simonv3 has quit [Quit: Connection closed for inactivity]
jacksingleton has joined #sandstorm
<asheesh>
Howdy jacksingleton
<jacksingleton>
hey hey
<jacksingleton>
irc > gchat?
<asheesh>
Sure!
<jacksingleton>
any resources on hardening debian installations?
<jacksingleton>
was looking at the CIS benchmarks - they have one for centos 7 that was released April this year but their Debian guide is from 2007 :(
<jacksingleton>
hardening.io is good (definitely check it out if you haven't seen it), but was looking for other resources
<jacksingleton>
yeah it would be nice if there was more stuff along the lines of "so you've got a vanilla Jessie install, now here are the settings you want to change if you want to be more conservative"
<asheesh>
But at some point you end up writing ChromeOS or Sandstorm.
<asheesh>
You could maybe mount the entire filesystem nosuid.
<asheesh>
But that's rarely what is used in an attack, right?
<asheesh>
I mean, have you ever de-IRC-spambotted a server?
<asheesh>
It's tears-inducing, but it's never like "oh if I had uninstalled ping I'd have been OK".
<asheesh>
It's like "This web app was vulnerable and there was no reasonable system configuration by which I could prevent an attacker with RCE exploit against TWiki from spawning a shell and connecting to EFNet."
<jacksingleton>
I have but it was a long time ago and I just through it out and started from scratch
<jacksingleton>
will check out that link
<jacksingleton>
and we should continue this conversation but I've got to go right now :)
<asheesh>
bd
<asheesh>
Good night!
<jacksingleton>
want to talk about auditd, integrity checking, and some other stuff
<jacksingleton>
you too!
<asheesh>
If you're worried about integrity, use a network filesystem that's only available read-only to you.
<asheesh>
I'm 1/3 trolling, 2/3 serious.
<asheesh>
But auditd may be interesting.
<jacksingleton>
yeah immutable VMs are interesting
<jacksingleton>
okay really g2g ;) later
<asheesh>
Ciao!!
jacksingleton has quit [Ping timeout: 250 seconds]
<asheesh>
So arguably you can remove most of that script.
<asheesh>
It'd also be nice, if possible, if you made it easy to have a MongoDB in the grain, perhaps commented-out by default.
<asheesh>
But that's definitely more work.
<asheesh>
I say that because I'm fascinating by http://www.nightscout.info/ and am under the impression some people in the NightScout community would like to see it on Sandstorm, and it uses Mongo.
<asheesh>
But anyway. That'd be on top of a node stack possibly.
<asheesh>
I guess my main question is: "Does this work for you?"
<asheesh>
Does npm start result in a daemon on port 8000?
<asheesh>
Ooh maybe there's a sample app I can find.
<mnutt>
well, your app defines what `npm start` does
<mnutt>
(node deployment is totally fragmented)
* asheesh
nods, fair enough.
<kentonv>
I didn't even know "npm start" was a thing
<kentonv>
I thought you just execute a .js file
<asheesh>
Me too honestly.
<kentonv>
and it maybe creates an HTTP server, if it feels like it
<kentonv>
on a port, or not
* asheesh
raises his hand
<asheesh>
{fd: 3}
<kentonv>
indeed
<mnutt>
yeah, `npm start` is just a convention, it’ll run whatever you put in your package.json. you can also just execute a js file
<asheesh>
But anyway, this is cool and almost distressingly minimal, but cool.
<asheesh>
Is there a sample app I can use to make sure this works?
<asheesh>
(and/or you can, if you're into that sort of thing)
<asheesh>
(but you really don't have to be into that sort of thing; I can)
<mnutt>
I’m looking to see if I can find an example app that uses a PORT env variable (even with that, there’s no particular convention around it)
<asheesh>
Even if not, I don't mind telling people
<asheesh>
"This sample app listens on port 8000. If your app listens on a different port number, you can adjust `.sandstorm/sandstorm-pkgdef.capnp` to look for the app on a different port number."
<asheesh>
(or telling people they have to configure the app etc.)
<asheesh>
Obviously (?) the sample launcher.sh should export PORT=8000 just in case the app respects it, mnutt.
<asheesh>
I'm 67% serious and 33% joking.
<mnutt>
I actually think it should, just as wishful thinking
<asheesh>
Yeah, exactly.
<asheesh>
Arguably we should do that in all the stacks....
