Updating Mastodon under FreeBSD 12.0-RELEASE

After recently upgrading my server from FreeBSD 11.2 to 12.0 (and rebuilding my entire installed ports tree), I noticed that trying to run my usual rebuild process for Mastodon to get it to pick up the new library changes kept dieing on a Ruby gem ‘bcrypt’.

Looks like this has been noted on the Gem’s GitHub:

https://github.com/codahale/bcrypt-ruby/pull/166

https://github.com/codahale/bcrypt-ruby/issues/175

Thankfully, it looks like the FreeBSD port version has already been patched: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212304

So, here’s my hacky way of trying to get this working for now (on top of my existing hack to get uws to compile!).  Started with these great instructions for a funky port + local hybrid: https://blog.gegeweb.org/installer-mastodon-sous-freebsd-sans-le-port.html

cd /usr/ports/security/rubygem-bcrypt && sudo make
sudo mkdir ~mastodon/gem-overrides
sudo cp -rv /usr/ports/security/rubygem-bcrypt/work/bcrypt-3.1.12 ~mastodon/gem-overrides
sudo chown -R mastodon:mastodon ~mastodon/gem-overrides

Then, as the mastodon user, you need to edit the Gemfile, and near the top add the line:

gem 'bcrypt', :path => "~/gem-overrides/bcrypt-3.1.12"

Trying to run the normal complicated bundle command throws an error about the lockfile not matching, so I just ran a plain ‘bundle install’ like it said, before trying again:

bundle install
bundle install -j$(getconf NPROCESSORS_ONLN) --force --deployment --without development test
yarn install --pure-lockfile
RAILS_ENV=production bundle exec rails assets:precompile

I got a compile error here complaining about ‘bcrypt_ext’.  According to https://stackoverflow.com/questions/3900180/no-such-file-to-load-bcrypt-ext-via-devise it sounds like it doesn’t build native extensions (??), so I tried all this, no idea how much of it actually ended up being necessary:

cd ~/vendor/bundle/ruby/2.4/gems/bcrypt-3.1.12/ext/mri
cp ~/gem-overrides/bcrypt-3.1.12/ext/mri/*.c .
cp ~/gem-overrides/bcrypt-3.1.12/ext/mri/*.h .
ruby extconf.rb
make
make install

cp ~/vendor/bundle/ruby/2.4/gems/bcrypt-3.1.12/ext/mri/bcrypt_ext.so ~/vendor/bundle/ruby/2.4/extensions/amd64-freebsd-12/2.4/bcrypt-3.1.1

Still had issues, noticed by comparing with another ‘with native extensions’ gem (‘pg’) that it was calling from a different folder, looking for it in the same folder as its ‘bcrypt.rb’ in ‘lib’, so:

cp ~mastodon/gem-overrides/bcrypt-3.1.12/ext/mri/bcrypt_ext.so ~mastodon/gem-overrides/bcrypt-3.1.12/lib/
cd ~mastodon
RAILS_ENV=production bundle exec rails assets:precompile

Finally, progress!  At this point, uws will fail to compile (this is normal even on FreeBSD 11), so we need to rebuild it.  The normal install process seems to clean up after itself a bit too much when it fails, so we have to do this by hand to make sure it leaves its source behind:

npm rebuild uws
cd node_modules/uws/build

Then fire up your editor of choice on ‘uws.target.mk’ and delete both lines that read:

-fno-exceptions \

Then we manually compile (via gmake, not make!) and copy the resulting binary where it’s needed:

gmake
cp Release/uws.node ..

Oh, hey, UWS still doesn’t work, throwing an SSL error, because we’re still on Node 8.  Well, time to try Node 10… (remember to leave the bundled OpenSSL option on, I guess?  Also reconfigure www/npm and www/yarn to use www/node10 instead of www/node8)… and run through all this again until it works.  Apparently Mastodon’s package.json explicitly asks for ‘between 8 and 11’, i.e. not 11, so hopefully 10 + bundled SSL works.

(I tried going all the way to Node 11 and editing package.json to allow it.  Errors.  Errors everywhere.  Don’t do that, stick to 10.)

Looks like ‘node-zopfli’ hasn’t been updated in years (and thus doesn’t compile on newer versions of Node?), but someone made a ‘zopfli-node’ last week that maybe does?

