aldeka has quit [Remote host closed the connection]
ocdtrekkie has quit [Remote host closed the connection]
ocdtrekkie has joined #sandstorm
aldeka has joined #sandstorm
* asheesh
waves
<asheesh>
fkautz: Yo!
<asheesh>
You suggested I ping you.
<asheesh>
fkautz: I'll only be around for the next ~10 min probably, so this might not be the best time, but let's see! Else tomorrow or (way better) Monday.
<fkautz>
I have about 10m too
<fkautz>
Any recommendations for me to look at to get started?
<asheesh>
Gulp
<asheesh>
Let me see.
<asheesh>
1. There should be a powerbox offer app I can find...
<asheesh>
But I guess I should ask -- what would be most useful/what questions do you have/etc.?
<asheesh>
Seems like you're interested in developing "drivers".
<asheesh>
The main concept there is that apps can serialize capabilities using Cap'n Proto.
<asheesh>
You'll have to build them yourself, which may or may not be a giant pain! Of most note, you'll need Sandstorm installed and capnproto (C++) from git master.
<asheesh>
You should also get a self-installed Sandstorm and play with the http://localhost:6080/admin/capabilities UI , specifically "Offer IpNetwork Capability" and "Offer IpInterface Capability"
<asheesh>
A "driver" is "just" an app that accepts/receives those two, and then exports a capability to other apps that they can request.
<asheesh>
OK, there is some spew. fkautz what do you think/what questions can I answer?
<fkautz>
Reading through, I think first thing is capn proto rpc, is that required
<fkautz>
I was also thinking of bringing it in via c or cpp
<fkautz>
I am going to just build a nacl container
<asheesh>
That would definitely work too, but you do have this Go thing so hopefully you won't have to now (-:
<asheesh>
Hah/amazing
<asheesh>
I remain super excited about native client.
<fkautz>
And provide a way to whitelist certain actions
<fkautz>
E.g. net connections out
<asheesh>
FWIW IMHO the first app to make work with this, end to end, would be a "simple" IRC bouncer that creates a grain, and requests an IRC server connection capability from your side of the world.
<asheesh>
s/bouncer/web client/
ArcTanSusan has joined #sandstorm
<fkautz>
That's a great idea
funwhilelost has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<asheesh>
There's something to be worried about, which is that the IRC client will want to stay online forever.
<asheesh>
I guess your driver should stay online forever and so should the IRC client, in a v1, by calling the Sandstorm "wake lock" RPC.
<asheesh>
That's an implementation detail IMHO anyway
logbot__ has quit [Remote host closed the connection]
neynah has joined #sandstorm
neynah has quit [Client Quit]
ArcTanSusan has quit [Quit: ArcTanSusan]
ArcTanSusan has joined #sandstorm
bb010g has quit [Quit: Connection closed for inactivity]
ArcTanSusan has quit [Quit: ArcTanSusan]
ArcTanSusan has joined #sandstorm
ArcTanSusan has quit [Quit: ArcTanSusan]
ocdtrekkie has quit [Remote host closed the connection]
aldeka has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
gillisig_ is now known as gillisig
XgF has quit [Ping timeout: 272 seconds]
XgF has joined #sandstorm
augustl has joined #sandstorm
mattl has joined #sandstorm
azirbel has joined #sandstorm
dwrensha has joined #sandstorm
mnutt has joined #sandstorm
_iwc has joined #sandstorm
_iwc has quit [Killed (Sigyn (Spam is off topic on freenode.))]
dwrensha_ has joined #sandstorm
dwrensha has quit [Ping timeout: 240 seconds]
dwrensha_ is now known as dwrensha
ArcTanSusan has joined #sandstorm
ocdtrekkie has quit [Remote host closed the connection]
aldeka has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
decipherstatic has joined #sandstorm
mnutt has quit [Quit: mnutt]
Jan\ has joined #sandstorm
<Jan\>
hi
<Jan\>
yeah I installed sandstorm but I can't find the conf file ? used find command...
mnutt has joined #sandstorm
<Jan\>
said thereis no such file or dir
<Jan\>
so where is it ?
<Jan\>
and how do I access each app's admin panel ?
