Last Notes
That’s right, but I have a use for it. FreshTomato’s solid on older Broadcom gear. I prefer modern hardware with full control. Don’t want my signal reaching the road, so my Beryl AX handles that at home and for travel.
Thanks for the report. I'm immanently going to release a complete rewrite with hopefully better remote signer / amber support
This is how a #GRASP relay sync its git repos based on the maintainers list and repo ID. Thank you @npub15qy…yejr and @npub180c…h6w6 for this cool protocol.
More about GRASP: https://gitworkshop.dev/danconwaydev.com/grasp
cc: @npub1drv…seet @npub1use…k5ks @npub1l5s…gx9z
https://video.nostr.build/12c5f16710a63fca37aca19aad513ffc6d9bcf564a58bc7ae3565a8dde71f13a.mp4
What would you change about the flow, headings, aesthetics scaffold?
Happy to write it up
Did you try writing the text of the page yourself?
Thanks, iterated in this direction.
Ready for another round
https://image.nostr.build/c70156c5caca6ea9fd2cf150031f533bdd268d21b8feaebffc314b333492eeea.jpg
GitWorkshop & Ngit have gotten really easy to use again @nprofile…ntqg . Thanks for all the hard work you put into this!
The content is ok, but the heading/structure is all over the place:
Starts with
1) What
But does not follow with any 2) ~
Then all the sudden has a header with a question ''why will GitHub rugpull my project?''
Which flows without warning into several alternatives. And from those alternatives i am to conclude i should use the nostr one? Not sure, i saw so many names and things i got confused.
I iterated a few times today and in the process read about particle peer to peer approach.
Do yall have any interaction with the particle p2p git devs?
cc @npub180c…h6w6
#devstr what can be done to improve the problem of github messaging marketing website?
https://npub1zafcms4xya5ap9zr7xxr0jlrtrattwlesytn2s42030lzu0dwlzqpd26k5.nosto.re/
cc @npub15qy…yejr @npub1t6j…ksrw
Let's schedule something for Saturday or Sunday. You're UK hours right?
Fyi, I managed to set it up, but a couple of things that weren't so obvious that I tripped up on:
1. I didn't know what to set the repo url to, and I actually set it to the https://hostname instead of the full path, then I used https://hostname/repo and AI figured out to change it to https://hostname/pubkey/repo by looking at the logs. Not sure where I was supposed to get the pubkey from after running `ngit init`
2. I used the default relays, it wasn't super obvious that I was supposed to enter the server url as a relay too. Also after setting it to my server, I see it still also publishes to 3 other public relays. Not sure how useful that is considering afaik it is only on one git server.
Sure, happy to chat. You missed the nostr state event in nips.nostr.com/34 which is the primary way maintainers push. See the grasp spec https://gitworkshop.dev/danconwaydev.com/grasp/tree/master/01.md
This is the most mature implementation: https://gitworkshop.dev/danconwaydev.com/ngit-grasp
Here is the authorization code: https://gitworkshop.dev/
[email protected]/ngit-grasp/tree/master/src/git/authorization.rs note that it implements the purgatory PR to the grasp spec
My brain feels like exploding.
I get that nostr is the source of truth for allowing a repo to be created, and ngit uses hooks, what is another implementation I can look at for http based auth?
Then for pushes, there seems to be 2 methods of pushing afaik:
Post a patch to nostr (kind of curious how author is determined here and/or if there can be signed commits)
Post a pr reference to nostr and push to a /ref/nostr/ branch. So then I guess the git server will merge or move the commits to the right branch?
And then I see there is the permission under the spec to block spam, but no guides on how to identify it.
I think seeing a http implementation would help me here.
And maybe a chat after that if you have time.
FYI; I just set up a custom homelab, everything defined in ansible and backups etc. and am looking to finally expand it with some nostr services.
But first I wanted to host a git server and I wanted to make sure it is compatible with ngit so I can use it over nostr.
I just need to understand how it is protected against malicious actors before making a public git server.
Half right. Both clients and servers treat the git state on nostr as the authority.
One grasp implementation (ngit-relay) uses git hooks to prevent pushes of incorrect state. 3 others implement there own http git server rather than git-http-backend.
An ngit client won't download an incorrect state from a listed git server. This makes the trust relationship with git servers identical to that of nostr relays.
grasp servers authorising a new state. Clients like ngit fetch the only the related data from listed servers. If a server has a d if repository git servers have a different state. Grasp servers prevent other use
@nprofile…w7mh, I was reading about ngit (finally).
I have a question about securing a git repo...
It looks like security is managed via git hooks exclusively? Otherwise the repo should be public and without any auth?
Is that right?
I've never used one. I'd be surprised if there isn't some setup that would work on a local machine.
If Gulagfornia is accelerating, it should not be unexpected that github rugpulls tomorrow.
cc @npub1xts…kk5s @npub1fgz…jeck @npub1fgz…jeck @npub15qy…yejr
#nevent1q…dwz9
I also decreased the timeout in amber
awesome thanks, will upgrade and get back to u
I'd like to catpure the git server responses (what git normally prints) and only show a summary of that. it currently shows what git normally show for but for each git server the maintainer lists.
