[-] snowe 101 points 2 months ago

This is my favorite version of this so far.

[-] snowe 78 points 3 months ago* (last edited 3 months ago)

I'm not in the business of collecting user data and don't really want to be. In regards to logs, we restart our containers every 6 hours and the logs are wiped at that time, so the furthest back logs I can actually find in our system are from an hour ago.

And nah, I wouldn't give in. There's no real reason to request that information, as accessing a url means absolutely nothing. I did so just now to verify things and the same could be argued by any real user (oh, I clicked on the link and didn't know what it was going to). I very much doubt the past 6 hours of logs would be useful anyway, as by the time I got the request the logs wouldn't matter anymore.

But, I'm still going to see if I can turn off logging for requests. I do not think we need them at all, and if we do, we can simply turn it on for a few minutes to get the info we need.

[-] snowe 215 points 3 months ago

Skewed priorities like trying to make sure that Firefox continues to exist even with the massive amount of competition in the browser space and everything being taken over by chromium. Yeah. Definitely skewed priorities.

[-] snowe 76 points 4 months ago

Or it’s because Tesla is like 60% of the market and their quality is absolute shit. https://insideevs.com/news/686440/tesla-60-percent-ev-market-share-new-registrations-2024/

[-] snowe 58 points 4 months ago

If that’s the first thing you see then maybe you have a problem. It took me a full 20 seconds to see it.

[-] snowe 79 points 5 months ago

Just so you know, companies already use drones for roof surveys. I work for sunrun and we use them to analyze roofs for solar installations and whether roofs need to be fixed before hand.

[-] snowe 113 points 5 months ago

Well it sure does sound like advertising won doesn’t it. I completely stopped using Google it is so bad now.

[-] snowe 64 points 5 months ago

My first comment directly discusses the issue at hand. It wasn’t off topic. It’s clear you didn’t want any feedback on the issue because it makes you look bad. I explicitly talked about how client side scheduling is a bad idea that does not accomplish the goal of scheduling. And then I gave feedback directly concerning the exact issue I was commenting on of how your conduct was unfitting of lead devs of a major software project, where you squabbled in public in a really weird way, and you refused to even think about discussing the topic (closing the issue over and over again when your coworker had opened it and asked for discussion? Really dude?). Then you finally banned me without any warning or discussion of why.

And no, it’s not going to teach me any lesson, all it did was teach the entire community you have no clue how to run an open source software project. No warning, no explanation, just juvenile marking of comments as off topic (they weren’t), closing of the issue your main dev opened and then boom banned.

367
submitted 5 months ago by snowe to c/meta

I will no longer be able to assist with development nor debugging actual issues with the software... Quite juvenile behavior from the devs. It stemmed from this issue where the devs continuously argued in public by opening and closing an issue. Anyway, thought I would keep y'all apprised of the situation, since these are the people maintaining the software you are currently using.

56
Outage - Oct 14/15 (programming.dev)
submitted 5 months ago by snowe to c/meta

Over the weekend we had a large intermittent outage, followed up by unplanned maintenance that I had put off for way too long.

Lemmy runs with several different services.

  • lemmy-ui (the reactesque frontend)
  • lemmy (the rust backend)
  • postgres (the data store for operations, comments, posts, etc)
  • pictrs (the image data store)

The outage concerns itself with the last one. We always knew we'd eventually need to migrate to an object based store, but Lemmy defaults to file based picture storage and that's what we stuck with up until now. This eventually caused the VPS that programming.dev is running on to seize up, and resulted in the outage over the weekend.

Saturday night I spent several hours testing out the object migration on the beta.programming.dev site in order to validate that it worked. During this time I struggled with some very obtuse ansible errors that I hadn't encountered before and so I was not able to start the migration that night. I delayed until the next morning (thank goodness).

