Times are UTC Toggle Colours
00:30:21 *** WormnestAndroid has joined #openttd 00:38:22 *** WormnestAndroid has quit IRC 00:39:11 *** WormnestAndroid has joined #openttd 02:39:11 *** dwfreed has quit IRC 02:39:14 *** dwfreed has joined #openttd 03:56:36 *** D-HUND has joined #openttd 04:00:02 *** debdog has quit IRC 04:10:34 *** Compu has joined #openttd 04:46:10 *** glx has quit IRC 05:11:07 *** snail_UES_ has quit IRC 07:27:25 *** Eddi|zuHause2 has joined #openttd 07:32:57 *** Eddi|zuHause has quit IRC 07:47:03 *** andythenorth has joined #openttd 07:56:35 *** sla_ro|master has joined #openttd 08:06:06 *** Xaroth has quit IRC 08:07:22 *** supermop_Home has quit IRC 08:13:29 *** el3ktr4 has joined #openttd 08:24:57 *** el3ktr4 has quit IRC 08:24:57 *** D-HUND has quit IRC 08:24:57 *** lpx has quit IRC 08:24:57 *** seatsea04192116 has quit IRC 08:24:57 *** crem has quit IRC 08:24:57 *** ZirconiumX has quit IRC 08:24:57 *** tneo has quit IRC 08:24:57 *** Ammler has quit IRC 08:24:57 *** XeryusTC has quit IRC 08:24:57 *** planetmaker has quit IRC 08:25:48 *** el3ktr4 has joined #openttd 08:25:48 *** D-HUND has joined #openttd 08:25:48 *** crem has joined #openttd 08:25:48 *** ZirconiumX has joined #openttd 08:25:48 *** Ammler has joined #openttd 08:25:48 *** tneo has joined #openttd 08:25:48 *** planetmaker has joined #openttd 08:25:48 *** XeryusTC has joined #openttd 08:25:48 *** seatsea04192116 has joined #openttd 08:25:48 *** lpx has joined #openttd 08:25:48 *** liquid.oftc.net sets mode: +ov planetmaker planetmaker 08:27:39 *** Pikka has joined #openttd 08:35:28 *** lpx has quit IRC 08:35:28 *** seatsea04192116 has quit IRC 08:35:28 *** crem has quit IRC 08:35:28 *** ZirconiumX has quit IRC 08:35:28 *** tneo has quit IRC 08:35:28 *** Ammler has quit IRC 08:35:28 *** D-HUND has quit IRC 08:35:28 *** XeryusTC has quit IRC 08:35:28 *** planetmaker has quit IRC 08:35:28 *** el3ktr4 has quit IRC 08:37:19 <andythenorth> pikka o/ 08:37:34 <Pikka> o/ 08:37:43 <Pikka> 200% horse? 08:37:51 <andythenorth> 101% 08:37:53 <andythenorth> torps https://www.tt-forums.net/viewtopic.php?p=1228875#p1228875 08:39:05 *** cHawk has joined #openttd 08:39:28 <Pikka> excellent 08:39:36 *** lpx has joined #openttd 08:39:36 *** el3ktr4 has joined #openttd 08:39:36 *** D-HUND has joined #openttd 08:39:36 *** crem has joined #openttd 08:39:36 *** ZirconiumX has joined #openttd 08:39:36 *** Ammler has joined #openttd 08:39:36 *** tneo has joined #openttd 08:39:36 *** planetmaker has joined #openttd 08:39:36 *** XeryusTC has joined #openttd 08:39:36 *** seatsea04192116 has joined #openttd 08:39:36 *** liquid.oftc.net sets mode: +ov planetmaker planetmaker 08:39:53 *** Eddi|zuHause2 is now known as Eddi|zuHause 08:41:41 *** planetmaker has quit IRC 08:42:06 *** planetmaker has joined #openttd 08:42:06 *** ChanServ sets mode: +o planetmaker 09:03:48 *** andythenorth has left #openttd 09:13:43 <peter1138> Larks 09:14:09 <peter1138> So those browser shots... mostly ancient browsers on ancient OSes... so... 09:14:22 <peter1138> "Expected" 09:16:40 <Eddi|zuHause> ... is that really much different from our target audience, though? 09:18:05 <peter1138> Heh 09:18:23 <peter1138> Hmm, I wonder how my padding patch looks if I increase padding but not line thickness. 09:55:06 *** DecapitatedO has quit IRC 09:55:31 *** el3ktr4 has quit IRC 09:57:03 *** el3ktr4 has joined #openttd 10:03:07 *** Samu has joined #openttd 10:04:37 *** DecapitatedO has joined #openttd 10:13:49 *** gnu_jj has quit IRC 10:37:30 *** gelignite has joined #openttd 10:38:45 <peter1138> Damn, vanilla beta server is quite popular. 10:39:01 <peter1138> Also, buoys everywhere. 10:39:34 *** gnu_jj has joined #openttd 10:39:59 <LordAro> peter1138: 25 year old habits are hard to break :p 10:40:19 <peter1138> Yar 11:05:59 *** el3ktr4 has quit IRC 11:06:31 *** el3ktr4 has joined #openttd 11:22:32 *** sla_ro|master has quit IRC 11:31:19 *** el3ktr4 has quit IRC 11:42:26 *** WormnestAndroid has quit IRC 11:42:40 *** WormnestAndroid has joined #openttd 12:03:59 *** el3ktr4 has joined #openttd 12:11:06 *** el3ktr4 has quit IRC 12:18:23 *** snail_UES_ has joined #openttd 12:31:15 *** snail_UES_ has quit IRC 12:48:07 <Pikka> wait, ships don't need lots of buoys any more? :) 12:52:53 <Eddi|zuHause> we don't even have patch notes. and even if we did, nobody would read them 12:53:26 <planetmaker> Pikka, yeah :) 12:54:38 <Pikka> I guess I can get rid of all civilai's buoys then :) 12:59:18 <Eddi|zuHause> Pikka: if you want to make it unavailable for people who run the current stable version of the game 13:00:23 <peter1138> I think we removed some limit since we cache the path now. 13:00:32 <Pikka> wasn't necessarily going to do it promptly :P just something to remember for the future 13:00:36 <peter1138> But yeah, 1.10-beta. 13:00:57 <peter1138> You can still use buoys to save CPU time though, just nowhere near as much effect. 13:01:03 <peter1138> And getting an AI to do that may cost more, heh. 13:02:25 <Eddi|zuHause> that might depend on how often the AI creates new routes, or checks whether existing routes were cut off 13:02:50 <peter1138> Mmm 13:03:09 <peter1138> 2046, game is gonna end soon. 13:03:25 <peter1138> I'm just sat on there as a spectator, so no progressing time just by myself :p 13:04:58 <peter1138> Hmm, is there a setting to autosave as a game ends? Not that it's very useful... 13:05:25 *** tokai|noir has joined #openttd 13:05:26 *** ChanServ sets mode: +v tokai|noir 13:12:17 *** tokai has quit IRC 13:22:43 <planetmaker> Pikka, don't get rid of all buoys. They are still very helpful in laying out paths, and definitely speed-up the process if paths do change in case of landscaping activities 13:23:07 <Pikka> ok 13:31:17 <peter1138> Yeah, true. 13:31:29 <peter1138> You can get away with less though. 13:56:13 *** gelignite has quit IRC 14:03:55 *** Flygon has quit IRC 14:09:20 <peter1138> I should probably know this... is there support for colour codes via the "say" command? 14:18:57 *** el3ktr4 has joined #openttd 14:21:59 *** el3ktr4 has quit IRC 14:22:55 *** el3ktr4 has joined #openttd 14:29:25 <_dp_> don't think there is a support for color codes in chat at all 14:29:36 <_dp_> otherwise I would've used it long ago xD 14:30:28 <_dp_> and yeah, would be nice to have it ;) 14:37:00 <peter1138> Yeah, built in scripting is a bit limited :p 14:37:12 <peter1138> I guess it was always "use an external tool" 14:43:57 *** nielsm has joined #openttd 14:57:46 <peter1138> Hello 14:59:19 *** supermop_work has joined #openttd 14:59:23 <supermop_work> hi 14:59:52 *** Pikka has quit IRC 15:47:54 *** Arveen2 has quit IRC 15:56:47 *** Wormnest has joined #openttd 16:02:23 *** syr has quit IRC 16:02:53 *** syr has joined #openttd 16:30:22 *** cHawk has quit IRC 16:52:23 *** Progman has joined #openttd 17:02:14 *** glx has joined #openttd 17:02:14 *** ChanServ sets mode: +v glx 17:05:39 *** hythlodaeus has joined #openttd 17:05:51 <hythlodaeus> https://www.rockpapershotgun.com/2020/01/27/best-management-games-pc/2/ 17:06:17 <hythlodaeus> congrats folks, we made it to #15 ^^ 17:13:42 <hythlodaeus> I thik it's notorious that, for example, RCT2 and Theme Hospital were respectively knocked out by their spiritual successors Planet Coaster and Two-Point Hospital, whereas OpenTTD trumped Transport Fever 17:14:27 *** sla_ro|master has joined #openttd 17:18:23 <LordAro> lol, dwarf fortress at #3 17:18:56 <Eddi|zuHause> doesn't make much sense, their "we kicked out" list contains 5 entries and "we included" contains 6?!? 17:19:01 <nielsm> dwarf fortress is a good sim and a good story generator&inspirator, but a bad game :P 17:28:10 *** Arveen has joined #openttd 17:32:55 <FLHerne> It has all of OTTD's problems but even worse, really? 