> Movim is lightweight (only a few megabytes) and can be deployed on any server. We are providing a Docker image, a Debian package or a simple installation tutorial if you want to deploy it yourself.
I imagine a typical Tumblr user landing on this page and not getting a single word of the "easy to deploy" section. A lot of these distributed project suffer from this unfortunately. Developers not understanding what a typical user would look like.
Unless the user can click a button, enter a credit card and get an instance they are not going to use that service. And it has to look nice.
One of the biggest misconceptions I had about the federated/decentralized web getting into it a decade ago was this customer v. service provider model we're so used to everywhere else. These free[0], decentralized services rarely prioritize building a big user base. Their goal is to liberate the web, most often for their own use, and so the approach is generally "do-ocratic": something bugs you, you fix it, or you wait for someone else to come by and try. The beauty of this approach is it weeds out the impatient, "I want this now, do it for me" types, leading to more intelligent, polite interactions on the service.
Don't get me wrong, I am very much in that camp too and spend a lot of my time contributing to F/OSS projects. Having the freedom to tweak, debug and improve software is awesome.
My main objection here is that there are a lot of intelligent and polite people that are not developers and being left out in the cold. We need another option where users can rent out a server (from a multitude of providers) and install webapps as easily as installing phone apps. We are slowly getting there with Docker images but it's still very technical to do so.
EDIT: there is also https://sandstorm.io/ that tries to tackle this problem but isn't very popular yet
I'm not sure if the time for this is now but it certainly feels closer to "now" than ever before. The recent corporate censorship I believe has ignited a lot of interest in various segments of the "non-hacker" world. I think to harness this interest there needs to be a relatively user-friendly product that solves their problems.
Hey, good for you, thank you for your work : ). Agreed on that point. And it's happening! I remember WordPress in the early days (yikes) and now my senior-citizen father is running his own blog without a hitch. Myself I first got into the decentralized space via Diaspora and the UI/UX development that project has seen over the last few years is just astounding.
EDIT: I'm so excited about these projects I started making a "decentralized social network scorecard": https://gitlab.com/qqn/dctrl (still in its very early stages, but constructive tips and -- even better -- collaboration always welcome!)
So only programmers can be "intelligent, polite" users, in your view?
Of course you have to "do it for" the user. That's why you are the programmer and they are the user. If you're making something half-finished for other programmers to contribute to, that's very different from making a social network.
>So only programmers can be "intelligent, polite" users, in your view?
You are making an incorrect leap in logic. The commenter certainly didn't say that. Their statement is that ONLY patient people will get through a more technically challenging process. That is not the same as saying ALL patient people will get through the process which would be necessary for your conclusion.
There are good people outside programming, lol. For example: me. I couldn't code if my life depended on it but I sure as heck contribute in other ways.[0] I get the gripe with unpolished projects though. Still, this comment continues the "they build it for us" trend that is quickly disappearing in the decentralized space (in my circles at least). More and more "noncoders" are "coding" and "nonhackers" "hacking" to customize their experience online : )
"Liberating" the web doesn't seem that liberating when you need to know how to code in order to use it. Don't you know that 99.9% of the people in the world have no idea how to use these federated things?
The decentralised web is going to live and die by UX, and by the way it's looking so far, it's gonna be mostly the latter.
This is a thing with most P2P app makers for some reason — they have a vastly skewed understanding of what a normal user is capable of doing. It's safe to say if your instructions include compiling things, your target audience is not the general public.
Heck, I have a P2P app, too (though not a Tumblr replacement: https://getaether.net), and I worry about having to download an app is too much of a barrier. Which it probably is, compared to what centralised alternatives offer.
Maybe an interim step would be to get these things into softalicious, fantistico (if it's still a thing), and similar auto installers that ship with basic cpanel / plesk hosting backends.
I believe, and have used the auto installers many times with many different hosts to depoly a quick wordpress install.
It's easy to make a few step tutorial to show how to install / launch when using those tools.
Could be simple to set some sane defaults as well, like auto update daily, auto backup weekly.
