1. 7

    I love her work, but this is naked product advertising. Flagged.

    1. 12

      I also find it weird (as the author) for this to be on lobsters – to me if something costs money to read, I’m not sure that it makes sense for it to be posted to a site like this, because most folks won’t be able to read it and then it’s not possible to have a discussion about the content :)

      1. 3

        Indeed. Congratulations again though on your work! :)

        1. 1

          Thanks a lot for your work, I am a big fan myself and distributed a bunch of print copies of your CC-licensed work among friends and colleagues! :)

          I could imagine that the fact that gumroad seems to support only credit card payments hinders some customers who, like myself, live in a region were credit cards are not as common as they seem to be in the US. I bought a pre-paid card just for your zines, but supporting at least something like paypal would be great.

          1. 2

            Gumroad now has paypal support for me. (I live in Europe, maybe it’s a regional thing?) When I click to the payment dialogue, it shows the credit card one, but also a button where I can pay with paypal.

            I tried that out last week, when I bought the Bite size linux zine. :)

            1. 1

              You are right, that works for me too. I just had missed the paypal button, thanks for the hint!

      1. 2

        I ran in the same trap with Haskell. For me, using OCaml helped to avoid that to some degree. My code might not be pure, but I find it much easier to incrementally improve my programs until I am satisfied with them.

        1. 2

          It’s really saddening how authentication on the web has turned in to “Let google do it”. Does anyone know of any active projects for google like sign in?

          1. 7

            I found https://www.keycloak.org/ to be relatively “easy” to operate. It’s well documented and supported, based on the JVM. You could use it with OAuth/OpenID connect or SAML and administer users via web interface or from external sources like LDAP.

            1. 2

              It’s not google, it’s oauth. You may allow your users to use other providers. Like Facebook or Amazon. What makes the matter only slightly less horrible.

              1. 1

                The project readme says otherwise

                It depends on Google as its authoritative OAuth2 provider, and authenticates users against a specific email domain. Further authorization based on Google Group membership can be required on a per-upstream basis.

                1. 1

                  There are also other OAuth2 providers.

            1. 3

              Everytime I see a post for Nim I am hoping for a Golang competitor that can actually bring something new to the table. But then I look at the library support and community and walk back disappointed. I am still hoping for nim to take off and attract Python enthusiasts like me to a really fast compiled language.

              1. 11

                But then I look at the library support and community and walk back disappointed.

                It’s very hard to get the same momentum that Go achieved, just by the sheer fact that it is supported and marketed by Google. All I can say is: please consider helping Nim grow its community and library support, if everyone sees a language like Nim and gives up because the community is small then all new mainstream languages will be owned by large corporations like Google and Apple. Do you really want to live in a world like that? :)

                1. 3
                  1. 1

                    Have tried it; GC is way to optimistic so under high loads you would see memory being wasted. I love the syntax and power of language but it still stands shy when you can’t compile single binary (like golang) and end up with weird cross compile issues. Nim is way more efficient in terms of memory and GC overhead.

                    1. 1

                      Cannot compile single binary? What do you mean by that?

                      1. 1

                        Let me rephrase; binary is not standalone with everything static linked (LibSSL and some dependencies). I had to recompile my binaries on server to satisfy the dynamic linked libraries with particular version.

                        1. 5

                          I think that’s more a result of Go having the manpower to develop and maintain an SSL library written in Go. As far as I understand, if you were to write an SSL library in 100% Crystal you wouldn’t have this problem.

                          By the way, Nim goes a step further. Because it compiles to C you can actually statically embed C libraries in your binary. Neither Go nor Crystal can do this as far as I know and it’s an awesome feature.

                          1. 3

                            Is there a distinction between “statically embed C libraries in your binary” and “statically link with C libraries”? Go absolutely can statically link with C libraries. IIRC, Go will still want to link with libc on Linux if you’re using cgo, but it’s possible to coerce Go into producing a full static executable—while statically linking with C code—using something like go install -ldflags "-linkmode external -extldflags -static".

                            1. 2

                              There is a difference. Statically linking with C libraries requires a specially built version of that library: usually in the form of a .a or .lib file.

