figbert.com-gemini

[ACTIVE] the capsule and home of figbert in geminispace
git clone git://git.figbert.com/figbert.com-gemini.git
Log | Files | Refs | README

2020-07-04-i-wrote-this-three.gmi (12848B)


      1 # I Wrote This #3
      2 
      3 It appears I'm not that great at keeping a weekly schedule. Right after I published my last post, I started a class on text adventures and have been living and breathing in Inform7 ever since. I've also spent some time working on this site – though I've got even bigger changes coming in the future – learning a few new languages, and listening to a whole lot of music. I think something happened in cybersec too? Oh also I learned how to drive.
      4 
      5 ## Interactive Fiction
      6 
      7 These past few weeks, my main work has been on interactive fiction as part of a summer class for my school. The first week was spent learning the history of text adventures (as I will refer to them for the rest of the article, becuase calling them "interactive fiction" makes me sound like a dick). I gathered a collection of games to play in free time (if I ever have any more of that), from the very first of the genre – Adventure – to modern ones like Lost Pig.
      8 
      9 In the second week, we all made our own text adventures. It was a really interesting experience – drastically different than any other programming I've done. The main thing I struggled with was the semi-NLP style of Inform7. Rather than telling the computer what to do, I felt like I was making suggestions. I also struggled with the editor a bit. Inform7 isn't open source, which means there's only one IDE you can use to program in the language. That would be fine if the IDE was high quality, but I often found it really bad and draining. This was made a little better after I changed the editor colors to be much more vibrant (so I wouldn't fall asleep), but I still felt like it needed some work. Regardless of any struggles along the way, the payoff after the game was finished was huge. Watching my little sister play a text adventure for the first time, one I had made, was awesome.
     10 
     11 
     12 Without further ado, I present to you: 
     13 
     14 => /static/one-angry-wizard.gblorb One Angry Wizard, or the Tentacular Adventures of our Brave Hero through a World Most Strange and Foreign
     15 => http://inform7.com/ Inform7 (text adventure ide)
     16 => http://ccxvii.net/gargoyle/ Gargoyle (text adventure player)
     17 
     18 ## Site Work
     19 
     20 I made some changes that you guys can see, and some other ones behind the scenes.
     21 
     22 ### Joining Webrings
     23 
     24 I first encountered webrings on Hacker News, where I find most of my interesting internet things. From there, I decided to join both the geekring and the Hotline Webring – you can find links to the webrings on the homepage. Joining the Hotline Webring was designed to be supremely easy, but the geekring was a little more complicated. I've never been a big IRC person (though not for lack of trying), and I ended up joining via the HTML form and getting my key via email (I may or may not have confused my number with my private-ish key, and had to use a little bit of bfg magic to fix that).
     25 
     26 => https://geekring.net/ geekring
     27 => https://hotlinewebring.club/ Hotline Webring
     28 
     29 ### Self-Hosting
     30 
     31 My site was previously hosted using a continuous deploy on Netlify. This was a pretty great system for me – all I had to do was commit my code to the GitHub repo, which I was already doing, and then they would take care of everything and serve a great site – here's the kicker – for free.
     32 
     33 This was working really well for me for a while, until I decided to add security headers to the site. I tried doing this in two different ways: using Helmet as described in the Sapper Docs and using Netlify _headers. The Helmet middleware didn't work with Netlify, and I'm honestly not sure why – possibly because of how they host the file server (I'm not sure what/how they server the site), or maybe I just f*cked up somewhere idk JavaScript is hard. Using the Netlify config didn't work either because I'm not a paying subscriber, which wasn't too clear at first. This would probably be solved if I just gave them money, but I'm not going to do that any time soon.
     34 
     35 I decided to move to DigitalOcean and host the site myself (or I guess not totally myself – I don't feel comfortable running it on a Pi from my house just yet) with Caddy. I went with DigitalOcean partially because of their dev-focused business model, but mostly because they're cheap (my droplet is USD$5/month and I get $50 credit with them from the GitHub Student Developer Pack – my first year of hosting for only $10).