Handing over the UX to an auto installer makes the ux easier in some ways, and could also get the necessary scripts, dependencies, DB setups, permissions and more auto handled by the other with experience,
and get the package pre-distributed onto thousands of shared hosting environments for easier discovery as well.
I think there already exists modern versions of those things, where you install a main 'thing' and that thing installs other things for you easily. But installing that first thing is usually the tough part.
To be more clear, I am saying that it may be beneficial for some / more of these p2p open source federated decentralized projects to become added into the auto installers that are already out there and installed on thousands of hosting accounts, and will likely be installed automatically on thousands more.
I'm not sure what is involved in getting softalicious to add your package into the mix, surely (hopefully) it's not too much work.
This way you can point basic web surfers to a list of hosting companies that auto deploy softalicious or whatever other auto installers in the backend automatically.
I'm pretty sure at least a dozen of the last 15 hosting accounts I setup came with at least one auto installer sometimes 2 or three. Almost all of the shared and vps hosting options that come with cpanel or plesk have had softalicious one click away in the main dashboard, with options to install scores of software packages.
I missed this functionality when I tried out DO and vultr. 2 out of 4 of the dedicated servers I paid for had softalicious installed, one offered it as a monthly cost add on, the fourth one said it's up to me to add on packages like that.
So most of the hosting I have done, and the kind of hosting that I recommend for most small clients, already comes with auto-installers setup.
So the tutorial for most poeple would be, if you are hosting with one these 100 web hosts and have a plan that includes softalicious, click the auto-install, scroll down to movim, briar, nextcloud, etc. Click install.
It will run it's magic and give you a web address to login and you are good to go.
This is one of the fastest ways to install a wordpress that auto backs up and updates.
(I know there are many horror stories about issues with wordpress having issues with autoinstallers doing code updates and not doing it the way a manual update may do things, but those are mostly long ago, and if there are a few backups already, then it's better for most people to get updates pushed compared to other alternatives in my experience).
So, most shared hosting setups our there have already installed the 'a main "thing"' - if your federated package is available via that thing, it's a couple clicks away.
This breaks a lot of things like being able to do auto updates, which is critical for security patches. The first version you install to Softalicious (or whatever else) better be good because you'll be living with that version on your network for a long time.
In my specific case, my app actually isn't federated, it's truly peer to peer — I don't have this problem at all. It doesn't require any servers, just install it to your computer like you'd install a regular app, and it'll work its magic.
It's basically Usenet, but your local computer (and everyone else's) is a server, and they patch their content graph from each other as it updates.
No doubt it could break things, and I am sure that some of the less popular packages installed via softalicious and the like may have that kindof problem - however I think that has been solved, and a while ago.
When you install wordpress via softalicious these days (maybe not this way some years ago) - but with most installs there are backend options within the softalicious isntaller you can check off like "auto update wordpress core, other checkboxes to auto update plugins" - auto backup weekly, monthly, etc.
Wordpress also has options within it's backend that allow you to manually update core or plugins and themes, all seperately, grouped, or at regular intervals with plugins or other settings - so updating things is an option even if the auto-installer won't do it for you.
There was a time some years ago when the WP people said auti-instllers srewed up updates and there were some real issues (like file permissions wrong) - but I have not seen any of those kinds of issues in years.
I like the way your app sounds - especially if it can run on phones and tablets in a similar way. I hope things like this become easier to add to routers.
The more easier to install things the better, so long as security patches are default easy too.
I consider what you are describing to be the fundamental difference between federated and peer-to-peer software.
Email is federated. It was designed to accommodate many hosting providers, all of which could interoperate and communicate. But it really isn't expected that every user will run their own server. The same goes for HTTP/HTML.
Gnutella and TOX are P2P. They were designed such that every client is a server, and there are typically no centralized servers apart from the clients.
This is a choice that we made to show more the feature that Movim is providing as a user on the official website and let the information regarding the deployment available in our technical documentation.
Movim is a free software project developed by benevolent, we are focusing on packages and way to deploy it easily more than trying to invest time into building server architectures. Building a SaaS platform could be done with a partner (and I'd personally be glad to work on something like that) for example but it's not the goal of the project by itself.