I began work Sunday morning at 10:00 America/Denver time. Initially the migration started off quite well, but was moving incredibly slowly. Looking back on it now, the migration would have taken over 144 hours if I left it to do its thing. I let this run for about an hour before messaging the pictrs dev to understand why logs weren't showing up for the migration (even though objects were showing up in the store). Apparently lemmy-ansible is set to use 0.4.0 of pictrs, which not only is quite old, but doesn't have the ability to run migrations concurrently. There was the issue. I asked the dev is it was possible to stop a migration in the middle of the running, upgrade, and continue. They told me what changes I'd need to make, I made them, did the upgrade, and restarted the migration. It immediately failed. This was the start of my issues.

The server was now too full of data to do anything, including running apt update or apt install to install tools to assist me. I was able to attach more block storage, but I'm not enough of a linux guru to figure out how to mount it where the current pictrs filesystem would be able to take advantage of it. I had to result to copying the entire pictrs filesystem to a fresh ~500gb mount, fixing permissions, and then rerunning the migration from there. By the time I got to this point, it was about 12:30PM. The migration from then on took several hours.

After the migration completed, I needed to deploy the new stack with the correct settings. The ansible script needed to run apt though, and, well, that wouldn't work when the server was still full. At this point I was not confident in the migration and I also hadn't realized that you could do the migration while the site was running (big oversight from me). I therefore wanted to maintain the entire pictrs file store until I proved the object store was working. I created another block storage, copied the entire pictrs directory over to it again (another 20 minutes or so) and then deleted the original directory. I was now able to run the ansible script and deploy the new settings for pictrs, confident that I had a backup available in case something went wrong (this is not the main backup method, the server is backed up externally as well, but I didn't want to have to resort to those during the migration).

That completed the migration, some 5 hours after it originally started.

There were several things that exacerbated the issue that made it take several hours longer than I wanted.

  1. I let it go so long before doing the migration to object storage that the server was too full to even perform an apt update. This resulted in me not being able to install tools I needed, along with a host of other issues as mentioned
  2. pict-rs was at a very suboptimal version. If it had just been two minor versions newer it would have migrated perfectly fine, in a few hours.
  3. my limited knowledge around ansible led me on wild goose chases several times

Things I would change if I had to do it again:

  1. Dig in a bit deeper on the concurrency flag in the pictrs docs. It was not present in the original guide I followed (from a lemmy post on another instance), and thus I didn't realize that it wouldn't run with concurrency at all.
  2. Don't wait so long so that the server is full
  3. Migrate while the server is running. That would have been dumb in this case, since the server wouldn't stay up anyway, and could have caused other issues. But there was no reason to take the server down if it had been stable, and other instances have done so with no problems.
28
Test object storage (programming.dev)
submitted 6 months ago by snowe to c/meta
13
submitted 6 months ago by snowe to c/[email protected]

It seems like the password limit is set to 60 characters so I’m unable to login to my instance. There probably should be no limit in the app because each server could have different limits set.

956
A thousand miles (programming.dev)
submitted 7 months ago by snowe to c/[email protected]
[-] snowe 107 points 7 months ago

Hey @[email protected], just so you know, this tool is most likely very illegal to use in the USA. Something that your users should be aware of. I don't really have the energy to go into it now, but I'll post what I told my users in the programming.dev discord:

that is almost definitely against the law in the USA. From what I've read, you have to follow very specific procedures to report CSAM as well as retain the evidence (yes, you actually have to keep the pictures), until the NCMEC tells you you should destroy the data. I've begun the process to sign up programming.dev (yes you actually have to register with the government as an ICS/ESP) and receive a login for reports.

If you operate a website, and knowingly destroy the evidence without reporting it, you can be jailed. It's quite strange, and it's quite a burden on websites. Funnily enough, if you completely ignore your website, so much so that you don't know that you're hosting CSAM then you are completely protected and have no obligation to report (in the USA at least)

Also, that script is likely to get you even more into trouble because you are knowingly transmitting CSAM to 'other systems', like dbzer0's aihorde cluster. that's pretty dang bad...

here are some sources:

19
submitted 9 months ago by snowe to c/programming

There's gods for everything, but of course computers didn't exist in ancient Roman and Greek times. What God or Goddess in your opinion would personify Testing?