<mnutt>
after a quick survey of a handful of open source node apps, all four specify `start` in package.json, but two set the port in a config file, one uses PORT, and one looks like it just hard-codes it…
<asheesh>
: D
isd has joined #sandstorm
mquandalle has quit [Quit: Connection closed for inactivity]
neynah has joined #sandstorm
* asheesh
waves.
<mnutt>
is there a strong preference between exporting a PORT in launcher.sh vs putting it in sandstorm-pkgdef.capnp?
<mnutt>
I guess the only downside of putting it in the package definition is that it may be easier to overlook
<mnutt>
though launcher.sh would override it
<mnutt>
I’m curious, do you keep track of apps in the app market that are ported vs written for sandstorm?
<asheesh>
mnutt: neynah and I recently have started to keep track of that on an EtherCalc spreadsheet.
<asheesh>
I'm intrigued as to what has led you to ask this question. (-:
<asheesh>
Maybe I'll send you a link by private message.
<asheesh>
mnutt: But yeah, one thing we learned from that exercise is that of the many upstream authors that have packaged their own apps, zero of them are people we have approached.
<asheesh>
Inversely, we're seemingly terrible at convincing people to package their apps, but some of them do decide to do so by themselves.
<mnutt>
I was just thinking of it from the perspective of how things are explained/configured differently with porting vs starting from scratch
<asheesh>
Interesting.
<asheesh>
We could add a column here for framework.
<asheesh>
I think no one has written a PHP app from scratch for Sandstorm.
<asheesh>
Well no one in the app market.
<asheesh>
I have -- the demo apps.
<mnutt>
as I write my ember app I think I’m coming up with a good way to do it, but it’s pretty prescriptive and not as useful for porting.
<asheesh>
Fascinating.
<mnutt>
actually it works great for all ember apps that have no backend, which is…about none of them
<asheesh>
(-:
<asheesh>
(What app is this?)
<mnutt>
oh, this is the same file storage app I’ve been working on all this time
<asheesh>
Ah hah, cool.
<asheesh>
Yeah, I can see how that thing really doesn't have a backend. That is kind of hilarious.
<mnutt>
well, it technically does, but that’s the custom part that’s going to be different for every node app
<mnutt>
meteor really is a sweet spot for that sort of thing
<mnutt>
yeah, I can see how they’d end up with some criticism just due to the fact that they’re sort of in the node community, but in trying to enforce reasonable practices you can’t take advantage of parts of the ecosystem.
<mnutt>
I remember being surprised that they used their own package manager rather than npm
jacksingleton has joined #sandstorm
<asheesh>
(howdy jacksingleton)
<jacksingleton>
haha you're on top of it!
<asheesh>
More like I'm just chilling chatting on IRC so might as well say hi.
<jacksingleton>
b
<jacksingleton>
hi :)
<asheesh>
(-:
ragesoss has joined #sandstorm
<mnutt>
asheesh: do you have a system for running multiple vagrant-spks at the same time? do you end up putting them on different ports?
<mnutt>
ah, I should probably just halt the other one for now.
<asheesh>
Yeah, I halt (or suspend if I'm feeling tricky... does suspend free the port? I forget)
<asheesh>
I've lately come to love vagrant suspend.
jacksingleton has quit [Ping timeout: 250 seconds]
aaronr has joined #sandstorm
mnutt has joined #sandstorm
Guest89897 has left #sandstorm [#sandstorm]
larjona_ has quit [Quit: Konversation terminated!]
mnutt has quit [Quit: mnutt]
_iwc has joined #sandstorm
_iwc has quit [Killed (Sigyn (Spam is off topic on freenode.))]
mnutt has joined #sandstorm
mnutt has quit [Quit: mnutt]
mnutt has joined #sandstorm
larjona has joined #sandstorm
<ragesoss>
asheesh: I'm about to install rocket chat. I clicked install from the marketplace, and now I'm back at my sandstorm site. The interface says "Install this app? \n Do you want to install this app? \n Install"
<ragesoss>
the interface doesn't mention the name of the app or filename or anything like that, though.
<asheesh>
I semi agree with you and I semi challenge you to find a web dev who's not used Meteor would call it that.
<asheesh>
I guess "client side code" is a real thing even in jQuery-minded people's heads.
