00:03 <isd> As long as we're talking about biblical documents: I don't think we should treat the roadmap as gospel; maybe worth mining for ideas, but ultimately (1) we're in a very different situtation and (2) it's not like the folks who wrote it in the first place were omnisicient. If you skim the .capnp files in particular you'll find plenty of historical notes about this or that that turned out to be a bad idea -- which is just the

00:03 <isd> nature of building ${new_and_interesting_thing}. Better to apply some brainpower as we mine.

00:08 <ocdtrekkie> That is true/fair.

00:28 <isd> re: seeing grains from other systems on one list, +1

00:29 <isd> Having the various grains folks have created during our discussions spread across 4 different servers has made things organizationally difficult.

00:32 <ocdtrekkie> isd: https://sandstormcommunity.org (completely a draft, but it's easy to find the things on the servers)

00:32 <isd> One of the items in there is a "sandstorm distro"

00:32 <isd> (There being the roadmap)

00:34 <isd> I'm kindof of the opinion that actually doing a fully-custom tailored thing is more of a time sink than makes sense any time in the near future. But a variant on that is just a "full-machine" installer that sets up sandstorm on top of CentOS with some integration so it can manage reboots.

00:35 <isd> That gets us out of the business of managing and packaging the rest of the OS, which I think is something to be avoided.

00:38 <isd> So one example where I like the general end goal but am somewhat critical of the details of the design

00:38 <isd> I did see that, that's useful things

00:39 <isd> *thanks

01:04 <xet7> OH NO !!! Someone mentioned CentOS !! Escape and run to the hills https://github.com/wekan/wekan-snap/issues/103

01:04 <xet7> Please no CentOS

01:04 <xet7> And please no RHEL7

01:09 <isd> Probably 8 would be current at least by the time we got around to playing with it. But I mostly just picked ${random_stable_distro}; I could be talked in to something else.

01:10 <isd> Anyway, hopefully wekan would be shielded from this, since it'd still be running in sandstorm

01:10 <Guest43589> I meaaaaan... I would hope strategic considerations would be the primary determinate of such a choice rather than personal preferences.. ;)

01:12 <xet7> Well, Sandstorm and Wekan are both made with Meteor, so most likely Sandstorm would get the same problems Wekan currently has. That's a lot of trouble.

01:13 <isd> Sandstorm self-containerizes, so it's not very affected by the distro it's running on.

01:13 <isd> And I know people are running it on RHEL; that was half the reason for adding the "privileged sandbox" mode, though with newer versions that should become unnecessary

01:14 <isd> (I'd be nervous about it otherwise)

01:15 <xet7> Well, maybe, I'm not so familiar with Sandstorm. I'm just trying to get this Snap stuff working and pulling my hair out.

01:16 <isd> There are a lot of contexts in which I too would run screaming from CentOS.

01:18 <xet7> Well, I used to manage CentOS 6 and 7 servers at work. I don't know why cron did not work properly on those servers.

01:21 <isd> Yeah, I have a fair chunk of experience with RHEL/CentOS too. I wouldn't suggest it for anything where we were interacting with system components in non-trivial ways.

01:21 <isd> I just want something that's going to deal with updates to the kernel and such for us.

01:22 <isd> I do think there's room for discussion here.

01:22 <xet7> Of course :)

01:22 <xet7> I would like that Wekan would work well on CentOS

01:23 <xet7> And Sandstorm too

01:24 <isd> But one of my big worries about something like this is, if $distro screws up and pushes an update that breaks stuff and it requires manual intervention to fix, or god forbid get booting again, we could end up in a situation where we have a bunch of users with hosed OSes who have never seen a shell prompt before.

01:24 <isd> So stability is really really important here.

01:25 <xet7> Well, that's what happened with Wekan Snap update. On Debian and Ubuntu servers update did work fine. On CentOS 7 and RHEL7 Wekan stopped working.

01:26 <xet7> it could be because of different versions of MongoDB required, or libc, or something, I don't know. Snap containers should shield from those, but apparently not.

01:28 <xet7> And trying to figure out how MongoDB 4.x requires including libssl and libcurl someway, getting errors about it missing

01:28 <xet7> and errors about networking

01:28 <xet7> and not being able to connect to MongoDB database

01:28 <isd> Dunno. I'm not very familiar with Snap.

