<fkautz>
asheesh: so, if a grain is deleted, how easy is it to recover the state of that grain?
<fkautz>
one thing that bothers me with running a blog on sandstorm is the ease of accidentally clicking on the big X in the menu, thoroughly decimating my blog
<dwrensha>
fkautz: which "big X"?
<fkautz>
dwrensha: next to the name of the grain
<dwrensha>
to delete a grain, you need to click the trash can icon and then confirm in a popup
<dwrensha>
the X on the sidebar just closes your current view
<fkautz>
ah wait, my misreaidng
<fkautz>
reading*
<fkautz>
i feel much safer now :p
<dwrensha>
it's interesting that you interpreted it that way. Do you think there's any way we could be clearer about the meaning?
<fkautz>
hard to say, i'm not aware of an icon that simply means "close" that cannot be misinterpreted as delete
<fkautz>
other than spelling it out as "hide"
<fkautz>
but having "hide" next to each title starts to look ugly too
<fkautz>
maybe an eye with a slash through it?
<dwrensha>
I'm thinking back to some confusion I had with rocketchat last week
<fkautz>
did they interpret it the same way?
<dwrensha>
it has "channels" that you can either "hide" or "leave"
<dwrensha>
and apparently if you hide a channel it's really hard to get it back in your sidebar
<fkautz>
not sure if rocketchat follows irc standards
<fkautz>
sometimes /join works for some systems but that isn't easily discoverable
<dwrensha>
anyway, I'm going to sleep now
<fkautz>
good night!
<fkautz>
thanks for the info
<dwrensha>
re wordpress, I'll probably not have time in the near term to work on commenting
<fkautz>
no worries
<fkautz>
as a workaround, i'm adding disqus support in
paroneayea has quit [Read error: Connection reset by peer]
<mnutt>
asheesh: the message you see when you run vagrant-spk publish notes that if you want to hold back a package from going live, you can run spk publish -e, but it looks like that’s not supported through vagrant-spk
<mnutt>
also, I’m not quite sure what the message means, if it just leaves a note to kenton “don’t publish immediately” or if it actually yanks the submission.
<mnutt>
lastly, low-priority but it’d be awesome to get an email when the submission is published. otherwise I end up either refreshing the app listing or checking here and it totally comes across as “why hasn’t my package been approved yet?” when that’s not the intent at all :)
jadewang has joined #sandstorm
mnutt has quit [Quit: mnutt]
jadewang has quit [Ping timeout: 272 seconds]
mnutt has joined #sandstorm
paroneayea has joined #sandstorm
mnutt has quit [Quit: mnutt]
<asheesh>
(-:
tdfischer has quit [Ping timeout: 246 seconds]
tdfischer has joined #sandstorm
jadewang has joined #sandstorm
jadewang has quit [Ping timeout: 240 seconds]
neynah has joined #sandstorm
<dcb>
dwrensha: ping
rhapsodhy has quit [Remote host closed the connection]
<dcb>
question for you when you get a chance: is it possible to create a collection (Vec, for instance) of message::Builder's generic on the allocator?
<fkautz>
kentonv: are you ok with loading a tun kernel module? tun is in the mainline kernel
<kentonv>
fkautz: yeah
<kentonv>
as long as basically everyone is expected to have the module available
<fkautz>
i can't think of any distros that don't include it
jadewang has quit []
<eternaleye>
kentonv: I'm rereading the Cap'nProto encoding page on the site (for the nth time), and a thought hit me - how much difference would it make if the pointer-chase counter was only incremented for backwards pointers?
<kentonv>
eternaleye: pointer-chaise counter?
<kentonv>
chase*
<eternaleye>
kentonv: "A message containing cyclic (or even just overlapping) pointers can cause the reader to go into an infinite loop while traversing the content." and the paragraph after it
<eternaleye>
"To defend against this, as the application traverses the message, each time a pointer is dereferenced, a counter should be incremented by the size of the data to which it points."
