aldeka has quit [Remote host closed the connection]
ocdtrekkie has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
rustyrazorblade has quit [Ping timeout: 244 seconds]
rustyrazorblade has joined #sandstorm
gambatte has quit [Ping timeout: 248 seconds]
mnutt_ has joined #sandstorm
M-hrjet has quit [Ping timeout: 268 seconds]
M-hrjet has joined #sandstorm
rustyrazorblade has quit [Ping timeout: 250 seconds]
kentonv has joined #sandstorm
<pod>
does anyone know if the botbot.me source is open?
<pod>
we at noisebridge would like to create a public archive of noisebridge's slack channels, a one-way readable and searchable archive for things going on
<asheesh>
Howdy pod
<asheesh>
I think that it is, but I haven't verified.
<asheesh>
i,i this would make a great Sandstorm app
<simonv3>
asheesh: I'd be down for moving more stuff away from Google groups
<simonv3>
Not my favorite interface, and yeah, it feels like things get lost.
<asheesh>
In particular, if you could do search on the client-side, then you could do this with Slack doing a HTTP POST to a Sandstorm grain's API, and then having the grain export a static HTML snapshot for users.
<simonv3>
I think discourse does some things well, but also feels like there's a lot going on.
<asheesh>
Yeah. I'm interested in other ideas, too; not married to Discourse yet.
<simonv3>
I don't know how much of that is tweakable
<simonv3>
Dunno of there's anything else - do people still make forum software?
<simonv3>
Everyone just uses Facebook :P
<simonv3>
Sorry that it took me so long to reply, and sorry that I have to run now too :/
<asheesh>
Quite fine that you have some latency!
<pod>
asheesh: ah so it is! that's great. must look at this as the possible solution. also yes this would make a great sandstorm app :) I'll have to look into bootstrapping a sandstorm dev environment locally.
<asheesh>
FWIW Sandstorm app de doesn't rquire a "Sandstorm serer" except for the oe that it brings up as pafrt of app dev.
<asheesh>
I hope that ery tortured sentence made sense. Typing with a lossy wifi connection.
<pod>
asheesh: sounds good - tutorial definitely a best route. reading through it now
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
gambatte has joined #sandstorm
ocdtrekkie has quit [Remote host closed the connection]
aldeka has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
ocdtrekkie has quit [Remote host closed the connection]
aldeka has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
raoulzecat has joined #sandstorm
raoulzecat has quit [Ping timeout: 240 seconds]
<pod>
is there a way to have truly open signup in a sandstorm instance? i.e. people who sign in with one of the authentication options can create grains?
<pod>
exploring a sandstorm instance for noisebridge
<zarvox>
pod: I think you'd have to modify run-bundle.c++ to run pass "allowUninvited: true," in the settingsString that we export as METEOR_SETTINGS
<asheesh>
<vaporware>And/or "org management" and/or have a self-service way like https://github.com/rauchg/slackin with a Sandstorm grain that holds a capability to the ability to make users be invited</vaporware>
<NhanH>
I'm trying to add a 2nd user (that have write permission) to a Gogs grain, what exactly is the correct setup for that? I can share link for a view only repo, but can't figure out how to give them write permission
raoulzecat has quit [Ping timeout: 268 seconds]
bb010g has quit [Quit: Connection closed for inactivity]
raoulzecat has joined #sandstorm
jadewang_ has joined #sandstorm
jadewang has quit [Ping timeout: 268 seconds]
raoulzecat has quit [Ping timeout: 240 seconds]
aaronr has joined #sandstorm
aaronr has quit [Remote host closed the connection]
mnutt_ has joined #sandstorm
jemc has joined #sandstorm
raoulzecat has joined #sandstorm
frigginglorious has joined #sandstorm
<nolski>
How difficult would it be to get a node.js application which uses mysql, and also needs to subprocess out to things like ffmpeg and lame packaged as a sandstorm app?