<asheesh>
"jQuery-minded" to means "2005-era web development" although jQuery is still a thing; it's not like I mean to bash it or anything; I think it's great; I may have painted myself into a corner.
<asheesh>
"When using Z-axis scaling each server runs an identical copy of the code. In this respect, it’s similar to X-axis scaling. The big difference is that each server is responsible for only a subset of the data"
<asheesh>
I guess this is aka sharding.
<kentonv>
with focus on scalability rather than security, yeah
<asheesh>
(am closing tabs from my Googling for microservices yesterday, given our conversation about how to express how Sandstorm is different)
home has joined #sandstorm
home has quit [Remote host closed the connection]
<asheesh>
Hey kentonv if there were a machine I could leave running at the office, preferably that I could SSH into but not necessarily, preferably running Linux but I could live with Windows, doing some automated packaging stuff with vagrant-spk (because virtualbox that it currently relies on is hard to run in the cloud), is that a possibility?
<asheesh>
Feel free to answer later.
<asheesh>
Also I *think*https://bitheap.org/cram/ is strictly better than my installer-tests/ stuff.
<asheesh>
I guess not strictly better, since I have some tooling for setup/teardown that's specific to Sandstorm etc.
<asheesh>
But better than my loop where I see what programs printed and then crash with a not very helpful message if an assertion fails.
<asheesh>
Howdy funwhilelost. Welcome to #sandstorm. Feel free to ask any questions if you have them, and feel free to just hang out here quietly (aka "idle"). I'll personally be AFK over the next 15 minutes, but wanted to make sure to give you a warm welcome.
jadewang has joined #sandstorm
<jadewang>
good morning!
<jadewang>
is anyone here in or near London?
<jadewang>
or is planning to go to MozFest?
funwhilelost has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
simonv3 has quit [Quit: Connection closed for inactivity]
<dwrensha>
we should thank kamalmarhubi for the mention in his computers-are-fast post
<asheesh>
Agreed
funwhilelost has joined #sandstorm
<maurer>
dwrensha: btws, I've reviewed most of the cases where I want owned structures, and so far all of them could be replaced by orphans with orphanage support, so that may make more sense than trying to figure out owned data strcuture support
<dwrensha>
interesting!
<maurer>
(right now I'm just implementing owned versions of each structure manually, since I ran into compiler issues similar to the ones you described when I tried to do it generically)
<maurer>
Ugh, is the best way to test for equality between two Readers actually to serialize them to Vec<Word> and test equality?
<dwrensha>
you would need to canonicalize first
<maurer>
Is cannonicalization not done as a normal part of serialization?
<dwrensha>
canonicalization is not yet implemented in capnproto-rust, but I think it would be straightforward
<dwrensha>
no
<maurer>
Ah. Well this is interesting
<maurer>
Where by interesting, I mean "oops I assumed I could test Readers for equality somehow and that cannonicaliztion was done during serialization"
<maurer>
bad assumptions >_>
* maurer
reads up on cannonicalization
<kentonv>
comparison doesn't strictly depend on canonicalization. It would be easier to write a comparison function that walks both message trees
<kentonv>
based on AnyStruct/AnyList/etc.
<kentonv>
in fact I think we have such a thing in C++... someone contributed it
<maurer>
kentonv: So, I could do that, but I eventually need cannonicalization yet
<maurer>
since I'm going to be putting capnproto structs into a database
<kentonv>
why does that need canonicalization? Are you using them as keys?
<maurer>
so if I ever want to be able to look-up-by-struct, I either need to translated the struct to json and use jsonb (maybe not a terrible plan?) or implement cannonicalization
<maurer>
yes, they will be used as keys
<maurer>
specifically, I'm using them as values in a logic language, so rule matching needs to be able to search on them
<maurer>
Previously, I just used a simple three type system to get around this (64 bit ints, strings, binary blobs), but I am currently trying to expand to the entire capnproto type system, with things not natively representable represented as cannonicalized blobs
<maurer>
(well, type system sans interfaces)
<maurer>
(I might add restorable interfaces later, but I don't need them yet, and that'd be a lot of extra confusion)
<maurer>
(I do agree that doing a walk over the reader is more useful to do equality testing, but I do need cannonicalization for db storing, so I guess it's time to add that)
bb010g has quit [Quit: Connection closed for inactivity]
<maurer>
(the long term "correct" way to do this of course would be to make the equivalent of jsonb for capnp, but that would be a huge undertaking compared to these other routes)
<maurer>
kentonv: Uh, grepping the source for canon doesn't seem to reveal any functions even in the C++ version. Am I missing something?