17:33:42 <FLHerne> Fundamentally CPU-bound and single-threaded, complex and inscrutable UI that makes some common actions very hard 17:34:02 *** cHawk has joined #openttd 17:34:48 <FLHerne> Lots of game mechanics, supporting open-ended self-directed gameplay, but no [meaningful] win condition 17:35:12 <FLHerne> Steep learning curve 17:35:45 <FLHerne> Same issues with people modding in nonsense, too :P 17:36:19 <FLHerne> "Is it possible to create a creature that exhales live bees? I know that it's probably not possible, but I really want to see if it can be done. If it is possible, how would I do it?" 17:37:42 <LordAro> :D 17:39:02 <FLHerne> (you can try, but the game crashes because of implementation details :P) 17:39:58 <hythlodaeus> DF is a mess yeah 17:40:09 <hythlodaeus> doesn't help the whole thing is closed source either 17:46:30 <nielsm> hm this is silly, trf2 is using a full cpu core on the main menu 17:46:37 <nielsm> it's a static image with music over 17:51:43 <milek7_> no vsync? 18:27:06 *** cHawk has quit IRC 18:29:41 *** andythenorth has joined #openttd 18:31:15 <andythenorth> o/ 18:35:28 *** frosch123 has joined #openttd 18:37:21 <andythenorth> quak 18:38:07 <frosch123> hoi 18:38:30 *** tokai has joined #openttd 18:38:30 *** ChanServ sets mode: +v tokai 18:39:04 *** gelignite has joined #openttd 18:39:14 <frosch123> TrueBrain: apparently we shall praise aws on twitter to keep on getting credits, or something 18:40:03 <frosch123> (this is just a hint that info@ got a mail with little content, that you may know already anyway) 18:42:48 <LordAro> frosch123: well that seems awful 18:44:42 <andythenorth> unrelated 18:45:08 * andythenorth thinks there's probably a better way to publish to S3 than drag-drop in the browser UI 18:45:17 *** tokai|noir has quit IRC 18:48:30 *** el3ktr4 has quit IRC 18:54:25 *** cHawk has joined #openttd 18:59:59 <TrueBrain> frosch123: tnx, so we finally got an email :P 19:00:14 <TrueBrain> it is clear from the email that they know we never received any other email :P (the credits were just there all of a sudden) 19:00:25 <TrueBrain> and I agree with them that a blog-post of some kind at some point in time would be the least we can do 19:00:52 <TrueBrain> most likely people will even be interested to read what we are doing with this AWS migration :P 19:01:16 <TrueBrain> on unrelated news: I am missing the nightlies we produced between 2018-04 and 2019-01 .. unacceptable 19:02:36 <frosch123> it's eddi's job to make statements about the empty set 19:02:37 <TrueBrain> hmm, did we produce binaries during that time ... that is another question ofc 19:02:57 <TrueBrain> I think we migrated to GitHub on 2018-04? 19:03:40 <frosch123> https://www.openttd.org/news/2018/04/15/openttd-is-now-migrated-to-github.html 19:03:43 <TrueBrain> 2019-01 was the month I added Azure Pipelines to OpenTTD 19:03:52 <TrueBrain> so I guess we simply didn't put out binaries between those two dates? :D 19:03:58 <frosch123> https://www.openttd.org/news/2019/01/26/new-website-and-nightlies-are-back.html 19:04:17 <TrueBrain> you got to love a news archive :) 19:04:22 <frosch123> there are also no other news between those two 19:04:40 <TrueBrain> says enough about the state of OpenTTD in 2018 :) 19:04:41 *** Wolf01 has joined #openttd 19:06:39 <TrueBrain> right, time to upload 10 year of archive in that case :) 19:07:13 *** el3ktr4 has joined #openttd 19:10:56 <andythenorth> monthly dev post? o_O 19:11:02 <andythenorth> when was the last one? 19:16:14 <peter1138> Hi 19:16:31 <peter1138> Hmm, that roasted chilli pepper was hot :p 19:16:31 <LordAro> andythenorth: sounds like you're volunteering 19:16:32 <Wolf01> There were dev posts? 19:16:54 <andythenorth> I tried doing a dev post 19:17:00 <andythenorth> that's not something to repeat 19:17:00 <peter1138> I wonder if it's possible for me to go a day without commenting on food. Hmm. 19:17:16 <TrueBrain> I feel a challenge coming up 19:21:11 <andythenorth> it's a bit meta 19:21:17 <andythenorth> is commenting about commenting a comment? 19:21:42 <andythenorth> o/t Youtube comments have allowed some idiots to self-identify again 19:21:45 <andythenorth> useful how that works 19:24:56 <frosch123> andythenorth: you started with daylength, and now months are suddenly too long? 19:25:15 <andythenorth> how long are they right now? 19:25:30 <andythenorth> about 80 days? 19:25:38 <andythenorth> 2019-10-26 19:25:46 <andythenorth> ~90 days 19:27:11 <peter1138> Self-identify again? 19:28:29 <andythenorth> 'we should bring back coal power stations in the UK so my favourite train runs again' 19:28:33 <andythenorth> also brexit stuff 19:28:41 * peter1138 ponders some oil-rig action. 19:29:24 <andythenorth> of all the weird narratives around brexit, 'we have been shutting down our railways because the EU made us' is one of the weirdest 19:30:14 <DorpsGek_III_> [OpenTTD/OpenTTD] JMcKiern commented on issue #7735: Protocol handler to join network games https://git.io/Jemi1 19:30:43 <andythenorth> hmm 19:30:50 <andythenorth> I should probably stop reading the internet 19:31:00 <peter1138> Yes 19:31:45 <TrueBrain> https://openttd-cdn.org/openttd-nightlies/ 19:31:48 <TrueBrain> SO MANY NIGHTLIES 19:31:57 <andythenorth> I'll read the nightlies instead 19:32:06 <peter1138> Nice. 19:32:39 <peter1138> Ah, we still don't build Linux nightlies. 19:33:27 <peter1138> (Not a complaint, just an observation.) 19:33:32 <TrueBrain> peter1138: nope, nobody seems to be fixing the issue :( 19:33:52 <TrueBrain> I personally really have no clue, but there are people who would like it 19:34:58 <andythenorth> so...in-game display of backstory / extended info for vehicles then? o_O 19:35:10 <andythenorth> little window, opened from buy menu, or vehicle window 19:35:12 * andythenorth biab 19:37:42 <frosch123> TrueBrain: i know "osie", but what is "osi". also "osie" is 404 19:38:03 <TrueBrain> good question 19:39:08 <frosch123> is "strgen-nightlies" a good idea? i expect people to download the "latest" and complain that it does not work. better delete it? 19:39:32 <TrueBrain> sure 19:39:43 <TrueBrain> if there is anything else I can clean up, please let me know :) 19:40:48 <frosch123> well, i intentionally did not migrate pngcodec to github 19:41:06 *** gelignite has quit IRC 19:41:07 *** gelignite has joined #openttd 19:41:10 <TrueBrain> so remove it? 19:41:27 <frosch123> but i think you were the author, so if you feel nostalgic 19:41:33 *** Smedles has quit IRC 19:42:58 <TrueBrain> there was never a stable release, so it is noise to me :) 19:43:05 *** Smedles has joined #openttd 19:43:51 <TrueBrain> the grfcodec-nightlies annoy me :P 19:44:08 <TrueBrain> but I guess that needs fixing by producing new ones :D 19:44:59 <TrueBrain> okay, when ever the cache expires, fixed "osi/osie", removed "pngcodec" and "strgen" 19:45:49 <frosch123> "listing.yaml" is also a cache relict? 19:45:58 <TrueBrain> no 19:45:59 <TrueBrain> open it :) 19:46:05 <TrueBrain> hmm 19:46:07 <TrueBrain> wrong value in there 19:46:08 <TrueBrain> oops 19:46:09 <TrueBrain> let me fix that 19:46:34 <frosch123> it looked like an unfinished version of folders.yaml 19:47:18 <TrueBrain> reload it now (might be locally cached, so hit that F5) 19:47:38 <TrueBrain> basically, it is the configuration 19:47:43 <TrueBrain> so maybe I should call it config.yaml :D 19:49:42 <TrueBrain> https://openttd-cdn.org/config.yaml <- there we go 19:50:03 <TrueBrain> it tells the cdn-generator what folders exist, and how they are configured .. releases, nightlies, per-year, etc 19:56:02 <frosch123> do you care when the changelog is empty in non-openttd folders? 19:56:18 <TrueBrain> I tried to fix those I could; not sure which ones are still empty? 