index.md (14924B)
1 +++ 2 title = "I Wrote This #3" 3 date = 2020-07-04 4 updated = 2022-06-14 5 +++ 6 7 It appears I'm not that great at keeping a weekly schedule. Right after 8 I published my last post, I started a class on text adventures and have 9 been living and breathing in [Inform7] ever since. I've also spent some 10 time working on this site – though I've got even bigger changes coming 11 in the future – learning a few new languages, and listening to a whole 12 lot of music. I think [something happened in cybersec] too? Oh also I 13 learned how to drive. 14 15 <!-- more --> 16 17 ## Interactive Fiction 18 19 These past few weeks, my main work has been on interactive fiction as 20 part of a summer class for my school. The first week was spent learning 21 the history of text adventures (as I will refer to them for the rest of 22 the article, becuase calling them "interactive fiction" makes me sound 23 like ~~a dick~~ a snob). I gathered a collection of games to play in my 24 free time (if I ever have any more of that), from the very first of the 25 genre – Adventure – to modern ones like Lost Pig. 26 27 ![My collection of text adventures: Adventure, Bronze, Counterfeit 28 Monkey, Curses, Hitchhiker's Guide to the Galaxy, Lost Pig, and 29 Slouching Towards Bedlam](collection.png) 30 31 In the second week, we all made our own text adventures. It was a really 32 interesting experience – drastically different than any other 33 programming I've done. The main thing I struggled with was the semi-NLP 34 style of [Inform7]. Rather than telling the computer what to do, I felt 35 like I was making suggestions. I also struggled with the editor a bit. 36 Inform7 isn't open source, which means there's only one IDE you can use 37 to program in the language. That would be fine if the IDE was high 38 quality, but I often found it ~~really bad and draining~~ mediocre. This 39 was made a little better after I changed the editor colors to be much 40 more vibrant ~~so I wouldn't fall asleep~~, but I still felt like it 41 needed some work. Regardless of any struggles along the way, the payoff 42 after the game was finished was huge. Watching my little sister play a 43 text adventure for the first time, *one I had made*, was awesome. 44 45 Without further ado, I present to you: *One Angry Wizard, or the 46 Tentacular Adventures of our Brave Hero through a World Most Strange and 47 Foreign*. You can download [the .gblorb here]. 48 49 50 ## Site Work 51 52 I made some changes that you guys can see, and some other ones behind 53 the scenes. 54 55 ### Joining Webrings 56 57 I first encountered webrings [on Hacker News], where I find most of my 58 interesting internet things. From there, I decided to join both the 59 [geekring] and the [Hotline Webring] – you can find links to the 60 webrings in the nav on every page. Joining the Hotline Webring was 61 designed to be supremely easy, but the geekring was a little more 62 complicated. I've never been a big IRC person (though not for lack of 63 trying), and I ended up joining via the HTML form and getting my key via 64 email. ~~I may or may not have confused my number with my private-ish 65 key, and had to use a little bit of [bfg] magic to fix that.~~ 66 67 **EDIT:** I would now very much consider myself a big IRC person. 68 69 ### Self-Hosting 70 71 My site was previously hosted using a continuous deploy on [Netlify]. 