of a dog-fight :|

                      Now every F-16 will need a PRE on-board (plane reliability engineer).

                      1. 8

                        R2 units for all!

                        1. 1

                          You know what? It all finally makes sense!

                      1. 2

                        I’m taking the opportunity of quiet time to progress on my side project, and hopefully leverage the holidays to get more traction going.

                        For fellow crustaceans who get to see this, do you think it’s worthy to share as a “show” story? (you can find it here monitoro.xyz) It did present a few technical challenges I’m planning to write about later and potentially share as well.

                        Happy holidays everyone!

                        1. 1

                          This certainly looks useful! I’d be glad to have a “show” post about this.

                          1. 1

                            Thank you for the feedback! I’ll make sure to share it at a good time.

                        1. 7

                          These are great tips.

                          One common reason why logic is typically done server-side is to protect IP and avoid piracy.

                          How do you manage that with Actual? (interested to hear other people’s thoughts / experiences as well)

                          1. 2

                            The claim “without a server” left me baffled, I must say. I was intrigued on how that’s going to work and found, that it meant “managed proxy/ SaaS”. For me, I would rather consider a service if I felt it was honest about the claims.

                            I agree to the SSL problem: I suppose having letsencrypt on the API is the best way to deal with this, but if you manage to provide an even easier solution (like having an easy module I can plug into my app that then allows some sort of zero-config and secure communication with your proxy and my API), maybe that would help some devs who would otherwise run the service unsecured.

                            1. 1

                              Sorry to disappoint! :D You’re correct, server here refers to the developer having to deploy and manage something on the server side, or rather the absence of.

                              But at no point did I try to be dishonest. I don’t see actually see a benefit for Warpist to make this “revolutionary” claim, as it’s not trying to compete on neatness / bleeding edgeness of the proxying tech as much as simplifying the experience of deploying and managing it.

                              Re: SSL, your suggestion is actually very close to a note I have in the roadmap, however I de-prioed this approach as I thought it could be more valuable to solve the problem for people who don’t control the API, and most likely don’t want to run a server just to reverse proxy it. The assumption (to be validated) being that if you have your own API, the benefit you would get from a managed reverse proxy will be relatively small, as you could deploy say nginx (from scratch or with a template), or some docker container that will handle reverse proxying for you, for a relatively minimal cost.

                              In your opinion, why would you choose Warpist over nginx or other proven solutions, when you have control over the server of the API to proxy?

                              1. 1

                                No worries, I’m not trying to say you’re dishonest, just that finding out what’s behind the claim baffled me in a negative way. But we’re living in a time where “serverless” doesn’t mean “no-one actually runs a server”, so yeah.

                                Ah, I see your point - and therefore the CORS claim that you made prominent. I think it might solve an issue, although I feel that it more feels like a workaround for setting up CORS correctly. Shouldn’t services that actually are supposed to be used from other sides where CORS would be an issue have the rules set up?

                                As nginx and reverse proxying is actually part of my everyday work, I personally would just install nginx for sure - it’s minimal efford and I get full control and eliminate an additional party that would have access to the traffic. Developers that focus more on the backend/ frontend side of things instead of the underlying infrastructure might thing differently, though.

                                1. 1

                                  No worries, I’m not trying to say you’re dishonest, just that finding out what’s behind the claim baffled me in a negative way. But we’re living in a time where “serverless” doesn’t mean “no-one actually runs a server”, so yeah.

                                  All good, but that’s indeed a legit source of confusion, and I’m trying to think of a good way to rephrase it.

                                  I feel that it more feels like a workaround for setting up CORS correctly

                                  That is partially true. The current incarnation of Warpist would be a transitional solution until all APIs have adopted CORS or a new standard appears. However, beyond the implementation itself, it seems not everyone wants to implement CORS.

                                  Many API providers have a legitimate concern that enabling CORS would make it harder to manage security, for example API secrets could be stolen from client-side only apps, and to my knowledge Google’s the only large provider who implements a proper way to deal with this (origin validation + only a client ID, so no secret to leak).

                                  To address this, Warpist gives you a way to setup an allowed origin whitelist, as well as a way to manage API secrets, so that they’re never exposed to the browser. So it’s a little bit more convenient for this use case than a vanilla reverse proxy setup (nginx based for example).

                                  it’s minimal efford and I get full control and eliminate an additional party that would have access to the traffic.

                                  Exactly my reasoning for targeting APIs the developer does not control. Those would be public APIs mainly where the effort to deploy a CORS proxy might mess with the original project plan, but secondarily it could also be software you deployed yourself, yet it doesn’t have CORS support built-in (Wordpress comes to mind).

                            1. 1

                              When you say “without a server” you mean “without a server that you have any control over”.

                              1. 1

                                To be more precise, “without having to manage an additional server just for reverse proxying. As I mentioned in the other comment thread, the goal is not to make earth shattering tech claims, rather highlight that this solution allows you to avoid managing and deploying a server for reverse proxying.

                                I’ll try to rephrase it nevertheless, thank you!

