so, I posted a pile of servers for free or really really cheap.
2013-03-28 08748, 2013
ocharles
we should probably work out a deployment manifesto at some point
2013-03-28 08749, 2013
ruaok
ZERO inquiries.
2013-03-28 08708, 2013
ocharles
"only deploy with .debs, deployment activation must be done via fabric" etc"
2013-03-28 08712, 2013
ruaok
ocharles: yeah, thankfully everything is pretty simple
2013-03-28 08731, 2013
ocharles
I did a bit of reading into Linux containers yesterday
2013-03-28 08733, 2013
ocharles
they are very cool
2013-03-28 08728, 2013
ruaok
LXC?
2013-03-28 08731, 2013
ocharles
yea
2013-03-28 08711, 2013
ruaok
interesting. very light weight VMs.
2013-03-28 08722, 2013
ruaok
is the focus more on sysadmin than security or both?
2013-03-28 08732, 2013
ruaok
meaning, can untrusted services run in a container?
2013-03-28 08745, 2013
ocharles
the idea is controlled isolation
2013-03-28 08752, 2013
ruaok
understood.
2013-03-28 08702, 2013
ruaok
but how is isolation defined? :)
2013-03-28 08708, 2013
ocharles
if you want to isolate a process to only see eth0 and mount /machines/debian as /, it can do that
2013-03-28 08728, 2013
ocharles
however you define it. it can do isolation on various levels - pid, file systems, network interfaces, maybe a bit more
2013-03-28 08729, 2013
mat_ joined the channel
2013-03-28 08737, 2013
ruaok
interesting.
2013-03-28 08750, 2013
ocharles
http://docker.io builds on top of it, like vagrant builds on top of virtualbox
2013-03-28 08758, 2013
warp
ruaok: containers share the same kernel as the host, vulnerabilities in the interface are perhaps more likely than with real VMs.
2013-03-28 08717, 2013
ruaok
warp: thats exactly what I was trying to get at, thanks. ;)
2013-03-28 08751, 2013
ruaok
slightly OT… with bartendro, the idea of shipping an RPI as part of a product seems very cool.
2013-03-28 08704, 2013
ruaok
until you think about the fact that you're shipping a unix box.
2013-03-28 08715, 2013
ruaok
and all the security and field update implications that come with it.
2013-03-28 08744, 2013
ruaok
would chef be a useful tool for doing in-field updates?
2013-03-28 08754, 2013
ruaok
I'm already planning on having everything in a deb.
2013-03-28 08707, 2013
ocharles
what's an in-field update?
2013-03-28 08709, 2013
ruaok
but ideally, it would be quite simple to update bartendro in the field.
2013-03-28 08716, 2013
ruaok
deployed to customers.
2013-03-28 08724, 2013
warp
ruaok: that's probably why embedded systems use busybox and put as little as possible other binaries on the device.
2013-03-28 08755, 2013
reosarevok
nikki_: logged in fine
2013-03-28 08756, 2013
kepstin-work
well, updating a bartendro means it has to have a net connection; you want to make sure to only do it when the device is not in use - do you want it manually initiated, or silent in the background?
2013-03-28 08707, 2013
ruaok
warp: busybox is more for a small footprint IIRC
2013-03-28 08715, 2013
ruaok
and I fucking hate it. thats why I love RPI.
2013-03-28 08719, 2013
ruaok
its a full blown box.
2013-03-28 08738, 2013
ruaok
kepstin-work: yes, net connection assumed, manually initiated.
2013-03-28 08713, 2013
kepstin-work
ruaok: then you basically just need some ui that does an apt-get update; apt-get (dist-?)upgrade, reboot.
2013-03-28 08730, 2013
warp
ruaok: sure. but it also means the attack surface can be greatly reduced, which means you don't need to worry about security updates as much.
2013-03-28 08710, 2013
kepstin-work
probably combine it with a notification system that runs the update periodically and tells you if there are pending updates
2013-03-28 08712, 2013
warp
ruaok: that obviously also means it's a pain to work with :)
2013-03-28 08711, 2013
ruaok
warp: but, its about carefully striking a balance between hackability and security.
2013-03-28 08719, 2013
kepstin-work
(and of course, you'll have to provide an sd card flash image and instructions for de-bricking, should it not come up from an update)
2013-03-28 08722, 2013
ruaok
kepstin-work: yeah, that might just be enough.
2013-03-28 08731, 2013
ruaok
kepstin-work: yep, that is all cake
2013-03-28 08745, 2013
ruaok
for instance, I want the bot to be 100% hackable.
2013-03-28 08754, 2013
ruaok
that means, there needs to be an easy way to log in.
2013-03-28 08701, 2013
warp
ruaok: yep, it's a tradeoff.