     36 
     37 Unfortunately, I didn't quite run the transition too well. It definitely wasn't zero downtime – it was probably more like a-few-hours downtime. I doubt this really affected anyone because of my small audience, but I was still up late working on it. If it had happened a few days later, it might have gotten mixed up with the Cloudflare downtime (I don't use Cloudflare).
     38 
     39 => https://techcrunch.com/2020/07/17/cloudflare-dns-goes-down-taking-a-large-piece-of-the-internet-with-it/ Cloudflare downtime
     40 
     41 My current setup uses a custom CaddyServer configuration to serve my site, which I am absolutely loving so far: it is so much easier to run advanced setups with Caddy than Apache or Nginx. I wanted to move away from Javascript analytics (via GoatCounter) to log-based analytics (via GoAccess) but found that Caddy's structured logs are not supported natively. I'm hoping they'll add it soon though!
     42 
     43 => https://github.com/allinurl/goaccess/issues/1768#issuecomment-646674023 Caddy support potentially coming to GoAccess...
     44 
     45 ### Next Steps
     46 
     47 I've got two major todos for my site in the near future. The first thing I want to do is Dockerize. Using Docker will significantly clean up my current setup, and allow me to host more fun things on the same machine (for example, my own analytics and maybe git). With that said, I probably should get a little better at Docker first... For beginners, Flavio Copes' has a few pretty great posts on the subject.
     48 
     49 => https://flaviocopes.com/tags/docker/ Flavio Copes' Docker series
     50 
     51 The second thing I want to do is a bit of a larger project, and one I'm not yet sure how I'm going to solve it. I've run into some problems with the frameworks I use to develop figbert.com. Sapper generates inline scripts and blobs, which tanks the security of my CSP. Their proposed solution is to inject nonces with JS middleware, but this doesn't work with CaddyServer. I would much rather Sapper avoid inline scripts altogether, but this doesn't seem likely. I really like the freedom that writing static sites in Svelte provides me versus other static site generators, but this could be a dealbreaker. I might talk a look at Routify and see if that's any better.
     52 
     53 I've also been reconsidering using TailwindCSS, however useful it is, after reading some articles on the subject. I attempted to replicate the current look of figbert.com without TailwindCSS, and failed. So I'm probably going to rewrite the site again, though I'm not sure how. Through iteration, we will arrive at a stable version – this one, unfortunately, is not yet it. If I do leave Svelte, which is probably a 50/50 chance at this point, I would probably go either back to Hugo (with some variation of the incredible archie theme) or to Zola.
     54 
     55 => https://www.roguelazer.com/2020/07/etcd-or-why-modern-software-makes-me-sad/ Etcd, or, why modern software makes me sad
     56 => https://johanronsse.be/2020/07/08/why-youll-probably-regret-using-tailwind/ Why you'll probably regret using Tailwind
     57 => https://gohugo.io/ Hugo
     58 => https://github.com/athul/archie archie theme
     59 => https://www.getzola.org/ Zola
     60 
     61 ## Real World Updates
     62 
     63 ### CyberSec
     64 
     65 So, some pretty crazy things have happened. For one, Twitter got hacked by some people from OGUsers who got access to some internal managment tools. This hack, though not necessarily the most technical hack, was super high profile. There were a few really good articles written about the hack, but I also noticed a few people acting in ways that I thought were not appropriate. More specifically, Biran Krebs, who reacted to the hack by repeatedly doxxing the hackers, many of whom are still teenagers. He's received relatively little criticism for doing this, though it appears to be a pattern of behavior.
     66 
     67 => https://techcrunch.com/2020/07/15/twitter-accounts-hacked-crypto-scam/ Techcrunch on the Twitter hack
     68 => https://ogusers.com/ OGUsers
     69 => https://fortenf.org/e/security/2020/07/15/twitter-hack.html No, you couldn't have made more money than the Twitter hacker
     70 
     71 => https://krebsonsecurity.com/ Biran Krebs
     72 => https://krebsonsecurity.com/2020/07/twitter-hacking-for-profit-and-the-lols/ Dox #1
     73 => https://krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/ Dox #2
     74 => https://news.ycombinator.com/item?id=23865035 Little criticism
     75 => https://itwire.com/security/infosec-researchers-slam-ex-wapo-man-krebs-over-doxxing.html A pattern of behavior
     76 
     77 There was also a brief mention of a new macOS malware, but judging by the lack of further publicity it's probably not that common in the wild. That, or people don't care because it's spread mainly through torrenting sites and they don't want to protect people they perceived to be morally below them – which is wrong, obviously.