                              In my experience, there are many libraries out there which are incredibly difficult to statically link with, this is especially the case on Windows. In most cases it’s difficult to find a version of the library that is statically linkable.

                              What I mean by “statically embed C libraries in your binary” is: you simply compile your program’s C sources together with the C sources of all the libraries you depend on.

                              As far as Go is concerned, I was under the impression that when you’re creating a wrapper for a C library in Go, you are effectively dynamically linking with that library. It seems to me that what you propose as a workaround for this is pretty much how you would statically compile a C program, i.e. just a case of specifying the right flags and making sure all the static libs are installed and configured properly.

                          2. 2

                            I suppose you built with --static?

                            1. 2

                              You have to jump through quite a few hoops to get dynamic linking in go.

                              By default it statically links everything, doesn’t have a libc, etc.

                            2. 1

                              It’s not uncommon or difficult in go to compile a webapp binary that bakes all assets (templates, images, etc) into the binary along with a webserver, HTTPS implementation (including provisioning its own certs via ACME / letsencrypt), etc.

                              1. 1

                                only have a passing familiarity with go’s tooling, how do you bake in assets?

                                1. 1

                                  There are different approaches, https://github.com/GeertJohan/go.rice for example supports 3 of them (see “tool usage”)

                            3. 1

                              I think he mentions the ability to statically build [1] binaries in Golang. I’d note that this is a feature that is not so common and hard to achieve. You can do this with C/C++ (maybe Rust), but it has some limits, and it’s hard to achieve with big libraries. Not having statically built binaries often means that you need a strong sense of what you need and to what point or using good packaging/distribution workflows (fpm/docker/…).

                              It’s a super nice feature when distributing software (for example tooling) to the public, so it feels like “here you are your binary, you just have to use it”.

                              [1] https://en.wikipedia.org/wiki/Static_build

                        2. 1

                          The “programming by duct taping 30 pip packages together” method of development is pretty new, and it isn’t the only way to program. Instead, you grow the dependencies you need as you build your app, and contribute them back once they’re mature enough.

                          More time consuming, but you have total control.

                        1. 7

                          This is a chance to get familiar with a newer and exciting language in the compile to Javascript world.

                          Why Reason is always marketed as “language that compiles to javascript”? I thought it’s just alternative syntax for Ocaml (i.e. it rather compiles to Ocaml or its internal representation than JS), and that compilation to javascript is performed by Bucklescript, not Reason.

                          What js-specific functionality it has, compared to plain Ocaml with Bucklescript? Maybe better integration with npm mentioned on website? Or [% … ] quasi-quotations allowing to embed raw js?

                          Even Bucklescript website shows code examples in Reason. I’m confused.

                          1. 5

                            ReasonML is both a syntax and a default build chain relying on Bucklescript. You can use the syntax rewriter to build normal, binary libraries and executables via ocamlc and your build tool of choice.

                            Bucklescript heavily integrates with the Javascript runtime - depending on your needs, you can cast directly between a javascript object and a type safe OCaml value. This is why ReasonML uses Bucklescript as the compiler: it makes it much easier to interop with existing JS. Compare to js_of_ocaml which compiles the OCaml runtime to JS (more or less) and makes no attempt to reconcile the difference.

                            The only feature specific to ReasonML is the JSX rewriter (AFAIK) - that only works on ReasonML source, not OCaml.

                            OCaml + Bucklescript + npm = (default ReasonML toolchain) - jsx

                            1. 2

                              Most tooling and libraries seem to build on the nodejs side of the ecosystem, meaning npm packages instead of opam, build scripts which only address javascript output, no native binaries.

                              (I only glance over ReasonML documentation from time to time, not an active user)

                            1. 23

                              Nix is one of those tools where you don’t know what you aren’t getting until you get it. There are so many things wrong with this post, but I only know that because I spent weeks wrestling with lots of those issues myself.

                              You basically need to read all the nix pills (https://nixos.org/nixos/nix-pills/), the nix manual, the nixpkgs manual and the nixos manual in a loop gradually filling in what is going on… which takes a long time.

                              Nix is very confusing at first, but enables things that you would not have thought possible once you know what you are doing. The core people don’t seem to evangelize much because it is just one of those tools that solved their problems so well, they don’t have to care about the outside world anymore.

