aldeka_limechat has quit [Remote host closed the connection]
aldeka_limechat has joined #sandstorm
frigginglorious has quit [Quit: frigginglorious]
aldeka_limechat has quit [Ping timeout: 244 seconds]
mnutt has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
jacksingleton has quit [Ping timeout: 260 seconds]
jemc has joined #sandstorm
jemc has quit [Ping timeout: 260 seconds]
jemc has joined #sandstorm
n8a has joined #sandstorm
jemc has quit [Ping timeout: 276 seconds]
nwf has quit [Read error: Connection reset by peer]
nwf has joined #sandstorm
jemc has joined #sandstorm
bb010g has joined #sandstorm
<azirbel>
what are the differences between launching with `vagrant-spk vm ssh; cd /opt/app; <launch>` and putting `<launch>` in launcher.sh?
<azirbel>
the first works for me, but the second gives me errors
jemc has quit [Ping timeout: 244 seconds]
<azirbel>
anyway, so I'm working toward the dream of faster development within sandstorm
<azirbel>
previously I was doing `ember build` to build the frontend of my app, and then serving it with ngrok, but if I do that I'll need to rebuild/relaunch the app every time I make a change. I'm hoping to change to `ember serve` and serve the frontend with ember in development mode
<azirbel>
so the first question is - will it be necessary to even relaunch the app if I do this?
<azirbel>
second question is what might cause this error
<zarvox>
azirbel: the latter is caused by there being no HOME in the environment declared for your process in .sandstorm/sandstorm-pkgdef.capnp - try adding (key = "HOME", value = "/var"), to environ
testinguser has joined #sandstorm
<testinguser>
Hey! Sorry to just pop in and ask a quick question. If I have a grain that is hosting an app, and that app has a smart phone app... is there any way for the app on the phone to sync up with the app in the grain?
<zarvox>
as for differences between manually running your app through vagrant-spk vm ssh and doing it through launcher.sh: the former runs on the host, against the host's /var, whereas the latter runs inside a sandbox, with an isolated /var
<testinguser>
Or is the only way to access the app in the grain through the grain's web interface?
<azirbel>
ok, thanks zarvox!
<zarvox>
testinguser: some apps are able to talk to grains through the API endpoint, if the app supports it
<testinguser>
In this instance, I'm trying to use Rocket.Chat
<zarvox>
testinguser: ahhh, jparyani has written patches for the Rocket.Chat apps that aren't merged yet
<zarvox>
But hopefully the Rocket.Chat devs will test it out and merge Sandstorm support Soon™!
<testinguser>
So I guess I'm still confused about the API endpoint
<testinguser>
If that patch gets merged, how do I create an endpoint to point the android app at?
<zarvox>
I'm not super familiar with the details, but I believe there will be UI in Rocket.Chat so you can copy/paste an endpoint with authentication information
<zarvox>
and you'll paste that in as the server URL to the app
<testinguser>
Hmmm.... Yeah, I literally just heard of Sandstorm and fired it up to play with it. Just installed Gitlab and it made a crazy looking URL, so I guess it's gotta be somewhere that RocketChat knows about
<zarvox>
:)
<zarvox>
I'm going to wander off now, but feel free to ask other questions/hang around! I (or someone) will do our best to answer them.
<testinguser>
Alright. Thanks for the help! I should get to sleep myself, but when I come across new things I get restless
<afuentes>
and the dns of the domain returns my ip
<afuentes>
and the certs are automatically generated on registration... supossedly, but maybe they havent registered at all, since i cant find them anywhere
<dwrensha>
afuentes: is your Sandstorm server at your sandcats domain working okay?
<dwrensha>
like, are you debugging a problem, or are you just curious?
<afuentes>
dwrensha, good question... i dont know because im have made a twist to a regular documented installation
<afuentes>
im debugging a problem
<dwrensha>
oh, right. I see above that you said you're trying to work with Apache
<afuentes>
im using my own certbot free cert for the domain, but since certbot doesnt generate wildcard certs, im trying to use the sandcats one
<afuentes>
so im trying to proxy my apache to 127.0.0.1:6080 where sandstorm is running...