     78 
     79 => https://www.wired.com/story/new-mac-ransomware-thiefquest-evilquest/ Wired on macOS malware
     80 
     81 ### Driving
     82 
     83 I learned how to drive! Or rather, I got kind-of licensed to drive a car in the US. I've been driving around a lot lately as something fun I can do to pass time in quarantine, and last week I finished my online driver's ed course and got my learner's permit. It was a surprisingly simple and COVID-friendly process! The most complicated/least COVID-friendly part was going to the DMV to take the written test, but I wore a mask and gloves and glared at anybody who got remotely close to me. The next steps are much more dangerous to do during a pandemic, but we have a year to complete them so we're going to delay them (some in-person driver's training and the driver's test) for a bit. For now though, I have a piece of paper that says I can learn to drive!
     84 
     85 ### Better Platforms
     86 
     87 I've also taken some time to focus on decentralization. I've had a Mastodon account for a while, but I rarely used it. I didn't have a mobile client, and I almost never use social media on my computers. To help change my behaviour I downloaded Mast, a paid Mastodon client for the Apple ecosystem. I went with Mast mostly because it's gorgeous – and open source – which is something I value in the apps I use. Apps that look really nice are fantastic inspiration for my own apps' designs, and this one is no exception.
     88 
     89 => https://fosstodon.org/@figbert Mastodon account
     90 => https://apps.apple.com/us/app/mast/id1437429129 Mast on the App Store
     91 => https://github.com/tiagomartinho/Mast2 Mast source on Github
     92 
     93 I've also started using three other apps much more heavily recently: Feedly, Octal, and Element. Feedly is a fantastic RSS reader, which helps me keep track of all the interesting blogs that I find online (I read somewhere about self-hosting an RSS reader, which sounds pretty cool, but I forget what it was called). Octal is a HN client for iOS, which is really handy for keeping up with my favorite tech news when I'm away from my computer. Element (previously Riot), is the first-party Matrix client that makes using a decentralized E2EE chat service feel better than Discord. I love it. In an ideal world where I could choose the tools I use to communicate with people, I would only use Signal and Element/Matrix (for replacing iMessage and Discord/Slack, respectively).
     94 
     95 => https://feedly.com/ Feedly
     96 => https://apps.apple.com/us/app/octal/id1308885491 Octal
     97 => https://element.io/ Element
     98 => https://matrix.org/ Matrix
     99 
    100 ### Music
    101 
    102 Oh my god there's so much new music.
    103 
    104 * Jonny by Bar Tsabari
    105 * Kukuriku by Eden Ben Zaken and Omer Adam
    106 * Ta'azri et Atzmech by Dekel Vaknin
    107 * Sivuvim by Eden Hason
    108 * Lecha Dodi by Moshe Peretz and others
    109 * Haravot BaPita (Album) by Peled
    110 * Magevet BaAvir by Noroz
    111 * Nadav_15 by Shekel
    112 * Moshe by Narkis and Miri Mesikah
    113 * Tik Tok by Mohamed Ramadan and Super Sako
    114 * Aliyato VeNiflato Shel Shem Tov Hevi by Tamir Bar
    115 * Falafel Pop (Album) by Quarter to Africa
    116 * Lama Kacha Atzuva by Idan Raichel and Stav Beger
    117 * Kapara by Kevin Robin and Rotem Cohen
    118 * Ehad HaAm by Aya Zahavi Fayglin
    119 
    120 ## Wrapup
    121 
    122 I hope you enjoyed reading this update! I know it's much longer than usual, and I'll try and keep them shorter than this from now on. I plan on uploaded more short, topic-focused articles rather than just updates, but those will come soon. For now though, I need to focus on knocking out some of the larger projects that I'm working on. I keep finding cool and interesting things to do, and I need to work on finishing the ones that I've already started!
    123 
    124 Salamat,
    125 FIGBERT
    126