19:56:21 <TrueBrain> (some I couldn't fix) 19:56:39 <frosch123> i randomly checked grfcodec 6.0.5 and 6.0.6 19:57:15 <TrueBrain> let me get an exact list which ones are empty 19:57:21 <frosch123> oh, for releases they are not autogenerated, so possibly noone wrote one :) 19:57:28 <TrueBrain> ah 19:57:33 <TrueBrain> that sounds like a bad thing :) 19:57:58 <frosch123> https://github.com/OpenTTD/grfcodec/blob/master/changelog.txt 19:58:02 <TrueBrain> there are 8 nightlies with an empty changelog, nothing that I can do about that ... release 0.1.0 and 0.2.0 are empty .. and those 2 grfcodecs 19:58:04 <TrueBrain> funny 19:58:30 <TrueBrain> that content and the one in changelog.txt are widely different :D 19:58:38 <TrueBrain> shall I replace it with what is in that file for all releases? 19:59:20 <frosch123> hmm, so they were autogerated for grfcodec... 19:59:48 <TrueBrain> last 5 commits, by the looks of it 19:59:52 <TrueBrain> it looks absolutely bonkers :D 20:00:11 *** andythenorth has quit IRC 20:00:14 <frosch123> yeah, the hand-crafted one looks better 20:01:06 <frosch123> well, nforenum and grfcodec version numbers are bonkers anyway :) 20:02:29 <TrueBrain> I have no changelog for 1.0.0-RC1 :( 20:03:51 <TrueBrain> ah, found it in the source tarball :D 20:04:24 <frosch123> https://openttd-cdn.org/grfcodec-releases/1.0.0/changelog.txt <- that still contains the changes between rc1 and stable 20:06:42 <TrueBrain> reload :D 20:07:32 <frosch123> yay, so much effort :) 20:08:52 *** andythenorth has joined #openttd 20:09:09 <TrueBrain> I like getting these things right :) 20:09:10 <TrueBrain> small effort :) 20:09:15 <TrueBrain> high reward :D 20:09:18 <TrueBrain> (I am crazy :P) 20:19:33 <DorpsGek_III_> [OpenTTD/workflows] TrueBrain updated pull request #4: Add: [CDN] code and config to generate required files for CDN https://git.io/Jvmvo 20:21:47 <TrueBrain> pretty happy all files are in a single place again :) Now I just need to automate it, but .. that is the easy part now :) 20:21:56 <TrueBrain> if you find anything else odd frosch123, lemme know! 20:22:44 <TrueBrain> hmm .. am I going to redirect finger.openttd.org to here, or am I just closing it down ... tools using it for automation can go batshit crazy if I redirect 20:22:56 <TrueBrain> possibly better to just expire the DNS entry 20:25:10 <frosch123> all good, thanks :) 20:25:30 <TrueBrain> https://openttd-cdn.org/README.md w00p :D 20:26:12 <DorpsGek_III_> [OpenTTD/workflows] TrueBrain updated pull request #4: Add: [CDN] code and config to generate required files for CDN https://git.io/Jvmvo 20:29:01 <planetmaker> hi, is there a reason to use a new domain openttd-cdn.org instead of cdn.openttd.org? 20:31:06 <TrueBrain> yes! 20:31:40 <frosch123> it's the new name of the project, openttd-jgr and openttd-cdn 20:31:50 <TrueBrain> ha :D I like that :P 20:31:52 <TrueBrain> but no :) 20:32:05 <TrueBrain> planetmaker: do you really want to know? Or can I just summarize it: technical reasons? :D 20:32:30 <TrueBrain> (don't get me wrong, I don't mind sharing, but I wonder why you ask :D) 20:32:51 <frosch123> maybe he wants a openttdcoop-cdn :) 20:33:06 <TrueBrain> he should go for it :) 20:33:26 <planetmaker> I'm curious as to why... it doesn't *look* optimal 20:33:29 <TrueBrain> honestly, if openttdcoop pays for the bandwidth, that would be easy enough :) 20:33:37 <planetmaker> (for the inaugurated) 20:33:52 <frosch123> TrueBrain: most of coop bandwidth is for factorio servers these days, or so :) 20:34:41 <planetmaker> but sure I don't need a cdn for anything 20:34:57 <planetmaker> for coop 20:35:20 <TrueBrain> okay, you asked: in the backend we run AWS S3, which doesn't support "index.html" for HTTPS. So in front of it there is AWS CloudFront, which is, relatively speaking, expensive in terms of bandwidth. OpenTTD pushes 4TB of bandwidth per month, and this would cost us 4000 * 0.08 eurocent per month. Expensive. So in front of that is CloudFlare, which 20:35:20 <TrueBrain> is "free" and caches most of the files sufficiently to drop that 4TB to a few GB. But the Free account of CloudFlare doesn't allow running on a subdomain, so it needs a full domain. Hence: openttd-cdn.org :) 20:35:55 <TrueBrain> and yes, this took several days to figure out and build :P 20:36:04 <LordAro> how much would Cloudflare cost, ooi? 20:36:09 <TrueBrain> 0 euro 20:36:12 <planetmaker> sounds more like money reasons than technical :) 20:36:12 <DorpsGek_III_> [OpenTTD/OpenTTD] nielsmh commented on issue #7735: Protocol handler to join network games https://git.io/Jemi1 20:36:27 <andythenorth> no CDN maybe 20:36:33 <andythenorth> but artefact publishing would be useful 20:36:41 <LordAro> TrueBrain: how much would it cost for the tier that allows subdomains? :p 20:36:46 <TrueBrain> planetmaker: well, part is technical (S3 not supporting index.html for HTTPS), part is financial ;) 20:36:54 <TrueBrain> LordAro: euuuhhhhh 20:37:08 <TrueBrain> LordAro: 200 euro a month 20:37:19 <andythenorth> this URL is not very compelling, but I can't be arsed to think about buying a domain name :P https://firs-test-1.s3.eu-west-2.amazonaws.com/iron-horse/docs/html/tech_tree_table_red.html 20:37:43 <andythenorth> I did try reading the docs for S3, I could do like grf.andythenorth.co.uk or something 20:37:45 <LordAro> @calc 4000*0.08/100 20:37:45 <DorpsGek> LordAro: 3.2 20:37:52 <LordAro> TrueBrain: quite a bit more 20:38:06 <andythenorth> but I painted trains instead of reading about DNS and CNAMES and stuff 20:38:23 <LordAro> hang on though, 3.2 euro/month was "Expensive" ? 20:38:25 <TrueBrain> LordAro: what is that division by 100 doing? 20:38:35 <LordAro> 0.08 eurocent, you said 20:38:38 <TrueBrain> euh 20:38:40 <TrueBrain> 0.08 euro 20:38:41 <TrueBrain> oops 20:38:42 <TrueBrain> 8 eurocent 20:38:45 <LordAro> aha 20:38:45 <TrueBrain> that is a nasty typo :D 20:38:50 <LordAro> @calc 4000*0.08 20:38:51 <DorpsGek> LordAro: 320 20:39:03 <LordAro> :) 20:39:05 <TrueBrain> you ... really had to calculate that? 20:39:07 <LordAro> i did not 20:39:10 <TrueBrain> really? You .. had to? 20:39:11 <TrueBrain> :P 20:39:28 <TrueBrain> but yeah, I found 320 euro per month too expensive, and 200 euro per month too 20:39:31 <TrueBrain> openttd-cdn.org is cheaper 20:39:46 <andythenorth> openttd-cdn.org/firs? :P 20:39:59 <TrueBrain> bonus: CloudFlare CDN is better than AWS CloudFront (as CDN), in my opinion 20:40:02 <TrueBrain> better edge-locations 20:40:18 <LordAro> TrueBrain: i'm guessing just having a cdn.openttd.org/* redirect to the other isn't an option either? 20:40:24 <TrueBrain> andythenorth: personally, I am fine with things like that, but the administration can be a bit annoying 20:40:53 <TrueBrain> what would that redirect help? did any of you notice the current CDN urls? :) 20:41:02 <TrueBrain> https://openttd.ams3.cdn.digitaloceanspaces.com/openttd-releases/1.10.0-beta2/changelog.txt 20:41:03 <TrueBrain> I mean 20:41:05 <LordAro> well, true 20:41:23 <andythenorth> who signs it? :P 20:41:44 <TrueBrain> in the backend, cdn.openttd.org btw exists, and it is where AWS CloudFront listens. This because I wanted a full HTTPS (strict-validation) from end-user to AWS S3 20:42:16 <LordAro> in which case, why bother with CloudFront at all? is it needed for the full https? 20:42:37 <TrueBrain> yes. An S3 bucket cannot listen on HTTPS and do index.html 20:42:44 <TrueBrain> you need AWS CloudFront for that 20:42:59 <TrueBrain> and I refuse to serve the files over HTTP 20:43:15 <LordAro> right, and you wouldn't want to do CloudFlare -> S3 over HTTP 20:43:16 <TrueBrain> so there is now a AWS Lambda@Edge on the AWS CloudFront doing the index.html 20:43:23 <TrueBrain> no, I do not :) 20:43:28 <TrueBrain> integrity is important for some silly reason :D 20:43:55 <TrueBrain> this really turned out to be some complicated shit :P 20:45:48 <milek7_> and I still don't understand what's benefit of all this cloud complications compared to serving from single dedicated server ;P 20:46:19 <TrueBrain> run an Open Source project which has 50+ request per second, do that for 10 years, and we talk again :) 20:46:53 <TrueBrain> but yeah, managed vs unmanaged :) 20:47:06 <andythenorth> what's a dedicated server? 