                              I use nixos for my laptop, desktop and a few servers, have all my machines config under version control and can roll the machines back to any version whenever I want, remote administer them, build an install on one computer, test it in a VM and then ship it with a single command to another machine. I won’t go back to another OS despite there being room for improvement, because no other OS comes close in terms of what you can do (my path has been windows -> ubuntu -> arch linux -> freebsd -> openbsd -> nixos).

                              1. 18

                                I use NixOS on everything and completely agree. It’s a massive investment. It was worth it for me, but it shouldn’t have to be a massive investment. Need better tooling and docs.

                                1. 5

                                  Yeah, there are lots of things I wish I could explain, but the explanations take a large investment. Take for example the complaint about making a new language instead of using something existing… It seems sensible on the surface, until you understand deeply enough to know why laziness is needed, and features like the pervasive use of interpolation to generate build scripts… Once you understand those, you know why a new language was made.

                                  The lack of tooling IS a valid complaint, and the fact the language isn’t statically typed could also be a valid complaint, but the community is growing despite all those issues, which is a good sign.

                                  1. 6

                                    I’m hoping https://github.com/haskell-nix/hnix will help with that point, and the tooling.

                                2. 6

                                  You basically need to read all the nix pills (https://nixos.org/nixos/nix-pills/), the nix manual, the nixpkgs manual and the nixos manual in a loop gradually filling in what is going on… which takes a long time.

                                  I’ve tried reading all of this but I found it all horribly confusing and frustrating — until I read the original thesis on it, which I still think is (perhaps surprisingly) still the best resource for learning how nix works. It’s still a pretty big investment to read, but imho it’s at the very least a much less frustrating experience than bouncing from docs to docs.

                                  (I wonder if the same is true of the NixOS paper?)

                                  1. 3

                                    How do you manage secrets in configuration files? Passwords, ssh keys, tls certs and so on. If you put them into a nix-store they must be world-readable, right?

                                    One could put a reference to files outside the store in configuration files, but then you loose a bit of the determinism of NixOS and it’s not always easily possible with third-party software to load e.g. passwords from an external file anyways.

                                    Besides the learning curve, that was the single big problem which kept me from diving deeper into the nix ecosystem so far.

                                    1. 7

                                      You are right, no passwords should ever go in the nix store.

                                      The encryption key for my backup script is in a private root owned file I put under /secrets/ . This file is loaded in my cron job so the nix store simply references the secret but doesn’t contain it. This secret dir isn’t under version control, but is backed up with encrypted backups.

                                      Every daemon with secret config I have seen on nixos has a “password file” option that does the same thing.

                                      1. 3

                                        How do you manage secrets in configuration files?

                                        For my desktop machine I use pass with a hardware key. E.g. nix (home-manager) generates an .mbsyncrc with

                                        PassCmd "pass Mail/magnolia"
                                        

                                        For remote machines, I use nixop’s method for keeping keys out of the store:

                                        https://nixos.org/nixops/manual/#idm140737318276736

                                      2. 1

                                        Nix is one of those tools where you don’t know what you aren’t getting until you get it. There are so many things wrong with this post

                                        I have to disagree, but not with the second sentence - I was sure as I wrote the post that it was full of misconceptions and probably outright errors. I wrote it in part to capture those in the hopes that someone can use them to improve the docs.

                                        But to disagree with the first sentence, I was keenly aware through the learning and writing that I was missing fundamental concepts and struggling to fill the gaps with pieces from other tools that didn’t quite fit. If there is indeed a whole ‘nother level of unknown unknowns, well, that’s pretty disheartening to me.

                                        1. 1

                                          I can’t speak for your experience, but that’s how it was for me anyway, on the plus side it also meant nix solved more problems I was having after I understood better. I even thought nix was over complicated to the point I started writing my own simpler package manager, only to find nix had solved problems I ran into before I knew what they were.

                                      1. 4

                                        The subtext of this article is hilarious: that GPG is so hard to use that someone decided that it might be less painful to just rewrite the damn thing.

                                        1. 6

                                          It’s no secret that GPG shows its age, but the part that the author has rewritten is still only a small fraction of gnupg’s features.