And yes these answers matter. 😬

238
submitted 9 months ago by snowe to c/meta

Start by reading these two articles:

Ok, now that you've done that (hopefully in the order I posted them), I can begin.

I have always been a strong supporter of Open Source Software (OSS), so much so that all of my projects (yes all) are OSS and fully open for anyone to use. And with that, I knew that things could be used for good... and bad. I took that risk. But I also made sure to build stuff that wasn't, in itself, inherently bad. I didn't build anything unethical to my eyes (I understand the nuance here).

But I've seen what unethical devs can do.

Just take a look at those implementing the ModFascismBot for Reddit (that's not its name, but that's what it is). That is an incredibly unethical thing to build. Not because it's a private company controlling what they want their site to do, no, that's fine by me. Reddit can do whatever they want. But because it's an attempt to lie about reality, to force users to do something through manipulation not through honesty. Even subreddits that voted overwhelmingly to shut down still got messaged by the bot telling them that the users (that voted for it) didn't want it and they had to open back up or they would be removed from mod position. This is not ethical. This is not right. This is not what the internet is about.

Or the unethical devs at Twitter, who:

It's one thing for an organization to have political lean...that is just a part of life, and that will never end. It's another to actually sow disinformation in order to accomplish nefarious things to further your profits. It is what has caused massive addiction to tobacco, the continuation of climate change, death and disfiguration from forever chemicals, ovarian cancer and mesothelioma from undisclosed exposure to asbestos, or selling 'health products' that claim to cure everything under the sun, but can "interfere with clinical lab tests, such as those used to diagnose heart attacks".

Please do not confuse this for saying that companies shouldn't be able to sell things and make a profit. If you want to sell someone something that kills them if they misuse it and you market it as such, you go for it. That's literally how every product in the cleaning aisle of your grocery store works. That's how guns work, that's how fertilizers work, that's why we have labels. But manipulation for profit is unethical, and that's why companies hide it. It hurts their bottom line. They know that their products will not be used if they reveal the truth. Instead of doing something good for humanity, they choose the subterfuge. Profits over people. Profits over Earth honestly. Profits over continuing the human race. Absolutely nothing matters to companies like this. And unethical developers enable this.


Facebook (ok, fine, Meta, still going to refer to them as FB though) is trying to join the Fediverse. We as a community, but honestly each of you as individuals, have a decision to make. Do they stay or do they go? Let's put some information on the table.

Facebook...

  • lies about the amount of misinformation it removes ^1
  • increased censorship of 'anti-state' posts ^1 ^2 ^3
  • lied to Congress about social networks polarizing people, while FB's own researchers found that they do ^2
  • attempted to attract preteens to the platform (huh, wonder where all that "you must be 13" stuff went) ^4
  • rewards outrage and discord ^3

Facebook also...

  • Allows for checking on friends and family in disasters ^6
  • Created and maintained some of the most popular open source software on the planet (including the software that runs the interface you're looking at right now) [^7][^8]

From my perspective... There's not much good about FB. It has single handedly caused the deaths of tens of thousands of people across the planet, if not hundreds of thousands. It continually makes people angrier and angrier. It's a launching pad for scammers, thieves, malevolent malefactors, manipulators, dictators, to push their conquests onto the world through manipulation, lies, tricks, and deceit. Its algorithms foster an echo chamber effect, exacerbating division and animosity, making civil discourse and mutual understanding all but impossible. Instead of being a platform for connection, it often serves as a catalyst for discord and misinformation. FB's propensity for prioritizing user engagement over factual accuracy has resulted in a global maelstrom of confusion and mistrust. Innocent minds are drawn into this vortex, manipulated by fear and falsehoods, consequently promoting harmful actions and beliefs. Despite its potential to be a tool for good, it is more frequently wielded as a weapon, sharpened by unscrupulous entities exploiting its vast reach and influence. The promise of a globally connected community seems to be overshadowed by its darker realities.