                              1. 2

                                I’m so completely and utterly terrified by the ways by which this is about to be abused, especially if you’re promoting it as “solving” HTTPS/SSL - which is going to incline people to hide HTTP behind it.

                                Hopefully it requires SSL-terminated endpoints? Any endpoint this connects to should absolutely be an encrypted connection, or you’re leaking peoples’ data. Bad for the world of security as a whole if not, and possibly still if so.

                                Also, if this is managed then what is the reason to choose it over - for example - cloudflare?

                                EDIT: Okay, the front page literally shows it masking an HTTP endpoint as HTTPS. This is anti-security.

                                1. 1

                                  which is going to incline people to hide HTTP behind it.

                                  That makes sense. The actually message I tried to convey is that Warpist’s proxy does not lower your existing security. In other terms, the SSL certificate is another thing you’d have to manage yourself if you deploy your own reverse proxy.

                                  But I see how that could be understood as “All your SSL problems are solved”, which would indeed be a dangerous thing to do.

                                  Thanks for the heads up!

                                  what is the reason to choose it over - for example - cloudflare?

                                  Which specific Cloudflare product do you have in mind? To make the product a bit clearer, Warpist works by adding CORS headers to the API, and managing API authentication server-side (tokens and secrets).

                                1. 2

                                  I would +2 this if I could. It’s funny and has a lot of useful comparisons across product and protocol lines. Sweet.

                                  1. 2

                                    I couldn’t help but read it in FPS Russia’s voice.

                                  1. 3

                                    I dislike this. If you want to transform an array, use map and Promise.all. If you want to perform a side-effect, there is the for await extension.

                                    1. 1

                                      Agreed. You can also use await in the for loop body for ultimate control.

                                    1. 1

                                      That’s actually a very reasonable point. We did it for HTTP traffic with SSL for “exactly” the same reasons, why not for email?

                                      1. 2

                                        A significant reason I find it hard to adopt other tech stacks over nodejs for the web is the large existing ecosystem, especially the tooling, compilers and others. Would Rust be a good contender today, without one having to implement those lower level blocks?

                                        1. 4

                                          It’s an ongoing process and of course, a decade of Node is not caught up in a few years. http://www.arewewebyet.org/

                                          1. 1

                                            That’s an amazing link, and exactly the question I was pondering, thank you!

                                        1. 1

                                          I’m pretty hyped up about this as someone who used both Rust and Swift, and while I liked the safety model of Rust, I found Swift a lot easier to get productive with, especially as a Mac user.

                                          Are there more languages employing a similar ownership model?

                                          1. 1

                                            I think “Swift a lot easier to get productive with” exactly because it doesn’t check ownership.

                                            If Swift adopts something like this, it will become harder to get productive in Swift.

                                            Just because it is built by Apple doesn’t mean there is a free lunch – getting from Cyclone’s or ATS’ level of usability to Rust’s level of usability required massive efforts and hard work by smart people.

                                            If Swift wants to substantially improve on this (to avoid making their language harder to get productive with), Apple will have to put an massive effort into it and I think they will run into hiring limitations quite soon, because there are not that many people on this planet that are a) capable and b) unemployed.

                                            1. 1

                                              The idea as laid out is for it to be “opt-in” and used only in code where the benefits are important, with everything else still using ARC. At least in theory, the average Swift developer who isn’t doing low-level library/kernel/embedded/real-time/etc work won’t ever even encounter it. Sounds like the best of both worlds; we’ll see how well that works in practice, of course.

                                              1. 1

                                                As usual in those “best of both worlds” scenarios I’d assume that you will pay the complexity of both, plus additional complexity of making them integrate with each other, while gaining only limited benefits. At least if you consider such failed attempts like mixed types/untyped languages.

                                                1. 2

                                                  I thought gradual typing, typified by TypeScript, was a great success and model of transfer from research to application. Why do you think it is a “failed attempt”?

                                                  1. 1

                                                    I agree with your point, but I think TypeScript is the odd one out in multiple ways:

                                                    • The lack of deep class hierarchies makes mixing typed/untyped code less painful in practice.
                                                    • Most efforts of going the hybrid route not only want safer code, but also want to derive runtime benefits from it. TypeScript never had to deal with this issue, due to man-centuries spent on making a very slow language (JavaScript) very fast, without relying on static types.
                                                    • The types don’t need to be correct, because the runtime saves you from wrong assumption, or better said – wrong assumptions in types don’t lead to misoptimizations/wrong code gen in the backend.

                                                    So yes, TypeScript is a success, but only repeatable if you have similar resources as Microsoft, Google and Mozilla combined.

                                          1. 5

                                            Because I spend a lot of time reading new codebases I am working on a code exploration tool to replace my current workflow, which consists of opening many files and jumping between them as I understand it better.

                                            It’s currently statically analysing the code, presenting it as a graph, and provides me with a debugger like call stack and the ability to step through the code execution.