<kentonv>
ah, the traversal counter
<eternaleye>
If it's only incremented if the target of the pointer is at a lower address than the pointer itself, then it should provide the same protection without arbitrarily limiting acyclic data
<kentonv>
that would catch cycles, but not amplification via overlapping
<eternaleye>
Mm
<kentonv>
e.g. object A has two pointers both pointing to object B which has two pointers to object C, ...
<kentonv>
apparent size ends up being O(2^n)
<eternaleye>
Makes sense
<eternaleye>
Hm, though with memoization of seen pointers that falls back down to O(n). Might be a neat alternate mode.
<eternaleye>
Oh, no, could have one pointer to a struct and one to a member of that struct, that contains all the members except a leading byte.
<kentonv>
that, and, it would have to be the application doing any memoization
<eternaleye>
True
<kentonv>
if an app wants to opt into that, they can set the traversal limit to INT_MAX
<kentonv>
I do really wish there were a better solution here but I spent a lot of time thinking about it without coming up with anything. :/
<eternaleye>
I just think it might be nice if there was something between the strict limit and INT_MAX
<eternaleye>
Perhaps a limit for all traversal, and a separate one for backwards traversal
<eternaleye>
The latter of which defaults to the same value, for backwards compatibility
<eternaleye>
So you can be, say, twice as strict with backptrs as forward pointers
<kentonv>
if we didn't care about performance, one could maintain a data structure mapping backwards from memory to the pointer that points to said memory
<eternaleye>
Or if you expect tree-ish data, forbid backptrs entirely
<kentonv>
and use that to detect overlapping or cyclic pointers
<kentonv>
cap'n proto data is always a tree
<kentonv>
back-pointers are useful, though, when you build your message bottom-up
<eternaleye>
Mm
<kentonv>
but yeah, "correct" detection is possible, but it would be annoyingly expensive
<eternaleye>
I suppose my point is more that it provides a way to make the tradeoff on how much you want to follow Postel's law
<eternaleye>
A stricter backptr rule requires the sender do some things differently, but it might catch some forms of malice sooner (or permit larger messages)
<eternaleye>
Also, being stricter means you can make CPU tradeoffs between sender and receiver
<kentonv>
bottom-up message building is very common, though. Banning backpointers would be pretty painful for apps.
<eternaleye>
Mm
<kentonv>
and it doesn't fully solve the problem. Fixing some kinds of malicious behavior but not others isn't helpful unless there's some companion solution for the others. :)
<eternaleye>
True
<kentonv>
it we could require canonical ordering then it should be cheap to validate messages
<eternaleye>
Another thing I wonder is if in the case of transports like TCP that copy regardless, writing out the message could reorder it - i.e. making a strict message requires sacrificing either zero-copy or bottom-up, but if one's getting sacrificed anyway...
<kentonv>
but it basically requires that the sender make a copy to canonicalize
<kentonv>
I don't think there's a good way to do canonicalization as part of the same copy imposed by the TCP transport.
<eternaleye>
True. File might be a better option - grab the FD, mmap, and build a canonical message into the mmapped region.
<eternaleye>
Actually, how common is purely bottom up (almost all are backptrs) vs pure top-down (almost all are fwdptrs) vs mixed?
<eternaleye>
Since really, the core of my idea isn't _which_ direction is rare, just that cycles require switching direction.
<kentonv>
mixed is common
<eternaleye>
Mm
<eternaleye>
Squaring triangles: Hard to do. :P
jadeqwang has joined #sandstorm
<kentonv>
I need to go to bed. :)
<eternaleye>
'night!
<kentonv>
'night
<jadeqwang>
g'night!
jadeqwang has quit [Client Quit]
eternaleye has quit [Ping timeout: 240 seconds]
M-hrjet1 has quit [Ping timeout: 272 seconds]
joshbuddy has joined #sandstorm
joshbuddy has quit [Quit: joshbuddy]
bb010g has quit [Ping timeout: 264 seconds]
bb010g has joined #sandstorm
aaronr has joined #sandstorm
mnutt has joined #sandstorm
Grant has joined #sandstorm
Grant is now known as Guest85283
Guest85283 is now known as grantp
grantp has quit [Client Quit]
sabamimi has joined #sandstorm
<sabamimi>
hello everybody, a quick question from a new user trying to install Sandstorm: is there a sandstorm user forum for help ?
