<asheesh>
chabes: Yeah, the wildcard issue is related to the hairpinning. Did you add a /etc/hosts line or something like that in an attempt to make it work, out of curiosity?
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
ocdtrekkie has quit [Remote host closed the connection]
aldeka has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
frigginglorious has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
BigShip has joined #sandstorm
BigShip has quit [Remote host closed the connection]
frigginglorious has quit [Ping timeout: 252 seconds]
rgrinberg has joined #sandstorm
ecloud_ has joined #sandstorm
ecloud has quit [Ping timeout: 276 seconds]
ecloud_ has quit [Ping timeout: 244 seconds]
ecloud has joined #sandstorm
frigginglorious has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
frigginglorious has quit [Ping timeout: 260 seconds]
kentonv has quit [Read error: Connection timed out]
kentonv has joined #sandstorm
frigginglorious has joined #sandstorm
frigginglorious has quit [Ping timeout: 276 seconds]
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
frigginglorious has joined #sandstorm
sydney_untangle has quit [Read error: Connection reset by peer]
sydney_untangle has joined #sandstorm
frigginglorious has quit [Ping timeout: 240 seconds]
kentonv has quit [Read error: Connection timed out]
kentonv has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
kentonv has quit [Read error: Connection timed out]
kentonv has joined #sandstorm
rgrinberg has quit [Ping timeout: 260 seconds]
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
gabkdlly has quit [Quit: Ex-Chat]
aldeka has quit [Remote host closed the connection]
ocdtrekkie has quit [Remote host closed the connection]
jadewang_ has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
digitalcircuit has quit [Remote host closed the connection]
digitalcircuit has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
aldeka has quit [Remote host closed the connection]
ocdtrekkie has quit [Remote host closed the connection]
ocdtrekkie has joined #sandstorm
aldeka has joined #sandstorm
Vezquex has quit [Read error: Connection reset by peer]
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
kentonv has quit [Read error: Connection timed out]
kentonv has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
ragesoss has quit [Quit: No Ping reply in 180 seconds.]
ragesoss has joined #sandstorm
jarco_ has joined #sandstorm
<jarco_>
Hello, I am trying out sandstorm. I notice that when I install apps (i tried rocketchat and ghost) that there is a sandstorm wrapper around them. Can I get rid of it and just go to the app itself?
<jarco_>
for example in ghost this is not working on the live url (404) <your blog URL>/ghost/
<jarco_>
But I can be logged in over sandstorm
<pdurbin>
jarco_: I'm not sure I understand what you mean but someone like kentonv or asheesh or others probably do if you can wait a bit.
<jarco_>
I have time.
<jarco_>
Basicly I just want to manage my apps without the sandstorm wrapper
mnutt_ has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
frigginglorious has joined #sandstorm
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
xet7 has joined #sandstorm
mnutt_ has joined #sandstorm
jemc has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
<Psy-Q>
hey, sandstorm has made it into thoughtworks' technology radar
<Psy-Q>
probably old news. but congratulations
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
kentonv has quit [Read error: Connection timed out]
kentonv has joined #sandstorm
Vezquex has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
mnutt_ has joined #sandstorm
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
mnutt_ has joined #sandstorm
aldeka has quit [Remote host closed the connection]
ocdtrekkie has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
sauko has joined #sandstorm
<sauko>
Hello!
<sauko>
I need some help trying to install sandstorm in my ovh vps cloud
<Lord>
yes what's your problem ?
<sauko>
I get this message
<sauko>
Hi Lord
<sauko>
Sandstorm started. PID = 3104
<sauko>
Your server is coming online. Waiting up to 90 seconds.............................................................................................*** INSTALLATION FAILED ***
<sauko>
Your server never started listening.
<sauko>
It's under ubuntu 14
<Lord>
do you already have a web server on it ?
<sauko>
fresh install, with plesk
<sauko>
so yes
<sauko>
php, apache, mysql
<Lord>
you should probably stop apache
<sauko>
ahm
<sauko>
why is it?
<Lord>
because sandstorm has a webserver too
<Lord>
and you can't run two webserver at the same time
<Lord>
maybe it's another problem
<sauko>
ok, but then how to use sandstorm plus other web service I need to install? should it be better to ue kind of docker or something?
<sauko>
or the question could be: is Sandstorm good enough for running a heavy wordpress for production, let's say with a learning management system plus buddypress and more stuff?
<sauko>
because if it is, then maybe I could think about stopping services like apache
<Lord>
i think it is but it depends on the machine you are running it
<sauko>
ok, thanks, I will try
kentonv has quit [Read error: Connection timed out]
kentonv has joined #sandstorm
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
kentonv has quit [Read error: Connection timed out]
kentonv has joined #sandstorm
mnutt_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<asheesh>
Morning all
<asheesh>
Psy-Q: Yeah! I noticed that just a week ago or so! : D
<asheesh>
BTW hi sauko & Lord, let me know if you have questions I can answer too.