The past few months were focused on cleaning up the PHP dependencies, porting Movim on SQLite (next to MySQL and PostgreSQL) and adapting the project to prepare a nice package for the upcoming Debian stable.
I'm now more in GP's camp of "Developers not understanding what a typical user would look like."
Also your homepage is confusing: https://movim.eu/
I'm a developer, I read the article, and your homepage really contradicts my expectation that you provide Tumblr-like functionality.
I'm a fairly experienced sysadmin/dev and seeing this on their Docker image instructions means I likely won't bother if I have to set things up distinct from their Docker (hint: I'm looking at your Docker instructions because I want a nice simple self-contained build):
> Running this docker-compose file will build a stack comprising an nginx container, a PHP container (where Movim itself resides) and a PostgreSQL container. This setup assumes that you already have an XMPP server such as ejabberd or Prosody running somewhere else.
One of the things that Facebook and Twitter have going for them is that they're already in the cloud.
One way we could make this work is to have some sort of simple protocol with oauth support so that someone can just spin up a container with one click.
This way you could have DNS setup and the container running within just a few minutes.
The only UI that the typical person needs to understand is the credit card and browser URL or else it's not going to take over the world.
Only a small note: we have had a free, functional, decentralized social network in the past, even supported by thing like Microsoft Outlook. It's still there, despite semi-abandoned state, today. It have a name, of course: nntp news.
All we need if we want a free alternative to ANY social network is being back on nntp. Of course we can add features to it, we can start to shake heads and think seeing the role of IT today it it's time to buy serious mail solution, perhaps a VPS and a domain name, perhaps create a small home-server that mirror public/semipublic personal stuff from the VPS to us so we can easily jump from a vendor to another without change anything from our mail address to our datas.
IT is not only a game anymore, it start to be a serious thing even for casual people, better know a bit of it and be prepared.
I have been looking for an NNTP server that I can run privately, with a minimum of fuss, user accounts and encryption, so that I can host one for our family (previously we used G+, but that is being shut down).
? A newsgroups live on many different news servers, hosted by many different subjects, potentially including it's members newsserver. People who host server can choose what groups to serve and with what privilege (read only, max x post per days etc) but do NOT control posts groups content (posts/threads), any member can and normally mirror a (recent) snapshot of group contents on it's own personal spooler etc. Essentially no one can control the entire system.
A website typically run on a dedicated server, not mirrored elsewhere, under the complete control of it's owner, and hosting. So while no one really "own" usenet different subjects own, can censor, destroy etc a website and their reader can't really do much about that.
We have of course other types of site, ZeroNet is a nice example, but they suffer many problem, they are far less available and known compared to usenet and their "ownership" is still partially in singe subject hands.
A simple practical example: what happen to your HN post if HN disappear? How can you or us "posters" united can do in that case? Vs what happen if a newsserver disappear?
The internet as a whole: yea, anyone can spin up a site, though that's not really the point. By that logic Facebook is federated, since anyone can spin up a facebook-like.
Individual websites: the sole owner of the domain name determines all servers that can serve content, thus all behavior, which is pretty conclusively non-federated.
I followed the links to the site, https://movim.eu/, and the link to "Create an account" in the phrase "Create an account and connect to one of our public platforms." links to https://movim.eu/accounts/register, which returns a 404.
I tried clicking on "fr.movim.eu" to create an account on the french platform. By following a few links we finally arrive to : https://fr.movim.eu/?accountnext/movim.eu/, which doesn't work for creating an account.
First thing I saw, too, before giving them temporary JavaScript execution privilege.
It's one thing to be JavaScript-rendered only. It's another to be impolite to users who happen to constrain JavaScript privileges of yet-untrusted sites. This seems especially relevant since you are attempting to convince an audience to adopt a federated opensource platform. The Venn diagram of people who understand the value of federated platforms has greater than average overlap with those who restrict JavaScript execution in their web browser.
I recommend revising the <noscript> tag to say something like "Please enable JavaScript to read this content. We use JavaScript for the following ... [a brief summary] and we do not use any third-party hosted script." (Incidentally bravo on not using third-party scripts!)
This message was initially added more than 5 years ago and not really changed since then :)
The related ticket has been fixed and master is now having a better wording for this message https://github.com/movim/movim/issues/737.