<asheesh>
FWIW neynah kentonv etc I think my favorite is:
<asheesh>
Sandstorm is a secure, open source server toolkit built with usability in mind.
<asheesh>
Create documents & web tools just by clicking. Share access through one consistent interface.
<kentonv>
maurer: it's not implemented yet...
<maurer>
kentonv: Oh, it's not implemented in C++ either, OK. I thought it was just missing in Rust and was going to look in C++ to template off of, my bad.
<kentonv>
asheesh: I can imagine people thinking a "toolkit" is fixed-function
<asheesh>
I thought a "kit" means it's not!
<asheesh>
But OK. But I think we should play with words there and ask people.
<neynah>
I like it other than toolkit might give me (personally) the wrong impression.
<asheesh>
I'm mega +1 on hearing other ideas. Feel very free to add them to that pad.
<asheesh>
i,i contentment discussion
<asheesh>
(content discussion)
<asheesh>
We could maybe get away with saying "platform" now.
<asheesh>
I'll add it as an option.
<neynah>
And I guess web tools is ambiguous to me?
eternaleye has joined #sandstorm
<asheesh>
I am OK with the ambiguity if you'd keep reading and figure out what it means.
<asheesh>
I want a way to express "not just ethercalc but also tinytinyrss"
<asheesh>
"platform" sounds to me 100% like something I can't run myself.
<asheesh>
https://android.com/ is fascinating in that it doesn't bother explaining what Android is.
<dwrensha>
I seem to remember some other product describing itself as "your little corner of the web", which I liked
<neynah>
What's wrong with saying apps anywhere in the statement?
<asheesh>
Mostly I want to decide if we agree that these 2-3 sentences remove the need for the 4 boxes underneath the top heading.
<neynah>
& platform does sound like you can't run it yeah
<asheesh>
I'm not against saying "apps" but "run web apps" to me sounds like "run [basically unmodified] web apps" which I think sets people up for disappointment.
<asheesh>
[basically unmodified] web apps that people have already heard of
<asheesh>
e.g. the EFF HR person knew she wanted EFF HR to install LimeSurvey.
<asheesh>
But this won't necessarily help with that.
<asheesh>
It would if it were packaged, etc.
<asheesh>
But it's not like Heroku where packaging/porting feels like a reasonable thing to do. Though indeed I should work on making that true.
<asheesh>
You can "Create web tools" because a tool is (for us) an instance of an app. I'm OK with saying "app" in places, I just can't figure out yet how to do so concisely & accurately.
<asheesh>
I do agree it's very ambiguous but I hope that the pictures below of "Communicate" "Collaborate" "Create" which list specific apps make it more concrete.
<asheesh>
(but I'm in "Generate more ideas" mode, and happy to see other ways to express things)
<asheesh>
but
<asheesh>
20:46 < asheesh> Mostly I want to decide if we agree that these 2-3 sentences remove the need for the 4 boxes underneath the top heading.
<asheesh>
Even if we don't know what the 2-3 sentences are, that's the main question from yesterday on this I think.
<kentonv>
yes I think we can remove the 4 boxes
<asheesh>
yay!
<asheesh>
boxlessness
<neynah>
(Presumably this sentence will be used in other external places where we won't have additional context below.)
<neynah>
But I think it's a great start so I'll go ahead and remove the 4 boxes
<asheesh>
Oh, interesting. I figured it is tailed to the context of the front page, with a purpose of "This makes me willing to look at other pictures and words on this page rather than close the tab"
<kentonv>
yeah I think the goal is just for the front page...
<neynah>
I'm just thinking we probably don't want our tagline to be super different in different places. As long as it's generally communicating the same thing then that's good.
<asheesh>
i,i it's too bad security.debian.org is my slowest mirror in my sources.list lines
<asheesh>
It's too bad Sandstorm doesn't have our own Enterprise OpenStack Private Cloud with support for BareMetal. Or it's too bad that vagrant-spk requires VirtualBox.
<dwrensha>
Enterprise OpenStack Private Cloud sure sounds like a "platform"
<dwrensha>
(I say with no knowledge of what it actually is.)