20:48:04 <milek7_> leased computer sitting somewhere in datacenter 20:48:42 <TrueBrain> pretty sure he was trolling :D 20:48:49 <andythenorth> pretty sure 20:49:10 <TrueBrain> owh, CloudFlare Pro has something I would like to enable .. and it is free for Open Source projects .. possibly worth getting it .. 20:49:13 <andythenorth> I hope to never ever be anywhere near a dedicated server 20:49:31 <andythenorth> although we owned ours, because we couldn't afford not to 20:49:43 <andythenorth> owning servers is the absolute worst, leased is at least better than that 20:50:49 <TrueBrain> anyway, I hope that cleared up the question: why openttd-cdn.org :D 20:51:38 <andythenorth> off-topic: do we have any clue what to do with the newgrf translator? 20:52:05 <TrueBrain> I love how you consider that off-topic :D 20:52:24 <andythenorth> it was always a coop thing, but that channel died :P 20:53:50 <LordAro> andythenorth: i mean, eints is also use for ottd 20:54:03 <TrueBrain> hmmmm ... there is one tiny mistake in my master-plan ... OpenTTD client still talks only HTTP 20:54:10 <andythenorth> different eints though 20:54:15 <TrueBrain> I totally forgot :( 20:54:33 <andythenorth> pff small details 20:54:43 <TrueBrain> well, 90% of the traffic is via OpenTTD client :P 20:54:55 *** el3ktr4 has quit IRC 20:55:12 <milek7_> it can talk through tcp content server too 20:55:37 <TrueBrain> it returns HTTP addresses to fetch the binaries, for any modern version of OpenTTD 20:55:52 <TrueBrain> (and it can still fallback to TCP only, but that is rare) 20:56:06 <TrueBrain> 3% is only like that 20:56:14 <frosch123> i thought it does that for every content that is not "latest" 20:56:20 <TrueBrain> (those are BaNaNaS files that are not available via http) 20:56:21 <LordAro> andythenorth: they're only very slightly different 20:56:25 <TrueBrain> frosch123: ^^ :) 20:56:38 <TrueBrain> well, minus LordAro's line :D 20:57:07 <frosch123> so it is not dependent on the ottd version 20:57:27 <TrueBrain> old versions of OpenTTD couldn't handle the HTTP redirect :P 20:57:35 <TrueBrain> and we still support all versions :D 20:57:56 <frosch123> yes, but those 3% are from current versions loading old savegames 20:58:10 <frosch123> or joining weird servers 20:58:11 <TrueBrain> yeah, fair, nobody plays those old versions :D 20:58:24 <TrueBrain> but when are we going to add HTTPS to OpenTTD again? 20:58:34 <milek7_> libcurl? 20:58:48 <TrueBrain> we wanted SSL for other operations as well 20:59:07 <LordAro> libcurl can build against winssl 20:59:26 <LordAro> so that could work (using openssl for other platforms) 20:59:41 <TrueBrain> but okay, I haven't gotten to porting BaNaNaS yet, so I am ignoring this HTTP-only thing for now :P 20:59:42 <LordAro> clearly the correct answer is to roll our own crypto 21:00:38 <frosch123> the "crypto" part is the easier part. the harder part is "certificates" 21:01:08 <TrueBrain> the still-not-solved issue .. indeed 21:01:16 <TrueBrain> which store to trust .. ugh 21:01:36 <LordAro> is relying on the OS not enough? 21:01:39 <milek7_> TLS is complicated, i'm not sure if this is right solution for other operations than HTTPS 21:01:42 <frosch123> but sure, we can compile a x509 certificate into ottd 21:01:43 <TrueBrain> I guess the easiest approach is to have our own (self-signed?) cert, and ship that with OpenTTD 21:01:47 <milek7_> and it doesn't solve UDP connections 21:02:17 <TrueBrain> LordAro: for example OpenSSL doesn't have a cross-OS solution for "OS trust store" 21:03:11 <TrueBrain> (neither does WolfSSL, PolarSSL, or gnuTLS) 21:03:41 <LordAro> is winssl for windows & openssl for everything else not enough? 21:03:50 <TrueBrain> sorry, PolarSSL is mbedTLS these days 21:04:03 <frosch123> milek7_: all modern tls runs via the https port for obfuscation, see quic 21:04:04 <TrueBrain> if my memory serves me correct, OpenSSL cannot read a linux trust store 21:04:07 <TrueBrain> so no, it is not 21:04:36 <TrueBrain> I guess it is the reason why browsers ship their own or something :P 21:04:43 <TrueBrain> anyway, we don't really need certificates as such 21:04:52 <TrueBrain> you only want TLS to setup trust 21:04:54 <LordAro> how do other games do it? 21:05:54 <TrueBrain> the ones I have seen, in a complicated matter. They have a built-in certificate, which of course expires. On startup it is used to fetch the latest with their cert, which is allowed to be expired 21:06:09 <TrueBrain> so older versions can get their latest 21:06:13 <TrueBrain> it feels a bit icky tbh 21:06:20 <TrueBrain> haven't read into how others do it 21:06:24 <milek7_> yes, but QUIC doesn't have to do anything with openttd udp protocol anyway 21:07:04 *** el3ktr4 has joined #openttd 21:08:32 <TrueBrain> LordAro: I guess it comes down to: download a cert over an untrusted connection, ask the user if the fingerprint is what he expected, and continue :D 21:09:01 <LordAro> sounds very user friendly :) 21:09:11 <TrueBrain> like anyone will ever check :P 21:09:23 <LordAro> hence, no point even asking :p 21:09:27 <milek7_> previously discussed replacement for company password would also need some crypto library 21:09:31 <TrueBrain> but okay, in the end you have to wonder what you want to solve .. having a 100% integrity might not be the goal here 21:09:35 <milek7_> libsodium maybe 21:10:03 <LordAro> milek7_: i'd rather having to link against more than one crypto library 21:10:12 <TrueBrain> so a call to http://castore.openttd.org, and blindly trusting that, might just be enough 21:11:01 <TrueBrain> and for servers we could have our own CA (self-signed), and a server can sign his cert with it, and that way clients trust it :) 21:11:28 <frosch123> i have used boost::beast with https before, but always with custom CA 21:11:31 <TrueBrain> I always wanted to build an Authority Server for OpenTTD ...... :) 21:11:47 <TrueBrain> solves so many things .... 21:12:08 <TrueBrain> (in the MP world, that is) 21:12:19 <frosch123> i have no idea how to get the os certificates in a platform-independent way 21:12:20 <TrueBrain> and I still would love to have cloud-saves, but that really needs HTTPS :) 21:12:30 <TrueBrain> frosch123: as far as I know, that is not possible even 21:12:41 <milek7_> LordAro: where's more than one? i proposed libcurl (for bananas) and libsodium (for other networking) 21:13:26 <LordAro> libcurl would presumably pull in something else 21:13:51 <frosch123> TrueBrain: someone has to read /etc/ssl/certs 21:14:20 <TrueBrain> frosch123: I guess stuff like libcurl solved it too, but I know of no independent lib that does this. 21:14:22 <frosch123> but yeah, maybe libcurl solves all of that already 21:14:49 <TrueBrain> anyway, now knowing that I cannot host BaNaNaS on the CDN as I am currently planning .. I can do without CloudFlare for now I guess :P 21:16:34 <frosch123> https://curl.haxx.se/docs/sslcerts.html <- "schannel" and "secure transport" 21:17:27 <TrueBrain> btw, remember that on many machines their OS-cert-store can be heavily out-of-date 21:18:55 <frosch123> sounds like: bundle a new cert with every ottd release, and trust everything after it expires :p 21:19:39 <TrueBrain> but before we do any, lets first make clear what issues we are trying to solve exactly :) 21:20:24 <TrueBrain> (as it is easy to think SSL solves something, while in fact it might not) 21:20:58 <TrueBrain> HTTPS of course would help, as it is getting more and more difficult to get things to not auto-redirect on HTTP :P And, rightfully, it feels wrong to serve stuff over HTTP :D 21:22:05 <milek7_> it is possible to just ignore CA and pin server public key 21:22:11 <milek7_> but that complicates certificate generation slightly (and is less future-proof) 21:23:38 <frosch123> i guess the original issue was how to authenticate translators via github in a way that does not involve coding a lot 21:24:01 <frosch123> or rather, how to authorize them 21:24:29 <TrueBrain> authorize them for what, sorry? 