Kilos | morning south africa | 06:03 |
---|---|---|
Kilos | ohi superfly , hows things going there? | 06:04 |
Kilos | hi inetpro paddatrapper thatgraemeguy and everyone else | 06:04 |
paddatrapper | Hey Kilos. Hoe gaan dit? | 06:05 |
Kilos | goed dankie en self? | 06:05 |
zipper | Hello has anyone seen Symmetria? | 06:06 |
Kilos | Maaz seen symmetria | 06:07 |
Maaz | Kilos: symmetria was last seen 17 days, 10 minutes and 41 seconds ago in #ubuntu-za on freenode [2016-09-30 22:56:31 PDT], and has been offline on freenode since 2016-10-04 14:24:55 PDT | 06:07 |
Kilos | zipper email him | 06:07 |
zipper | hmmm let me see | 06:07 |
zipper | I have it somewhere | 06:07 |
pavlushka | ahoy ZA! | 06:11 |
pavlushka | Hey Kilos zipper :) | 06:11 |
Kilos | hi pavlushka | 06:11 |
pavlushka | and paddatrapper :) | 06:11 |
paddatrapper | Kilos: goed dankie | 06:12 |
paddatrapper | Hey pavlushka | 06:12 |
zipper | pavlushka: lol you people haven't learned not to mention people in one sentence? | 06:12 |
zipper | You don't know how to make people feel special. | 06:12 |
pavlushka | zipper: lol | 06:12 |
zipper | Your wives must really get angry sometimes. | 06:12 |
zipper | "Hello wife and bunch of other people all at once" :P | 06:13 |
pavlushka | zipper: I really wish that :p | 06:13 |
zipper | pavlushka: You wish what? | 06:13 |
zipper | hmmm? | 06:13 |
pavlushka | zipper: that I could do a "Hello wife and bunch of other people all at once" :p | 06:14 |
zipper | pavlushka: :) | 06:14 |
zipper | You can | 06:14 |
pavlushka | zipper: fortunately or unfortunately I dont have any to make angry :p | 06:14 |
pavlushka | zipper: but you gave me that idea | 06:15 |
zipper | pavlushka: Oh, makes two of us :D | 06:16 |
zipper | pavlushka: When I'm older, hopefully. | 06:16 |
pavlushka | zipper: but you are more experienced I guess. | 06:16 |
pavlushka | among the two :p | 06:16 |
zipper | pavlushka: nope, I'm just a dude typing into a terminal. :) | 06:17 |
zipper | Free Ethiopia!!! | 06:20 |
inetpro | good evening | 07:01 |
pavlushka | inetpro: good evening - 6 hours :) | 07:02 |
Kilos | hi inetpro | 08:48 |
Kilos | 10 to 8 here so you close enough | 08:48 |
Kilos | night all. have a good day | 12:10 |
magespawn | good da all | 12:34 |
magespawn | day too | 12:34 |
magespawn | the statement boggles the mine a little. | 12:34 |
magespawn | s/mine/mind | 12:34 |
=== RemonShai is now known as r3m0n | ||
inetpro | good mornins | 19:46 |
pavlushka | Good Night everyone :) | 19:48 |
* pavlushka yawning | 19:48 | |
pavlushka | Morning inetpro :) | 19:48 |
inetpro | hmm... | 19:49 |
kulelu88 | hey superfly . do you use Redis? | 21:17 |
superfly | kulelu88: no. I know what it is, and I remember when it came out | 21:17 |
kulelu88 | aah okay. I am attempting to use (or find) a datastore that is *fast* for sending messages to users for my bot. apparently redis is a bad idea on its own. Is this true? | 21:18 |
kulelu88 | superfly: ^^ | 21:18 |
superfly | it depends on how you set redis up | 21:19 |
superfly | IIRC one of the big differences between redis and memcached is that redis is persistent. | 21:20 |
superfly | Trixar_za: have you worked with redis? | 21:20 |
kulelu88 | I was chatting to the guys in #redis and they said I can make redis backup to disk, which sounds like a better option than to go the : couchdb -> redis -> flask -> uswgi -> nginx route | 21:21 |
kulelu88 | superfly: what is a 'set' in Python ? | 21:23 |
superfly | kulelu88: yeah, I'd do redis to disk. erm, a set... kinda like a cross between a dictionary and a list | 21:24 |
superfly | a set is a list where each value can only appear once | 21:24 |
superfly | it's create for doing things like finding the intersection of two lists | 21:24 |
kulelu88 | #redis: <minus> hash = dict <minus> list = list <minus> set = set | 21:24 |
superfly | *great | 21:24 |
kulelu88 | superfly: for a data structure like this: ID, number, firstname, lastname, location, is_valid ... Would you use a dict or list ? | 21:25 |