<sabamimi>
Thanks, I have found it but it is dev oriented....I am facing an installation pb , and i am stuck searching for help: I willl try to describe where I am standing....
<sabamimi>
I did an installation in Ubuntu (running in a virtual box): the installation was very smooth (I did follow the very good documentation) . I was able to define the first user (admin) to login and to install apps.
<sabamimi>
when I am starting any application (i tried a few) , i get a round type hourglass forever......(the apps specific GUI never show up) that is where I am stuck . I have no idea where to look for clues!
<dwrensha>
that could mean that your wildcard DNS isn't set up right
<dwrensha>
are you using Sandcats?
<dwrensha>
would you be willing to share the contents of your /opt/sandstorm/sandstorm.conf file?
<sabamimi>
Not using sandcat : my config could be connected to a wilcard pb : yes I will share the sandstorm.conf content: I am using a NAS Synology with Haproxy
<sabamimi>
thanks for your help!
<sabamimi>
SERVER_USER=sandstorm
<sabamimi>
PORT=6080
<sabamimi>
BIND_IP=0.0.0.0
<sabamimi>
BASE_URL=http://sand.sabamimi.fr
<sabamimi>
MONGO_PORT=6081
<sabamimi>
WILDCARD_HOST=*.sand.sabamimi.fr
<sabamimi>
UPDATE_CHANNEL=dev
<sabamimi>
ALLOW_DEV_ACCOUNTS=false
<dwrensha>
sabamimi: may I sign in to your server, and would you be willing to upgrade me to "invited" status once I do?
<sabamimi>
sure, be my guest !
<dwrensha>
ok, now I'm waiting for you to upgrade me to "invited"
<dwrensha>
you can do that on the admin/users pages
<dwrensha>
thanks!
<sabamimi>
you are now admin
<dwrensha>
I notice that images don't seem to work
<dwrensha>
e.g. profile picture, app icons
<sabamimi>
OK
<sabamimi>
correct
<dwrensha>
Looks to me like a problem with your reverse proxy
<dwrensha>
DNS for *.sand.sabamimi.fr seems to resolve correctly
<dwrensha>
but then for example static.sand.sabamimi.fr doesn't seem to be reaching your Sandstorm server
<dwrensha>
maybe you need to adjust the configuration for Haproxy?
<dwrensha>
Unfortunately, I'm not familiar with Haproxy at all.
<sabamimi>
OK, I see what you mean ! that is correct ....I have no definition for anything.sand.sabamimi.fr in Haproxy.....THANKS ! looks like you point me to the correct direction ....I will look into it and report back
<sabamimi>
Thanks again
* asheesh
waves
<asheesh>
sabamimi: BTW, why haproxy? Is it because the Synology box defaults to haproxy? Or you set it up? Just curious, as I'm interested in making Sandstorm easier to run on a Synology box.
<sabamimi>
Yes Synology has an Haproxy package, i am not sure about nginx (i can look and report if you are intereested)
<asheesh>
Neat.
<sabamimi>
No Nginx package in official or main community package repository
<sabamimi>
I am not totally correct, it seems that nginx is in fact used internally in the NAS
<asheesh>
Good to know.
<sabamimi>
wrong again, the correct statement should be "some people have played with nginx on top of apache in Synology
<asheesh>
Good to know!!
<asheesh>
BTW any chance you'd be interested in writing a blog post about how to use Sandstorm on Synology?
<asheesh>
There are lots of people hungering for this knowledge, and you are probably at the cutting edge.
<sabamimi>
still trying to modify Haproxy config file.....
<asheesh>
I will say it's slightly sad that you're not using Sandcats; if you were, then you could get free HTTPS!
<asheesh>
You can use Sandcats+HTTPS on a different port number, to avoid thinking about haproxy, if you want.
