Ge0rGSo I implemented resourceprep for nicknames in yaxim, but then I wasn't able to use emoji nicknames, so I removed that again.
jonasw:D
jonaswimplement resourceprep, but ignore unassigned codepoints
Ge0rGThats not how libidn works :(
jonasw:P
Kevhas left
Kevhas left
nycohas left
nycohas joined
Ge0rGOkay, so I'm in a good mood. I will try to make AndroidStudio work with yaxim again.
jonaswgoodbye to your good mood
@Alacerhas left
lumihas joined
@Alacerhas left
Ge0rGAh, another bit of XMPP trivia to dig out: is a user implicitly subscribed to themself? They can't add their own JID to the roster, but are they subscribed? Context: https://prosody.im/issues/1052
jonaswhuh
Ge0rG> To take advantage of all the latest features (such as Instant Run), improvements and security fixes, we strongly recommend that you update the Android Gradle plugin to version 3.0.1 and Gradle to version 4.1.
Yeah. Last time I said "yes" to that kind of dialog, it broke everything for me.
Ge0rG> Warning:The specified Android SDK Build Tools version (25.0.0) is ignored, as it is below the minimum supported version (26.0.2) for Android Gradle Plugin 3.0.1. Android SDK Build Tools 26.0.2 will be used.
There goes my mood again.
jonasw(I’m not sure this is proper on-topic here)
Tobiashas joined
Tobiashas joined
jonaswalso, you have been warned :)
Ge0rGIt's not. But it's Saturday, and the XSF doesn't work on weekends.
Ge0rGjonasw: if you are bored, you can also have a look at that self-roster vs self-presence thing ;)
zinidhas joined
jonaswI’m pretty sure I added meself to the roster before
jonaswyup, works instantly
Ge0rGjonasw: it's not allowed.
Ge0rGI just don't remember where it's written down.
jonaswah indeed
jonaswit’s only pidgin which pretends that it works
iNPUT🐁Sorry Tobias!
jonaswgreat, whenever iNPUT🐁 writes, my input line acts up
jonasw.
Ge0rGiNPUT🐁: Tobias isn't there, because "Kicked: jid malformed: The source address is invalid: xsf@muc.xmpp.org/iNPUT🐁"
jonaswGe0rG, for the purpose of mod_firewall, I’d suggest to treat self as both IN_ROSTER and SUBSCRIBED.
Ge0rGjonasw: yes. But what about rostermanager?
jonaswi don’- care
jonaswwhy would I need to care?
Ge0rGiNPUT🐁: wouldn't iNPUT🐁🐁 be a more correct nickname? :P
Ge0rGjonasw: because you just wrote the same thing I stated in the ticket, but in other words? :P
iNPUT🐁Ge0rG: I thought about that, but I'll just let Tobias back :P
jonaswyou need to renick for that
jonaswand we need to purge your messages from the history probably
Ge0rGWhoops. yax.im's disk is full.
iNPUT🐁has left
stefandxmhas left
Ge0rGlooks like I need better compression for the backups.
lovetoxhas joined
jubalhhas joined
zinidhas left
Guushas left
Guushas left
nycohas left
nycohas joined
ralphmhas joined
sonnyhas left
sonnyhas joined
zinidhas joined
Guushas left
Zashhas joined
Ge0rGhas left
jubalhhas left
Ge0rGKilled another (single) spammer account, that was registered last night via direct TCP instead of SRV.
Ge0rGIt's bad when you don't have IP address logs due to nasty NAT
jubalhhas joined
jerehas joined
zinidhas left
jerehas joined
ralphmhas joined
Ge0rGhas left
stefandxmhas joined
Ge0rGhas joined
Ge0rGhas left
nycohas left
zinidhas joined
Ge0rGhas joined
ralphmhas joined
ralphmhas joined
lskdjfhas joined
jmpmanhas joined
zinidhas left
zinidhas joined
stefandxmhas left
lskdjfhas joined
sonnyhas left
sonnyhas joined
Zashhas left
Zashhas left
Zashhas left
Zashhas left
Zashhas left
Ge0rGhas joined
Guushas left
Neustradamushas left
jubalhhas joined
ralphmhas joined
jonaswhm, Kev, do you have a minute or two to give me a few tips on the nginx-php-thing?
