2017-03-12 UTC
KartikPrabhu joined the channel
simon|, GWG-, myfreeweb_ and kline_ joined the channel
miklb, KartikPrabhu, wshakes, barpthewire, tantek, KevinMarks and [kevinmarks] joined the channel
# 09:33 [kevinmarks] Looks clunkier than what I did for this. Why *require* retyping the token?
KevinMarks and barpthewire joined the channel
KevinMarks, stephtara and tantek joined the channel
KevinMarks, [kevinmarks] and KevinMarks_ joined the channel
KevinMarks joined the channel
# 14:03 aaronpk i forgot about xray on appengine... is there an easy way to automate installing the letsencrypt cert on appengine?
# 14:04 aaronpk ah they are apparently testing a new API to upload a cert
KevinMarks and [kevinmarks] joined the channel
KevinMarks and deathrow1 joined the channel
KevinMarks, arush and tantek joined the channel
# 16:28 Zegnat Just move off of AppEngine, aaronpk. That way Loqi might finally learn to read my site ;)
# 16:30 Zegnat Yes, it still shows the weird timeout thing whenever you enter a licit.li URL
KevinMarks and KevinMarks_ joined the channel
# 16:36 Zegnat It does?! Then I really wonder why it is taking appengine so long. I don’t have any issues loading my site, at least
KevinMarks joined the channel
bnvk joined the channel
# 18:02 bnvk aaronpk: what are you doing of late to satiate your mad-science future thinking IRC-Slack hybrid desires?
# 18:17 bnvk aaronpk: okie, just curious as I'm dipping back into hacking on this nodejs web IRC client :)
# 18:18 aaronpk lately my chat experiments have been fixing the Slack/IRC bridge here, and adding a chat widget to my website
# 18:19 bnvk ah, how is that going? What are the components?
# 18:20 bnvk are most users in here actually on Slack?
# 18:22 aaronpk slack people here show up with [] around their nick
# 18:23 aaronpk i guess it's been a couple weeks since I made the changes, but I expanded the Slack bridge to all our channels, fixed emoji mapping from slack :emoji: to real emoji characters, and made slack image uploads show up right in IRC
# 18:25 bnvk ah interesting, similar to Matrix's user[m] thing
[aaronpk] joined the channel
# 18:25 bnvk I like your approach more actually- should try to get Matrix ppl to switch
# 18:26 bnvk it's more clear that [something] is different about this user name, I think
# 18:26 aaronpk i think i can actually probably remove the brackets completely once I get that project to handle IRC->Slack
deathrow1 and arush joined the channel
# 19:16 sknebel another oauth2 question: an authorization endpoint is allowed to modify the scopes granted to an application, and the client should pass them through? E.g. if I want to tell my micropub endpoint that a client app only can create a specific post type, I could add a scope indicating that? Or should I encode it in the token itself?