72 This was a pretty great system for me – all I had to do was commit my 73 code to the GitHub repo, which I was already doing, and the they would 74 take care of everything and serve a great site – here's the kicker – 75 **for free**. This was working really well for me for a while, until I 76 decided to add security headers to the site. I tried doing this in two 77 different ways: using [Helmet] as described [in the Sapper Docs] and 78 using Netlify [\_headers]. The Helmet middleware didn't work with 79 Netlify, and I'm honestly not sure why – possibly because of how they 80 host the file server (I'm not sure what/how they serve the site), or 81 maybe I just f\*cked up somewhere idk JavaScript is hard. Using the 82 Netlify config didn't work either because I'm not a paying subscriber, 83 which wasn't too clear at first. This would probably be solved if I just 84 gave them money, but I'm not going to do that any time soon. 85 86 I decided to move to [DigitalOcean] and host the site myself (or I guess 87 not totally myself – I don't feel comfortable running it on a Pi from my 88 house just yet) with [Caddy]. I went with DigitalOcean partially because 89 of their dev-focused business model, but mostly because they're cheap 90 (my droplet is USD$5/month and I get $50 credit with them from the 91 [GitHub Student Developer Pack] – my first year of hosting for only 92 $10). 93 94 Unfortunately, I didn't quite run the transition too well. It definitely 95 wasn't zero downtime – it was probably more like a-few-hours downtime. I 96 doubt this really affected anyone because of my small audience, but I 97 was still up late working on it. If it had happened a few days later, it 98 might have gotten mixed up with the [Cloudflare downtime] (I don't use 99 Cloudflare). 100 101 My current setup uses a custom CaddyServer configuration to serve my 102 site, which I am absolutely loving so far: it is so much easier to run 103 advanced setups with Caddy than Apache or Nginx. I wanted to move away 104 from Javascript analytics (via [GoatCounter]) to log-based analytics 105 (via [GoAccess]) but found that Caddy's structured logs are not 106 supported natively. I'm hoping [they'll add it] soon though! Also, I 107 stumbled on [this article] while writing this, and may check that out. 108 109 ### Next Steps 110 111 I've got two major todos for my site in the near future. The first thing 112 I want to do is Dockerize. Using Docker will significantly clean up my 113 current setup, and allow me to host more fun things on the same machine 114 (for example, [my own analytics] and maybe [git]). With that said, I 115 probably should get a little better at Docker first... For beginners, 116 [Flavio Copes'] has a few pretty great posts on the subject. 117 118 The second thing I want to do is a bit of a larger project, and one I'm 119 not yet sure how I'm going to solve. I've run into some problems with 120 the frameworks I use to develop [figbert.com]. Sapper generates inline 121 scripts and blobs, which tanks the security of my CSP. [Their proposed 122 solution][in the Sapper Docs] is to inject nonces with JS middleware, 123 but this doesn't work with CaddyServer. I would much rather Sapper 124 [avoid inline scripts] altogether, but this doesn't seem likely. I 125 really like the freedom that writing static sites in Svelte provides me 126 versus other static site generators, but this could be a dealbreaker. I 127 might talk a look at [Routify] and see if that's any better. I've also 128 been reconsidering using TailwindCSS, however useful it is, after 129 reading [these] three[^1] [articles]. I attempted to replicate the 130 current look of [figbert.com] without TailwindCSS, and failed. So I'm 131 probably going to rewrite the site again, though I'm not sure how. 132 Through iteration, we will arrive at a stable version – this one, 133 unfortunately, is not yet it. If I do leave Svelte, which is probably a 134 50/50 chance at this point, I would probably go either back to [Hugo] 135 (with some variation of the incredible [archie] theme) or to [Zola]. 136 137 ## Real World Updates 138 139 ### CyberSec 140 141 So, some pretty crazy things have happened. For one, [Twitter got 142 hacked][something happened in cybersec] by some people from OGUsers who 143 got access to some internal managment tools. This hack, though not 144 necessarily the most technical, was super high profile. There were a few 145 [really good articles] written about the hack, but I also noticed a few 146 people acting in ways that I thought were not appropriate. More 147 specifically, [Brian Krebs], who reacted to the hack by [repeatedly] 148 [doxxing] the hackers, many of whom are still teenagers. He's received 149 relatively little [criticism] for doing this, though it appears to be [a 150 pattern of behavior]. 