<afuentes>
i think the last piece missing is my apache ofering the wildcard certs that sandcats generate
<afuentes>
but i cant find those certs at all :S
<afuentes>
okay... they didnt autogenerate... they should be under https folder
<afuentes>
i will try to generate them ^^
<dwrensha>
so you want to serve non-Sandstorm stuff from your sandcats.io domain?
<dwrensha>
still trying to understand your usecase here :)
<afuentes>
i want to use sandcats.io for the websockets connections used by sandstorm. I want to use my own domain for my sandstorm instance
<afuentes>
but since sandstorm can only be offered on one ip, i want sandstorm on 127.0.0.1:6080 and use my apache to reverse proxy all the connections and offer the certs
<dwrensha>
hm. interesting
<afuentes>
Okay, im running install.sh again... i can see why it failed... if you tell him to install in 6080 it doesnt try to generate the certs
<afuentes>
after i enter the token that i got via email it says, "there is already a domain registered with this sandcats key etc..."
<afuentes>
:(
<afuentes>
ive got the keys... maybe i can tell it to reissue the cert without reregistering
<dwrensha>
I vaguely remember people talking about some kind of recovery flow for this situation
<afuentes>
yeah, im kinda following the docs, althou my case is not really documented
<afuentes>
ive got the keys already, im trying to generate the certs that never got issued because on my first installation i told it to run on :6080
n8a has quit [Ping timeout: 250 seconds]
<afuentes>
the keys that supposedly sandstorm uses to recognize me and reissue the cert on a weekly basis :)
jadewang has quit [Remote host closed the connection]
<afuentes>
looking at the apache logs my guess is that im not serving a proper cert for ss.mydomain.com
<afuentes>
sorry, i mean for my.sandcats.io
<afuentes>
im offering a cert for *.my.sandcats.io everytime theres a request for my.sandcats.io
<afuentes>
and i dont think that is a valid cert for that subdomain
<afuentes>
but now im looking at the certs generated by sandcats.io and i cant find one for my.sandcats.io (the base subdomain)
<afuentes>
if i ignore my (admittedly) twisted setup it works fine (aka, using only my.sancats.io), so im not sure that cert is needed at all
<afuentes>
(but then are those petitions going without tls? :S)
<afuentes>
something is missing in my puzzle, and i cant figure it out what :)
<zarvox>
afuentes: the wildcard cert for *.my.sandcats.io should list my.sandcats.io as a Subject Alternate Name and be valid for that domain
jadewang has joined #sandstorm
<afuentes>
zarvox, you are right... so thats not it
jadewang has quit [Ping timeout: 276 seconds]
rustyrazorblade has joined #sandstorm
jparyani has left #sandstorm [#sandstorm]
<afuentes>
okay, i wonder where it gets the 'Host "sandstorm-www.ss.mydomain.com" must have exactly one TXT record.' when accessing ss.mydomain.com
<afuentes>
there is not a reference to mydomain.com anywhere in sandstorm configuration
<zarvox>
Ahh, right. So you're making a request to Sandstorm with Host: ss.mydomain.com, and Sandstorm needs to know what grain's static publishing content to route that to.
rustyrazorblade has quit [Quit: rustyrazorblade]
<zarvox>
So you can glue the pieces together with DNS by adding a DNS TXT record for sandstorm-www.ss.mydomain.com with the public id of the grain whose data should be served.