21:24:47 <frosch123> user x is allowed to translate language y 21:24:51 <TrueBrain> in eints? 21:25:08 <frosch123> assumption a: we do not want to maintain user accounts 21:25:20 <TrueBrain> as I thought we were talking about the OpenTTD client :D 21:25:25 <TrueBrain> so I am a tiny bit confused ;) 21:25:31 <frosch123> assumptions b: translators shall rahter register to github and login to eints with their gh account 21:25:50 <frosch123> assumption c: we do not want to allow every random gh user to translate everything 21:27:06 <nielsm> hmm, broken lot: https://0x0.st/irCw.jpg 21:27:11 <nielsm> (still playing the wrong game) 21:27:15 <TrueBrain> okay, so that had nothing to do with the talk we had a second before that :D Context switching ... ;) 21:27:16 <frosch123> is it ok to have a file in a public gh repository with user names and roles, and approve translators via prs? 21:27:38 <TrueBrain> frosch123: public or private repo, I guess 21:27:46 <frosch123> TrueBrain: yes, i rewinded to the "original problem" before we got to auth servers and https 21:28:07 <nielsm> frosch123, GDPR might dislike it, not sure 21:28:11 <frosch123> we have no private repos, right? 21:28:29 <andythenorth> I wondered if we can have a grf compile farm which sets up author repos as remotes :P 21:28:37 <andythenorth> and keeps the translations in a separate repo 21:28:48 <TrueBrain> nielsm: GDPR only asks us to have a process in place, basically 21:28:49 <frosch123> nielsm: it's only nicknames, and they are persistent in the commit log, while only for-life-time in the role-file 21:28:52 <andythenorth> I don't really like pulling in untrusted commits :P 21:29:19 <frosch123> so, if someone disagrees they just retire from being translator 21:29:51 <frosch123> except: if it somehow makes harassing inactive translators easier or something 21:29:55 <TrueBrain> I guess another approach might be to have a small bot which handles this 21:30:17 <TrueBrain> so you go to a site, that redirects you to GitHub, it asks if your username can be shared with the bot 21:30:31 <LordAro> no particular reason why it needs to be a private repo 21:30:35 <TrueBrain> if you login to eints, with GitHub credentials, we check if you the bot can read your username 21:30:49 <TrueBrain> hmm .. needs a small database to link the language to the user, I guess 21:31:04 <frosch123> yes, and i want to avoid that database :) 21:31:16 <TrueBrain> LordAro: the reasoning would be what frosch123 mentioned, if it is public, it is easy to stalk people etc 21:31:20 <frosch123> because i tried that, and it involved a lot of work 21:32:25 <LordAro> TrueBrain: would've thought most people would be happy to be credited with translation 21:32:25 <TrueBrain> and creating a GitHub App per language might be a bit too much 21:32:27 <frosch123> can we put the translators on the website? saves another repository :p 21:32:31 <planetmaker> it's visible anyway whe's translator, no? In form of commit messages 21:32:39 <LordAro> obviously there'll be a few who won't, but... 21:33:00 <frosch123> planetmaker: yes, but those are translators of the past 21:33:20 <frosch123> i am talking about: there are 20 german translators signed up, why are there 50 strings out of date for a year? 21:33:35 <frosch123> (i did not check, just random numbers) 21:33:47 <planetmaker> well, the translators of the past are all still 'active' by ldapadmin standards 21:33:58 <DorpsGek_III_> [OpenTTD/OpenTTD] JMcKiern commented on issue #7735: Protocol handler to join network games https://git.io/Jemi1 21:34:04 <planetmaker> at least I cannot remember processing translator role removal ever 21:34:07 <planetmaker> on any person 21:34:16 <TrueBrain> I did one or two, upon request 21:34:19 <frosch123> yes, but noone can see those from the outside 21:34:20 <TrueBrain> but normally indeed, removing is rare 21:34:36 <TrueBrain> emails are hidden from the outside 21:34:39 <TrueBrain> only usernames are given 21:34:50 <TrueBrain> we used to have translator-<language>@openttd.org aliases 21:34:56 <TrueBrain> but we stopped doing that a LONG LONG time ago :D 21:34:59 <planetmaker> but yes, true... it's somewhat invisible. which is comfortable 21:36:06 <planetmaker> not being public is nice in that you can contribute, vanish. And contribute again much later without just that: pressure potential from anyone 21:36:21 <TrueBrain> so a repository with a single file per language, with in there the GitHub username ... the PR is done by the username itself, which might or might not have an email (depending on GitHub settings) 21:36:27 <TrueBrain> and GitHub otherwise protects users from spam 21:37:02 <TrueBrain> I mean, try sending a user anything on GitHub 21:37:05 <planetmaker> honestly, I'm pretty much convinced that most translators don't do git 21:37:13 <planetmaker> so forcing them to use git and PRs... not sure 21:37:13 <TrueBrain> they don't have to 21:37:15 <frosch123> i would rather have a single json file for all languages, but potato/potato 21:37:16 <TrueBrain> they only need to do Github 21:37:22 <frosch123> i should dig up my oauth patch 21:38:01 <TrueBrain> frosch123: potato potato indeed; reasoning for me was that we have so many languages :D 21:38:06 *** heffer has quit IRC 21:38:11 <TrueBrain> it becomes a bit more difficult to add your name in such a list :P 21:38:32 <TrueBrain> and if we do flatfiles, so just .txt files, nobody can screw up any parsing either 21:38:58 <TrueBrain> that means, they go to GitHub, they press "edit" on their language, their add their name to the list, and hit: make PR out of this 21:38:58 <frosch123> well, it is not required for translators to add themself. it's also fine if anyone with commit access can add people, who open issues 21:39:24 <frosch123> judging from old coop-eints, there are some translators who do not even know what language they speak 21:39:49 <TrueBrain> you have your default workflow, and ofc the exceptions ;) 21:40:06 <TrueBrain> I would say, by default let people add theirself to the list, but of course we can do it for them too :) 21:40:15 <TrueBrain> we just need to validate their GitHub username 21:41:32 <TrueBrain> I think that is the method to implement this with the least amount of effort 21:42:04 <frosch123> in theory we could also add teams for every language and make all translators external contributors or so, but githubs permissions/roles are way too intransparent to me 21:42:09 <TrueBrain> the other solution I see is with a GitHub Apps, like DorpsGek_III_. You go to a page, you login via GitHub, you get a dropdown to select your language, DorpsGek makes a PR in a repo to request access for that user 21:42:36 <TrueBrain> and DorpsGek_III_ in that case can keep those teams up-to-date with the content of the repository 21:42:51 <TrueBrain> that does, however, consume a bit of effort on the DorpsGek_III_ side of things :) 21:43:37 <frosch123> i prefer the less-effort way for a start 21:43:42 <TrueBrain> can we use GitHub for BaNaNaS and wiki too, as authentication/authorization? 21:43:47 *** Wormnest has quit IRC 21:44:21 <frosch123> mediawiki has an oauth plugin 21:44:29 <TrueBrain> technically it is not an issue 21:44:30 <frosch123> but you have the same problem that you cannot define admins 21:44:33 <TrueBrain> I was wondering from a user perspective :D 21:45:23 *** funnel has joined #openttd 21:45:28 <TrueBrain> forcing every GRF author to also have a GitHub account .. are we okay with that? 21:45:29 <frosch123> what is the alternative? keeping custom accounts? using facebook instead? i don't have facebook 21:45:34 *** WormnestAndroid has quit IRC 21:45:35 <TrueBrain> I agree 21:45:43 <TrueBrain> just asking the question to challenge my own agreement :D 21:45:44 <andythenorth> I'd rather we didn't run auth 21:45:52 <andythenorth> we could always use linkedin auth? 21:45:53 *** WormnestAndroid has joined #openttd 21:46:07 <frosch123> i asked or*dge 2(?) years ago, tt-forums accounts is no option 21:46:23 <andythenorth> nobody fed my troll :( 21:46:24 <TrueBrain> I like the GitHub Teams idea tbh .. that is easy to read from a eints perspective? 