                                          1. 2

                                            agreed. another reading - the part of gpg worth using is not worth using gpg for, given the bulk that comes with it.

                                          1. 5

                                            Trying to get up to speed with Kubernetes and the whole ecosystem around it. Got a small cluster running with Kubespray, Rook for storage management and an Nginx Ingress controller. Certificate management, Network Policies, RBAC, Monitoring and so on still need a lot of work and learning on my side. I hope to get a MySQL Galera cluster and Wordpress to run with OpenID connect via Keycloak by the end of the week.

                                            Besides that I should start to apply for a new job :)

                                            1. 2

                                              Redhat has a podcast series called PodCTL if you are interested.

                                              Its largely produced by the team behind OpenShift & there has been somewhat of a lull in production & production quality in recent months.

                                            1. 15

                                              I’ve become more and more disillusioned with NixOS over the past couple of months. Packaging things that aren’t available, or even updating existing packages, has so many little undocumented gotchas that (I guess) they assume you’ll figure out reading from reading gh issues or random blog posts. It has actually stopped me working on a few different projects because it’s not worth figuring out how to package something.

                                              However, I don’t think I can go back to a traditional distro after tasting the stability and convenience of something like NixOS. Has anyone here tried both NixOS and GuixSD. or perhaps switched from one to the other?

                                              Guix seems so much better documented from the brief read though I’ve given it after seeing this. The docs just have so much detail.

                                              Also, I’d much rather learn a real language like scheme for making packages than the rather incomprehensible (at least to me) language that Nix invented.

                                              What are the downsides of Guix that I just haven’t seen yet?

                                              1. 9

                                                Guix has fewer packages, because they have a smaller community. Being a GNU project, they attempt to limit the amount of non-free, or license-incompatible, software as much as possible: using linux-libre, nearly no potential ZFS support, no Intel microcode, etc. If your hardware depends on a binary blob, you might have to jump through several hoops to get it working. As of 2018-07-06, they don’t have LVM support.

                                                That said, guix seems far better thought out than nix. It does not rely on a particular init ecosystem (cough, systemd, cough). It has more features available without installing additional packages, for example: guix import instead of the myriad of pypi2nix, nix-generate-from-cpan, etc packages that are separately written; guix environment makes creating an isolated container as easy as its normal environment isolation; etc. And guix is most certainly better documented.

                                                If you’re comfortable packaging software yourself (and don’t mind doing so), some of these problems could be fixable. You can keep (or contribute to) a non-free guix repository (such as these, but these do not seem to be well maintained, nor will the be approved of, probably). One could also use guix import to import from a local copy of nixpkgs (though such an import is imperfect, and might require manual maintenance), or run guix atop NixOS.

                                                Unfortunately, I needed a system that works with nearly-minimal hassle on my hardware, with my software, and that is what NixOS gave me. The nix language is quaint, and the reliance on bash and systemd rather annoying, but personally I can ignore that and use a working computer with a relatively nice environment management system.

                                                1. 2

                                                  It does not rely on a particular init ecosystem You are referring to Guix, the package manager here, right? Because, as far as I understand, GuixSD, the Linux distribution does depend on https://www.gnu.org/software/shepherd/?

                                                  1. 3

                                                    I was referring to the fact that neither Guix nor GuixSD rely on systemd. But you are correct, as best as I can tell GuixSD seems to rely on Shepherd.

                                                    Though maybe not all services seem to rely on it? Some of them don’t seem to mention shepherd at all, but I can’t tell whether or not that means anything because I’m not well versed in Guix scheme.

                                                    1. 1

                                                      https://github.com/guix-mirror/guix/blob/master/gnu/services/ssh.scm

                                                      Here’s one example that clearly refers to shepherd. Is there any reason to believe that shepherd is better than systemd?