<mnutt>
sandstorm stores its conf file in /opt/sandstorm/sandstorm.conf
<mnutt>
from the command line, after sandstorm is running, you’ll want to run `sudo sandstorm admin-token` to get an administrator token to log in and set everything up
<Jan\>
ok
<Jan\>
I think I already did that
<Jan\>
mnutt: I'm not talking about the sandstorm admin panel, I want the apps' admin panel
<mnutt>
hmm, I may be missing something but I think each app implements its own admin panel within the app
<mnutt>
I don’t think there’s a way as a sandstorm administrator to see/edit all of the grains within the system, though I could be wrong
<Jan\>
mnutt: like say I install a forum app, I want to acces the forum admin panel
<mnutt>
sometimes if the admin panel was for configuring functionality that is being handled by sandstorm (for instance, user or sharing management), the app packager will remove the admin panel. but I can’t say for sure in this case.
<Jan\>
mnutt: If I were to install the app without sandstorm there would be an admin panel at http://server.address/admin or similar. this is what I need to access to configure the app
<mnutt>
which forum app are you looking at? the packager may be on IRC
<Jan\>
rocket.chat nodebb all these apps have admin panels
xet7 has quit [Ping timeout: 240 seconds]
<Jan\>
mnutt: ?
<mnutt>
(taking a look at those two)
<dwrensha>
I think ckocagil disabled the admin panel in the nodebb app
<ckocagil>
that's true
<dwrensha>
admin panels often have a bunch of stuff that doesn't make sense for Sandstorm
ArcTanSusan has quit [Quit: ArcTanSusan]
<Jan\>
omg, why????
<Jan\>
why doesn it make sense ?
<dwrensha>
stuff like user management
<Jan\>
why would you not allow admins to manage their forum software ??
<ckocagil>
Jan\: not without reason. there are some serious bugs with admin functionality in NodeBB inside sandstorm.
<dwrensha>
... because Sandstorm handles access control
<Jan\>
dwrensha: ok so tell me how I can create a forum with subforums and stuff
<mnutt>
fwiw, I actually can’t figure out how to add people rocket.chat. “add users” seems to want to pull from a prepopulated list that includes only me, and a shared link unfortunately produces an (intentionally) blank page
<mnutt>
but I’m pretty sure it’s possible because sandstorm uses it internally
<mnutt>
Jan\: but are you comparing it to functionality in non-sandstorm nodebb, or just other forum software you’ve used? It may just be that NodeBB has different/less functionality than other forum software.
<Jan\>
well if I look at rocket.chat I know its got an admin panel, but I can't even access that
<Jan\>
the file uploads don't work, you upload a file and the url it returns is localhost url (127.0.0.1)
<mnutt>
regarding admin panels, it seems like a common practice for packagers is “disable admin panel, refactor to remove users/sharing, re-enable other admin options when you can”
<mnutt>
the file upload issue sounds like a bug related to packaging it for sandstorm, as the app doesn’t know its own hostname inside of sandstorm.
<dwrensha>
I wouldn't be surprised if there are admin features for both nodebb and rocketchat that would in fact make sense to enable in the Sandstorm packages
<Jan\>
ok so all these issues are because of how the apps are packaged ?
<dwrensha>
mnutt: yeah, that's a classic problem for packages. apps insisting on using absolute URLs when a relative URL would do.
<mnutt>
Jan\: most of them, I think
<Jan\>
so from the conf I see BIND_IP=0.0.0.0 is that correct ?
<mnutt>
packaging is sometimes straightforward, but sometimes requires re-thinking how the app is architected
<Jan\>
ok
<mnutt>
re: BIND_IP that’s correct, it’ll let you accept connections from anywhere
<mnutt>
(essentially “listen on all interfaces”)
<mnutt>
I’m kind of amused at nodebb’s marketing: “With over a dozen settings pages, you're able to administrate your forum as much as you want.”
jadewang has joined #sandstorm
<dwrensha>
i,i "Client modified -- refreshing!" reminds me of "Binary is fine -- exciting!"
<Jan\>
ok if i installed sandstorm with the sandcats url, how cani revert to my own url? change conf ?
<fkautz>
dwrensha: do you think we'll end up with wordpress comments soon? :)
home has joined #sandstorm
<fkautz>
asheesh: so, turns out nacl doesn't have support for networking unless you use an alternative pepper api :(
todayman_ is now known as todayman
<asheesh>
fkautz: Aw. I wonder if you can layer the networking in capnproto anyway though.
