@movq@www.uninformativ.de i’ve wondered the same thing.. dansup can be pretty erratic and i don’t really trust the guy. thankfully (at least from my perspective) he’s not the only game in town. though i think going UI-first is kind of jumping the gun. the fediverse doesn’t really have the infrastructure in place to support video publishing at the scale that a tiktok user might expect. based on some of dansups statements regarding palestine, i’m sure its partially an effort to control what kind of content makes it into fedi’s tiktok streams for the first while.

Image

it literally does, but i’ll leave it as a mystery for you ponder.

its offline atm, but my usual setup basically makes my xmpp server into a bouncer (biboumi) and my xmpp client just does its normal thing to read the irc backlog as server-side message history.

the test would be: how often does unwanted content get pushed on your feed? do incongruent posters easily disrupt harmonious connections? &c. less about the community, more about how the social dynamics play out as various groups and individuals interact.

wtf shut up that’s cool https://www.lilygo.cc/products/t-lora-c6?variant=44447591923893

i’ve observed that (decentralized) social platforms that encourage promiscuous follow behavior frequently run into this issue. there are lots of grumpy people out there and people who use social media to vent or let off steam. i know people worry about siloes, but i think that actually is an expression of FOMO and anxiety over being ignored by the ‘cool kids’. what i rarely see is media platforms that embrace the reality of bubbles and give users the ability to form healthy social connections and curate content that they enjoy.

Image

doing less things. doing things well.

i am here to ruin your gender https://paper.wf/typhotic-iceberg/ruin-gender

thank you gemini for continuing to inspire me to think smol

i might take the plunge and rebuild my server this weekend

looking at history for context on how the UN handles apartheid: https://www.sahistory.org.za/article/united-nations-and-apartheid-timeline-1946-1994 which seems to imply that we have a difficult fight ahead without the support of the security council…

There is a pressing need to hold Israel accountable, not only for its longstanding violations of international law, but specifically for its longstanding refusal to abide by its Charter obligations. In the face of this recalcitrance, the UN must move towards expelling Israel from the organization, not only because the UN exists to uphold international law, but also to maintain the UN’s integrity as an organization. The persistent, open violations by Israel of binding UNSC resolutions cannot go unpunished. The current situation, where Israel openly accuses the UN of bias, refuses to cooperate with the organization on multitude levels, defies binding orders of the ICJ, physically attacks UN premises and staff, and even moves towards designating a UN agency as a terrorist organization, is a clear threat to the authority of the UN – an issue which the UNSC raised explicitly in the case of South Africa. To allow the situation to continue would show that international legal norms, and rules of the UN binding member states, are applied on the basis of double standards: specifically, that states allied to powerful Western countries are afforded impunity. https://opiniojuris.org/2024/10/09/israel-must-be-expelled-from-the-united-nations/

similar to data packets in NDN, each message has multiple names. a true name, which is an encoded cryptographic hash of the file itself. we call this kind of information self-certifying. given a true name, you can find a file and verify its integrity. additionally, agents can associate a self-certifying name with a pet name or subjective label of their choosing and share it with their friends/peers. zoko’s triangle can suck it. gemini://sunshinegardens.org/~xjix/wiki/cryptogen–specification/

once the minibase work is done and i have my testnet up, i can start to consider the question of brokerless pub/sub. i found state vector sync pub sub in the name-data research and i wonder what a toy version of that would look like. i started work on a demo of gemini pub/sub as a soft fork of molly-brown we we’ll see where that takes me!

minibase has a network security architecture with a number of overlapping layers of protection. first, routers and discovery endpoints either require a password or an authorized public key to accept traffic. this setup restricts who can reach the endpoints to an extent, but peering with enough third parties with less restrictive policies will practically allow global routing. since this is a possible policy choice, minibase also requires internal traffic to be authenticated. overlay traffic is automatically encrypted by yggdrasil, but applications should still treat the traffic like its clearnet and use tls. currently i’m requiring a dns acme challenge to generate wildcard certs, but eventually it might make sense to scope the certificates to the specific service its associated with. we don’t have much config generation in the nix modules yet, but something like this should be possible eventually. i’m working on configurations for ory oathkeeper, hydra, and kratos to provide a federated auth framework that your network services and minibase configs can integrate with.

so i learned that my vpn provider uses nftables to tag traffic for split tunnelling. so it looks like i’ll be converting my iptables rules. there’s some implication for docker containers that i’ll have to reckon with, but i’m already nesting them inside a nixos container so i don’t really need docker to touch the network at all. after that i’ll be able to define some rules to allow traffic meant for the yggdrasil network to reach the tunnel. this will be important later.

freebsd makes a lovely server os, nixing it would be fucking excellent. i wonder if they ported systemd? shit’s making me curious

i don’t normally reach for go when starting a project, but this pubsub gemini thing seems like a great addition to ~solderpunk/molly-brown and i was already intended on adding titan support so i might as well get familiar with the codebase.

nixbsd is taking a long time to build, but that’s expected. i guess a fast machine can do it in just 8h. might be about time to get my binary cache setup. my machine can only handle max-jobs=2 :(

gemini calls the request-response cycle a transaction in the spec. since trasactions are not cached, we have this problem where we can’t tell if anything was updated without fetching it and we can’t indicate how often a client should expect the content to be valid. the most common solution right now to just to keep requesting the resource until it changes or stops existing, which isn’t ideal. this sort of update notification model is interesting because it re-frames your thinking into something more like event sourcing. you end up needing to add an event queue and dispatch to the server, which is a bit more complex on the server side than plain static files, but the client stays the same. i’m curious to see what kind of systems could be built on this gemini message queue concept.