01:29 <xet7> Well, Snap is auto-updating container tech from Canonical. I'm trying to make multi-arch Snap packages. I have spent many hours to even keep it working, like Wekan for Sandstorm too.

01:32 <xet7> Wekan already works with Node v12 and MongoDB 4.x at Docker and Source installs https://github.com/wekan/wekan/issues/2881

01:32 <xet7> Using the new Meteor 1.9

01:34 <xet7> Anyway, I'll contrinue trying later. Good night :)

01:38 <isd> Best of luck.

01:45 <xet7> Thanks :)

01:52 <isd> Speaking of RedHat, MongoDB and breakage... I worry about the long term re: mongo, since the company has switched over to a non-foss license. Right now we're just running a fairly old version, and we can do that for at least a while -- it's not like it's exposed to anything where I'd be super worried about security -- but if a FOSS fork doesn't materialize, what do?

01:53 <isd> Switching to any other database would be a project

03:01 <Guest43589> I created a test OpenCollective collective. It'd be great if I could get a few more people to join me in poking and prodding it. https://opencollective.com/sandstormcommunity

03:02 <Guest43589> I'm really loving the expense tracking tool so far.

03:04 <Guest43589> It's pretty simple to set up different tiers. Each tier has a goal, and they have static or variable amounts set up, and different recurring time horizons.

03:04 <Guest43589> I'm taking screenshots as I'm going along and setting it up.

03:12 <Guest43589> An interesting project that open collective has going is https://backyourstack.com

03:12 <Guest43589> It autodetects dependancies in a repository and matches it against their database of open source projects accepting funds in OpenCollective,

03:12 <Guest43589> Here's what's generated when I put in the Sandstorm repo: https://backyourstack.com/sandstorm-io

03:16 <Guest43589> This would be a cool thing to have integrated into app stores in general. Give devs the ability to funnel funds from their install base to their dependancies with a single toggle.

03:25 <Guest43589> Anyways, it'd be great to get two other people to join me so we can explore the differences between Admin and Contributor permission levels.

03:44 <isd> Looks like it's not smart enough to look under `./shell/` in the repo -- it's only detecting deps for meteor-spk

05:28 <crab> hi

07:21 <isd> Ahoy!

19:02 <ocdtr_web> isd: While MongoDB's license is not OSI-approved, does it present a concern/problem for Sandstorm, in such that Sandstorm itself is open source.

19:03 <ocdtr_web> The scenario where SSPL would become a problem is presumably if someone offered Sandstorm as a service, and then made proprietary modifications to Sandstorm. And even then, I am not sure I would read that as a problem.

19:03 <ocdtr_web> Offering Sandstorm as a service is not offering MongoDB as a service. Sandstorm doesn't offer MongoDB as a service, I would argue.

19:05 <ocdtr_web> The change from GPL explicitly defines offering a service where the primary value of such is the primary purpose of MongoDB.

19:07 <ocdtr_web> I don't think it's possible for Sandstorm to run afoul of the SSPL, even if offered as a commercial service.

20:26 <abliss> Staging area for docs website: https://7125z831x29zsn814csg.rapidraven.sandcats.io:6443/en/latest/install/#prerequisites

20:26 <abliss> ocdtrekkie : mind browsing it and seeing if the latest changes you expect from master are there (and nothing's broken)?

20:27 <abliss> There's a bunch of diffs, not just in the content but the mkdocs harness

20:30 <ocdtr_web> abliss: https://7125z831x29zsn814csg.rapidraven.sandcats.io:6443/en/latest/developing/publishing-apps/ is where the most recent change merged is.

20:31 <ocdtr_web> Specifically, that vagrant-spk listkeys and vagrant-spk keygen are newer commands than the docs build visible on docs.sandstorm.io.

20:31 <ocdtr_web> (And they make me happy because they're noticeably more straightforward than the older versions: https://docs.sandstorm.io/en/latest/developing/publishing-apps/ )

20:33 <ocdtr_web> Hopefully abliss will look at the IRC log when he returns.

20:33 <ocdtr_web> But I have a YAY and a NAY.

20:34 <ocdtr_web> YAY: Search works! It just hangs in docs.sandstorm.io. NAY: The link back to sandstorm.io appears to be gone in your version.