They're costing themselves what, maybe 1% of possible users for the benefits of a) not having to deal with the other issues that subset of users is bound to have and b) ease of continuing to develop the project.
Consider their install steps; their entire market is just the people who can follow those steps, and a large percentage of those people would be pissed off about the messaging, if not about the fact that you cannot block JS
It is an interesting idea to built it on top of XMPP. I'm not sure how much advantage this is over just running a regular webpage. The front page is pretty breathless about getting updates to your readers instantly, but that's not really a feature I'm interested in for a blogging platform. They also talk about being able to use chat clients to use the platform, but I don't see how a big HTML rich text post is going to look very good on a chat client.
I like XMPP but this honestly just seems like a weird fit to me. ActivityPub seems like the more appropriate protocol for this. Also gives you federation with stuff like mastodon and peertube.
Tumblr allows you to log into multiple blogs using a single account. You have a "main" blog directly connected to your account. In addition you have as many blogs as you wish that you can reblog or post to, and can be owned by multiple people.
Is it possible to customize a Movim instance such that it behaves more like tumblr or a photo blog? As it stands it seems to be a lot of things that Tumblr was not, which is great, but perhaps this would be more attractive to Tumblr refugees if a pared down interface was available.
As it is explained it is possible to provide a custom CSS stylesheet for your own blog. Just provide the link to the file (that can be hosted anywhere) in your account configuration.
There is no "advanced" UI like on Tumblr where you can pick a theme or customize the current theme graphically but we can imagine something like that in the future (or a website where people could create custom CSS file and link them with their account).
The HTML code of the pages is kept as simple as possible to make it easy to select the elements that you want to customize.
I understand. I guess I was thinking about how Scuttlebutt works where you have multiple client apps (with radically different UIs) that can federate over a common protocol.
The number 1 feature I'm going to miss from Tumblr is the video seeking. The ability to place your finger on a video and slide forward or backwards is to-date the best way to seek IMHO.
I've been using Diaspora as tumblr alternative since 2015 and it's great! I love tag driven social network idea, the only problem I have is low user base.
To me diaspora ruined every other free social network. How am I supposed to find someone to follow on a new social network? Tags (read interests) are a great idea, lets have more of that please.
My wife does a lot of Tumblr stuff with her online Anime community, 95% of the people in the community are not technical. About 50% of those only have a phone.
So I'm looking at Movin, I see no iOS app. No Android App (Google PlayStore link is dead). I see DOL.
Federated means all your data is served directly from your own computer so as soon as you switch it off it becomes unavailable and all the kinds of attacks (DDoS, pwned, lawyers etc) hit you directly and everybody can find out your home IP address, right? I feel like I would strongly prefer distributed over federated unless I really misunderstand federated (which is very probable).
2000-era P2P was run from people's desktop computers but federation these days is run from VMs in data centers. You don't turn the VM off but you still have to worry about the other attacks.
I have read that document. While PHP certainly has its problems, it still remains a tool in my toolbox.
The trick is being aware of the pitfalls. Just because an application is written in PHP does not make it inherently bad, just as an application written in (e.g.) Rust does not make it inherently good.
Rust makes it unlikely that certain classes of bugs exist. PHP makes it very likely that lots of bugs exist. You're right, it's not a silver bullet, but writing PHP, no matter how much you're "aware" of the pitfalls is just bad engineering and makes your software more likely to be buggy crap.
Rust is unforgiving, yes. PHP is forgiving, yes. You will write Rust the way Rust wants to be written, or you will suffer. You will write PHP the way you want to write PHP, and you may make yourself suffer.
One requires that you think a certain way in order to function at all. The other requires only that you can solve problems, but makes no guarantees that your solution will be the optimal one.
Regardless of language, the criteria you need to keep in mind is this:
> Am I solving a problem for people in a way that is better than other available solutions?
> One requires that you think a certain way in order to function at all.
That's a feature in my eyes. Languages with too much freedom -- C++, PHP, Javascript and many others -- suffer from (a) lack of idiomatic syntax or ways of doing basic things like map&reduce; even finding an element in a list, or formating a date/time have many library choices, and (b) give you plenty of ways to shoot yourself in the foot.