151 152 There was also a brief mention of a new [macOS malware], but judging by 153 the lack of further publicity it's probably not that common in the wild. 154 That, or people don't care because it's spread mainly through torrenting 155 sites and they don't want to protect people they perceived to be morally 156 beneath them – which is wrong, obviously. 157 158 ### Driving 159 160 I learned how to drive! Or rather, I got kind-of licensed to drive a car 161 in the US. I've been driving around a lot lately as something fun I can 162 do to pass time in quarantine, and last week I finished my online 163 driver's ed course and got my learner's permit. It was a surprisingly 164 simple and COVID-friendly process! The most complicated/least 165 COVID-friendly part was going to the DMV to take the written test, but I 166 wore a mask and gloves and glared at anybody who got remotely close to 167 me. The next steps are much more dangerous to do during a pandemic, but 168 we have a year to complete them so we're going to delay them (some 169 in-person driver's training and the driver's test) for a bit. For now 170 though, I have a piece of paper that says I can learn to drive! 171 172 ### Better Platforms 173 174 I've also taken some time to focus on decentralization. I've had a 175 [Mastodon account] for a while, but I rarely used it. I didn't have a 176 mobile client, and I almost never use social media on my computers. To 177 help change my behaviour I downloaded [Mast], a paid Mastodon client for 178 the Apple ecosystem. I went with Mast mostly because it's absolutely 179 *gorgeous* – and [open source] – which is something I value in the apps 180 I use. Apps that look really nice are fantastic inspiration for my own 181 apps' designs, and this one is no exception. 182 183 I've also started using three other apps much more heavily recently: 184 [Feedly], [Octal], and [Element]. Feedly is a fantastic RSS reader, 185 which helps me keep track of all the interesting blogs that I find 186 online (I read somewhere about self-hosting an RSS reader, which sounds 187 pretty cool, but I forget what it was called). Octal is a HN client for 188 iOS, which is really handy for keeping up with my favorite tech news 189 when I'm away from my computer. Element (previously Riot), is the 190 first-party [Matrix] client that makes using a decentralized E2EE chat 191 service feel better than Discord. I love it. In an ideal world where I 192 could choose the tools I use to communicate with people, I would only 193 use Signal and Element/Matrix (for replacing iMessage and Discord/Slack, 194 respectively). 195 196 ### Music 197 198 Oh my god there's so much new music. 199 * [Jonny by Bar Tsabari](https://www.youtube.com/watch?v=52CzYCmJFD8) 200 * [Kukuriku by Eden Ben Zaken and Omer Adam](https://www.youtube.com/watch?v=d60H5D9GefE) 201 * [Ta'azri et Atzmech by Dekel Vaknin](https://www.youtube.com/watch?v=_Vs-1s2BtJA) 202 * [Sivuvim by Eden Hason](https://www.youtube.com/watch?v=ZTNmNJnvdzc) 203 * [Lecha Dodi by Moshe Peretz and others](https://www.youtube.com/watch?v=2AWLqffzR9k) 204 * [Haravot BaPita (Album) by Peled](https://www.youtube.com/watch?v=NV3e7d1bELI&list=OLAK5uy_kMpEzEcDVrgK_muDGEoy2r-iTxWbCKet0) 205 * [Magevet BaAvir by Noroz](https://www.youtube.com/watch?v=5_5PtfmoIQk) 206 * [Nadav\_15 by Shekel](https://www.youtube.com/watch?v=_wIkyNfJYYc) 207 * [Moshe by Narkis and Miri Mesikah](https://www.youtube.com/watch?v=CjHiYZU1gJE) 208 * [Tik Tok by Mohamed Ramadan and Super Sako](https://www.youtube.com/watch?v=YQpuETX_tr0) 209 * [Aliyato VeNiflato Shel Shem Tov Hevi by Tamir Bar](https://www.youtube.com/watch?v=I9xBb3MDxgk) 