<asheesh>
Unless that counts as networking.
<XgF>
hmm, whats the relation of nacl to sandstorm?
simonv3 has joined #sandstorm
<fkautz>
There isn't
<kentonv>
XgF: nacl the crypto library or nacl the web technology?
<kentonv>
fkautz: ah, the web technology
<kentonv>
yeah no relation
<asheesh>
The relation is that fkautz wants to write "drivers" sandboxed with native client.
<asheesh>
Yeah what others said.
<fkautz>
asheesh: I'm thinking we can
<kentonv>
sorry, didn't read enough context before I started typing. :P
<kentonv>
what would the purpose of nacl be here?
<fkautz>
Idea was to allow arbitrary c or cpp to be compiled and run as a sandboxed driver
<fkautz>
Or go
<kentonv>
I'm probably lacking some critical context here. Why is the Sandstorm sandbox not sufficient?
<asheesh>
I think it is sufficient, but "why not" also do native client, is the notion.
<kentonv>
I don't understand.
<XgF>
I'm not sure I see any reason why another environment in which drivers could be written would be useful given that there are no drivers written in NaCL already...
<fkautz>
XgF: c and cpp code can be compiled to target it, e.g. mosh for chrome works like this
<XgF>
fkautz: How is that different from the Sandstorm sandbox?
<XgF>
(Now, if you were talking about pNaCl, I might disagree!)
<fkautz>
So the idea was to make a generic container for code to compile, and include it as a driver
<fkautz>
This would be for privileged drivers, run arbitrary code but still be secure
<XgF>
fkautz: But thats what the Sandstorm sandbox already does!
<kentonv>
are we talking about Sandstorm drivers? They are Sandstorm apps, so they can already be written in C/C++ and are already sandboxed...
<fkautz>
Yea, I'm thinking there likely isn't a need
<fkautz>
You already control what api calls can be made
<kentonv>
it's certainly arguable that nacl is more secure than the Sandstorm sandbox, at the expense of being not compatible with existing Linux binaries.
<fkautz>
I was thinking we may be able to go a bit more fine grained, set up so only certain inputs to api are valid
<XgF>
(but that said, if the sandstorm sandbox could run PNaCl bytecode... that would solve part of the architecture independence problem)
<fkautz>
But it doesn't really matter at this point, they don't have compatible network apis
<fkautz>
apps would require modification, which defeats a large part of the goal
<kentonv>
XgF: at least one person who worked on pnacl tells me he regrets the choice of LLVM bitcode.
<XgF>
kentonv: hmm, llvm bitcode is a moving target
<XgF>
(I guess in the future this will be solved in the form of some library for compiling WebAssembly)
<fkautz>
Rust has that problem with llvm
<fkautz>
Moving to future versions is problematic for them
<XgF>
(but I began thinking about architecture independent Sandstorm again because my parents just bought a NAS drive, and it got me thinking that Sandstorm would be a great platform for building a NAS which wasn't a security disaster where everything runs as root)
<XgF>
(may be somewhat tricky on a device with only 512MB of RAM though!)
<fkautz>
kentonv: can we configure the network namespace for driver sandboxes?
<kentonv>
fkautz: I'd like drivers to use the IP-over-capnp interfaces
<kentonv>
that way they're capability-based. A non-privileged user could run a driver and give it a fake IP network capability, e.g. for testing.
<fkautz>
So sandstorm would manage the actual connection?
<kentonv>
yeah
<kentonv>
IP networking is itself a "pseudo-driver" implemented by the Sandstorm core
<kentonv>
if you go into the admin settings on a Sandstorm server, there's a tab for creating new IP networking capabilities
<kentonv>
you create one, then grant it to a driver app, to allow that app to do raw networking
<kentonv>
you could imagine a service like Oasis allowing a user to buy an IP address, and then actually hook that up to drivers, even though they are not an Oasis admin
<kentonv>
but Oasis doesn't want to let users use Oasis's main IP directly
<fkautz>
Is there a virtual interface that converts raw connections to capnp, or does the driver need to speak capnp directly?
dcb has quit [Ping timeout: 250 seconds]
<kentonv>
we were working on a transparent bridge earlier in the year, based on setting up iptables inside the sandbox to redirect connections back to a local process. IIRC it worked for TCP but not really for UDP.