So, change the line in package.json from node-zopfli 2.0.2 and re-run the things:

"zopfli-node": "^2.0.3"

…can we have an alternative that doesn’t suck from a SysAdmin / Ops standpoint?  Please? :/  I get that libraries are great, and all, but this is obscene.

Vegan Gravy for the Holidays

Over the past week or so, leading up to Thanksgiving here in Canada this coming weekend, we’ve been watching and absorbing all sorts of vegan holiday recipes from the likes of The Happy Pear and Avant-Garde Vegan (with a few non-vegan ideas from Food Wishes and Alex French Guy Cooking), and melded things together into this strong-flavoured, herbal vegan gravy fit to liven up those mashed potatoes and root vegetables.

We like it fairly rustic and don’t bother straining or blending it once cooked, but if you prefer a smoother, more velvety traditional gravy, feel free to do so once the garlic + onions have softened to your liking at the end of the simmering phase.

Ingredients:

  • 1/2 medium-large onion, finely diced
  • 2-6 cloves of garlic, to taste, finely minced
  • Small handful of fresh sage leaves, finely chopped
  • Small handful of fresh thyme leaves (no stems)
  • 1-2 sprigs of fresh rosemary, leaves finely chopped (no stems)
  • 1 dried bay laurel leaf
  • 1/4 tsp. Cayenne pepper
  • 1/4 tsp. Smoked paprika
  • Pinch to 1/4 tsp. nutmeg
  • 1/2 to 1 tsp. Freshly ground black pepper, to taste
  • 1 tsp. Kosher salt (1/2 tsp. fine salt), to taste
  • 1-2 tsp. Vegetable broth powder
  • 2-5 tbsp. Nutritional yeast, to taste
  • 2-4 tbsp. Vegan butter or vegetable oil of choice
  • 2-4 tbsp. Tamari or soy sauce
  • 1 tbsp. Balsamic vinegar
  • 1 tsp. Vegan Worcestershire sauce
  • 1 tsp. Maple syrup or sugar
  • ~1-2 cups water as needed
  • Cornstarch slurry or vegan milk to thicken as desired

Method:

  1. In a wide-bottomed saucepan, sautee the onion in vegan butter/oil with the kosher salt until translucent.
  2. Add the minced garlic and sautee for about a minute or until soft, but not browned
  3. Add the fresh herbs + dried spices except nutritional yeast, along with the bay leaf, continue cooking for a minute or two to warm
  4. Add the liquid flavourings – soy sauce, Worcestershire, Balsamic and Maple syrup
  5. Add the vegetable broth powder + water first, then nutritional yeast
  6. Simmer for at least 15 minutes, 30 preferable, to extract the flavour from the bay leaf and continue softening the onions and garlic until extremely tender
  7. Discard bay leaf, and add cornstarch slurry or vegan milk if using, and reduce / thicken to desired consistency
  8. Check for salt + pepper and adjust if necessary
  9. (optional) Strain and/or blend to adjust texture to your liking

The #DeleteFacebook Trend – Implications and Alternatives

Should I #DeleteFacebook?  What does it mean?
In tech news, and indeed now in the general news, there’s a lot of talk of some very shady business practices that companies have been up to for quite some time.  Many of us understand that by signing up for various online services, particularly ‘free’ offerings from corporations with centralized, ad-supported models, that we’re giving up some of our privacy in exchange.  Indeed, the likes of Google, Facebook, Amazon, etc. have quite the ad tracking network, designed to create a profile or model around your account, so they can see what sites you’re visiting, what things you’re buying online, and then tailor the ads they show you around that profile.  In almost all cases, they grant access to this data or sell it to various interested 3rd parties who do the same sorts of things.

This is kind of an Internet-wide version of the various loyalty programs you get from grocery stores or whatnot, except instead of points to redeem, you get ‘free’ services like your Gmail, or Facebook profile, YouTube account, etc.

Of course, the reason this is all blowing up in the news at the moment is because instead of merely showing you ads for widgets you might like, or diet pills, it’s apparent that this sort of data was actively used for political purposes, in many cases skirting legality in various jurisdictions (and that’s being generous).  Profile data was and probably still is being used to create and display targeted political ads to try to swing elections.  This is the line we’ve had to cross for people to get up in arms about this sort of data collection.

