#dev 2017-03-12

2017-03-12 UTC
KartikPrabhu joined the channel
#
@uoiae
@3zaru Webmention Webmention Webmention
(twitter.com/_/status/840749045010321409)
#
sknebel
woah, Loqi, which bot nest did you find there?!
simon|, GWG-, myfreeweb_ and kline_ joined the channel
#
@jevdemon
Password-less login is an interesting idea. It's too bad the author is apparently unaware of IndieAuth. https://medium.com/findworkco/password-less-login-df0354c3f3ee#.pnxmjbomu
(twitter.com/_/status/840773596054134785)
miklb, KartikPrabhu, wshakes, barpthewire, tantek, KevinMarks and [kevinmarks] joined the channel
#
[kevinmarks]
Looks clunkier than what I did for this. Why *require* retyping the token?
KevinMarks and barpthewire joined the channel
#
jonnybarnes.uk
edited /DNSSEC (+118) "Add an examples section"
(view diff)
#
jonnybarnes
did I add an examples section correctly?
KevinMarks, stephtara and tantek joined the channel
KevinMarks, [kevinmarks] and KevinMarks_ joined the channel
#
calumryan.com
edited /events/2017-03-22-homebrew-website-club (-18) "/* London */ Adding RSVP for London"
(view diff)
#
jonnybarnes.uk
edited /DNSSEC (+17) "Add a dfn tag"
(view diff)
KevinMarks joined the channel
#
aaronpk
i forgot about xray on appengine... is there an easy way to automate installing the letsencrypt cert on appengine?
#
aaronpk
ah they are apparently testing a new API to upload a cert
KevinMarks and [kevinmarks] joined the channel
#
[kevinmarks]
That's s long lived bug
KevinMarks and deathrow1 joined the channel
#
petermolnar
recently saw a 17 year old bug in Thunderbird... "long lived"
KevinMarks, arush and tantek joined the channel
#
Zegnat
Just move off of AppEngine, aaronpk. That way Loqi might finally learn to read my site ;)
#
aaronpk
is that still a problem?
#
Zegnat
Yes, it still shows the weird timeout thing whenever you enter a licit.li URL
#
aaronpk
that's so weird
#
aaronpk
if i increase the timeout then it works
KevinMarks and KevinMarks_ joined the channel
#
Zegnat
It does?! Then I really wonder why it is taking appengine so long. I don’t have any issues loading my site, at least
KevinMarks joined the channel
#
@megarush1024
Still trying to nail down why WordPress isn’t receiving webmentions from Bridgy. I’ve double-checked all… http://www.arush.io/?name=43649
(twitter.com/_/status/840972310710484992)
bnvk joined the channel
#
bnvk
aaronpk: what are you doing of late to satiate your mad-science future thinking IRC-Slack hybrid desires?
#
aaronpk
i haven't really made any progress on that
#
bnvk
aaronpk: okie, just curious as I'm dipping back into hacking on this nodejs web IRC client :)
#
aaronpk
ah cool
#
aaronpk
lately my chat experiments have been fixing the Slack/IRC bridge here, and adding a chat widget to my website
#
bnvk
ah, how is that going? What are the components?
#
bnvk
are most users in here actually on Slack?
#
aaronpk
slack people here show up with [] around their nick
#
aaronpk
i guess it's been a couple weeks since I made the changes, but I expanded the Slack bridge to all our channels, fixed emoji mapping from slack :emoji: to real emoji characters, and made slack image uploads show up right in IRC
#
bnvk
ah as in [slack-user] ?
#
bnvk
ah interesting, similar to Matrix's user[m] thing
[aaronpk] joined the channel
#
[aaronpk]
like this
#
bnvk
I like your approach more actually- should try to get Matrix ppl to switch
#
bnvk
it's more clear that [something] is different about this user name, I think
#
aaronpk
i think i can actually probably remove the brackets completely once I get that project to handle IRC->Slack
#
aaronpk
(Loqi is doing IRC->Slack right now)
#
bnvk
that Loqi, such a good chap
#
bnvk
waves to Loqi
deathrow1 and arush joined the channel
#
sknebel
another oauth2 question: an authorization endpoint is allowed to modify the scopes granted to an application, and the client should pass them through? E.g. if I want to tell my micropub endpoint that a client app only can create a specific post type, I could add a scope indicating that? Or should I encode it in the token itself?
bnvk joined the channel
#
aaronpk
sknebel: the auth endpoint can modify the scope granted, and the token endpoint indicates the actual scope granted in the token response
#
aaronpk
it doesnt really matter whether that's encoded in the token, unless you want to be able to indicate to the client that a certain post type isn't supported
#
sknebel
ok, thanks
#
sknebel
(mixed internals of how I'm doing things in the question, and thus got a bit confused)
#
aaronpk
my authorization server doesn't limit tokens by post type, but I can restrict which "channels" a token can post to. that's all opaque to the clients though
#
sknebel
ok, I think my confusion is cleared up, thanks
#
aaronparecki.com
edited /p3k (+200) "add authorization server screenshot"
(view diff)
#
sknebel
yep, that's what my goal is as well, more or less (bunch of ideas, will see which ones are actually necessary)
#
GWG
Good day
#
jonnybarnes
just a quick shout out to aaronpk, I use Let’s Encrypt for my sites, and have a vhost on port 80 that just redirects everything to https
#
jonnybarnes
then I put the .well-known stuff in the sites vhosts and certbot still works
#
aaronpk
me too :)
#
jonnybarnes
lets encrypt follows the http->https redirect when renewing certificates
#
GWG
So, as of today, the development version of Webmentions and Semantic Linkbacks both have been changed to not strip fragments
#
jonnybarnes
obviousy if i ever add a new vhost with new domain I temporarily have to disable mt http->https redirect
#
aaronpk
ah yeah i don't want to have to do that, so i have a solution that lets me have everything configured all the time
#
aaronpk
also i have some domains i want to serve over http still
#
aaronpk
none of this helps for appengine tho ;-)
#
jonnybarnes
fair enough, I didn’t like having a http to https block in all my vhosts
#
jonnybarnes
it seemed a little redundant
#
bear
you don't have to with nginx
#
aaronpk
i actually have a "master" http->https for just the domains i have on letsencrypt with no other fancy stuff
#
aaronpk
with a bunch of names in the "server" line
#
bear
reference the server name using _ and use $host in the return
#
jonnybarnes
bear: what do you mean?