<asheesh>
And hi jarco_; for better or for worse, since Sandstorm handles login & access control to apps, the Sandstorm top bar is a necessity at the moment so there's a place to click for people to log out, etc.
<Lord>
asheesh : is there a way to create more beautiful url ?
<Lord>
like /shared/SOMETHING/ ?
<asheesh>
For now there's no built-in way to do it; except via making your own redirects in e.g. nginx next to Sandstorm.
<asheesh>
It's on the agenda, but we haven't gotten there yet.
<Lord>
ok
jadewang has quit [Read error: Connection timed out]
jadewang has joined #sandstorm
mnutt_ has joined #sandstorm
<asheesh>
Hi all - I'm brainstorming what issues people have run into during Sandstorm app development, with the goal of using this to prioritize my work on docs and maybe dev tool changes.
amyers has quit [Read error: Connection reset by peer]
amyers has joined #sandstorm
<asheesh>
Mitar: BTW, around?
<asheesh>
I wanted to try to figure out outbound email from Meteor with you, if so.
<asheesh>
I guess the main question is going to be: How does one get the Sandstorm session ID for the current session, so that one can get the right objects from Sandstorm? Let me look into that.
<asheesh>
It does look like there might be no way to do that. Hmm.
<Mitar>
kentonv said that we could potentially provide session ID as part of Meteor accounts integration
<Mitar>
so from my understanding we have multiple ways forward here
<Mitar>
one is to provide session ID through Meteor accounts integration, but not store it in the database, just part of the current connection
<Mitar>
the other is that we "fix" sock.js
<Mitar>
as it is currently done, it accepts connections from anywhere, but it would not have to be like that, and especially in sandstorm that feature is not really working, it is just requiring us to do an extra http request, we could just patch sock.js to be strict in origin checks
<Mitar>
alternatively, if I understand correctly, native sandstorm apps would not have to rely on http headers at all, but could use capnproto directly
<Mitar>
so maybe the best way is to go this direction, and use node capnproto module to nicely integrate it with current Meteor connection
<Mitar>
one more thing, this could allow us also then, I think, to serialize capability to send emails
<Mitar>
because my use case is that I want to send e-mails inside cron jobs, so there will be no user session at that moment anyway
frigginglorious has quit [Ping timeout: 246 seconds]
<kentonv>
adding the session ID to the info stored on the connection object makes the most sense. Putting it into the database probably doesn't make sense because you'll have weird problems when the user has multiple windows open and such.
<Mitar>
yea, I agree
<asheesh>
kentonv just convinced me of the same in private chat too (-:
<Mitar>
but what about server-side using node module to get data without http headers? is that possible?
<Mitar>
so to bypass the http bridge altogether?
<asheesh>
You'll need a session ID in that case, fwiw.
<Mitar>
and the only way app gets that is from http headers?
<asheesh>
Yeah, or otherwise by the user having a connection to the app.
<kentonv>
there are some things being conflated here
<Mitar>
so even "native" apps read from http headers?
<kentonv>
no
<asheesh>
I can pause.
<Mitar>
pausing :-)
<kentonv>
a "native" app (that doesn't use http-bridge) receives the SessionContext directly as a parameter to the newSession() method call which is called when a user arrives
<kentonv>
but implementing a "native" app in Node today would be a huge project
<kentonv>
the "session ID" header exists to give you a way to call back to http-bridge and obtain the Cap'n Proto capability for the session that generated a particular HTTP request
<kentonv>
session IDs do not exist outside tho context of http-bridge
<kentonv>
either way, you need to use Cap'n Proto if you want to send email.
<asheesh>
Thanks kentonv for clarifying that. What I was trying to say before was that an app has no built-in authority to send email; rather, it gets that authority as part of the (HTTP) session it has with some user. As for sending email from cron jobs, "thankfully" there isn't a cron API yet, so you will always have a session that is active. (-:
<Mitar>
ok, so there are two questions here, how one obtains session ID, and how one sends e-mail
<Mitar>
so for the first, I would like to hear your opinion kentonv on my idea to patch sock.js so that we do not need one extra http roundtrip for security purposes
<Mitar>
so web APIs already provide enough information that we can limit postMessage over iframes to only one origin
<Mitar>
and sock.js cross origin "feature" does not work at all inside sandstorm, because other requests cannot just call in as normal URLs would
<Mitar>
so we could fix this and then there would be no need for an extra HTTP call
<Mitar>
and then all connections would easily get session Id inside meteor connection headers
<Mitar>
which would then integrate very well with all Meteor places (publish, method) where connection and Sandstorm session Id might be needed
<kentonv>
we already have a solution that correctly handles sock.js's existing security model and has no apparent down-side. I don't see why trying to change sock.js's security model -- which seems extremely risky -- is a good idea.
