Write Only Log for December 2023

Hello world!

So I've got this new desktop PC - Silk - and first job is to distribute my SSH key. (Yes, I am going to look into SSH certs, no not today).

Step 1 - Copy the key to a machine that is already trusted. I feel I should just be able to dump it here, but there's no point being silly. I've copied it to OneDrive so I can reach it from the laptop.

(Aside: The laptop is doing it's usual "Got to have a power supply even at 98% charged thing". I really should save up and get a Chromebook or something)

Step 2 - Copy the key to target machines. Easy enough to do manually, but I wish I had a script for it. Ah, well.

Anyway, I'm up on wepiu, so I guess that wasn't the trauma I was expecting. See y'all later!

That's this website updated to .NET8!

Hey folks!

I've finally got ground to writing a nuget server! It's dead simple but I can publish packages to it, and pull packages from it at build time. Rider doesn't like/use/understand the search, but that's easy to work round with dotnet add package.

That, as well as the container registry ('zot') I've installed means that I can start splitting code into libraries (As a smoke test I've put the OIDC stuff into a package) which should allow me to break the site into a bunch of tiny servers (e.g., separate out the blog) that are all SSO, and all sharing css/layout/menus (I might end up with almost everything in it's own package and one server to host them, or I might just keep the menu updated manually).

I think next up is finishing the Hydra front-end/user management service. (it occurs to me that I can hang e.g. mal off the new server without disrupting the old service). I know that realistically it's only ever going to be me and husband (and husband only uses webmail), but I'd still like to get things like roles right (Of course, the right way to do roles is in three layers, users, roles, and actions. Users are assigned roles, and roles are groups of actions. Admins group actions together to create roles, and then roles are allocated to users. But that's probably overkill)

Anyway. It's going well.

I assembled the various bits of my new hydra ui for the first time tonight (Hydra 2.2, the ui, and a client), and it's starting to come together.

I seem to have picked a nice colour palette (although I'm sure that husband will disagree), I can't remember how I did it though.

Still got bugs, clearly, but i think we're in "yeah, this is going to work" territory.

Wishlist:

user management (add, password reset, scope/role assign, suspend, delete)
client management (add, edit, delete, reissue secret) (Note the advantage of this is that all the settings apart from name and callback uri can be preset, making it much easier to add a client)
scope/role management. I should make a choice soon about how I'm going to do this, but I'm fairly sure that roles and scopes are different, and there's no point making life complicated.
self management (set password, name, revoke permissions, remote logout)

Anyway, it's late and a work night.

I think one of the things I like most about JavaScript is that only the code you run has to be semantically correct. So long as broken code matches the syntax rules, the runtime doesn't complain until the code actually breaks.

Of course, this means that you don't find out about certain problems until runtime. As ever, these things are a trade off.

State of play:

auth is up. It's got a UI for client creation, and the client programming stuff is in a nuget package so it's easy to include (just add a stanza to config).
shared.web is started. It's got some/most of the "always going to want this" stuff for a web app in a couple of extensions. I need to add lib.js, lib.css, and probably a _Layout, along with the tag helpers from auth.

It's also got the CSP stuff I wrote a while back, and I want to add a nonse tag helper.
mal has been converted to the new style as a test. It works great, except it doesn't have a menu. Still thinking about menus (clearly the answer is to check some dynamic source for menu contents at page create time, but what's the best way to store/edit/distribute the data?)

What's next:

Install the ELK stack (or at least, ElasticSearch, Kibana, and the Elastic APM stuff) on a VM and hook that into the shared.web library.
Sort out a local CA and setup mtls.
Split out the blog from the rest of osric.uk (depends on the menu, ish)

I've got mal, and this blog, and I'm not sure what other bits of the door do keep.

'About you' is interesting, and id like to get weather fettled up at some point, but really, the only wiring parts are those two.

I can split the blog into it's own service, and then strip down the "top level" bit to the front page with the calender.

(TODO: turn the calender into a component that takes a collection of (Date, Uri) pairs so I can draw e.g blog entries and Dr who episodes)

On the list at the moment:

Editor, for both mal and the blog.
Dr who database. Using the data that husband put together, I want to do some date based stuff.
particles/flocking/collision avoidance

anyway. no overwhelming need to keep most of the stuff

Semantic Versioning is bogus, because every change changes the behaviour of code.

The CPU no longer overheats when you hold down the spacebar — XKCD: Workflow

Since people are mostly not crazy/stupid, I've clearly misunderstood what Semantic Versioninig is about.

(Poot, the image in the previous entry is broken because of my Content Security Policy)

Looks like sql window functions should let me dump blog entries and their edited versions into a table, and then do something like

SELECT *
FROM (
    SELECT
      ROW_NUMBER() OVER (
        PARTITION BY "EntryId"
        ORDER BY "Date" DESC
      ) AS "rank",
      Text, EntryId, Date
    FROM "Entries"
  ) sub
WHERE
  "sub"."rank" = 1

To get the latest version of any given entry. I'll need to drop into raw sql, but EF should cope with that ok.

(Do I really need to keep old versions of entries? Life is far more simple if I don't, but disk space is cheap enough and I like to let my hording tendencies loose now and then.)

I still want to add automatic entries to the blog, although the only thing I can think of at the moment is git commits.

Looking back at an entry from November about Lisp pairs ('conses', i think), it is now obvious that they should be something like

public abstract class MalValue {} // the base type for values

public class MalPair(MalValue first, MalValue rest) : MalValue {}

(C#'s new "Primary Constructor" syntax is nifty)

Because MalPair extends MalValue, either side of the pair can be another pair. I wonder how much work it would be to drop lists and construct these instead. Probably not worth it (I can only see it costing performance), but it might be fun.

Pros and cons of moving auth.shared to shared (and therefore shared.auth).

Pros are mostly "that's where the shared code is" and "the names will line up better".

Cons are "it's work (and need to update its consumers)" and "that's were the auth code is".

Hmm.