Published a blog about the new Social Inbox tool we've made at #DistributedPress which makes it easy to add #ActivityPub to your static websites.
@aynish Yeah feel free to poke me if you'd like to dig into it together :)
@mauve Great work! I too wanted a simple #ActivityPub implementation written in typescript for my artwork website. https://brush.reggi.com/
What I find most frustrating right now is that there's no single node / deno / bun agnostic server that's easily "pluginable".
Your index file is a executable https://github.com/hyphacoop/social.distributed.press/blob/initial/src/server/index.ts
I do wish we had a javascript runtime-independent pluginable server. Like wordpress plugins, instagram-like gallery, microblog, blog, newsletter, even ecommerce all plugins.
@thomasreggi Yeah it's rough that the most "standard" js is for talking to external services rather than adding extra ones the way people do with Apache and the such. I guess one could plug node into a CGI script though :P
Personally I'm aiming to reduce the use of webservers in the first place and to rely more on static site publishing and client side rendering.
@mauve I do feel pretty jaded with servers too and static hosting just feels so good. I just kinda think that databases and dynamism is key for real-world apps, queries and stuff like that.
I did just go down a "Ranger Mauve" rabbit hole and watched your youtube videos 😜. I've been thinking alot about worker-owned cooperatives and "ethical software hosting". P2P could be a way out of all of that, really exciting stuff. Really like the android-device-mesh idea and Agregore in general 💜💚.
@thomasreggi @mauve It's not a "pluginable JS server" but I'm hoping my project https://dropserver.org will help fulfill that need at some point.
Running something like the above "AP for static sites" is just the kind of use case I envisioned for Dropserver.
(Right now it would not be possible to implement this because Dropserver doesn't support outbound requests, which I am sure is a requirement here. But I will add this at some point for sure.)
@teleclimber @mauve seems we're on the same page. Both inspired by deno's https://deno.com/blog/a-whole-website-in-a-single-js-file-continued 👀.
I've been thinking about about self-hosting and how much of a pain it is, ram cost, cpu cost. Would love a single. port, process, server that can run everything. Tinkering around with https://yunohost.org/.
Ideally you just have one personal postgres database and can use that for personal data / read-writes. I've been working on an agnostic json-schema-based system https://github.com/reggi/pg_json_functions
@thomasreggi @mauve How is your experience with Yunohost so far?
@teleclimber @mauve good but i'm afraid to share the sites with others because it's a commitment 😭
@thomasreggi @mauve yeah the commitment to family and friends is a big lift.
Is the Distributed Press Social Inbox on your radar? @lightone @liaizon @smallcircles
@mauve Really cool idea!
Quick question on branch hygiene. From looking at the pull requests, it seems as though various feature branches have been hanging around in the repo after getting merged into initial.
However, nothing has yet landed on main (the default). Is that just a way of telling outsiders this isn't ready to look at yet?
@pevohr Ah! We're putting in some last minute changes that might be breaking apis but I'm hoping to tag 1.0 within a week or two. Main thing right now is indexing replies so you can pull them into your post metadata.
It should be *mostly* stable :P
@mauve Nice! It's not that hard to figure out what's going on if you happen to click the branches link:
https://github.com/hyphacoop/social.distributed.press/branches
But if you don't, anyone new to the project winds up on the "main" branch (default) + thinks nothing has happened since July because all the active work is being done on the (non-default) "initial" branch.
@rra @site Hmm are you self hosting your inbox instance? We have swagger docs generated at /v1/docs
Sadly swagger doesn't have the HTTP auth stuff built in so we don't have an out of the box UI yet.
We use the http signature spec for authentication so you shoukd sign yout request with the private key corresponding to your actor's public key: https://docs.joinmastodon.org/spec/security/#http
@mauve ah the swagger docs are really handy. So if I understand correctly I won't be able to complete my post request with curl, but need to use client.setInfo() instead?
@rra sadly the client API is still a WIP but my colleague should be getting to it next week ish. I'll see if I can get a lil somethin done before then though.
technically it should be possible to do it witg curl, you just need to do the digest calculation and signing stuff with openssl or similar. Sadly I don't have ready examples of it cause we did it in js.
Here's how we do it so far: https://github.com/hyphacoop/social.distributed.press/blob/initial/src/server/apsystem.ts#L129
@mauve Hi thanks for the suggestion! Together with @cblgh we managed to recreate the signing code pretty close before you sent it! However we get Bad Request but we're also unsure whether we're overlooking something. Maybe you have an idea?
https://gist.github.com/rscmbbng/63a3066e811aa72a5cab508eb20cdd45
@mauve @cblgh I'm still getting a 400 ("message": "\"[object Object]\" is not valid JSON") so I'm guessing our script doesnt send something yours likes. Anyway I'm out of ideas. If you have a moment to make a script based on the repos code to request an account that would be appreciated. Otherwise I'll wait for a later stage of the release.
@rra @cblgh K! We had a bug in how we authenticated methods which I just fixed today. I also added an account creation script to my staticpub example: https://github.com/RangerMauve/staticpub.mauve.moe/blob/default/create_account.js
Should all be working now!
@mauve Great! I get a 200 indeed (both with your code and the one @cblgh wrote).
This seems to indicate success, but when I then query the user account or do any other action (list admins for instance) I get 500 with "Cannot read properties of undefined (reading 'matchAll')"
I can see that the post request has added something to the store, so the account is there.
This is the path: https://ap.roelof.info/v1/@site@test.roelof.info
This is the actor:
https://test.roelof.info/about.jsonld
@cblgh let us know whether you want to be untagged from this :)
@mauve this is fucking sick and I've wanted something approaching this for a while!