21:46:50 <frosch123> likely 21:47:05 <frosch123> but i have no idea what the team membership implies to other gh permissions 21:47:16 <frosch123> like reviewing/merging/... 21:47:18 <TrueBrain> nothing that cannot be solved :) 21:47:44 <TrueBrain> lowest rank is "Read" 21:47:46 <TrueBrain> which is fine 21:48:13 <frosch123> as said, i don't understand gh permissions :) 21:48:19 <LordAro> sounds like a spec should be drawn up first 21:48:29 <frosch123> they looked like a contradicting mess to me 21:48:42 <TrueBrain> frosch123: if you can check that with oauth you can read the group, without doing anything else (like reading a file etc) 21:48:48 <TrueBrain> I think I can help you with the rest 21:48:59 <frosch123> LordAro: i have wips on oauth support for eints 21:50:15 <TrueBrain> where is their documentation about oauth for authorization? 21:50:20 <TrueBrain> keep finding unrelated bla :P 21:50:48 <frosch123> https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/ 21:51:04 <frosch123> "read:org" scope 21:51:36 <frosch123> when people login to eints the first time, gh will ask them whether eints may query their membership status 21:52:33 <TrueBrain> https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/ 21:52:40 <TrueBrain> I guess that is the flow :) 21:54:16 <milek7_> there should be some puzzle manual in 'the witness' 21:54:26 <milek7_> or maybe i'm just too dumb for these type of game 21:54:44 <frosch123> oh right, eints did not even have login-cookies 21:54:56 *** el3ktr4 has quit IRC 21:55:13 <TrueBrain> frosch123: ah, so we need no scope for the user to login; we just need a valid token in eints which he can use to make requests to https://developer.github.com/v3/teams/members/ 21:55:18 *** cHawk has quit IRC 21:55:21 <LordAro> milek7_: hehehe 21:55:29 <TrueBrain> that is slightly more work on your end, but I guess that is doable 21:55:41 *** cHawk has joined #openttd 21:56:03 <frosch123> TrueBrain: you mean it is enough to authorize eints to query openttd instead of the suer? 21:56:30 <TrueBrain> I think so 21:56:37 <TrueBrain> I need to fiddle a bit with this to be sure 21:56:59 <frosch123> hmm, in that case we can also hack the mediawiki plugin 21:57:32 <TrueBrain> https://developer.github.com/v3/teams/members/#get-team-membership 21:57:44 <TrueBrain> that API endpoint is very useful, as in: it is very binary 21:57:48 <frosch123> it's php so you may not eat anything for 8 hours, but it is possible 21:57:55 <TrueBrain> the only downside of using teams for this, is that the user has to accept the team invite 21:58:16 <frosch123> why wouldn't they? 21:58:29 <frosch123> they can choose whether they are listed publically 21:58:39 <TrueBrain> I remember Epic having an issue here, where someone emailed everyone in a team .. but I am sure that is no longer possible :D 21:58:41 *** el3ktr4 has joined #openttd 21:59:24 *** sla_ro|master has quit IRC 22:00:54 <TrueBrain> in order for someone to be in a team, they have to be invited to the organization, it seems 22:02:38 <TrueBrain> I guess for something like mediawiki, you want people to be able to self-signup, right? 22:02:43 <TrueBrain> no need for anyone to validate that 22:02:47 <TrueBrain> but for eints I guess you want validation first? 22:03:08 <TrueBrain> in other words: do we need to approve people? 22:04:21 <TrueBrain> currently, the barrier to signup is sufficiently high, that the chances of someone wanting to be "funny" is very low. I guess without validation, that barrier might just be too low? Not sure. 22:04:27 <frosch123> yes, you need teams for translators and for wiki admins 22:04:42 <frosch123> you do not need a team for regular wiki users 22:04:51 <TrueBrain> well, we do 22:04:55 <TrueBrain> you want to be able to ban people :D 22:05:06 <frosch123> that has not worked in years :) 22:05:21 <TrueBrain> via GitHub that is a bit different, as creating random new accounts is more difficult 22:05:27 <TrueBrain> they have pretty good protection there 22:05:52 <TrueBrain> but okay, so you do want to approve translators? 22:06:04 <frosch123> the last spammers on the wiki were humans and they stopped when i setup a bot to revert their changes 22:06:17 <TrueBrain> lol 22:06:18 <TrueBrain> silly 22:06:39 <frosch123> yes, there is enough beef between translators that requires to approve them 22:07:02 <TrueBrain> okay, so how about this: you want to signup to translators, you are asked to visit https://????.openttd.org 22:07:09 <TrueBrain> there you are asked to login to GitHub 22:07:15 <frosch123> like when the mexican spanish translator thought starting a new language was to much work, and just adjusted the european spanish :p 22:07:15 <TrueBrain> after login, you get asked what language 22:07:29 <TrueBrain> after that, the bot makes an Issue on a repository 22:07:33 <TrueBrain> you answer with /approve 22:07:37 <TrueBrain> the bot adds the user to the right team 22:08:13 <LordAro> should probably notify info@ (and probably here) too 22:08:20 <TrueBrain> here comes free 22:08:27 <TrueBrain> (as .. DorpsGek_III_ :D) 22:08:29 <LordAro> oh, issue on repo 22:08:32 <LordAro> yes, good 22:08:35 <TrueBrain> info@ .. hmm .. we disabled notifications :P 22:08:45 <TrueBrain> lets see how that works for now without emailing 22:09:06 <TrueBrain> we can make a daily reminder like: "there are still N pending approvals" 22:09:09 <TrueBrain> on IRC 22:09:22 <LordAro> ha 22:09:48 <frosch123> don't add more spam to info@ 22:09:55 <TrueBrain> ^^ :) 22:10:07 <frosch123> info@ is a very sad place 22:10:17 <TrueBrain> yeah ... we should cleanup some of the spam tbh 22:10:26 <TrueBrain> anyway, to continue: 22:10:28 <frosch123> mostly newsletters, a bit of spam, and some douchbag users 22:10:32 <TrueBrain> in eints you do oauth login 22:10:38 <TrueBrain> after a valid token, you know the username 22:10:42 *** Wormnest has joined #openttd 22:10:43 <frosch123> this week someone complained about people not playing nice on nice.org :) 22:10:48 <TrueBrain> you do a call to the above mentioned API, with a DorpsGek API token 22:11:14 <TrueBrain> I love the emails we get about ingame sponsorship .. they are ... persistent in their request 22:11:49 <TrueBrain> would that work for you frosch123? Does it validate the expected user-flow? 22:12:27 <TrueBrain> most of these things we already have in place; the "/approve" is a very simple GitHub Actions 22:12:31 <frosch123> TrueBrain: yes, that is just fine. eints would cache the stuff for 24 hours or so 22:12:35 <TrueBrain> the only "new" thing would be to ask for the language 22:12:52 <TrueBrain> I assume the cache is only for positive results 22:13:00 <TrueBrain> ? 22:13:25 <frosch123> hmm, ok, let's say, eints queires it once per login 22:13:35 <frosch123> and login cookie expires after 24 hours 22:14:02 <frosch123> so we get the classic "you may need to logout and relogin" 22:14:32 <TrueBrain> please make that 23 hours :P Nothing more annoying than something that kicks you out every 23 :P 22:14:39 <TrueBrain> euh, 24, the last one 22:14:43 <TrueBrain> yeah, that works 22:14:50 <TrueBrain> you can do 5000 API calls per hour to GitHub 22:14:59 <TrueBrain> so ... if we get more than 5000 active translators, there might be an issue :D 22:15:09 <frosch123> TrueBrain: i did not quite follow how you want to make translators sign up, but i think that does not affect me 22:15:35 <TrueBrain> they go to website, they signin with GitHub, they select language, they wait for GitHub Teams invite 22:15:55 <TrueBrain> we get new issue, we do "/approve" in comment of that issue 22:16:51 <TrueBrain> okay, we do need a new organization for this .. OpenTTD-users ? 