                                                      1. 6

                                                        Three things, maybe:

                                                        • Shepherd doesn’t try to be more than an init system. Contrast to Logind, which GNOME depends on, which is tied to systemd. elogind had to be forked and extracted from systemd, because otherwise GNOME would not work without it. I don’t know of any end user applications that require shepherd to be the init system in any way that doesn’t resemble init system / daemon management usage.
                                                        • shepherd is also written in scheme, which means that Guix expressions can easily generate code per the user’s configuration for the shepherd file since you’re just going from scheme to scheme.
                                                        • I can’t remember if systemd can do this or not, but you can also run shepherd as a user to manage your user’s daemons (rather than the system-wide daemons). Convenient!
                                                        1. 1

                                                          I can’t remember if systemd can do this or not, but you can also run shepherd as a user to manage your user’s daemons

                                                          Yes, systemd can do that.

                                                          1. 1

                                                            I can’t remember if systemd can do this or not, but you can also run shepherd as a user to manage your user’s daemons

                                                            Systemd does have support for user services, without needing to start another daemon as your user.

                                                            1. 1

                                                              I should clarify that I meant being able to run one or more shepherd as a user being a feature :)

                                                          2. 5

                                                            Shepherd isn’t an ecosystem of things that come bundled together? It isn’t Linux specific? It doesn’t (yet) slowly overtake various other components of your system, such as udev? There are definitely reasons that I still believe that Shepherd is better than systemd.

                                                            However, nothing’s perfect. Upon a further examining of the documentation, it does seem that you are correct regarding Guix’s dependence on Shepherd: namely, all services do currently depend on it.

                                                      2. 2

                                                        Thanks for that Guix on NixOS link. I actually installed GuixSD in a VM at work today and noticed there were quite a few packages missing that I would like to have, so that seems like a good way to get started making son new packages before I go all in on the OS.

                                                        1. 1

                                                          What is the status of Java especially maven dependencies of a project? (which doesn’t seem to be fixed in Nix yet)?

                                                      1. 8

                                                        My latest install has been Guix on top of Arch.
                                                        I’ve been running it as my daily driver for a couple months.

                                                        Pros:

                                                        • Guix is easy to hack on, you can get in there and do whatever you want with minimal fuss, especially compared to other package managers.
                                                        • Emacs integration is robust, including a powerful REPL.
                                                        • Scheme is a full language, I can realistically see Guix subsuming all other language-specific dependency and package managers. Especially attractive for polyglot projects that are juggling multiple build tools and environments.
                                                        • Can build lots of packages from source, with their build dependencies, which makes it great when patching those projects.
                                                        • Easy to apply your own patches or specify your own remotes.
                                                        • Runs package test suites on the host system.

                                                        Cons:

                                                        • Packages are still few and frequently out-of-date compared to Pacman.
                                                        • Still fairly unstable, stuff breaks, updates break.
                                                        • Slow… Building so much from source is slow… Even with fast mirrors get ready for a slow time.

                                                        Overall, I like having it on my system, it’s especially nice for managing Emacs packages! I fall back onto Pacman frequently to work around the cons. I couldn’t run GuixSD as my daily driver.

                                                        1. 1

                                                          The last time, I tried nix, everything in the store had to be world-readable, which made it rather questionable to manage things like private keys for TLS certificates and so on through nix expressions. Is this an issue with guix too?

                                                        1. 3

                                                          I don’t really see the point of using microG? What’s the big benefit of a third party client if one does still continue to use Googles servers?

                                                          Personally, I use CopperheadOS without any google services. Works well for me, but I did not even use GMaps, Whatsapp and so on back when I had “Google Play Services” on my phone. Nowadays it’s fdroid and all its apps, like OSMAnd and so on. Signal from its self-updating APK with a websocket connection instead of “Google Cloud Messaging”. Works just fine, but uses quite a lot of battery.

                                                          1. 5

                                                            Push notifications are a deal breaker for me, also, there are a lot of apps that purposely warn you and kick you out of the app if no Play Services are installed (Google has some security certifications where they mandate you to disallow users without play services from using apps).

                                                            Also, everything I can get from F-Droid that serves my need I do, but not every app that I need has a FOSS alternative (slack, bank, spotify, zoom - to name a few). Plus, I really dislike the idea of having a ~150MB system app that sits their just to “support apps with services”. MicroG serves the basic functionality to provide you with things like push notifications, it’s size is tremendously smaller and it’s open source.