superfly | kulelu88: depends on whether you want random access or sequential access | 21:26 |
kulelu88 | sequential being following a certain order to the data? | 21:27 |
kulelu88 | superfly: ^^ | 21:27 |
kulelu88 | (keep forgetting to not tag) | 21:27 |
superfly | kulelu88: sequential means that if you want to find a particular record, you have to iterate through the list until you find that record | 21:28 |
superfly | kulelu88: ever done backup to tape? | 21:28 |
kulelu88 | superfly: I'm not sure how I can architect it for best I/O performance, but when sending a message to a user, it will be a random user each time (eg. The 3rd-party server will send a POST request with the USERS NUMBER, I will then index the DB, see if IS_VALID is true, then send the message) | 21:30 |
superfly | well, how would you identify that user in your database? | 21:34 |
kulelu88 | you mean validate them? I have already instituted a validation process via the bot | 21:34 |
superfly | no, you're sending a message, right? | 21:38 |
kulelu88 | yeah, from my server to the user. I will have the users number stored in the redis DB | 21:38 |
superfly | kulelu88: you said that the server will send a post with a user number, then you'll "index the DB" -- what does that mean? | 21:39 |
kulelu88 | I will search for the users number | 21:39 |
kulelu88 | Unless... I make the ID = number ? | 21:39 |
superfly | what is the "users number"? | 21:40 |
kulelu88 | oh shizz. sorry, the users number is their actual number they used to register telegram | 21:41 |
superfly | so why don't you use that in your database? | 21:41 |
kulelu88 | I believe I am: ID, number, firstname, lastname, location, is_valid | 21:42 |
superfly | in redis you need a key anyway, so make that the key | 21:42 |
kulelu88 | Will it be a bad idea to keep the ID = number? Is that bad security policy ? | 21:42 |
superfly | and then make that Telegram user number the ID in the database too | 21:43 |
superfly | it depends.... | 21:43 |
kulelu88 | then again, if the server is pwned, they can see the ID and number in any case | 21:43 |
superfly | security is like an ogre | 21:43 |
kulelu88 | I already took care of user validation | 21:44 |
kulelu88 | I mean, REST API validation | 21:44 |
superfly | https://www.youtube.com/watch?v=7d6ZsRM36RU | 21:47 |
superfly | (security and ogres) | 21:47 |
kulelu88 | superfly: is there any way to shield user data in the DB? do people encrypt other data besides the password? | 21:49 |
superfly | well, you could store it on an encrypted disk | 21:49 |
superfly | also, don't store everything on the same server | 21:50 |
superfly | and don't use the same accounts on all the servers, or the same SSH keys. | 21:50 |
superfly | (if you are really really serious about security) | 21:50 |
kulelu88 | you mean don't store the app-server and DB-server on the same *actual* server? | 21:51 |
superfly | yep | 21:51 |
superfly | if you want security, that's kinda how to go about it. separate the systems, make it so that if they get access to one system, none of the other systems are compromised | 21:52 |
kulelu88 | that makes sense. That I can achieve. I will split up redis into it's own container (for testing purposes) | 21:54 |
kulelu88 | Does having 2 VPS servers equate to 2 separate servers or is pwnage still likely? | 21:54 |
kulelu88 | anyway, thanks for the help superfly | 22:00 |
superfly | kulelu88: uh, not quite. and you probably want backup servers too. | 22:01 |
superfly | kulelu88: but this is really high level security, and the reality is that unless you have a really popular server, you're probably not going to be a target for much other than passersby spam bots | 22:02 |
kulelu88 | superfly: I'm not sure how my server will get *that easily pwned* though. Access is only granted via HTTPS client-certificates. So attackers first need a valid cert | 22:03 |
kulelu88 | With fail2ban, only a small subset of IPs will actually be able to reach the server, although I know IP spoofing is possible | 22:04 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!