ralphmhas joined
zinidhas left
lskdjfhas joined
jabberatdemohas left
danielhas left
efrithas joined
danielhas left
danielhas joined
danielhas left
danielhas joined
zinidhas joined
moparisthebesthas joined
archas left
archas joined
zinidhas left
jabberatdemohas joined
KevI'm just about to go out for a jog, so not many. What's up?
jonaswso AFAICT, the config assumes that everything goes through a single app.php
jonaswthis is not the case for this application, and I have no idea how to re-write the config properly. my attempts range from "it offers the php file for download" to "404"
KevThe first of those sounds useful. App-on-demand or something.
jonaswthis is what I’ve got now, nginx-wise:
server {
listen 8000;
root /opt/installtree;
location / {
# try to serve file directly, fallback to app.php
try_files $uri =404;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/run/php/php7.1-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param HTTP_PROXY "";
fastcgi_index index.php;
internal;
}
error_log /var/log/nginx/rff_error.log;
access_log /var/log/nginx/rff_access.log;
}
jonaswit’s especially useful for secrets.php :)
jonasw(this one 404s)
jonasw(I haven’t touched the php-cgi-fpm-thing config yet)
la|r|mahas joined
danielhas left
la|r|mahas left
la|r|mahas joined
KevThat doesn't look immediately stupid.
jonasw\o/
KevAlthough I'm not much of a PHP person, and certainly not a running-PHP-in-webservers person.
KevYou almost certainly don't need the location / block, though.
jonaswthere are static files in the app which need to be served. are you sureS
jonaswthere are static files in the app which need to be served. are you sure?
KevOh. No, then :)
danielhas left
KevIf you're at giving up stage, do you want to upload what you've got so far somewhere, and maybe someone can help? Maybe even me, although I'm going to struggle to find time over the next few days.
jonaswI’m at the massively-confused-stage
jonaswbut sure
KevThere must be *someone* here who's a PHP person.
jonaswglances at daniel
jonasweven though I think we need an nginx-php-persion
lskdjfhas joined
jonaswhttps://github.com/horazont/xmppoke-frontend-docker there you all go
la|r|mahas left
danieli'm not an nginx person. when i did php everyone was using apache
la|r|mahas joined
danieland there was this thing called lighttp which the kids today have never heard about
jonaswI have!
jonaswI personally only use apache, though :)
jonaswmaybe somebody on members@ will step up :(
ZashIs that a thing that ever happens in a volonteer based org?
jonaswZash, I did step up
SouLReceived the email, crossing fingers to find someone
jonaswalso, I tried the classic trick: put something up in the internet which is WRONG
jonaswmaybe it helps :)
ZashSure, but rewriting the entire PHP thing from scratch is too much work.
Zash:P
jonaswZash, actually, I came to thinking that rewriting that thing in python would probably be much faster than trying to get this PHP thing to work
jonaswanyways, &-ing this for now
Ge0rGjonasw: great job so far!
jonaswthanks
sonnyhas left
sonnyhas joined
sonnyhas left
sonnyhas joined
Flow> Ge0rG> Ah, another bit of XMPP trivia to dig out: is a user implicitly subscribed to themself?
Floware you still intereseted in an answer?
Ge0rGFlow: yes
Ge0rGFlow: it's for me and for https://prosody.im/issues/1052
FlowGe0rG, I think https://tools.ietf.org/html/rfc6121#section-4.2.2 answers it
Ge0rGFlow: it's related, but technically it doesn't say you are subscribed to yourself
FlowGe0rG, right, but you also didn't want to know if a roster query for your own JID would return an item, leave alone a subscription state
Flowbecause you said that one can not be in its own roster. do you happen to have a link to where it's specified?