<dwrensha>
nolski: starting new processes inside the sandbox is not a problem
<nolski>
hmmm... maybe that'll be my hackathon project for this weekend then...
raoulzecat has quit [Ping timeout: 244 seconds]
xet7_ has joined #sandstorm
frigginglorious has quit [Quit: frigginglorious]
frigginglorious has joined #sandstorm
M-hrjet has quit [Remote host closed the connection]
M-eternaleye has quit [Remote host closed the connection]
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
eternaleye has joined #sandstorm
frigginglorious has quit [Ping timeout: 244 seconds]
frigginglorious has joined #sandstorm
NOTevil has joined #sandstorm
eternaleye has quit [Ping timeout: 260 seconds]
mnutt_ has joined #sandstorm
amyers has joined #sandstorm
M-eternaleye has joined #sandstorm
frigginglorious has quit [Ping timeout: 244 seconds]
frigginglorious has joined #sandstorm
nolski is now known as nomike
nomike is now known as nolski
amyers has quit [Ping timeout: 244 seconds]
M-hrjet has joined #sandstorm
M-eternaleye has quit [Changing host]
M-eternaleye has joined #sandstorm
M-eternaleye is now known as eternaleye
jemc has left #sandstorm ["WeeChat 1.4"]
frigginglorious has quit [Ping timeout: 268 seconds]
frigginglorious has joined #sandstorm
<zarvox>
NhanH: you need to add that user as a collaborator - go to the repo you want them to have push access to -> Settings -> Collaboration -> Add New Collaborator
<dwrensha>
ah, the impedance mismatch
<dwrensha>
this is the price that Gogs pays for handling user authorization external to Sandstorm's mechanisms
<zarvox>
So it has to implement the access controls for the different repos.
raoulzecat has joined #sandstorm
<nwf>
zarvox: Is this something that will improve with "powerbox" features? Could Gogs with a powerboxified Sandstorm offer UiViews of the multiple repositories as different caps, so that it could just look at X-Sandstorm-Permissions?
<kentonv>
nwf: at that point, though, it seems like it would be easier to make it actually fine-grained...
<nwf>
I was assuming, perhaps incorrectly, that there was some reason it wasn't already.
<kentonv>
nwf: It was the packager's choice. He wanted each grain to be a "hub" with potentially many repositories and users.
<kentonv>
I argued for fine-grained but ultimately this is up to the developer.
<nwf>
Mm, I guess I meant "some technical reason".
<nwf>
Seems like an odd choice to me, but to each their own!
<kentonv>
the concept of fine-grained apps is new and strange to a lot of people. I've had times when I told smart people about it and got the response "How is that not obviously wrong?"
<kentonv>
or "Surely you wouldn't actually propose that, say, Google architect apps this way?"
<nwf>
I would have guessed that Google does architect things this way...
<nwf>
(I have never seen inside the iron curtain, tho', so I have no idea what their stack looks like.)
<kentonv>
I'm pretty sure Sandstorm is the *only* infrastructure implementing fine-grained containerization
<nwf>
That's certainly more informed speculation than mine. :)
<kentonv>
Google follows the standard practice of having lots of identical replicas of servers and randomly routing requests to replicas
<kentonv>
for most things
<nwf>
Speaking of such things, tho'... are there long-term plans for being able to scale sandstorm across a bunch of machines?
<kentonv>
we have that now, for Oasis. :)
<nwf>
Well, maybe s/scale/load-balance/
<kentonv>
we plan to productize it as "Sandstorm for Enterprise"
<nwf>
Oh, neat. I guess I should have guessed. :)
frigginglorious has joined #sandstorm
<nwf>
What's the storage story? Network filesystem accessible by all the Sandstorm frontend ("shell"?) nodes?
<kentonv>
grains run on "worker" machines, which are separate from both front-ends and storage
<kentonv>
we have a capability-based storage back-end, so that each worker machine only has capabilities to touch storage for the grains that are currently running
<kentonv>
currently running on that machine
<nwf>
TAHOE-LAFS based or something else entirely?
<kentonv>
it's custom. tahoe-lafs is not very efficient, unfortunately.
<kentonv>
our system uses Cap'n Proto directly
<nwf>
Are you carrying NFS or 9P or something over Cap'n Proto or do you have your own filesystem via FUSE or ... ?