                                                            1. 2

                                                              I’m in the Copperhead camp and don’t really miss push notifications. Slack doesn’t ping me anymore, but that’s just another reason to migrate to FOSS apps designed to work without Google Play (riot/matrix, conversations.im, signal, etc). Cutting down on notifications from bank apps could even be interpreted as a positive side effect.

                                                              One security downside to MicroG is that you need to enable signature spoofing so that it can impersonate the official Google Play Services.

                                                              1. 1

                                                                One security downside to MicroG is that you need to enable signature spoofing so that it can impersonate the official Google Play Services.

                                                                LineageOS people keep saying that, but I don’t see the security issue. There is no slippery slope, and there is literally no other way to replace Google dependencies than to pretend you’re them.

                                                          1. 14

                                                            I really hate browser notifications. I never click yes ever. It feels like preventing browsers from going down this hole is just yet another hack. The Spammers and the CAPTCHAers are fighting a continuous war, all because of the 2% of people who actually click on SPAM.

                                                            1. 7

                                                              I’m amazed there is no “deny all” setting for this

                                                              1. 5

                                                                My firefox has that in the settings somewhere:

                                                                [X] Block new requests asking to allow notifications

                                                                This will prevent any websites not listed above from requesting permission to send notifications. Blocking notifications may break some website features.

                                                                help links here: https://support.mozilla.org/en-US/kb/push-notifications-firefox?as=u&utm_source=inproduct

                                                                1. 2

                                                                  Did anyone find the about:config setting for this, to put in ones user.js? I am aware of dom.webnotifications.enabled, but I don’t want to disable it completely because there are 3 websites which notifications I want.

                                                                  1. 3

                                                                    permissions.default.desktop-notification = 2

                                                                2. 1

                                                                  there always has been in Chrome and Safari and since very recently, there’s also one in Firefox. It’s the first thing I turn off whenever I configure a new browser. I can’t possibly think of anybody actually actively wanting notifications to be delivered to them.

                                                                  Sure, there’s some web apps like gmail, but even there - I’d rather use a native app for this.

                                                                  1. 3

                                                                    I can’t possibly think of anybody actually actively wanting notifications to be delivered to them.

                                                                    Users of web-based chat software. I primarily use native apps for that, but occasionally I need to use a chat system that I don’t want to bother installing locally. And it’s nice to have a web backup for when the native app breaks. (I’m looking at you, HipChat for Windows.)

                                                                3. 5

                                                                  There is a default deny option in Chrome, takes a little digging to find though. But I agree that it’s crazy how widespread sites trying to use notification are. There’s like 1 or 2 sites that I actually want them from, but it seems like every single news site and random blog wants to be able to send notifications. And they usually do it immediately upon loading the page, before you’ve even read the article, much less clicked something about wanting to be notified of future posts or something.

                                                                  1. 1

                                                                    The only time I have clicked “yes” for notifications is for forums (Discourse only at this point) that offer notifications of replies and DMs. I don’t see a need for any other websites to need to notify me.

                                                                  1. 2

                                                                    PeerTube is a very interesting project, though personally I would love some kind of youtube interface so I can watch youtube on PeerTube and maybe live streaming before I’d consider switching away from youtube itself entirely.

                                                                    1. 1

                                                                      Video import from youtube is one of their stretch goals, if I understand you correctly.

                                                                      1. 1

                                                                        You mean like with HookTube? Yeah that’s something I’ve been meaning to implement. It only has a real interest with playlists support and user subscriptions, which is not the case right now. So maybe in the near future!

                                                                        1. 2

                                                                          Probably a bit like that (though it looks like HookTube doesn’t support 1080p).

                                                                          But being able to bring Youtube atleast one-sided into the fediverse could convince a lot of people to switch. It’s what I consider a necessary feature for a lot of federated platforms, atleast in the initial phases.

                                                                          1. 1

                                                                            You’d be suprised what users tell us are “necessary features” ;)

                                                                            While this one should not be part of the core per se, I do see the interest of this one. Decentralizing the content also means migrating the habits. Believe it or not, it should either land as a plugin (much later since there is no plugin system yet) or as a core feature, depending how much free time I can free in the next months. Either way that’s not a priority, as there is much to build apart from that.