20:38 <ocdtr_web> As a side note: I'd like to remove/replace the Google Fonts with stuff pulled from the Sandstorm website's own fonts directory. (Acknowledging we might need to add some fonts to it.): https://github.com/sandstorm-io/sandstorm-website/tree/master/fonts

21:06 <isd> ocdtr_web : your assessment makes sense to me. But there OSI rejecting it is enough of a red flag that I'm going to ask around a bit to try to better understand the objection.

21:09 <ocdtr_web> isd: It's so claimed that MongoDB withdrew SSPL's application for approval, such that the OSI may have never formally rejected it? I feel like it meets the open source definition, at least far better than licenses which prohibit commercial use.

21:10 <ocdtr_web> Hopefully at some point the open source community will come to some sort of consensus on acceptability of licenses meant to protect business interests of open source companies.

21:10 <ocdtr_web> But given that we still get into fights on whether the GPL is good or not, I suppose consensus doesn't seem likely any time soon. :P

21:39 <isd> Looks like the FSF hasn't actually weighed in yet either.

21:42 <ocdtr_web> So I've begun some issue cleanup. I haven't looked at the "self-hosting help" issues as much yet, but been trying to tag feature requests and bug reports a bit. And closing solved problems or issues not even pertaining to Sandstorm.

21:44 <ocdtr_web> I created a new label, "app-platform" to tag any issue with how Sandstorm interacts with apps, and revived the "shell" label to tag issues likely to be handled solely within the Meteor front-end code.

21:45 <ocdtr_web> This means folks versed in Meteor such as xet7 can look at the shell tagged issues easily, and isd can quickly find all the issues likely to involve the Powerbox, app sandboxing, etc.

22:11 <DanC> 583 open issues. hm. triaging all those would be a lot of work.

22:12 <ocdtr_web> DanC: Indeed! Many are obsolete though. I think I closed out like ten?

22:13 <DanC> closing as obsolete is a form of triage

22:13 <ocdtr_web> It will be a gradual process to make sure everything remaining is relevant and tagged appropriately. But at least the process has started. :)

22:13 <DanC> did you recently get authorization to update issues?

22:13 <ocdtr_web> I did!

22:14 <ocdtr_web> There was an issue someone had about the formatting of their subreddit's theme that truly grated my nerves because it was entirely unrelated to Sandstorm, and the random drive-by which opened it never returned to close it. Was the first one I hit.

22:14 <DanC> "we will eventually support OAuth to third-party servers. " <- references to plans such as that should always reference an issue

22:15 <DanC> https://github.com/sandstorm-io/sandstorm/issues/90#issuecomment-53167283

22:16 <DanC> "We have some plans to support OAuth-via-powerbox" -- https://github.com/sandstorm-io/sandstorm/issues/2433#issuecomment-242839202

22:16 <ocdtr_web> #2925 would probably be the relevant issue/topic to discuss that right now.

22:17 <DanC> gak... 2433 refers to design notes in oasis. They seem to be available just now, but I wonder if they'll go poof soon.

22:18 <ocdtr_web> Likely. It may be worthwhile to mirror that document elsewhere and link it there as a backup.

22:20 <DanC> "cannot tweet from grains" is not where I would look for OAuth-powerbox design discussions. If 2925 is where the OAuth-powerbox design belongs, please change the title

22:25 <ocdtr_web> I haven't been renaming any issue titles yet, though I probably will at some juncture to align with whatever we figure out as the short-term roadmap.

22:26 <ocdtr_web> As whatever roadmap we assemble, wherever we assemble it, should be backed by GitHub issues.

22:29 <DanC> ugh... looking over https://github.com/sandstorm-io/sandstorm/pull/2027 ... lots of stuff I don't understand. "Grain makes postMessage powerbox request on Alice's session, gets back a requestToken that has introducerIdentity set to Alice's identity ID." What's an identity ID? My spidey-sense goes off whenever I see stuff like identity ID. looks like NBAC rather than ZBAC (ocap) to me.

22:44 <DanC> another reference that should cite an issue: "we have plans to cut that down drastically with copy-on-write zygotes" <- https://github.com/sandstorm-io/sandstorm/issues/518

22:50 <DanC> suggest labeling this as *question* and closing: https://github.com/sandstorm-io/sandstorm/issues/852

22:51 <DanC> done? https://github.com/sandstorm-io/sandstorm/issues/941

22:55 <DanC> this must have been fixed: https://github.com/sandstorm-io/sandstorm/issues/1109 Sandcats SSL Expiring