<kentonv>
it's a block storage protocol
<kentonv>
since each grain runs in one place at a time, there's no need for a complicated file-level protocol
<nwf>
Ah, sure.
<kentonv>
and then the kernel can do its caching thing
* nwf
nodnod
<nwf>
So there's a cluster supervisory process out there somewhere with the ability to mint and revoke caps to block sets on the backend storage when it instructs workers to start and stop grains.
<kentonv>
more or less
<kentonv>
long-term plan is that objects in storage will be encrypted with a different key per object, and the key is stored in SturdyRefs to the object, so there would be no one process that could mint arbitrary capabilities to existing objects
<nwf>
Intriguing.
frigginglorious has quit [Quit: frigginglorious]
<asheesh>
FWIW even you have complained about the RAM use properties for our current strategy, nwf (-:
<asheesh>
(although I do hope that the process snapshotting stuff in the near future can help with that)
frigginglorious has joined #sandstorm
<nwf>
I wasn't really complaining about sandstorm, just that ShareLaTeX's node.js server uses way more RAM than is sensible.
kecors has joined #sandstorm
<asheesh>
Fair enough, although it's going to exacerbated by the "fine-grained containerization".
<asheesh>
O(N) for N users vs. O(k + smaller(N)) or something for SaaS-style non-fine-grained-containerized N users probably.
<digitalcircuit>
Anything to help with RAM usage is probably a good thing; I doubt self-hosters will have much more than 32 GB. I've got 16 GB at the moment.
<digitalcircuit>
Thanks, asheesh!
frigginglorious has quit [Quit: frigginglorious]
frigginglorious has joined #sandstorm
<kentonv>
asheesh: I guess you approved owntracks? mnutt_ suggested we hold it until it works with the Android client. Did that happen?
<mnutt_>
kentonv: asheesh and I talked about it, and I pinged the owntracks developer who said that it would be a few weeks before android support launched. I went ahead and updated the copy to note that Android support is not present but coming soon.
<kentonv>
ah, ok
<mnutt_>
I turned it on about 3 weeks ago and forgot about it, it's pretty awesome to see all of the places I've been over the last few weeks although a bit weird that the google maps integration automatically shows some places I've bookmarked. it can't help but remind me that I'm leaking data to google.
<asheesh>
Yeah, kentonv, what mnutt_ said
<asheesh>
I figure that "out of the review queue, with information that indicates its current status on Android" is better than "wait an unknown amount of time for Android support".
<asheesh>
Feel free to disagree, though, and I can adjust my plans for this sort of thing in the future accordingly.
kecors has quit [Quit: Leaving]
kecors has joined #sandstorm
<ocdtrekkie>
mnutt_: Does using OwnTracks functionally anonymize it though? Or can they identify you based on your browser client?
<ocdtrekkie>
Could the app request a map, and then plot it's own over it, without providing Google the locations?
<mnutt_>
I just realized that we should most definitely be creating the google maps iframe with sandbox options to turn off cookies, if possible
<mnutt_>
I need to look into the google maps javascript code, I imagine it doesn't send locations to google but will have to check
<mnutt_>
Unfortunately it looks like it sends the locations to google. We may be able to switch over to Leaflet.js and do it all client-side.
<ocdtrekkie>
I'd also rather leak locations to OSM than Google.
<ocdtrekkie>
If I have to leak locations.
<dwrensha>
ugh, looks like Firefox 45.0.1 breaks our integration tests
<dwrensha>
I'm going to see if updating nightwatch or selenium fixes this...
<pdurbin>
bleh!
frigginglorious has quit [Quit: frigginglorious]
frigginglorious has joined #sandstorm
<dwrensha>
aha! updating to selenium 2.53.0 seems to fix things.
<dwrensha>
I'll submit a pull request for that
gwillen has joined #sandstorm
shachaf has joined #sandstorm
ftoad has joined #sandstorm
<nwf>
asheesh: Belatedly, maybe KSM will help! ;D
amyers has joined #sandstorm
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
kecors has quit [Quit: Leaving]
digitalcircuit has quit [Remote host closed the connection]
digitalcircuit has joined #sandstorm
NOTevil has quit [Quit: ...]