<asheesh>
But yeah, you probably want to integrate with the built-in haproxy.
<sabamimi>
I will look into it (dont know about Sandcats....yet)
kecolus has joined #sandstorm
<sabamimi>
Haproxy allows to have https to the outside world + http inside the "home network" between the Synology and the various application servers
<sabamimi>
Ho yes, i read the documentation....just i didn't want to go though your servers & services just for https
<asheesh>
Yeah, it does use us for DNS, but the HTTPS is end-to-end secure; you control the private key.
<sabamimi>
understood
<asheesh>
In other news, I have an app crash/restart loop on WeKan. dwrensha do you have this on the "Sandstorm Chat" grain?
<asheesh>
Huh, it's OK in a new tab....
<asheesh>
Huh, it's now OK in both tabs.
<asheesh>
OK then.
<dwrensha>
looks fine to me
<dwrensha>
but my computer is ever vigilant
<dwrensha>
never sleeps
<dwrensha>
it's good that it recovered for you!
<dwrensha>
it should do that within 60 seconds
<asheesh>
My laptop sleeps and bounces between wifi networks all the time.
<dwrensha>
i,i X-Sandstorm-Preferred-Color
<asheesh>
(-:
<asheesh>
BTW it's amazing how much nicer the world is when I'm listening to songs I like.
<dwrensha>
♫♫
<sabamimi>
@dwrensha : it is now working !!!! (using http only for now)
<dwrensha>
yay!
<sabamimi>
Thanks a lot
<sabamimi>
Sandstorm is not happy about Haproxy mixing https & http (it complains in the log..."Error in OAuth Server: redirectUrl (https://sand.sabamimi.fr/) is not on the same host as the app (http://sand.sabamimi.fr/)"
<sabamimi>
I will find a solution for that ( maybe sandcats after all :-))
<asheesh>
Yeah -- if you have your own HTTPS, then you'll need to adjust BASE_URL to be https://
<sabamimi>
Yep , that simple!
<sabamimi>
doing it now.....
mnutt has joined #sandstorm
<sabamimi>
in http I can see now the images, but still no joy with https ....(i think i will leave it for now and play in http.) THANKS for your time
<asheesh>
sabamimi: FWIW I think if you want to spend about 10 minutes more on it, we will be able to figure it out, so let me know!
<asheesh>
I'm glad you're able to get this far!
<sabamimi>
I have the few minutes, but i am quite sure it is Haproxy type of issue and i dont want to waste your time
<asheesh>
What is your BASE_URL set to right now?
<asheesh>
I am thinking I should see if I can write a quick tool to auto-generate advice for you.
<sabamimi>
rechecking
<sabamimi>
BASE_URL=https://sand.sabamimi.fr
<sabamimi>
and....it still works in the browser using http....(go figure :-))
<dwrensha>
sabamimi: OAuth login will fail in that case
<sabamimi>
I am going to grab a beer and drink it to your health (it's almost 6PM here in France)
<asheesh>
(-:
<sabamimi>
you mean if i log again?
<sabamimi>
let me try
<asheesh>
sabamimi: What are the images that aren't working?
<sabamimi>
do not understand the question
<dwrensha>
asheesh: stuff served from the static host static.sand.sabamimi.fr
<asheesh>
gotcha
<asheesh>
Probably because WILDCARD_HOST is set wrong, then, sabamimi. Can you paste me the WILDCARD_HOST line that you have?
<sabamimi>
BTW : with BASE_URL=https: it is still working with http (even when i logout and in again)
<asheesh>
Yeah, that's sort of expected.
<asheesh>
I think this means that your OAuth provider is configured to use a HTTP base_url.
<sabamimi>
WILDCARD_HOST=*.sand.sabamimi.fr
<asheesh>
And you need to adjust the config on your OAuth provider.
<asheesh>
WILDCARD_HOST looks great to me.
<asheesh>
BTW do you have this self-signed cert in your browser already?
<asheesh>
If you don't mind self-signed HTTPS, I can point you to a docs page about how to set up something that you can trust once in your browser and then it'll trust all the subdomains.
