I’ve never gone so far as to pull in fp-ts into a work codebase because it often doesn’t feel that it’s worth the headache of arguing for it.
However, I check back in from time to time and was recently confused as to whether or not the community has moved onto effect-ts as it seems effect consumed the fp project?
No sorry, I'm not tuned in to typescript at the moment. I've mostly used fp-ts in the past because I haven't found a better runtime type system than io-ts, but I haven't written typescript in a while.
Mostly responding so people with better context don't wait on me.
I'm always looking for the secret management solution for my self hosted apps. This looks very cool, but still unable to solve my biggest problem - how should I manage secrets to access the secret manager?
In my day job, we use AWS SSM. It works great. For my home network, I just put secrets on my docker-compose.yaml. Obviously I shouldn't but I can't find a better solution.
If you run Docker in Swarm mode instead (docker stack deploy instead of docker compose up), then you can make use of Swarm secrets. You don't have to make full use of Swarm; it can be a single node with a single instance of the service(s). As I manage the host with Ansible, I'm able to use Ansible's Docker module with a play to communicate the current secrets to Swarm, so that they are available to the services. On the Ansible side, the secrets are encrypted at rest using ansible-vault.
I’ve written a small Python app to deploy to Swarm mode from CI pipelines, and configure secrets and configs from CI environment variables, taking care of rotation and recreating Swarm secrets if the variable content changes. This delegates the whole secret management to the CI tool (BitBucket in my case).
The default implementation in Swarm has the problem that you cannot update secrets, so you’ll need to reconfigure and redeploy the service with a secret with a new name if that changes. That was quite a pain!
I encountered the secret update problem too. I have a secret rotation playbook that stops the Docker services stack, removes the secrets, recreates under the same name, and restarts the Docker services stack. The community.docker Ansible module does all the lifting there.
My CI runs as a container in that stack too, so in Jenkins I have an init.d Groovy script to establish Jenkins Credentials from the current Swarm secrets.
I'm not sure if this would be a solution for you, and I've never used it myself, but I found this interesting secrets management project a few years ago that I always find myself thinking "is that what I want?":
Like I said, I haven't used it, I can't vouch for it, but it looked interesting for my own use, which is personal/small team, with an emphasis on simplicity.
I like sealed secrets (https://github.com/bitnami-labs/sealed-secrets) a lot. It's like 1Password, but for apps in kubernetes. You only need to secure a private key, and can throw encrypted secrets in a public github repo or anywhere you want.
It's owned by VMware (Broadcom) now, so you have to decide which company you hate less.
For your home network, you might like Mozilla SOPS for secrets storage. You can keep your secrets in an encrypted file and have a container that loads those secrets and puts it into each service's environment variables. At least that way you aren't committing plaintext secrets to source or having them laying around in the clear, plus it's a breeze to manage and edit them.
I hold my vault seal key in my KeePass database. It's set to start and prompt for the master password when I login and it integrates into the FreeDesktop/DBus secrets API (and ssh-agent). Obviously I only need the seal/root tokens when the Vault server reboots. Once it's running it hands out secrets and certificates to everything else.
> A lot of Japanese illustrators were already treating it as an afterthought compared to X/Twitter
Citation needed.
Most Japanese illustrators do not care about the US/EU, and many of them even hate gaijins. If you haven't noticed, anti-Americanism is very strong on the Japanese internet.
Not sure what you're on about, it has nothing to do with being anti-American or not. Twitter is where everyone in Japanese creative industries posts about their work (unlike the West that didn't change when Musk bought the site), it's where the Japanese audience is, and it doesn't hurt that the global audience is there too.
But sure, if you want examples of this trend try searching Pixiv by title for stuff like "twitterまとめ" [1], " or "Xまとめ" [2], meaning a usually monthly compilation of illustrations that were posted to Twitter first. And that doesn't even get into the artists that stopped using Pixiv completely because they got bored of it or their account was banned.
Well, they still multipost on Twitter, but AFAICT it's getting unpopular these days. Tough I agree that Pixiv is not as popular as its old days too.
By "anti-Americanism", I'm insisting that a good number of Japanese anime artists see the ban as a beneficial feature, not a disadvantage. They would see this as an automated "Sorry, Japanese Only" filter.
I think the anti-Americanism among artists only relates to not wanting to deal with hypocritical American policies on nudity and their tendency to impose their views on everyone.
They're very likely perfectly fine with Americans and foreigners in general seeing and sharing work without trying to change the culture of the site (which is fair and something more communities need to start expecting, there's an increasingly popular idea that various hobbies have been ruined by uninvested "tourists" that come into the community, force it to change to accomodate them, then leave after the original audience has been alienated).
I don't know. Maybe I've spent too much time on the worst part of the Japanese internet. Not about Pixiv, but the kicking out of Dlsite by Mastercard caused so much anger among them.
The social divide is getting really worrying these days.
That's actually exactly the incident I was thinking of, my interpretation of the reaction to it was everyone being frustrated at American companies forcing their beliefs on everyone again, rather than being happy that American consumers were having it harder. It could also just be that my little circle is a niche within a niche though.
I don't think there's an outstandingly popular one. Multiposting to get as many audiences as possible is norm these days. Sites like DMM, Fantia or Skeb are strong, but I don't think any of them get the particular traction.
Besides, LINE is extremely unpopular among otaku in Japan (yes, racism).
This is rude, but I think the reason its unpopular is otaku often have no friends. Even then, I have found plenty of open chats with otaku. There is exactly one person I know who refuses to use LINE for being owned by Naver. I think the most common reason is not having friends. Racism is probably the next reason.
I think it depends on which slice of the Japanese internet. The こどおじ who discuss politics all day match your description. Other people, not so much. The statement about not caring about US/EU is true, however. I think most of HN is unaware that many Japanese sites take one step further and block all non-Japanese traffic.
I guess the meme is because Uniqlo is cheap as fuck there that one have to be so poor to not be able to afford it. But ironically in my country, it's quite a prestige brand because my currency is even weaker so it's actually quite expensive.
As always with the memes, I agree that it's largely an exaggeration. But I can assure you that it is definitely getting too expensive these days, and I'll think twice before buying from them.