Ge0rGFlow: no link :(
FlowGe0rG, you may want to add that to https://wiki.xmpp.org/web/index.php?title=XEP_and_RFC_Remarks (or, but i'm not sure if it's a good fit, to the RFCs errata)
jabberatdemohas left
Ge0rGAt least it's not restricted in https://xmpp.org/rfcs/rfc6121.html#sub-request-outbound
Ge0rGMaybe it was just a server implementation limitation
jonaswthat’d also explain why pidgin fakes it.
jonaswor maybe not
jonaswI’d trust pidgin to ignore explicit errors in that regard...
Ge0rGAh, https://xmpp.org/rfcs/rfc6121.html#roster-add-errors -
> Interoperability Note: Some servers return a <not-allowed/> stanza error to the client if the value of the <item/> element's 'jid' attribute matches the bare JID <localpart@domainpart> of the user's account.
FlowGe0rG, so it is allowed, good to know
Ge0rGFlow: it's not forbidden in that single place, at least.
Zashhas left
ralphmhas joined
Guushas joined
GuusJonasw, php-wise, what do you need?
GuusLast time I looked, php 4 was just released
Guusbut I'm confident that together, we should be able to make something work :)
jonaswGuus, essentially, that docker container just 404s
jonaswand I have no idea why
Guuswhich container?
jonaswcould be nginx, could be php-fpm
jonaswoh, I thought you read that email
GuusI did
Guusbut not close enough, probably :)
jonaswthere’s a link to a github repo
Guusah, I missed that
Guusah, wife just assigned me chores :)
GuusI'll be back in ~45 minutes
stefandxmhas joined
jonaswheh
jonaswthat’s what I’d say too, if I was about to debug nginx-php-things
jonasw:)
ralphmhas joined
la|r|mahas joined
lovetoxhas left
Zashhas left
stefandxmhas left
efrithas left
efrithas joined
sonnyhas left
sonnyhas joined
Guushas left
efrithas left
efrithas joined
efrithas left
efrithas joined
efrithas left
efrithas joined
marchas left
marchas left
Guushas left
Ge0rGhas joined
ralphmhas left
pep.jonasw, I'm tring to run your xmppoke-frontend-docker. composer.json is not in xmppoke-frontend, is it left as an exercice to the reader? :x
pep.xnyhps, ^
jonaswwhat is a composer.json?
jonaswthere’s no such thing
pep.There are mentions of that in your Dockerfile
jonaswpep., the docker stuff expected some stuff which the frontend thing doesn’t do
jonaswyeah
jonaswignore that
pep.k
jonaswI need to strip that out
jonasw(that’s from kevins template which expects things I don’t know about adn which aren’t in xmppoke-frontend either, so I dropped that)
pep.k
pep.composer.json is just python's requirements.txt equivalent
jonaswah
pep.composer.json is just python's requirements.txt's equivalent
jonaswI don’t think there are any requirements
pep.Ok, stripping that out
efrithas left
jubalhhas left
zinidhas joined
sezuanhas left
sezuanhas joined
ralphmhas joined
zinidhas left
jubalhhas joined
jubalhhas left
Zashhas left
danielhas left
Guusjonasw: that postgres instance is not in poker, is it?
stefandxmhas joined
marchas joined
jonaswGuus, no, it isn’t
jonaswdidn’t proceed that far yet, I was about to use my local postgresql instance
Guusthat probably explains why my browser is timing out
jonaswuh, but you got the PHP stuff to work?
Guusah, yeah, php now complains
jonaswamazing!
jonaswcare to make a PR?
Guuswell, I simply removed everythign I didn't understand and used the apache-based default
jonaswah, so s/nginx/apache/?
Guuslet me show you, one sec
ralphmhas joined
GuusI didn't get that huge startup script - if there was anything important apart from the secrets in there, it's now missing.
jonaswI’m all in for simplicity
Guusalso, I _detest_ docker for its installation procedures.
Guusmessed up my entire setup :(
jonaswhow that?
Guusa) make it run b) make it right.