#
bear
server_name _;
#
bear
that along with a listen 80
#
bear
will allow for any incoming port 80 to get redirected
#
bear
full version that also sets it as the default would look like:
#
bear
server {
#
bear
listen 80 default_server;
#
bear
listen [::]:80 default_server;
#
bear
server_name _;
#
jonnybarnes
so I have on vhost that listens on 80 and does what you just typed bear, then all my other vhosts just listen on 443
#
bear
yes, to pick a nit - "vhost" isn't quite accurate for what nginx does - but it translates mostly
#
@John316Network
https://booklaunch.io/llwroberts/thedoor - The Door is free. #IARTG #Kindleebooks #mustread #readers #Kindletouch #indieauth #IAN1pic.twitter.com/8LCenVAYrJ
(twitter.com/_/status/841015917463011328)
#
jonnybarnes
but aaronpk is doing something slightly different
#
jonnybarnes
what’s the correct term bear?
#
jonnybarnes
just curious
#
bear
aaronpk's uses a location header because he has the .well-known location to manage
#
bear
so you need a second location for /
#
bear
server is preferred because it conveys the notion that it will be listening on an socket
#
bear
but my shoulder pain is causing me to be more pendantic than normal - vhost is ok
#
jonnybarnes
err, yeah, I have the http->https vhost listening on 80
#
jonnybarnes
then all my site vhosts are on 443, and include a .conf that defines the .well-known location
#
jonnybarnes
so certbot renew always works
#
aaronpk
i just let the certbot renew happen on http
#
bear
that's how I have mine setup also
#
jonnybarnes
then when I want a new domain I setup a vhost for the domain listening on 80 and include the same .well-known conf file
#
bear
fortunately I don't add domains all that often any more
#
aaronpk
ah yeah that's where my config saves me a step. I just add the new domain to that block I pasted above.
#
jonnybarnes
and remove the http->https vhost, run certbot, change the vhost to listen on 443 and point at php-fpm etc
#
jonnybarnes
and add the http->https vhost again
#
jonnybarnes
also I don’t add domains/sub-domains often
#
bear
jonnybarnes - if you list the domains in the servername field you can do it like aaronpk does and then it's a single edit step to add a new domain
#
jonnybarnes
also, that can’t have been fun when you first saw that warning screen aaronpk
#
aaronpk
heh yeah
#
aaronpk
i'm pretty pleased with my appengine trick this morning
#
bear
route around something?
#
aaronpk
had to build the challenge verification into the application so i could get a letsencrypt cert issued on appengine
#
bear
oh - that is a nifty hack
#
bear
aaronpk++ for great docs
#
Loqi
aaronpk has 37 karma in this channel (1240 overall)
#
bear
i'm glad LetsEncrypt allows for manual certs
#
bear
you would think google would work with them to automate certs
#
bnvk
aaronpk: XRay looks interesting- is it more of a API guzzler than a scraper?
#
aaronpk
bnvk: it's primarily an h-entry parser
#
aaronpk
and has support for some services like twitter and instagram. it scrapes instagram, but uses twitter's API
#
bnvk
ah, but has silo-API offerings as well... ok
#
bnvk
I see
#
aaronpk
basically all my apps use it now. Loqi uses it to show IRC previews of posts, all my comments and reply context are parsed by it.
#
aaronpk
all comments on webmention.io are parsed by it
#
GWG
aaronpk, I love xray
jkphl joined the channel
#
GWG
Or more specifically, incorporating pieces of it into other projects
#
GWG
Which reminds me...
arush joined the channel
#
GWG
arush, you the one with arush.io?
#
petermolnar
I decided to get rid of the redirect html files (meta redirect) and push the redirects directly into nginx
#
petermolnar
which sucks, because nginx needs root reload on config change
#
petermolnar
but it's fast and lets me get rid of a lot of symlinks and files
#
petermolnar
and also returns the correct http codes
#
aaronpk
there's nothing like .htaccess for nginx is there?
#
sknebel
I probably would solve this by having a webapp that's only tried if there isn't a file found for the request, which then decides to return a redirect or a 404. Or adding a dynamic lookup inside nginx with lua.
#
sknebel
but generating nginx config also works
#
petermolnar
well, I already have magic.php fallback to try "magic" (replacing _ with -, due to historical changes which looks for matches)
#
petermolnar
I could drop that in there instead
#
aaronpk
i have a small php file that checks a text file for redirects
#
aaronpk
my text file looks like a bunch of lines like "/from-url /to-url"
#
petermolnar
this might be a better approach in the end, yes
#
aaronpk
it's technically way slower but meh
#
sknebel
even the images in my posts hit my python backend right now. for now it works :P
#
sknebel
(it doesn't serve the images itself, but still)
Guest45617, gRegorLove and KartikPrabhu joined the channel
#
bear
with a bit of Lua you could get nginx to read from redis or a file to handle redirects
[kevinmarks] joined the channel