<XgF>
hmm, could you not do tun?
<kentonv>
problem with UDP being that we couldn't spoof remote addresses for replies, I think
<fkautz>
UDP is particularly troublesome :x
<kentonv>
using tun is an alternate implementation approach that might work a lot better, I'm not sure
<kentonv>
it seemed more complicated at the time
<XgF>
Or actually tap, since you want to emulate IP, not ethernet
<kentonv>
if it's possible to set up tun in a network namespace and have it loop back to a local process, that seems like a great idea.
<XgF>
Wait, other way around
<kentonv>
whichever, yeah. :)
<kentonv>
I do want the bridge process to be inside the sandbox. But I'm OK with adding some code to supervisor.c++ that sets up the loopback.
dcb has joined #sandstorm
<kentonv>
with all that said, drivers which directly use the cap'n proto IP interfaces will be more efficient and cleaner.
<kentonv>
but of course will take more work
<simonv3>
Hey all, when running `vagrant up` for the first time and your Internet connection drops out, is that download script intelligent enough to start downloading again or should I restart?
<fkautz>
That's basically how docker networking works for some network solutions
<kentonv>
simonv3: sounds like a question for zarvox or asheesh
<kentonv>
(not sure if they're reading)
<fkautz>
Defer to openvswitch or to something like flannel or weave which are user processes
<XgF>
kentonv: You might need to add a supervisor call which creates the tun device, but it seems like its workable
<asheesh>
Hi simonv3 -- you should re-run 'cd .sandstorm; vagrant provision'.
<asheesh>
That should pick up where it left off.
<simonv3>
ah
<XgF>
Hmm, you could also run the tun backwards and attach services to e.g. an OpenVPN server
<asheesh>
simonv3: Semi-sorry that the 'vagrant-spk up' doesn't necessarily do the right thing in this case. Only "semi-sorry" because getting it right seems tough given the abstractions Vagrant gives us.
<simonv3>
asheesh: hmm, I think I borked something
<asheesh>
simonv3: sadness, you shouldn't be able to, so that's a bug IMHO (-:
<asheesh>
OK to go to PM to minimize noise here? I'll PM you
<fkautz>
XgF: completely agree, and once a network is set up, we just drop capabilities to configure it and carry on. You can netns exec and gain isolation
<Jan\>
ok if i installed sandstorm with the sandcats url, how cani revert to my own url? change conf ?
<asheesh>
You'll have to change BASE_URL and WILDCARD_HOST and probably remove the HTTPS_PORT line since Sandstorm won't have the ability to auto-request a valid HTTPS certificate for you if you're not on Sandcats.
<XgF>
kentonv: Hmm, why does Sandstorm's IPv4-in-IPv6 mapping have a bunch of FFFFs in it?
<Jan\>
hmm I tried ssl with sandcasts its not working
<Jan\>
asheesh: ok what if I'm already running a webserver like apache with ssl and want to keep that ?
<kentonv>
fkautz: Sorry, confused. By "network driver" do you mean a Linux network driver (not a Sandstorm driver)?
<kentonv>
fkautz: If so, yeah, that'd be cool, but it's also important that Sandstorm works on unmodified kernels.
<fkautz>
Yea, we should be able to set up a bridge and connect to it without kernel modification. Ill take a look
<asheesh>
Jan\: That's tougher but possible... the easiest way is if you run Sandstorm with HTTPS on port 6080. To get that, you can follow basically the same instructions, but say HTTPS_PORT=6080 (and remove 6080 from PORTS=6080).
<kentonv>
fkautz: There's some code in supervisor.c++ that sets up loopback iptables currently, but could be replaced by code that sets up loopback TUN.
dcb has quit [Ping timeout: 260 seconds]
<Jan\>
asheesh: ok
<kentonv>
fkautz: Presumably we then need to implement an endpoint for some supported tunneling protocol. Hope there's a simple, low-overhead one available.
<asheesh>
The difficulty with this is that you still have to enter the port number in the BASE_URL, but if you're OK with that, then great.
<asheesh>
Otherwise, you can do something more complicated (that we haven't documented yet anywhere) involving your Apache terminating HTTPS, including reloading Apache every week when the Sandcats HTTPS certificate gets renewed.