22:16:53 <TrueBrain> or something 22:16:59 <TrueBrain> as they become part of the organization itself 22:17:17 <LordAro> why would we need a new org? 22:17:18 <TrueBrain> github.com/OpenTTD-users/ , I mean, to be clear :D 22:17:36 <TrueBrain> https://github.com/orgs/OpenTTD/people 22:17:39 <TrueBrain> because of pages like that 22:17:48 <frosch123> does it hurt listing translators there? 22:18:04 <LordAro> i don't see that as a particular issue 22:18:23 <TrueBrain> hmm .. 2 things: I am not sure what it does permission-wise, we will have to check 22:18:34 <TrueBrain> but also: it makes it look like you contributed to OpenTTD, as in, the game 22:18:37 <TrueBrain> while you might only just have signed up 22:18:49 <TrueBrain> so it gives a false idea of "look at me, I am awesome" 22:18:54 <frosch123> lol, that's exactly what i worried about an hour ago :) gh permissions are intransparent 22:19:02 <TrueBrain> anyway, I like separating things :D 22:19:05 <LordAro> does that matter? :p 22:19:19 <TrueBrain> frosch123: yeah, I know :) I know how Teams work in a Repository 22:19:20 <LordAro> https://github.com/orgs/rust-lang/people here's an example of an org with lots of people 22:19:23 <TrueBrain> just not how a Member works in an Organization :D 22:19:33 *** Wormnest has quit IRC 22:19:39 <frosch123> TrueBrain: andy is listed on that page 22:19:49 <frosch123> is there any more danger? 22:19:56 <TrueBrain> fair point :D 22:20:01 <LordAro> there certainly aren't 112 active maintainers of rust 22:20:20 <TrueBrain> I guess you are right 22:20:24 <TrueBrain> so we just need to validate permissions 22:20:38 <TrueBrain> this is why I like separating things .. avoids me having to lookup stuff :P 22:20:46 <andythenorth> also I am first ha ha 22:20:53 <andythenorth> A is a winning initial 22:21:16 *** cHawk has quit IRC 22:21:29 <frosch123> https://github.com/rust-lang/team <- what is that? 22:21:51 <TrueBrain> https://help.github.com/en/github/setting-up-and-managing-organizations-and-teams/verifying-your-organizations-domain <- can I do that? 22:22:50 <LordAro> i think you're the only one who can :p 22:23:01 <andythenorth> oof I should go to bed :| 22:23:10 <TrueBrain> frosch123: looks very similar :D Theirs is only manually, from what I can tell 22:24:05 <frosch123> i think team memberships are not visible unless you are part of the organisation 22:24:56 <frosch123> hmm, so rust have all their team-members emails in their repository 22:25:03 <LordAro> https://github.com/rust-lang/team/pull/201 not necessarily manual 22:25:59 <TrueBrain> LordAro: yeah, okay, but that workflow is too complex for poor translators :D 22:26:34 <TrueBrain> one benefit of having a file per GitHub user, is that you can see what they have access too .. in case people request access to multiple translations :) 22:27:59 <TrueBrain> "Require two-factor authentication for everyone in the OpenTTD organization." 22:28:10 <TrueBrain> the only downside I noticed when looking at organizational permissions 22:28:17 <TrueBrain> I would really like all devs to have 2FA enabled 22:28:26 <TrueBrain> I cannot enforce it if we add translators too 22:28:48 <frosch123> it already sends a verification email every time 22:29:10 <frosch123> possibly because i use the private browsing defaults 22:29:58 <TrueBrain> cool, you can have discussions with Teams in GitHub 22:29:59 <TrueBrain> that is nice 22:30:21 <frosch123> translators kind of always wanted that 22:30:58 *** WormnestAndroid has quit IRC 22:30:58 *** nielsm has quit IRC 22:30:58 *** tokai has quit IRC 22:30:58 *** supermop_work has quit IRC 22:31:09 *** supermop_work has joined #openttd 22:31:18 <TrueBrain> yeah, this is the only thing I can find that is of interest in regards to adding translators to OpenTTD organization 22:31:26 <TrueBrain> enforcing 2FA on the developers yes/no 22:31:33 *** WormnestAndroid has joined #openttd 22:31:44 *** tokai has joined #openttd 22:31:44 *** ChanServ sets mode: +v tokai 22:32:36 *** nielsm has joined #openttd 22:32:51 <frosch123> https://github.com/orgs/OpenTTD/outside-collaborators <- does that only work for repositories, or also for teams? 22:33:07 *** dwfreed has quit IRC 22:33:14 *** dwfreed has joined #openttd 22:33:24 <TrueBrain> not sure how that list is created 22:34:40 <TrueBrain> owh, ofc, I gave them access on "website" to write 22:34:47 <LordAro> that's a 404 for me 22:34:48 <TrueBrain> no, they cannot be in teams 22:34:52 <LordAro> do you have to be an owner? 22:34:56 <TrueBrain> I guess 22:34:58 *** Progman has quit IRC 22:35:02 <andythenorth> hmm, I have played current OpenTTD game for 120 calendar years 22:35:05 <TrueBrain> so many more things show up if you are an owner, not always clear who can see what 22:35:09 <andythenorth> and about 20 years of using date cheat :P 22:35:12 <andythenorth> long game :P 22:35:45 <TrueBrain> okay, I am going to get some sleep .. I think we can do this with relative low effort and maintenance, by mostly having GitHub do the heavy lifting :D 22:35:58 <planetmaker> TrueBrain, looking at who uses 2FA from the list of OpenTTD people on github... it's 50:50. Not sure enforcement would help anything currently 22:35:58 <andythenorth> \o/ 22:36:22 <TrueBrain> planetmaker: yes ... it would force those 50% to also enable it 22:36:33 <TrueBrain> what am I missing? 22:37:00 <planetmaker> the 'meh' effect 22:37:10 <TrueBrain> the what effect? 22:37:19 <planetmaker> meh. whatever. 22:37:21 <planetmaker> :) 22:37:27 <TrueBrain> I really have no clue what you are trying to say 22:38:17 <TrueBrain> but let me be pretty clear on my stance on 2FA: not having it enabled for a project like OpenTTD is not something that is a valid stance in 2020 :) Too many projects have accounts that get hijacked .. it is a big risk we are taking by not enforcing it. 22:38:21 <TrueBrain> it can do some nasty damage 22:38:23 <planetmaker> tmwftlb for this case for those who don't yet? 22:38:54 <TrueBrain> too little benefit? Euhmz .. guess you missed some news :D 22:39:13 <planetmaker> nope, indeed I did not 22:39:23 <planetmaker> But I don't like someone trying to force me 22:39:40 <TrueBrain> and I don't like OpenTTD being taken away from us because your password got leaked because of some hack to some random website :) 22:39:51 <TrueBrain> (I hope you are not password sharing, but sadly this is often still the case :P) 22:40:21 <TrueBrain> but okay, I think this is a fair thing to say: you cannot be owner if 2FA is not enabled; that fair? :) 22:40:59 <LordAro> i think that's fair 22:41:17 <frosch123> ok, i'll enable it then :) 22:41:21 <TrueBrain> anyway, lets approach this first in another way: LordAro, planetmaker, frosch123, orudge, andythenorth: please pretty please enable 2FA on GitHub :) 22:41:45 <TrueBrain> owh, and nielsm :) 22:41:48 <planetmaker> that's the way you should *start* such issue instead of how you did, yes. 22:42:05 <TrueBrain> planetmaker: I did nothing; you did :) But that is okay ;) 22:42:20 <TrueBrain> you started with the argument 50:50 is "fine" ;) 22:42:33 <TrueBrain> I just mentioned adding translators to OpenTTD org means I can never enforce 2FA to the devs :) 22:42:34 <planetmaker> you started with "should we enforce" :) 22:42:36 <TrueBrain> that was just a statement :) 22:43:28 <LordAro> "should we enforce" and "we should enforce" are very different sentences :p 22:44:25 <TrueBrain> 23:28 <TrueBrain> I would really like all devs to have 2FA enabled 22:44:34 <TrueBrain> just to be clear ;) 22:44:40 <planetmaker> <TrueBrain> enforcing 2FA on the developers yes/no 22:44:56 <TrueBrain> out of context 22:44:57 <TrueBrain> 23:31 <TrueBrain> yeah, this is the only thing I can find that is of interest in regards to adding translators to OpenTTD organization 22:44:57 <TrueBrain> 23:31 <TrueBrain> enforcing 2FA on the developers yes/no 22:45:08 <frosch123> can i use a less secure password after i enabled 2fa? :p 22:45:12 <hythlodaeus> what is 2FA? 22:45:24 *** andythenorth is now known as Guest14759 22:45:25 *** andythenorth has joined #openttd 22:45:25 <frosch123> @base 16 10 2fa 22:45:25 <DorpsGek> frosch123: 762 22:45:39 <frosch123> sorry :) 22:45:39 <planetmaker> your new PW? :P 22:45:45 <frosch123> hythlodaeus: two factor authentication 22:45:58 <hythlodaeus> ah 22:46:46 <TrueBrain> planetmaker: please take more time in assuming I mean well, instead of trying to pick a fight. You really took my words out of context, and than blamed me for how I "should have started" .. this is not nice of you 22:47:33 <nielsm> I'm set up now 22:47:40 <TrueBrain> Thank you very much :) 22:48:04 <nielsm> I'm slightly surprised github doesn't support the microsoft authenticator app for 2fa 22:48:07 *** Guest14759 has quit IRC 22:48:25 <TrueBrain> nielsm: but their Security Key support is a lot better than most other sites :D 22:48:53 <TrueBrain> (it surprised me too, given they are MS etc) 22:49:06 <LordAro> i imagine they'll get there eventually 22:52:50 <nielsm> wow, almost a hundred downloads of Eternal Love already, summed from forum and bananas 22:53:10 <TrueBrain> it is loved 22:53:30 <TrueBrain> hmm .. DorpsGek itself is owner ... why is he owner ... can I make him non-owner .. that will be my job for this weekend :) 22:53:49 <TrueBrain> still one of the more annoying things about shared accounts .. how to do 2FA 22:53:52 <nielsm> also, if anyone is able to/think they should do something about it, the most downloaded GS on bananas has its url point to a parked domain 22:54:06 <TrueBrain> wuth? Lol 22:54:28 <nielsm> someone let their community forum lapse or such 22:54:50 <TrueBrain> hmm .. I can remove the URL, but is that a nice thing to do? 22:54:53 <TrueBrain> maybe the URL comes back? 22:55:14 <nielsm> yeah I suppose it would be better to contact the submitter first 22:55:16 <planetmaker> right. 2FA enabled 22:55:18 <LordAro> probably change it and let them know 22:55:21 <TrueBrain> <3 planetmaker 22:55:31 <LordAro> they can't change it themselves, i think? 22:55:37 <planetmaker> time to attach the yubikey to my keys... 22:55:38 <TrueBrain> only with a new version, I think 22:57:02 *** frosch has joined #openttd 22:57:24 <frosch> TrueBrain: iirc dorpsgek is owner to have push access to repositories 22:57:24 <planetmaker> TrueBrain, sorry, indeed I did not see the lines you quoted 22:57:37 <planetmaker> I appologize 22:57:53 <TrueBrain> planetmaker: all good :) I mistook your initial reply too, sorry about that :) 22:58:06 <LordAro> now kiss 22:58:12 <TrueBrain> only if you join! 22:58:17 <frosch> which app do you recommend? 22:58:30 <TrueBrain> Google Authenticator + Yubikey 22:59:12 <TrueBrain> frosch: I think push rights can also be given per repository, but I guess I was lazy, and didn't want to do that 22:59:54 <TrueBrain> I guess I can enable 2FA on my phone, and put recovery keys next to the password in the password store .. 23:01:36 *** frosch123 has quit IRC 23:02:38 *** andythenorth has left #openttd 23:03:19 <TrueBrain> "Make sure it's at least 15 characters OR at least 8 characters including a number and a lowercase letter" <- that is pretty nice tbh 23:04:18 *** Wolf01 has quit IRC 23:06:54 <planetmaker> I saw that I can use my phone's fingerprint scanner as 2fa 23:07:06 <planetmaker> somewhere. Just haven't figured out how so far 23:08:20 <TrueBrain> Let us know when you figured that out .. sounds interesting .. 23:08:33 <TrueBrain> I love 1password for it 23:09:22 <planetmaker> https://help.github.com/en/github/authenticating-to-github/about-two-factor-authentication#two-factor-authentication-recovery-codes <-- here actually 23:10:04 <planetmaker> After you configure 2FA using a mobile app or via text message, you can add a security key, like a fingerprint reader or Windows Hello 23:10:08 <planetmaker> do I misread that? 23:10:45 <TrueBrain> Owh, as security key 23:10:54 <TrueBrain> Like a yubikey 23:11:20 <TrueBrain> I think I read about those, a fingerprint reader like a yubikey 23:11:48 <TrueBrain> https://www.yubico.com/blog/yubico-reveals-first-biometric-yubikey-at-microsoft-ignite/ 23:15:44 <frosch> isn't that 3fa then? 23:15:59 <frosch> you need your fingerprint/key to get to your 2fa-code? 23:16:42 <TrueBrain> Security keys don't give you a code in this mode 23:17:00 <TrueBrain> Browsers can directly communicate with them, which is nice :) 23:17:08 *** el3ktr4 has quit IRC 23:17:31 <planetmaker> frosch, no, they rather dissiminate they secret when presented with the right fingerprint 23:17:44 <planetmaker> (or rather expose that they know the secret) 23:17:58 <TrueBrain> Funny enough, 3FA is used more often than you think .. behavior is a huge part of authentication these days 23:18:22 <TrueBrain> Reason it is now often called MFA (MultiFactorAuthentication) 23:19:32 <TrueBrain> I love how we are slowly moving away from passwords .. very slowwwwlllyyyy 23:19:52 <milek7_> passwords are fine 23:20:01 <nielsm> passwords are hell 23:20:21 <TrueBrain> They were fine till they leaked 23:20:27 <nielsm> they can work if the user has a physical keyboard and is fast at typing 23:20:43 <frosch> in the hitchhiker guide you just need the identocard from someone 23:20:44 <nielsm> (because then 20+ character passwords are realistic) 23:21:31 <milek7_> they are pasted anyway, nobody (should) type them 23:21:56 <TrueBrain> MFA works with: something you know, have, are, or do. The 'know' part is horrible. Let's start using the other 3 more often. 23:22:22 <planetmaker> Just got today an e-mail from my university: change your password till 30 January or your account then will then be locked. 23:22:33 <nielsm> vampire auth when? 23:22:41 <glx> "security questions" are worse 23:22:43 <planetmaker> seems they lost hashed passwords or might have :) 23:22:58 <nielsm> I should seriously get to sleep, this is bad 23:23:00 <nielsm> gn 23:23:05 <planetmaker> yeah. good night :) 23:23:08 <frosch> planetmaker: nice, how many are on vacation? 23:23:28 <planetmaker> dunno? certainly some from 26k people 23:23:28 <glx> I think it's easier to find answers to security questions than to find the actual password 23:23:52 <frosch> do you know the name of my first dog? 23:23:58 <planetmaker> better than my sister's university... they were locked-out nearly whole of December till early January... university hacked and trojaned 23:24:17 <TrueBrain> Maastricht? :p 23:24:19 <planetmaker> and they shut down everything before it actually could do work... but meh... no work for all people, too 23:24:22 <planetmaker> Gießen 23:24:27 <Eddi|zuHause> i think a study has shown that the people themselves have more problems to remember the exact answers to those "security questions" and they're rather easy to find out through social engineering 23:24:48 <TrueBrain> Ransomware is the worst 23:24:59 <Eddi|zuHause> planetmaker: i heard about that... 23:26:14 <planetmaker> yeah, it was in the news 23:26:17 *** el3ktr4 has joined #openttd 23:26:41 <TrueBrain> Happens a lot lately ... no fun .. good for security companies :p 23:27:42 <TrueBrain> Owh, yes, this sleep thing .. I should try it 23:28:07 <frosch> night 23:28:10 *** frosch has quit IRC 23:31:01 *** nielsm has quit IRC 23:33:34 <Eddi|zuHause> sleep is overrated 23:39:07 *** WormnestAndroid has quit IRC 23:39:30 *** WormnestAndroid has joined #openttd 23:42:17 *** Samu has quit IRC 23:47:47 *** Wormnest has joined #openttd 23:50:51 *** Arveen2 has joined #openttd 23:57:32 *** Arveen has quit IRC