As a person, I believe that we need to choose things as a community. I do not believe in the 'BDFL'...the Benevolent Dictator For Life. Graydon Hoare, creator of Rust, wrote an article just recently about how things would have been different if they had stayed BDFL of Rust. From my position the BDFLs we currently have on this planet really suck. Not just politically, but even in tech. I don't think that path is good for society. It might work in specific circumstances, but it usually fails, and when it does, people get hurt. Badly.

So, with that in mind, I've been working on a polling feature for Lemmy. I seriously doubt I'll be done with it soon, but hopefully FB takes a while longer to implement federation. I understand there's a desire for me, or the other admins to just make a decision, but I really don't like doing that. If it comes down to it, I will implement defederation to start with, but I will still be holding a vote as soon as I can get this damn feature done.


[^8]: the website actually uses Inferno, but from what I can tell it was forked directly from React, judging from the actually documentation and references in the repo.

44
submitted 9 months ago* (last edited 9 months ago) by snowe to c/meta

I will be updating the instance to v18 at ~~20:00~~ 22:00 UTC.

See https://programming.dev/post/181191 for the changes

edit: Lemmy.ml updated and seems to have gone down. We're going to wait and see what the outage was caused by and then proceed from there.

edit 2: lemmy was down due to a ddos attack. We will upgrade at 22:00 UTC

edit 3: we had issues with the email setup getting overridden again. If you tried to sign up in the past 8 hours please try to just log in. If you can't, please message me (discord, matrix, or mastodon)

10
submitted 9 months ago by snowe to c/kotlin
[-] snowe 74 points 10 months ago

This article has so many inaccuracies… I haven’t talked with a single person that thinks Reddit shouldn’t charge for api access. And the final comment about being legally obligated to pursue profit is just factually incorrect. https://legislate.ai/blog/does-the-law-require-public-companies-to-maximise-shareholder-value

You can find plenty of other sources just like that one saying the same thing. I’m pretty sick of this myth, because it gives all these companies a bogeyman to hide behind.

61
submitted 10 months ago* (last edited 10 months ago) by snowe to c/meta

I'm going to be working on getting the instance upgraded to 17.4 today. I had tried in the past, but had some issues with cloudflare and dns resolution.

First attempt will be at 17:00 UTC.

I'll update this post if that doesn't work and provide a second time.

18
submitted 10 months ago* (last edited 10 months ago) by snowe to c/meta

We're seeing increased rates of memory errors in postgres, due to a default docker setting

I will be performing a fix at 23:45 UTC. This should not update the server, so it should be a very fast fix. I expect the downtime to be less than a minute.

[-] snowe 73 points 10 months ago

Hi, programming.dev owner here. From what I've been seeing it's a lot of memory issues. We were hitting swap which was causing massive disk io. You can see what happened with the disk io immediately after the upgrade to more memory. I know at least one reason is being resolved in this PR

We were also having issues with the nginx config. There were some really weird settings that I don't think were necessary. Finally, the federation is quite busy. So if someone subscribes to events from 10 different servers, we pull in every single event, even upvotes. There's currently a lot of work being done around this stuff.

I don't think Rust is the problem. I think it's just a growth thing. Every platform has growth challenges, things grow in ways that you never expect. You might have thought that it was going to be IO constrained due to the federation, but in reality it's memory constrained because memory is actually the most expensive thing to have on a server. etc.

14
Rewriting the Ruby parser (railsatscale.com)
submitted 10 months ago by snowe to c/ruby

Shopify wrote a new hand-written recursive descent parser. This looks like it will be a great improvement to the Ruby ecosystem!

view more: next ›

snowe

joined 10 months ago
MODERATOR OF