Many people have been blissfully unaware just how much data has been collected – particularly if you installed the matching smartphone applications for each service (call and SMS logs, browser activity, etc.), but ironically enough – companies like Google and Facebook are pretty open with what they’re taking from you.  You can actually download a copy of all of your Facebook data and skim through it… though you may not like what you find if you’re a heavy user.  If you’re signed in to Google’s services, you can double check your own ad profile and settings, and opt out of a number of things (hint: probably all of them).

You can also do a lot to protect yourself by running a full-spectrum ad blocker in your browsers (like, say, uBlock Origin for Chrome or for Firefox), and if you have the patience, a script blocker & whitelist tool like uMatrix for Firefox, and indeed, I’d strongly recommend everyone be running an ad blocker these days, just because of the sheer number of times ad networks have been abused to distribute malware, but that’s not the be all and end all – especially if you’re still posting pictures and other information directly to these corporate sites and services.

It gets worse when you start looking at ‘the cloud’ – we’ve already known about various three-letter-agencies from multiple countries around the world doing their best to hoover up as much data as they can, to sift through later and try to make decisions on.  One of the better arguments for keeping data relatively secure is to ensure that it’s not physically stored on US soil.  Unfortunately, recent legal actions give the US carte blanche to request data from any American company’s datacentres, even if those datacentres are located elsewhere.  Timing is suspect with the recent enforcement start date yesterday of the new EU General Data Protection Regulations.  Now, even if you have your instances in, say, the Canadian zone of a big American cloud provider, the fact that the company providing the service is American is enough for them to warrantlessly attempt to acquire your data.

So, what can we do?
Those of us who have more than a bit of grey in our beards can probably remember a time before these centralized, corporate services.  Maybe we’ve dabbled in using some of them, particularly at work, where some companies still run their own e-mail servers, their own IRC or Jabber/XMPP servers.

“But IRC isn’t like Facebook at all!  And then I’m just trusting someone’s IRC server instead of some company, with all the same potential problems!”

The good news is that there’s been a lot of active development in various decentralized, federated projects with the intent of taking back control of the internet – where services and their development can be crowdfunded (through the likes of Liberapay and others – check out Snowdrop’s comparison of various crowdfunding services), and the resulting specifications and code are open and free for all to implement and use.  In a nutshell, this means you can run your own server and instance, just for you and maybe your friends, and still be able to see and interact with the greater community – just like how your e-mail address is two parts, a ‘user’ @ ‘a server’, and that doesn’t prevent you from e-mailing anyone you like, even if their address is at some other server, most of these federated, decentralized services use a similar notation: you’re a ‘user’ @ ‘a specific server instance’, and you can freely interact with everyone across the network, regardless of where their account physically lives.  That’s it.

Of course, you can always choose to sign up on someone else’s instance and server if they allow account creation – just like how you sign up for an online forum, you’re generally granting the administrators of that server implicit access to what you’re uploading and posting.  However, there’s no built-in tracking, ads, or anything of that sort – the only things people have access to are what you choose to post and upload.

That’s all well and good – so what are my options?

  • If you’re used to Facebook and Tumblr, you might want to take a look at diaspora*
  • If you’re used to Twitter, you probably want to try tooting with Mastodon (and find your Twitter friends with their helpful bridge tool) – bonus: adorable introduction video
  • If you’re used to Slack, Discord, and Telegram, Matrix and its reference client, Riot are in active development and definitely something to watch.  Group audio calls and videoconferencing via WebRTC are already implemented, there’s a Community/group feature, but as of writing they have yet to implement Discord-style persistent voice channels (though it’s on a wishlist) or Telegram-style stickers (though as of this issue, it sounds like it’s Coming Soon(tm).)

Studio Gear

Pulsar: Lost Colony Review Dump

The following is a lightly edited chat dump of my thoughts on ~7 hours of playing Pulsar: Lost Colony the night before:

I did a lot of Engineering and Sciencing at first, jumping into fill whatever the last open role was in most people’s games. Then saw someone start up a game with only 1/5. Had tweaked my HOTAS setup, so jumped in as Pilot. That run went for like 4 hours.

Continue reading “Pulsar: Lost Colony Review Dump”