Guusdocker vs docker.io vs docker-ce vs docker-whatever?!
jonaswapt install docker.io docker-compose works for me :/
Guusit complained about mismatched versions (I think your compose uses a version 3, while my executable didn't see beyond 2)
Guusbut, whatever. It now runs
pep.`pacman -S docker`? :)
Guuslet me PR
jonaswGuus, thank you :)
pep.I'm also having a look btw
GuusPR done
GuusI'm somewhat worried about having passwords in secrets.php - is that visible to end-users?
jonaswI sure hope not
jonaswbut I’ll tackle that later
jonasw(I think modifying common.php to include from somewhere non-docrooty should be possible)
jonaswthere’s also that huge patch from Holger which needs to be dissected
pep.Guus, that can be hidden by the web server for a start, but yeah otherwise, it's meh
Guusalso, php's docker page suggests adding a php.ini, which we're not doing. might be another good improvement
Guusbut, lets first make it run
jonaswlet’s give this a shot :)
KevPasswords should come in from envvars.
jonaswthey do
pep.jonasw, PHP should get them from envvars
jonaswpep., Guus made it so that they do
pep.I see, right
Guusyeah, that's what I did - I think the upstream code requires them to be in a file though
jonaswdoesn’t matter in the end, I think
jonaswI mean this way it’s not even a problem if a user can downloda secrets.php
jonaswbecause the values aren’t in there
jonaswI’m still not happy how that thing compiles everything from source :/
Guuswell, if its interpreted....
jonaswGuus, if it’s interpreted, the values aren’t printed
Guusah, true.
jonaswneat
jonaswnow waiting for my postgres to come up :)
pep.I wonder if there's a way to change the docker-compose conf with args. To not have :80 used locally when testing. But that's a detail
jonaswnow I need to get some dependencies in order d)
jonasw Fatal error: Uncaught Error: Call to undefined function idn_to_utf8() in /var/www/html/result.php:25 Stack trace: #0 {main} thrown in /var/www/html/result.php on line 25
pep.jonasw, that's where composer.json comes into play :P
jonaswI think that’s a PHP module
Guushttps://hub.docker.com/r/library/php/ <-- has some documentation on how to add extensions
jonaswneed to figure out the extension name though
pep.err, PHP
KevAdd php7.1-intl to the apt line.
KevI think that'll do it.
Guusintl
KevOh, it's there already.
Guusexactly
KevHmm.
jonaswuhm
jonaswyou’re looking at different files
KevNo idea then, that should already be available.
jonaswKev, guus essentially re-wrote everything
KevI'm looking at the dockerfile I sent over.
jonaswyeah
pep.Kev, 7.2 with the PR
KevI shall leave you all to it then.
jonasw:)
KevI feel pleased I spent that time sorting out the files I sent over :p
jonaswKev, sorry
GuusI'm not invested in whatever I did
GuusI basically punched it until something worked
jonaswKev, if you can figure out why it didn’t work, I’m happy to go back to yours, because I’m still a bit uneasy with the PHP docker images.
Kev'PHP docker images'?
jonaswhttps://hub.docker.com/r/library/php/
KevNot those ones that mount the source into the image?
stefandxmhas left
GuusI read somewhere that they provide the source as a tarball?
Guusunsure
ralphmhas joined
Guusit runs. :)
danielhas left
@Alacerhas left
@Alacerhas joined
Guusjonasw, need me for anything else?
jonaswI don’t think so
jonaswthanks a lot
jonaswand one more apology towards Kev
Guuswanders off
zinidhas joined
Alexhas joined
Alexhas left
@Alacerhas left
jonaswyeha
jonaswI just queued the first test :)
jonaswnow for the postgresql …
@Alacerhas joined
jonaswwat, jabber.org is weird. Pre-TLS, they only offer DIGEST-MD5. Post-TLS, they offer: CRAM-MD5, DIGEST-MD5, LOGIN, PLAIN, SCRAM-SHA-1, SCRAM-SHA-1-PLUS
ZashWat
ZashAlso, wat
jonaswI wonder whether it’s related to this: https://github.com/cyrusimap/cyrus-sasl/issues/379
XSF Discussion - 2017-12-09