Really enjoying working with Nuxt + Vue + FeathersJS…
Can’t wait to get the basic functionality for a federated personal web site (FPWS) up and running and share it with you all. Getting back into web dev has been a learning process (especially since I’ve been working in Swift + Cocoa/CocoaTouch for the last few years) but finally feel like I’m getting my head around it all – and having a lovely little team in Ghent helps. Just got public-key & JWT auth implemented so that’s a start… ;)
One of the guiding principles with an Indie Site (what we’re calling our federated personal web site implementation) is that it must be as lightweight as possible. Since these are single tenant sites, we can simplify a lot of things. I want to keep everything in a single process, for example, so we’re using LevelDB. Installation should be a single command/automatic. (We’re working on a separate installer app w the goal of <1min domain registration to site live… that’s going to take work…) :)
Longer term, any such project that seeks to be an alternative to the closed, centralised silos of the mainstream is going to live or die based on how convenient it is. And that’s overall convenience, from setup onwards. The greatest design challenge we have, as I see it, is to have decentralised apps/sites compete with the 30 second sign-up of Facebook, etc. If we can bring going from zero to you up and running on your own domain down to < 1 min, we can radically change this game.
@aral sadly, you'd have to compete with "we're already registered" i.e. inertia in top of it all.
As we are certainly going to move on from #twofactor #authentication / #2FA to #multifactor "soon" anyway, perhaps you can consider offering that convenience first only to the #ITsecurity "front runners" who already have #U2F compatible devices such as the #Yubikey by Yubico, which will allow (secure) registration within seconds..?
@FuzboleroXV Hey there! It’s definitely something we can look into at some point. Right now, the bottleneck isn’t the initial configuration of the site itself (all a federated personal web site needs is a strong password to get started), it’s the shortsightedness of the domain registration system and how unreliable it has been traditionally. Thankfully, there are folks working on that and we are also looking into hopefully solving it for ourselves in Ghent as the city has its own TLD.
@FuzboleroXV Would be very interested in your thoughts + possibly contributions once we have the very basic system up and running. It’s all FOSS and being developed in the open.
@aral Sounds exciting. Do you know what the federation mechanism will be yet? Indieweb protocols? ActivityPub?
@neil ActivityPub (although, going forward, I’d like to see the wire protocol be kept as simple as possible and the extensibility implemented at the message/post level).
@aral YES, it’s not as catchy as “blogodon” (hur) but yes yes. Personal federated sites that integrate with federated social networks while also being, you know, WEBSITES
@aral beware re jwt as it might have some sec issues if the corresponding lib is not fixed
@jotbe Thanks, keeping an eye on that but will be looking forward to community reviews of the code as we go. (And thing whenever possible to go with the simplest security and not reinvent the wheel.)
I don't completely understand how this "Federated Personal Web Site" works, could you please explain it more thoroughly for me? 🙂
@RyuKurisu I look forward to showing not telling soon. But, in a nutshell, take Mastodon, strip away multi-tenant support (so it only has an “owner”) and make it feel and behave like a personal web site but one where you can follow folks on the fediverse and they can follow you too. Also, add end-to-end encrypted private messages as a bonus ;)
But first, lots more code to write :)
This is my personal Mastodon.