<asheesh>
BTW it's not clear to me that your cert is valid for *.sabamimi.fr
<asheesh>
This could be me splitting hairs about what "valid" means, though.
<asheesh>
Yeah, it seems to be self-signed, so you'll have the same issue about needing to approve every hostname, which won't be feasible in Sandstorm IMHO.
<asheesh>
So you'd want to do the full "Self-hosted HTTPS with a custom certificate authority" approach, which lets your browser pre-trust all domains for this certificate.
<asheesh>
(if you still want fully self-signed HTTPS)
mnutt has quit [Quit: mnutt]
<sabamimi>
with WILDCARD_HOST=sand-*.sabamimi.fr : both https AND http are broken
mnutt has joined #sandstorm
<asheesh>
If you want HTTPS to work without paying anyone, with Sandstorm, you're really going to need to read the part of the docs called "Self-hosted HTTPS with a custom certificate authority", I'm afraid.
<asheesh>
(or use a sandcats.io subdomain for your Sandstorm, I should add!)
<sabamimi>
@ashleesh : with my certificate , i run apps from toto.sabamimi.fr and titi.sabamimi.fr but i never tried toto.titi.sabamimi.fr
notevil has joined #sandstorm
<asheesh>
I don't think that's the problem sabamimi.
<asheesh>
I think the problem is that, the first time you use each service, you must click an error page, and dismiss it.
<asheesh>
And that Sandstorm uses so many subdomains that you'll be overwhelmed with hostnames to do this with, and it won't realistically work.
<asheesh>
But I might be misunderstanding the problem you're having.
<sabamimi>
I will dig into it (and i will tried the sandcats confit)
<asheesh>
Cool! Good luck!
kentonv has quit [Ping timeout: 272 seconds]
<sabamimi>
Thank you
<sabamimi>
bye
<asheesh>
Ciao for now!
<asheesh>
Feel free to come back with more questions; even if I can't answer them, perhaps others can.
<sabamimi>
I will , Sandstom looks very very good (I am over 60 and still love to play....)
sabamimi has left #sandstorm [#sandstorm]
<asheesh>
(-:
<ckocagil>
has anyone tried porting a bug tracker to sandstorm?
<asheesh>
Not that I know, except the built-in gogs/gitlab one.
<asheesh>
ones
<ckocagil>
I see
<ckocagil>
question 2: how about ERP software?
<asheesh>
Gosh I want some ERP software on Sandstorm.
<asheesh>
Not that I have heard of, though, has any been attempted to be ported.
jadewang has quit [Remote host closed the connection]
notevil has joined #sandstorm
joshbuddy has joined #sandstorm
joshbuddy has quit [Read error: Connection reset by peer]
joshbuddy has joined #sandstorm
xet7 has joined #sandstorm
jadewang has joined #sandstorm
aldeka has quit [Remote host closed the connection]
ocdtrekkie has quit [Remote host closed the connection]
aldeka has joined #sandstorm
ocdtrekkie has joined #sandstorm
funwhilelost has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
funwhilelost has joined #sandstorm
funwhilelost has quit [Client Quit]
home has joined #sandstorm
<zarvox>
Today I learned that you can put scrollbars on the left side of an element by specifying direction: rtl; on it. Then, inside that scroll area, you put everything inside another <div> with direction: ltr; and everything looks sane again.
<zarvox>
dwrensha: ^ the above might be an interesting hack for multi-identity list view overflow?
<dwrensha>
maybe!
<zarvox>
(possibly also for the sandstorm sidebar? who knows!)
<zarvox>
s/sidebar/navbar/
notevil has quit [Quit: and I'm off...]
simonv3 has quit [Quit: Connection closed for inactivity]
funwhilelost has joined #sandstorm
joshbuddy has quit [Quit: joshbuddy]
bb010g has quit [Quit: Connection closed for inactivity]
kecolus has quit [Quit: Leaving]
joshbuddy has joined #sandstorm
jadeqwang has joined #sandstorm
aldeka has quit [Remote host closed the connection]
ocdtrekkie has quit [Remote host closed the connection]
<saltthefries>
has anyone else seen rocket.chat lose recent message history on reloading the page?