                                            1. 9

                                              If you haven’t built it yet and want to target mobile, skip native for now and just build a Progressive Web App (PWA). It’s (arguably) easier, has a wider reach, and doesn’t lock you in to app store ecosystems. Plus there are some technologies that actually let you minimize the actual amount of JavaScript or native code that you need to write and still maintain an almost-native look and feel, e.g. Ruby on Rails with Turbolinks and Stimulus ( https://youtu.be/SWEts0rlezA ), or the upcoming Phoenix LiveView ( https://dockyard.com/blog/2018/12/12/phoenix-liveview-interactive-real-time-apps-no-need-to-write-javascript ) which I’m really excited about.

                                              1. 3

                                                It’s important to note that not all mobile phone APIs are available to a PWA (notably the storage story is non-trivial), and in my personal experiment performance seemed somewhat worse (though it was a one off and I’m not an expert, so I may have just botched something).

                                                1. 3

                                                  True, PWAs are not equal to a native app. But if you haven’t actually built anything yet, and don’t know anything about native development (i.e. if you’re at the ‘Should I learn Dart?’ stage), they are an easier starting point, with a wider reach.

                                                2. 1

                                                  just build a Progressive Web App (PWA)

                                                  Is there a store ecosystem for these?

                                                  1. 3
                                                    1. 1

                                                      So… Android only? I’m just wondering how all this will fix the ecosystem lock-in.

                                                      1. 1

                                                        Totally agreed. I personally do not endorse a store owned by a given platform.

                                                        Ideally PWAs would have PWA stores, also operating in the same model. It’s unlikely though that Apple and Google would provide the necessary system APIs for such stores.

                                                        1. 1

                                                          I personally do not endorse a store owned by a given platform.

                                                          That’s not the discussion here. Someone asked if there’s a store ecosystem for PWAs, the answer is yes.

                                                          Ideally PWAs would have PWA stores,

                                                          Hence Google Play Store for Android Chrome.

                                                          Anyway, at least PWAs are not locked in to the Google or Apple platforms like native apps are. That’s the whole point of my suggestion.

                                                          1. 1

                                                            I am not sure what you are replying to.

                                                            In fact, my original answer above says exactly “the answer is yes”.

                                                            1. 1

                                                              Apologies, I misread your comment.

                                                              1. 2

                                                                No harm done.

                                                        2. 1

                                                          Because it’s a webapp; you can host it yourself and market it on other channels than just the Play Store. And because it’s a webapp, you’re not locked in to any company’s platform.

                                                      2. 2

                                                        There was a store for websites called “Yahoo” and it was once one of the biggest internet companies, but it’s no longer a store.

                                                      1. 1

                                                        If I understand properly, elm-ui is a set of primitive components that exposes different properties than HTML/CSS (and allows you to dive into it if needed).

                                                        Forgive me if I’m short sighted, but is this different than say a library of UI components like https://ant.design for example (assuming you stick the their lower level components)? Or even Bootstrap itself, if we abstract the difference in the API.

                                                        Maybe the text just won’t align vertically (…) effect at all.

                                                        At one point, for elm-ui to be a general UI solution it needs to expose a significant set of CSS capabilities, so the question ends up being, is it feasible to expose a better CSS API than CSS itself, while not being restricted to a narrow set of UI?

                                                        The latter goal is a completely justifiable scope as well, just curious about elm-ui’s positioning in the market.

                                                        1. 1

                                                          The short answer is: yes, it’s absolutely feasible.

                                                          The longer version requires a couple of caveats. I don’t think that elm-ui is particularly focused on document layout. Instead, it’s primarily for dynamic application UIs, so its goal isn’t to be a 100% replacement. I’m not sure that rich document layout capabilities and rich application UI capabilities should be provided by the same library/framework, or indeed whether it’s even possible. Certainly, the HTML/CSS/JavaScript triumvirate isn’t a convincing example.

                                                          This brings me to the reasons why I think a better API is possible:

                                                          • elm-ui isn’t trying to be some sort of backward compatible addition, instead it’s starting from scratch. I think that’s the most obvious scenario for achieving a better API, and there are plenty of examples of this sort of successful replacement. Simply by virtue of starting with an existing solution (HTML/CSS/JavaScript) to learn from, a blank slate for a new UI language, and a current set of use cases to consider all together, elm-ui is in a great position to provide a better solution.
                                                          • As a corollary, HTML/CSS/JavaScript accreted over decades through a wide range of influences, so almost by definition it cannot be a good API (hell, it’s three separate languages). I’m not sure that any API can survive the sort of transformation that’s occurred on the web.
                                                          • elm-ui implicitly claims that it is possible to express all of the aspects of a UI using a single language instead of three languages. That is certainly a massive improvement in usability from a programmer’s point of view. It is possible that it will and so far I think it’s true. But of course, it will be challenging to maintain a clear API as more functionality is added and it’s put to new uses.
                                                        1. 2

                                                          I actually needed something similar yesterday and have been able to achieve the same behaviour minus the animation using only CSS’ new column-count property and media queries.

                                                          This looks cool though to give full control, but I’d go again with something simpler when needed as JS powered grids feel too heavy and overkill.