                                                                            1. 1

                                                                              Yeah, I totally understand if it’s not a priority (and I know what users sometimes consider ‘necessary’) so I try to keep my list of necessary things short and reasonable.

                                                                              Good luck with the platform then :)

                                                                              1. 1

                                                                                Thanks :)

                                                                      1. 9

                                                                        I just uploaded the complete first draft of Practical TLA+.

                                                                        Going to bike for a while. Then back to work on revisions.

                                                                        1. 3

                                                                          For those vaguely interested like me: hwayne seems to be the author of the great website https://learntla.com/ and currently in the process of writing a book, Practical TLA+ with Apress. https://twitter.com/Hillelogram/status/950874673994137600

                                                                          Thanks for your work!

                                                                        1. 5

                                                                          work: In the process of ‘packing up’ because I am going to leave after 1,5 years as a systems engineer. Haven’t decided on a new job yet and going to enjoy a bit unemployment in summer during june :)

                                                                          fun: Trying to get up to speed with rust, because in my niche other languages with good type systems like haskell aren’t popular enough. Go is really gaining traction here, but I don’t enjoy it quite as much.

                                                                          The project itself is a server implementation of the music playing daemon protocol which just forwards commands to mpv

                                                                          1. 2

                                                                            Good luck on next move!

                                                                          1. 2

                                                                            I’ve grown tired of having to wait for a long command in a deep SSH (==SSH in SSH in SSH) session, so I’m writing a webservice that helps me solve this:

                                                                            ./longcmd && termnotify lkurusa-mbp "Done" will send a notification to my computer named lkurusa-mbp even if executing on a very far machine.

                                                                            I chose Elixir and the Phoenix framework for this task.

                                                                            1. 2

                                                                              How does this command call your notebook? Does your notebook poll something, are you exposing an internet-reachable service or something else entirely? And is there some kind of authentication?

                                                                              1. 2

                                                                                Yes, it’s a publicly exposed service. I plan to make it available for everyone For As Long As Possible (tm). The client software on all the machines keep polling (once every second) their respective UUID endpoints: /check/:uuid.

                                                                                It’s easy to add a new machine, just GET /create and it sends you back a UUID, then on the client machine you can:

                                                                                nohup termnotify listen $uuid

                                                                                To send a notification to it:

                                                                                termnotify new-machine "my-new-fancy-machine" $uuid && termnotify my-new-fancy-machine "hello there"

                                                                                There is no form of authentication for now, as so long as the UUID is kept secret it’s going to be hard to “hack”. Additionally, it’s easy to generate a new UUID.

                                                                                The client side will use the respective notification sending API of the platform it’s running on, for now I only support Linux with notify-send.

                                                                            1. 6

                                                                              I can hardly stand reading the site. I have to keep scrolling every 5 seconds…

                                                                              1. 2

                                                                                Yeah it’s a bit… Big. Also, why do all these web “book” authors always refuse to have a “next” button for linear navigation through the reading material…

                                                                                …You know, like a book.

                                                                                1. 1

                                                                                  It’s a lot more readable if you set your browser’s zoom to 50%.

                                                                                  1. 1

                                                                                    and max-width: 50em (instead of 25) for main for people who use user styles. With 50% font-size and increased width, its pretty nice :)

                                                                                1. 7

                                                                                  > discord

                                                                                  God please, no!

                                                                                  1. 2

                                                                                    Better than slack.

                                                                                    1. 7

                                                                                      Of course!

                                                                                      But why you need to stick to proprietary solutions and make them unreachable on platforms you’re caring about on this community? Wouldn’t be better to just use IRC like civilized people do?

                                                                                      1. 7

                                                                                        Trying to convince people who want Slack or Discord to use IRC will get you nowhere.

                                                                                        IRC is awesome and some of us have been using it since dirt but it ITSELF lacks features some modern users really want - built in search / logging / voice chat / built in image / sound rendering, etc etc etc.

                                                                                        You can say “Bah that’s all crap” - and I’ll agree with you, but that doesn’t stop people from wanting.