<dwrensha>
saltthefries: is it just your messages that get lost? maybe they never make it to the server
<saltthefries>
no, it's also other users
<saltthefries>
they'll confirm seeing the messages, then when either of us reload our page (or disconnect / reconnect), it goes back to some point in the past
<dwrensha>
ouch
<dwrensha>
Where is this rocket.chat grain hosted?
<saltthefries>
it's rather bizarre. I wasn't able to recreate it in oasis, but I did when creating a new rocket.chat grain
<saltthefries>
it's on my small intel nuc running debian jessie (8)
<asheesh>
I wonder if mongod is getting OOM-killed (?)
<asheesh>
Note that I am randomly making things up in the hopes of stumbling across a plausible explanation, not reasoning carefully.
<dwrensha>
the data should still persist
<asheesh>
MongoDB (that RocketChat uses) really is supposed to store data carefully.
<saltthefries>
where's the best place to see that? mongo log in /opt/sandstorm/var/log ?
<asheesh>
For OOM killing, look at /var/log/syslog for lines containing 'kernel:' and 'Killed'
<saltthefries>
nothing interesting in the current log. I'll look at some of the older ones
<asheesh>
I don't expect that's what's going on.
<asheesh>
Did you say you _could_ successfully repro this on Oasis, saltthefries?
<saltthefries>
no, I can *not* reproduce this on oasis
<asheesh>
Ah hah, okay.
<asheesh>
Although I continue not to have a lot of clue.
<saltthefries>
and actually, this is a little stranger--
<saltthefries>
the old messages from a week ago that disappeared are now in the history of my chat
<saltthefries>
but if I send some new ones and then refresh, I lose those for the timebeing
<saltthefries>
with a sandstorm update and at least one whole server reboot between a week ago and now
<jadewang>
when you send new messages and refresh, you lose the old messages?
<jadewang>
(or you lose the new messages?)
<saltthefries>
I lose the new messages
<ckocagil>
maybe somehow mongod is killed before it can sync?
<saltthefries>
is that consistent with the new messages reappearing some time significantly later?
<ckocagil>
maybe it recovers the db from the journal after that significant time?
singli has joined #sandstorm
<jadewang>
hi singli!
<ckocagil>
I'm kinda grasping at straws
<saltthefries>
I appreciate it
<singli>
hi jadewang! and saltthefries!
<jadewang>
@saltthefrieds, singli is our resident RC expert
<saltthefries>
my experience with mongodb is very limited
<jadewang>
RC = rocket chat
<saltthefries>
hi signli!
<ckocagil>
saltthefries: do you have a mongodb log? does it say "Unclean shutdown" anywhere?
<dwrensha>
I noticed that sometimes if I restart a rocketchat grain right after typing some things, the thing that I just typed appears instead of a "connecting..."
<saltthefries>
I'll grep the logs
<jadewang>
btw @saltthefries, I don't think singli has context yet b/c the logbot doesn't have today's IRC chats
<saltthefries>
ah, not a problem, I'll recap
<singli>
yes... idk the context...thx for ecap
<saltthefries>
Here's my current setup: running sandstorm on an intel nuc (nuc5ppyh to be exact), Debian 8 jessie / stable
<singli>
saltthefries: also, have any one of you try Browser Ctrl-Reload? we do have a whole set of rendering anomalies on our issue list. What I am saying is - just because you don't "see" the message does not mean it is not saved.
<dwrensha>
... to answer my own question: no, it appears that Meteor does not continue relaying message once the database is a zombie
<saltthefries>
singli, no luck with a force reload
<singli>
saltthefires ...can I invite you to https://demo.rocket.chat/ ?? you can paste screen capture there and show us exactly what you are seeing and what is missing. Also the expert on mongo logs might still be around.
<saltthefries>
sure!
<singli>
meet u o'ver there... i'll intro u to the gang...