If you haven't upgraded recently do that (ngit v2.2.3 is current latest) as a lot of the verbose cli output has now been hidden by default.
I've been testing all day and I'm getting a lot of inconsistencies. I think it is a combination of things. relays being flaky with remote signing events, a lack of full compliance with nip46 in rust-nostr and a resulting lack of resilience with Amber. i found more consistency with `nak bunker` running on the same machine. Also with opther nip46 client implementations eg nostrify one used in https://mew.ditto.pub
ngit v2.2.3 now makes it easier to customise the signer relays via `ngit account login`. also it now has hopefully better defaults.
every time i do git push with ngit it prints the whole telephone listing, can it be toned down? @npub15qy…yejr
Other good relays for signers are are ephemeral.snowflare.cc and bucket.coracle.social @nprofile…053e
relay.nsec.app is receiving the message but not replying the the ok (never replies anything)
But ditto took a few seconds and worked
```
login to nostr with remote signer via nostr connect
saved login details to global git config
searching for profile...
failed to find profile...
logged in as @npub1ynz…09ty
```
I tried to test this but i'm getting "error getting fresh nip46 signer: failed to get signer" when trying to setup ngit
Version is 4.1.12, closing and reopening freed it up, but the connection looks halfway broken (Amber shows it but ngit never completes). I do think relays may have something to do with it, ngit is using relay.nsec.app and relay.ditto.pub
Did you also try to force close amber and opening it again?
What relays is it using? relay.nsec.app is not working properly sometimes.
The loading screen is after accepting the connection?
What version of amber are you using?
Still happens in ngit 2.2.0. I think the problem might be relay selections?
@nprofile…h2ck the loading screen persists on every page even when I navigate.
Oh, this is ngit 1.6.0, let me check for an upgrade
@nprofile…ntqg @nprofile…h2ck I'm getting an infinite loading screen when trying to scan a qr code generated by ngit on both 4.1.7 and 4.1.12. Regular bunker URL generated in Amber works fine (although with a decent delay in ngit, and with the bunker url being printed a bunch of times). Let me know if there's any more info I can provide.
I should also tease a grasp implementation ive been working on that live at relay.ngit.dev.
https://gitworkshop.dev/danconwaydev.com/ngit/tree/main/CHANGELOG.md
cc @nprofile…aq5z - docker!
@npub15qy…yejr @npub1hw6…65gr @npub1ye5…knpr @npub1frd…h4dd
Forgot to mention, also added OCI/Docker!
My PR didn't show up on the nostrapps repo either. I never did figure out what I was doing wrong...
Yes your right. The output of those different phases should be consolidated so you just see the status per relay / git / grasp server.
@nprofile…ceyk @nprofile…f5tq
Just trying to make a small contribution but omg, this is confusing af.
https://blossom.primal.net/f6e92aa57c14d2fb3a7e14ede98c2447b959b59c0929c6e7e6ead12d9f7a9fef.png
lol 🤦 thank you, I thought he meant the calendar software.
I ran it from the Debian package for years and eventually switched to NextCloud. Not sure if this is useful information or not. 😅 I guess my question is do you need bleeding edge features or can you use the OS version?
So your needs are: 1) basic Issue / PR flow with good review tooling 2) moderation tools 3) CI tooling? Have I missed anything?
With ngit, nostr events are synced to a db within the .git directory. Also GRASP-05 enables archive servers that mirror repositories the operstor cares about. This enables repository data to always be publically available even if the services the maintainers choose go down.
As @nprofile…3zgd said you can use any git server you want or host it yourself. Grasp is designed to enable users and projects to either self host, use grasp services offered by individuals or teams in their network or use public free or paid servers. The idea is thst projects use multiple grasp services at the same time whic sync up to provides reduncancy. Its also really simple for maintainers to switch service providers by updating a single event.
quote from https://radicle.xyz/guides/seeder :
"While a peer-to-peer network without seed nodes is feasible, it is impractical. This is because regular “user” nodes go online and offline all the time, so finding a user from which to download a certain piece of content can be challenging, or even impossible if all users with that content are offline. Therefore, a healthy peer-to-peer network necessitates at least some highly available nodes that participate in the network like regular peers, but seldom go offline. These are called seed nodes."
last time i checked in on the project it mainly worked through 'seed' nodes which are analogus to relays because p2p was proving so unreliable. I'm not sure how much more decentralised it is in reality.
Hi @npub185h…wrdp, I'm the creator of gitworkshop, gnit and grasp. A combination of relay an client tools can provide the provide this sort of moderation and control for projects that desire it, but the maturity of git nostr isn't really there yet. Whilst the majority of a project community would likely use these tools that support this moderation, the conversation can spill over into the wider nostr ecosystem and clients built / used that don't enforce this moderation. This is the trade-off using an open protocol thats easy to build on.