                                                                                        Personally, I wish more open source folk would explore sollutions like https://zulipchat.com/

                                                                                        1. 2

                                                                                          Direct link to the code for everybody’s convenience: https://github.com/zulip/zulip

                                                                                          1. 1

                                                                                            I know Zulip but haven’t tried it personally yet…

                                                                                            And, more importantly - does it have an IRC gateway? :)

                                                                                            1. 1

                                                                                              Sort of: https://github.com/zulip/python-zulip-api/issues/106

                                                                                              I still like zulip quite a lot, i think its concept of topics does really improve discussions.

                                                                                        2. 1

                                                                                          They have an IRC channel too, and a bot that communicates between IRC & Discord

                                                                                          1. 1

                                                                                            These bridging bots (between Slack/Discord/Matrix/Telegram/Hipchat and IRC) are quite incomplete solutions, as they can’t do “puppeting” so the bot impersonates all IM users as single IRC user and it’s bad to interact with them in that way.

                                                                                            I hope Matrix could solve this in the future.

                                                                                            1. 1

                                                                                              I’ve been using Matrix for about 18 months, and it does puppeting perfectly when bridging to IRC, from either side.

                                                                                              The Slack bridging with Matrix looks to behave in a similar way; you’re almost unable to distinguish native users and bridged users.

                                                                                    1. 18

                                                                                      Definitely way complicated. Nomad(https://nomadproject.io/) is what we chose, because it is so operationally simple. You can wrap your head around it easily.

                                                                                      1. 7

                                                                                        I haven’t used either in production yet, but isn’t the use case of nomad much more restricted then kubernetes? It’s only the scheduling part and leaves it to the use define, for example, ingress through a load balancer and so on?

                                                                                        1. 10

                                                                                          Yes, Load balancing is your problem. Nomad is ONLY a task scheduler across a cluster of machines. Which is why it’s not rocket science.

                                                                                          You say I need X cpu and X memory and I need these files out on disk(or this docker image) and run this command.

                                                                                          It will enforce your task gets exactly X memory, X cpu and X disk, so you can’t over-provision at the task level.

                                                                                          It handles batch(i.e. cron) and spark workloads, system jobs(run on every node) and services (any long-running task). For instance with nomad batch jobs you can almost entirely replace Celery and other distributed task queues, in a platform and language agnostic way!

                                                                                          I’m not sure I’d say the use-case is much more restricted, since you can do load balancing and all the other things k8s does, but you use specialized tools for these things:

                                                                                          • For HTTPS traffic you can use Fabio, Traefik, HAProxy, Nginx, etc.
                                                                                          • For TCP traffic you can use Fabio, Relayd, etc.

                                                                                          These are outside of Nomad’s scope, except that you can run those jobs inside of Nomad just fine.

                                                                                          edit: and it’s all declarative, a total win.

                                                                                          1. 1

                                                                                            Why not haproxy for tcp too?

                                                                                            1. 1

                                                                                              I don’t actually use HAProxy, so I can’t really comment on if it does TCP as well, if it does, AWESOME. I was definitely not trying to be limiting, hence the etc. at the end of both of those.

                                                                                              We use Nginx and Relayd.

                                                                                              1. 2

                                                                                                It does TCP. See the reliability and security sections of the web site to see why you might want it.

                                                                                                1. 2

                                                                                                  Thanks!

                                                                                        2. 4

                                                                                          Oooh, the fact that it’s by HashiCorp is a good sign. I’ll have to read up on this. Thanks!

                                                                                        1. 2

                                                                                          I use quite a few already mentioned in this thread and:

                                                                                          • andOTP - the nicest OTP i’ve found so far. Supports tagging if you got a lot of secrets and exports of secrets which is nice if you are afraid to loose your phone and want to avoid going through the hassle of resetting all your OTP tokens. I got my export gpg-encrypted in my backups

                                                                                          • transportr - generic public transport app. I had used ‘Oeffi’ before but that lives in it’s own repo,

                                                                                          • Termux - a terminal emulator with apt. Why would anyone want something like this? I’ve got buttons on my homescreen to start and stop an ssh client if i am in my home wifi. I then use rsync scripts to copy photos and music around. Works well enough for me and is quite flexible. I did use the share-with-tmux feature and youtube-dl on my phone to download stuff from soundcloud and youtube before i found newpipe.