210 * [Falafel Pop (Album) by Quarter to Africa](https://www.youtube.com/watch?v=7VWBTxOEHoQ&list=OLAK5uy_lRWsEN-9ydoMrdEzkw7xySe1105vhZLYc) 211 * [Lama Kacha Atzuva by Idan Raichel and Stav Beger](https://www.youtube.com/watch?v=sZHSE6tyccQ) 212 * [Kapara by Kevin Robin and Rotem Cohen](https://www.youtube.com/watch?v=1EZBnZRyjpc) 213 * [Ehad HaAm by Aya Zahavi Fayglin](https://www.youtube.com/watch?v=MADaEN_3N18) 214 215 ## Wrapup 216 217 I hope you enjoyed reading this update! I know it's much longer than 218 usual, and I'll try and keep them shorter than this from now on. I plan 219 on writing more short, topic-focused articles rather than just updates, 220 but those will come soon. For now though, I need to focus on knocking 221 out some of the larger projects that I'm working on. I keep finding cool 222 and interesting things to do, and I need to work on finishing the ones 223 that I've already started! 224 225 Salamat, FIGBERT 226 227 --- 228 229 [^1]: This previously linked to 230 `https://edvinleander.com/2020/07/15/stop-the-overuse-copy-pasting-and-unecessary-libraries/`, 231 but the site has been down for years now and I neglected to archive it. Such is the nature of the internet. 232 233 [Inform7]: http://inform7.com/ 234 [something happened in cybersec]: https://techcrunch.com/2020/07/15/twitter-accounts-hacked-crypto-scam/ 235 236 [the .gblorb here]: /files/one-angry-wizard.gblorb 237 238 [on Hacker News]: https://news.ycombinator.com/item?id=23549471 239 [geekring]: https://geekring.net/ 240 [Hotline Webring]: https://hotlinewebring.club/ 241 [bfg]: https://rtyley.github.io/bfg-repo-cleaner/ 242 243 [Netlify]: https://www.netlify.com/ 244 [Helmet]: https://helmetjs.github.io/ 245 [in the Sapper Docs]: https://sapper.svelte.dev/docs#Security 246 [\_headers]: https://docs.netlify.com/routing/headers/ 247 248 [DigitalOcean]: https://www.digitalocean.com/ 249 [Caddy]: https://caddyserver.com/ 250 [GitHub Student Developer Pack]: https://education.github.com/pack/ 251 252 [Cloudflare downtime]: https://techcrunch.com/2020/07/17/cloudflare-dns-goes-down-taking-a-large-piece-of-the-internet-with-it/ 253 254 [GoatCounter]: https://www.goatcounter.com/ 255 [GoAccess]: https://goaccess.io/ 256 [they'll add it]: https://github.com/allinurl/goaccess/issues/1768#issuecomment-646674023 257 [this article]: https://alexmv12.xyz/blog/goaccess_caddy/ 258 259 [my own analytics]: https://docs.plausible.io/self-hosting/ 260 [git]: https://docs.gitea.io/en-us/install-with-docker/ 261 [Flavio Copes']: https://flaviocopes.com/tags/docker/ 262 263 [figbert.com]: https://figbert.com/ 264 [avoid inline scripts]: https://github.com/sveltejs/sapper/issues/1175 265 [Routify]: https://routify.dev/ 266 [these]: https://www.roguelazer.com/2020/07/etcd-or-why-modern-software-makes-me-sad/ 267 [articles]: https://johanronsse.be/2020/07/08/why-youll-probably-regret-using-tailwind/ 268 [Hugo]: https://gohugo.io/ 269 [archie]: https://github.com/athul/archie 270 [Zola]: https://www.getzola.org/ 271 272 [really good articles]: https://fortenf.org/e/security/2020/07/15/twitter-hack.html 273 [Brian Krebs]: https://krebsonsecurity.com/ 274 [repeatedly]: https://krebsonsecurity.com/2020/07/twitter-hacking-for-profit-and-the-lols/ 275 [doxxing]: https://krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/ 276 [criticism]: https://news.ycombinator.com/item?id=23865035 277 [a pattern of behavior]: https://itwire.com/security/infosec-researchers-slam-ex-wapo-man-krebs-over-doxxing.html 278 279 [macOS malware]: https://www.wired.com/story/new-mac-ransomware-thiefquest-evilquest/ 280 281 [Mastodon account]: https://fosstodon.org/@figbert 282 [Mast]: https://apps.apple.com/us/app/mast/id1437429129 283 [open source]: https://github.com/tiagomartinho/Mast2 284 285 [Feedly]: https://feedly.com/ 286 [Octal]: https://apps.apple.com/us/app/octal/id1308885491 287 [Element]: https://element.io/ 288 [Matrix]: https://matrix.org/