Zertrin_ is now known as Zertrin
Daemoen has joined #sandstorm
<Daemoen>
hey guys, running sandstorm via vagrant on osx, and its having a problem with the admintoken apparently
<Daemoen>
didnt see anything on the issues list, just curious if anyone has seen this/dealt with it, etc
mnutt_ has joined #sandstorm
<asheesh>
Daemoen: Hi!
<Daemoen>
hello
<asheesh>
What issue are you having? It has worked for me in the past, but maybe we broke something.
<Daemoen>
one sec, let me destroy and start it up again
<asheesh>
Great.
<Daemoen>
also, why force nfs for the synced folder? I see the comment that its for performance and compatibility, but compared to the normal mounting of the shared folder and normal performance, i dont see how that argument is being made ( not really a nag, just a curiousity )
<Daemoen>
nfs isnt as universally compatible as the native synced folder method :)
<Daemoen>
( which uses the tools for your given hypervisor to mount the vagrant folder by default )
<asheesh>
In case you do a Sandstorm build and want Meteor's MongoDB within the shared directory to work correctly.
frigginglorious has quit [Quit: frigginglorious]
<asheesh>
Sadly OS X vbox shared folders and Meteor's MongoDB are allergic to each other.
<asheesh>
It could be that we should disable shared folders instead, though!
<Daemoen>
ahh
<asheesh>
By default, at least.
<Daemoen>
gotcha
<asheesh>
I might have to AFK in a little bit to get lunch!
<Daemoen>
no worries, ill probably be lurking for a while
<Daemoen>
just waiting on vbguest to rebuild the guest images before it runs the inline script
<asheesh>
Cool. Back in a bit; others might be able to help you too; also vbguest stuff isn't really needed for this VM.
<asheesh>
This is with the Sandstorm Vagrantfile? Or is it with a vagrant-spk M?
<asheesh>
s/ M/ VM/
<asheesh>
brb
<Daemoen>
i run a plugin that detects the guest additions and automatically matches to the proper version of the virtualbox install :)
<Daemoen>
this is with the sandstorm vagrantfile; you guys debian image has the guest additions for 4.0 which is no longer supported
neynah has joined #sandstorm
frigginglorious has joined #sandstorm
gambatte has quit [Ping timeout: 260 seconds]
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
prettyvanilla has quit [Ping timeout: 246 seconds]
frigginglorious has quit [Ping timeout: 252 seconds]
prettyvanilla has joined #sandstorm
* Daemoen
peers around curiously
<asheesh>
Hi Daemoen !
<Daemoen>
wb asheesh :)
<Daemoen>
the error im getting is: ==> default: chown: cannot access ‘var/sandstorm/adminToken’: No such file or directory and makes sense, given that there is no /var/sandstorm
<Daemoen>
( also checked for var under /vagrant, not there either, but /vagrant is mounted )
<asheesh>
The 'chown' occurs relatie to /opt/sandstorm fwiw
<asheesh>
Maybe I should adjust install.sh to give more useful error messages in these cases.
<asheesh>
But let me test it; this sounds importantly bad.
gkoz has quit [Read error: Connection reset by peer]
<Daemoen>
@asheesh thanks for the under the bus :p lol
gkoz has joined #sandstorm
kentonv has quit [Ping timeout: 244 seconds]
kentonv has joined #sandstorm
gambatte has joined #sandstorm
frigginglorious has joined #sandstorm
<asheesh>
OK Daemoen I can 100% reproduce this problem. Diagnosing now. Odd & bad!
<Daemoen>
np. im thinking about converting the install to an ansible playbook just for familiarization purposes
amyers has quit [Ping timeout: 250 seconds]
<asheesh>
Daemoen: OK, fixed locally, running some tests now.
<asheesh>
Daemoen: Do you have a GitHub username I can use to thank you?
<asheesh>
...oh hi Daemoen you're the person I was Tweeting at!