<Mitar>
hm, not really, there is time while connection will not have information about session ID
<Mitar>
so it means you have to specially handle that case in the code
<Mitar>
then the this.connection will not have session associated with it until that second http requests comes back and set it
<Mitar>
or you are counting here that login method call will be first?
<Mitar>
and block all other method calls?
<asheesh>
I believe that given this future.wait() on L83 there, processing the Meteor method is blocked until the XHR thing.
<kentonv>
the code explicitly ensures that the login method completes before other calls can be made
<Mitar>
but who assures that loginWithSandstorm is the first method to be called?
<kentonv>
asheesh: no, that's not why. DDP has an explicit mechanism for this, meant to ensure login calls complete first.
<asheesh>
Oh, I see, I didn't realize that, thanks kentonv.
<Mitar>
hmm, call is not inside Meteor.startup
<Mitar>
this might really make it the first call
<kentonv>
yes, I made sure to use the same approach that accounts-base uses
<kentonv>
it was clear from the code in accounts-base that it expects the resume token login call to occur before anything else on the DDP connection.
<kentonv>
and I set `wait:true` on the call client-side which creates a barrier
<Mitar>
does wait:true also prevent subscriptions?
<Mitar>
or just meteor methods?
<kentonv>
yes, it delays all other requests until the call completes
<kentonv>
this was designed so that when you open a meteor site you don't fire off a bunch of redundant anonymous subscriptions
<kentonv>
(a site where you've already logged in previously)
<Mitar>
ok, so if you think you considered sock.js change enough and you think the current approach is better, than I am OK :-) I just wanted that option to be considered well
<Mitar>
so then we can add session Id to the connection, but not database, this sounds good to me
<Mitar>
I have one more question, is it possible to "serialize" capability?
<Mitar>
so that I would take the send e-mail capability from meteor method active session
<Mitar>
and store it for later?
<kentonv>
depends on the capability. If it implements Persistent.save(), then yes. However, nothing in HackSessionContext implements that.
<kentonv>
soon, you'll be able to perform a powerbox request to request a long-lived capability to email the user
<kentonv>
or to request long-lived access to a mailbox from which you can send whatever you want
<Mitar>
aha
<Mitar>
so instead of using session -> hacksessioncontext -> email sending capability
<Mitar>
we would ask through the UI user interface through Sandstorm trusted UI
<Mitar>
to get a special capability
<Mitar>
which I will then be able to transmit to the server and store it there for later use?
<kentonv>
yes
<Mitar>
cool cool really cool
<Mitar>
OK, this sounds like a plan
<Mitar>
we add session to connection
<Mitar>
then we use node capnproto that for now we send e-mails through hack session
<kentonv>
yep
<Mitar>
and later on we can use powerbox for real capabilities
<kentonv>
yep
<Mitar>
thanks for explaining all this to me
<kentonv>
np
<Mitar>
how is cron api progressing?
<Mitar>
so cron api would for now also have a session Id associated with it, I can do then the same thing and ask hack session for now to get email capability? and later on use the real capability?
<kentonv>
the cron API probably won't receive a SessionContext, but will probably be available in the same timeframe as the powerbox
<kentonv>
so it won't be needed by then
<Mitar>
aha
<Mitar>
btw, with meteor hot-reload while developing locally, sometimes I see errors that the http ajax request for login comes before the method
<Mitar>
but things continue to wokr
<Mitar>
not sure why though :-)
<Mitar>
but I have not been able to make a nice reproduction
<Mitar>
it just happens occasionally
<kentonv>
yeah it can possibly arrive out-of-order, but it will retry quickly
<kentonv>
so should still work
<kentonv>
I suppose we could also have it delay a bit server-side if the method invocation hasn't arrived yet
<Mitar>
yes, I was looking a bit into that but then it felt that the logic would become much more complicated
<Mitar>
sadly, there is no hook to get an intermediary message back
<Mitar>
we could use subscription for that, make a subscription, send a message back that it is ready, and then make a xhr request
<Mitar>
but then we do not have wait :-)
amyers has joined #sandstorm
<asheesh>
From today's rose.sandcats.io log: Error: remote exception: remote exception: open: Not a directory; name = sandbox/www/scribble/code/linux-3.8-precise.html/index.html
<asheesh>
I guess someone in the world added too many '/' characters somewhere.
<asheesh>
Eventually nginx times out on it, because I guess Sandstorm crashes before it can actually respond.
<asheesh>
This is my favorite nodejs error situation, where a Connect handler just stops processing, so no one bothers to provide a HTTP response on the connection.