bnvk joined the channel
# 19:20 aaronpk sknebel: the auth endpoint can modify the scope granted, and the token endpoint indicates the actual scope granted in the token response
# 19:21 aaronpk it doesnt really matter whether that's encoded in the token, unless you want to be able to indicate to the client that a certain post type isn't supported
# 19:22 sknebel (mixed internals of how I'm doing things in the question, and thus got a bit confused)
# 19:23 aaronpk my authorization server doesn't limit tokens by post type, but I can restrict which "channels" a token can post to. that's all opaque to the clients though
# 19:27 sknebel yep, that's what my goal is as well, more or less (bunch of ideas, will see which ones are actually necessary)
# 19:53 jonnybarnes just a quick shout out to aaronpk, I use Let’s Encrypt for my sites, and have a vhost on port 80 that just redirects everything to https
# 19:54 jonnybarnes then I put the .well-known stuff in the sites vhosts and certbot still works
# 19:54 jonnybarnes lets encrypt follows the http->https redirect when renewing certificates
# 19:55 GWG So, as of today, the development version of Webmentions and Semantic Linkbacks both have been changed to not strip fragments
# 19:55 jonnybarnes obviousy if i ever add a new vhost with new domain I temporarily have to disable mt http->https redirect
# 19:55 aaronpk ah yeah i don't want to have to do that, so i have a solution that lets me have everything configured all the time
# 19:55 aaronpk also i have some domains i want to serve over http still
# 19:56 jonnybarnes fair enough, I didn’t like having a http to https block in all my vhosts
# 19:56 aaronpk i actually have a "master" http->https for just the domains i have on letsencrypt with no other fancy stuff
# 19:56 bear reference the server name using _ and use $host in the return
# 19:58 bear will allow for any incoming port 80 to get redirected
# 19:58 bear full version that also sets it as the default would look like:
# 19:59 jonnybarnes so I have on vhost that listens on 80 and does what you just typed bear, then all my other vhosts just listen on 443
# 19:59 bear yes, to pick a nit - "vhost" isn't quite accurate for what nginx does - but it translates mostly
# 20:00 bear aaronpk's uses a location header because he has the .well-known location to manage
# 20:01 bear server is preferred because it conveys the notion that it will be listening on an socket
# 20:01 bear but my shoulder pain is causing me to be more pendantic than normal - vhost is ok
# 20:03 jonnybarnes then all my site vhosts are on 443, and include a .conf that defines the .well-known location
# 20:04 jonnybarnes then when I want a new domain I setup a vhost for the domain listening on 80 and include the same .well-known conf file
# 20:04 bear fortunately I don't add domains all that often any more
# 20:04 aaronpk ah yeah that's where my config saves me a step. I just add the new domain to that block I pasted above.
# 20:04 jonnybarnes and remove the http->https vhost, run certbot, change the vhost to listen on 443 and point at php-fpm etc
# 20:05 bear jonnybarnes - if you list the domains in the servername field you can do it like aaronpk does and then it's a single edit step to add a new domain
# 20:08 jonnybarnes also, that can’t have been fun when you first saw that warning screen aaronpk
# 20:10 aaronpk i'm pretty pleased with my appengine trick this morning
# 20:11 aaronpk had to build the challenge verification into the application so i could get a letsencrypt cert issued on appengine
# 20:13 Loqi aaronpk has 37 karma in this channel (1240 overall)
# 20:13 bear i'm glad LetsEncrypt allows for manual certs
# 20:14 bear you would think google would work with them to automate certs
# 20:14 bnvk aaronpk: XRay looks interesting- is it more of a API guzzler than a scraper?
# 20:15 aaronpk and has support for some services like twitter and instagram. it scrapes instagram, but uses twitter's API
# 20:15 bnvk ah, but has silo-API offerings as well... ok
# 20:16 aaronpk basically all my apps use it now. Loqi uses it to show IRC previews of posts, all my comments and reply context are parsed by it.
jkphl joined the channel
# 20:20 GWG Or more specifically, incorporating pieces of it into other projects
arush joined the channel
# 20:35 GWG arush, you the one with arush.io?
# 21:08 petermolnar I decided to get rid of the redirect html files (meta redirect) and push the redirects directly into nginx
# 21:11 aaronpk there's nothing like .htaccess for nginx is there?
# 21:12 sknebel I probably would solve this by having a webapp that's only tried if there isn't a file found for the request, which then decides to return a redirect or a 404. Or adding a dynamic lookup inside nginx with lua.
# 21:18 petermolnar well, I already have magic.php fallback to try "magic" (replacing _ with -, due to historical changes which looks for matches)
# 21:19 aaronpk i have a small php file that checks a text file for redirects
# 21:28 sknebel even the images in my posts hit my python backend right now. for now it works :P
Guest45617, gRegorLove and KartikPrabhu joined the channel
# 22:40 bear with a bit of Lua you could get nginx to read from redis or a file to handle redirects
[kevinmarks] joined the channel