<afuentes>
kinda
<afuentes>
i think sandstorm-www is a workaround for static sites withing the subdomain or something along those lines
rustyrazorblade has joined #sandstorm
<afuentes>
Id like for ss.mydomain.com is my apache reverse proxy to 127.0.0.1:8060 where my sandstorm is actually running
<afuentes>
i hit that sandstorm-www because is asking for a grain it cant access for some reason... but i cant figure out why it cant get the grain :/
<afuentes>
some piece is missing in my puzzle
<afuentes>
on top of everything I think apache is randomly buffering the logs output and is driving me crazy with this debugging session
<afuentes>
xD
<zarvox>
I'm curious what you're trying to accomplish in the first place, given that Sandstorm doesn't require a reverse proxy at all for HTTPS
larjona has quit [Remote host closed the connection]
<afuentes>
certbot provide a cert for ss.mydomain.com but not for *.ss.mydomain.com. sandcats provide a cert for *.my.sandcats.io needed for the websockets
<zarvox>
ohhhhhhh you are trying to mix primary host and wildcard host
<afuentes>
I grabbed both certs and serving them from apache, and making a reverse proxy to my running sandstorm in 127.0.0.1:6080
<zarvox>
note that when the sandcats cert renews (every ~7 days) you'll have to extract the cert and restart apache, and that we don't really have any hooks for detecting when that happens
<afuentes>
right... from the outside you cant even see the websockets connections, so only mydomain is showing... or at least thats the idea
larjona has joined #sandstorm
<afuentes>
zarvox, yeah, i will deal with that later... I already made some script that parse the json where the certs from sandcat are :)
<afuentes>
but a simply inotify will probably be able to trigger the script and restart reload apache
xet7 has quit [Quit: Leaving]
<zarvox>
Okay, so my understanding of this is:
<zarvox>
BASE_URL needs to be whatever the public-facing URL of the server is going to be. So in your case, https://ss.mydomain.com
xet7_ has joined #sandstorm
<zarvox>
WILDCARD_HOST needs to be whatever the wildcard host is. Since you're using sandcats, I think that's going to look like *.my.sandcats.io:443
<afuentes>
zarvox, im still not sure
<afuentes>
but you are a genious
<afuentes>
only changing the base_url i think is working
xet7 has joined #sandstorm
rustyrazorblade has quit [Read error: Connection reset by peer]
<zarvox>
Either your browser is not sending the cookie that was set on sessionsubdomain.my.sandcats.io, or your reverse proxy is not passing it on.
<zarvox>
Either way, nothing Sandstorm can do about it.
jadewang has joined #sandstorm
<afuentes>
yeah, the error shows in my apache access log
rustyrazorblade_ has quit [Quit: rustyrazorblade_]
xet7 has joined #sandstorm
rustyrazorblade has joined #sandstorm
rustyrazorblade has quit [Client Quit]
rustyrazorblade has joined #sandstorm
rustyrazorblade has quit [Client Quit]
rustyrazorblade has joined #sandstorm
jemc has quit [Ping timeout: 276 seconds]
mnutt has joined #sandstorm
ssttaarrkk has joined #sandstorm
<ssttaarrkk>
Hi!
Telesight has quit [Quit: Leaving.]
<dwrensha>
\o
frigginglorious has quit [Quit: frigginglorious]
xet7 has quit [Quit: Leaving]
rustyrazorblade has quit [Quit: rustyrazorblade]
<afuentes>
zarvox, it was my browser not sending the cookie (i think)
<afuentes>
i tried in another browser without extensions and it worked in my first try
<afuentes>
i do have cookie monster installed in my browser... but it didnt showed any cookie stored or anything similar :S
<afuentes>
slightly weird and im slightly worried too, because i dont know what fixed it xD
<afuentes>
in any case, lets celebrate it by dancing naked
<afuentes>
\o\
<afuentes>
/o/
rustyrazorblade has joined #sandstorm
jparyani has joined #sandstorm
ssttaarrkk has quit [Ping timeout: 246 seconds]
anherrera has joined #sandstorm
xet7 has joined #sandstorm
rustyrazorblade has quit [Ping timeout: 244 seconds]
rustyrazorblade has joined #sandstorm
jacksingleton has quit [Ping timeout: 244 seconds]
<afuentes>
Okay cookie monster show 3rd party cookies on a separate menu... You can temporarily allow them, but then it reloads the page and a new domain is created... and you cant whitelist subdomains
<afuentes>
which makes my setup incopatible with cookie monster