2013-03-28 08716, 2013
ruaok
but the bot should not have a back-door that people from the street can exploit to waste your booze
2013-03-28 08736, 2013
kepstin-work
on the one hand you want it hackable, on the other hand you need it to run as a reasonably-secure kiosk mode
2013-03-28 08749, 2013
ruaok
kepstin-work: ding. exactly that.
2013-03-28 08709, 2013
warp
ruaok: the easiest way to secure it seems to be to just not connect to to anything. if you want to hack on it, plug in the ethernet cable, disconnect when done.
2013-03-28 08723, 2013
ruaok
I think I need to lock down all the access to the box and then distribute an SSH key with which people can log in.
2013-03-28 08728, 2013
ruaok
but even that leaves the door open.
2013-03-28 08738, 2013
kepstin-work
do you plan to hook up a touchscreen directly to the rpi, or how is the ui connected?
2013-03-28 08755, 2013
ruaok
warp: the main point of the bot is to have a wifi connection with which you order your drink.
2013-03-28 08713, 2013
ruaok
we dont have to worry about internet attacks, but local area attacks.
ruaok: you want very careful firewalling then. The only thing exposed on the wifi should be the web ui; admin should require a hardwire connection
2013-03-28 08700, 2013
ruaok
ah!
2013-03-28 08702, 2013
warp
ruaok: what kepstin-work says. the wifi thing should be firewalled and not allow ssh login.
2013-03-28 08704, 2013
ruaok
that seems quite sensible.
2013-03-28 08711, 2013
ruaok
allow SSH connections only over wired interface.
2013-03-28 08749, 2013
ruaok
heh. my drinkbot is going to have a firewall. :)
2013-03-28 08755, 2013
warp
:D
2013-03-28 08711, 2013
ruaok
I can already push to github from it. which is freaking awesome. :)
2013-03-28 08721, 2013
ocharles
a firewall and a ro mount of / is probably enough for a drinkbot
2013-03-28 08746, 2013
ruaok
even then, I need to secure the WS for the bot.
2013-03-28 08749, 2013
kepstin-work
of course, the alternate method of admin is to hook up a keyboard and monitor via hdmi/usb.
2013-03-28 08715, 2013
ruaok
right now, anyone can sign into the access point and do a GET /ws/clean and probably waste $50 of booze. :)
2013-03-28 08724, 2013
warp
lol
2013-03-28 08729, 2013
kepstin-work
do you plan to have the drinkbot act as a wireless access point, or connect to an existing wifi network?
2013-03-28 08729, 2013
ruaok
kepstin-work: that is physically hard.
2013-03-28 08739, 2013
ruaok
the former.
2013-03-28 08748, 2013
ruaok
it is essentially a captive portal
2013-03-28 08753, 2013
warp
ruaok: GET shouldn't be use for that kind of stuff :)
2013-03-28 08759, 2013
ruaok
and the drink menu appears on the "sign into wifi access point" screen
2013-03-28 08701, 2013
ocharles
warp: :)
2013-03-28 08722, 2013
ruaok
warp: yeah. there are loads and loads of things that needs to be cleaned up.
2013-03-28 08724, 2013
kepstin-work
get ws/clean should tell you the amount of bot usage since the last cleaning cycle. should use POST to do a clean ;)
2013-03-28 08745, 2013
ruaok
it was always about getting the next hardware iteration running.
2013-03-28 08752, 2013
warp
ruaok: good luck, have fun!
2013-03-28 08754, 2013
ruaok
now that that is done, I can finally improve the software.
2013-03-28 08756, 2013
ocharles
kepstin-work: probably model /clean as a boolean, and PUT a new value to change the system state
2013-03-28 08757, 2013
warp tries to focus on musicbrainz.
2013-03-28 08719, 2013
ocharles
i don't think you append to the 'clean' resource :)
2013-03-28 08723, 2013
kepstin-work
so yeah, there's basically two levels of auth - 1. ensure that the person accessing is in the party - this could probably be done via a wifi password, and 2. restrict some commands to admin - this needs webservice auth.
2013-03-28 08728, 2013
ruaok
kepstin-work: each of the pumps keeps track of how many turns (or fractions of a turn) its made.
2013-03-28 08732, 2013
ruaok
for hose life and accounting.
2013-03-28 08700, 2013
ruaok
kepstin-work: yeah, the web service auth is the painful part.
2013-03-28 08712, 2013
ruaok
I already have simple web site login for making drinks.
2013-03-28 08740, 2013
ruaok
so, it needs to have javascript based auth. whats good for that/
2013-03-28 08741, 2013
ruaok
?
2013-03-28 08744, 2013
kepstin-work
could probably get by with just a shared secret known to both the bot and the admin user; perhaps generated during install/setup.
2013-03-28 08745, 2013
ocharles
you could do some fun 2-factor authentication with the drink bot, seeing as you have to be in physical distance of the bot :)
2013-03-28 08751, 2013
ocharles
"How many times did the red LED flash?"