zmq seems like an interesting tool for building task queues and other types of messaging apps. the other option i’m looking at is rabbitmq which has some interesting features like mqtt bridges and federation, but as a result involves a broker. i would like to eventually have all of the ships systems (or at least on the inter-system boundary) communicate over a brokerless messaging protocol. off the shelf env devices and trackers all communicate over an mqtt bridge so some brokering is probably unavoidable without getting into fully custom tech, but that’ll blow the budget.

that’s a neat solution to the dead old feeds problem. pull-once-once-on-notify seems to fit the gemini tx model better than scraping pages on a cron timer. i don’t have a mechanism in my setup to produce that event yet other than the cron that rebuilds the capsule periodically, but that’s just a stand-in for not having any CI rn and especially not a CI that works with fossil.

time to give nixbsd a spin

End the apartheid, End the war. #FreePalestine

FIN?

if twtxt 2 is dropping gemini support, i will probably move on and spend more time on my gemini social zine protocol instead. i think the direction of the protocol is probably fine, but for me web is a tier 2 publishing channel. if the choice is between gemini and http i’m always going to pick gemini. its been a fun ride, but i guess this is where i get off.

experimenting with litefs has been really interesting. i’m still learning about consul, so nothing distributed is happening yet. so far i have a setup that shares a virtual filesystem with a set of nixos containers running ejabberd and redka. soon some ory services for auth and security which also support sqlite will join the party, but those require higher availability that i can manage with my current deployment. the big server needs to me migrated before security can come online.

cloning nixpkgs is way too difficult, none of my local machines could even do it

decentralization of nixos https://discourse.nixos.org/t/monorepos-dont-map-to-our-social-structure/44162/5

flakes arent real https://jade.fyi/blog/flakes-arent-real/

i have been using grapheneos for a long time (maybe 7 years now?) and i would fully reccomend it to anyone who is OK with buying a new pixel device to run it on. the install instructions are really easy to follow and can be executed on any device that supports WebUSB https://grapheneos.org/install/web

afaik nobody has done this, but i really need some numbers that can indicate the relative performance of various git servers (cgit, gitea, gitlab) on comparable hardware. cgit claims to be hyperfast, but what does that mean in practice?

the first version of the minibase flake cdn is online as of today. more details on how this is populated and funded will be coming along soon. currently minibase includes a very small selection of packages, but you can install them using the experimental flakes feature today! https://src.cyb.red/

so this path has been trod and its bad lmao https://web.archive.org/web/20230926192451/https://gemini.spam.works/~emery/sigil-report.gmi

so it looks like genode has taken some inspiration from nix.. that’s a rabbit-hole for another time https://genode.org/documentation/developer-resources/package_management

tw.txt is fun because its a hackers distributed system. simple, with lots of sharp edges to keep things interesting. i hope we don’t go chasing mass-appeal because it’ll make writing my own crappy tw.txt services un-fun and pointless since i can barely keep up with the current somewhat glacial pace of development.

it would be interesting to build a new nixpkgs based on a totally different base system. like, genode (sel4+) that can take the interesting security properties of nix and apply them to a non-posix secure-by-construction type of OS

Image

thinking about moving some of my services to dependable third parties.. I love to host my own stuff, but I need to have at least some backups. esp for stuff that mostly serves as an alias.

hmm seems like movim is a little too fancy to run on a shared hosting with no daemons..

I wonder if bento has slightly missed the key to being a total genius approach to host management. ok hear me out. each node periodically pulls configuration from a coordination node that hosts a binary cache. the admin may make changes and pre-build them maybe kick off an update task manually if they want, but the point is there’s an automated checkin. for my case, the device I have available for coordination isn’t really capable of hosting a binary cache for any of my other machines. the nix store for my dev machine is larger than the entire disk of the coordinator! and due to the yearly heat my best machine can’t be reliably powered on all the time. so i started thinking to myself, “self, what if instead of having a central coordinator we fetched configuration from a reliable git mirror (maybe git+torrent some day) and consume it as a flake. the source could even be swapped out using a flake registry (so you don’t even have to commit to self-hosting anything other than a json file). then managed hosts only have to be setup to consume the registry and the shared flake (which registers the update agent) and DONE?”

if you want your computer to be able to sleep, you’ll need a measuring tape and a scientific calculator. first, measure each byte that you have in RAM and take the square root. add that to your total length. we’ll need that number later on.

twts are immutable in the sense that a twt is its own identifier. you might think that a twt can be modified, but what’s really happening is a delete and redraft operation. an edit would require you to append a special twt that says that old twt was actually meant to say this other thing, here’s the twthash please hide my shame in the UI.

RT https://hispagatos.space/@argumento/113092655322062316

rm -fr, remove french-style: merciless colonizer. thief and destroyer of worlds.

maybe i’m overly restrained when it comes to making changes in a codebase, but i do a lot of the work in my head before committing to code.

running grey until after dark, it’ll be around 40C until tuesday in the daytime so I can’t really run the main server while I’m sat in my office. i’ll have some pine quartz blades or my quattro arrays up some day to handle the lower power stuff so running grey doesn’t mean the whole system is offline.

i know i can’t keep living in this dead or dying dream..