2013-03-28 08756, 2013
ruaok
ocharles: heh
2013-03-28 08715, 2013
ocharles
"How many shots did the bot force you to down before showing you this page?"
2013-03-28 08719, 2013
ruaok
kepstin-work: we want to allow anyone with the password to the bot to log in and make drinks.
2013-03-28 08725, 2013
ruaok
ocharles: lol
2013-03-28 08736, 2013
ruaok
how many fingers is the bot holding up?
2013-03-28 08744, 2013
kepstin-work
ruaok: yes, but also limit certain commands to the admin/bot owner I presume?
2013-03-28 08751, 2013
ruaok
kepstin-work: yes
2013-03-28 08715, 2013
ruaok
the admin screen is already protected via login (not on the demo I just linked to, but in production)
2013-03-28 08716, 2013
kepstin-work
should get a usb fingerprint scanner and hook it up ;)
2013-03-28 08740, 2013
ruaok
yep, all sorts of POS integration bits have been requested.
2013-03-28 08759, 2013
ruaok
now if you could do reliable age verification with a fingerprint scanner, then we'd be all over that
2013-03-28 08717, 2013
ruaok
ijabz: building recording index at 42%
2013-03-28 08725, 2013
ruaok
seems to be moving a bit faster now. :)
2013-03-28 08751, 2013
kepstin-work would bet one of the highly-requested features is some way to hand out a number of drink tickets to each attendee
2013-03-28 08741, 2013
ocharles
heh, better hope you have good concurrency control so people can't exploit race conditions to get free drinks ;)
2013-03-28 08713, 2013
ocharles
though I guess the whole physical machine thing imposes quite a bit of serialization :)
2013-03-28 08744, 2013
kepstin-work
if someone requests a drink while a drink is in process, does it refuse, or does it queue?
2013-03-28 08744, 2013
ruaok
ocharles: there is no concurrency control. :( not yet. thats is why we have logins limited to a few people.
2013-03-28 08751, 2013
ruaok
kepstin-work: undefined. :)
2013-03-28 08727, 2013
ruaok
once I get some uninterrupted time to work with the bot, I'll fix all that.
there is a lot of technical debt accumulated in that codebase.
2013-03-28 08747, 2013
ruaok
ocharles: yay!
2013-03-28 08726, 2013
ijabz
ocharles, um shouldn't it be on bitbucket ?
2013-03-28 08703, 2013
warp
ijabz: most of our stuff is on github only. if some contributors prefer bitbucket, we should have a copy on bitbucket as well.
2013-03-28 08720, 2013
ocharles
ijabz: bitbucket is being trialed for reviews
2013-03-28 08726, 2013
ocharles
until then, github is our canonical repository host
2013-03-28 08705, 2013
nikki_ is still annoyed that bitbucket has broken the only thing she wants from reviews :/
2013-03-28 08739, 2013
warp
nikki_: which is?
2013-03-28 08741, 2013
nikki_
emails
2013-03-28 08741, 2013
ijabz
Oh I didnt really want to have to learn the gitthub way just to start al over again for bitbucket
2013-03-28 08715, 2013
ocharles
ijabz: they are the same, but point taken
2013-03-28 08728, 2013
freso joined the channel
2013-03-28 08731, 2013
ijabz
thought we had decided on bitbucket, when does that review end
2013-03-28 08737, 2013
ocharles
no
2013-03-28 08743, 2013
ocharles
no decision, and no deadline :)
2013-03-28 08747, 2013
freso
AFAIK, no decision has been made yet.
2013-03-28 08701, 2013
ocharles
that should go in the next meeting I think - but I can't edit the topic
2013-03-28 08706, 2013
ocharles
irssi seems to only let me do it once, then breaks
2013-03-28 08715, 2013
warp
ocharles: weird
2013-03-28 08719, 2013
Freso_laptop
Freso_laptop has changed the topic to: ?? SMILING FACE WITH SUNGLASSES week | http://musicbrainz.org/#devel dev meeting moved to TUESDAY | Agenda: Reviews, schema change testing (ocharles), review location decision
2013-03-28 08729, 2013
nikki_
warp: more specifically, I want emails to be sent about new reviews and comments on reviews, like review board and github do, but bitbucket recently broke that and you only get them if you have commit access, which I don't have
2013-03-28 08732, 2013
stefan____ joined the channel
2013-03-28 08732, 2013
Freso_laptop
ocharles: you're welcome.
2013-03-28 08757, 2013
warp
nikki_: ah, so giving you commit access would solve it (for you) ?
2013-03-28 08715, 2013
Freso_laptop
warp: But we can only grant commit access to 5 people or so.
2013-03-28 08722, 2013
warp
Freso_laptop: wtf?
2013-03-28 08729, 2013
Freso_laptop
warp: ?
2013-03-28 08747, 2013
warp
Freso_laptop: oh, more ppl is a paid account you mean