Opinionated tech is a protection against a class of brain defects of the human programmers. You cannot keep track of 50+ potential dangers in your head all the time. You will inevitably make a mistake. Opinionated tech reduces the count of things you have to constantly be aware of.
Why? It is still spot on.
The metaphor is perfect - no matter what specific bugs is fixed in PHP, the overall fractal of pure shit is still present - it is everywhere you look.
Why do you think it's past its utility then? The arguments are still perfectly sound, so despite a few of its complaints being fixed it still seems worth reading to me.
One can write very similar things about the evils of C, Java, or JavaScript, particularly if you happened to be an asshole. It's mostly value judgments, and consequently it has low informational value. It's an angry rant. CS needs far fewer people who think that it's okay to write vague, angry rants about other people's code. Yes, that is quite a common thing to do, and no, that does not make it okay.
If you must rag on PHP, presumably after some contemplation of the beam in your own eye, then this would be best accomplished by a more neutral and factual presentation, such as phpsadness.com. Spreading an angry, dismissive, fact-light rant is just poo-flinging.
Over PHP? Basically anything. Hell, I'd use Python before I touched PHP or let anyone install it on any of my machines, and after years of using Python at work I despise it (sorry people who love Python).
I'm somewhat curious to ask "why" (and full disclosure I am indeed a koolaid-drinking python fan) because I could find myself agreeing if you had said the slightly different "I despise it <for certain classes of work>"
E.g. I found myself regretting writing a 20k LOC hobby product in python, it rapidly became so much more of a hairball to grow than a strongly typed or statically compiled language (and part of me wonders how much that's because I haven't learned type hints yet); however you'll pry python from my cold dead hands before I take another language for data analysis/prototyping.
We have the exact same issue with python. For large projects the dynamic typing is such a hassle. It slows down development. It increases debugging time. It's just a pain for complex systems. I haven't used type hinting yet but it only fixes so much of the problem.
We're veering offtopic now, but my problems with Python (in no particular order, some are serious, others are just nits that are annoying but don't really discourage it that much):
- Too dynamic: deliberately hand-wavy but, as you said things quickly become a hairball. No where I've been has been disciplined enough to keep Python projects clean, but they shouldn't have to be.
- Dependency management: pipenv has made fetching dependencies a bit better, but it's so slow that it's almost unbearable to use (for even a small repo it has to download and execute setup.py from deps one at a time because the underlying system doesn't provide a decent way to calculate a dependency graph up front, it's aweful).
- Testing: I don't know why exactly, but every single place I've ever been has had large chunks of tests that do nothing because mocks accidentally got substituted in for the thing being tested. Maybe this is just part of "too dynamic".
- Deploys: I miss the days of single binaries. Workarounds like using containers just for the sake of having a single artifact that can be pushed to prod are solutions for a problem that shouldn't exist. That being said, single binaries seem to be in vogue again, so maybe those days will come again soon. There are certainly worse things here than Python, but still, it's been a major pain point at all places I've been previously.
- Significant whitespace: I know this one is controversial and in theory is just a minor annoyance, but again, everywhere I've ever been we've had some sort of major issue where it turned out that something wasn't indented as much as someone thought it was and it was missed in code review. Curly braces may be ugly, but at least they're explicit.
- The Python 2/3 split. 'nuf said. People acknowledge that this was a mistake, everyone else learned from it and it's becoming less of a problem over time (but not quick enough).
No language is perfect, but I can't think of a single problem that I wouldn't pick something else over (unless its a choice between Python and PHP, then I'll take PHP any day).
On a more positive note, I always miss context managers when working in other languages that don't have a similar concept.
Yes, basically anything. And yes, I'm an active developer who has been forced to use PHP plenty of times. Don't do it. Just stop it. Every time you use PHP, even newer varieties, you are making the world of software a worse place.
Is it? One of the unfortunate realities of running an online service is having to deal with cp. With centralized services, it's a mitigable annoyance - you, as the operator, can employ various hash blacklists and the like. However, this isn't always sufficient; I assume the parent was referring to Tumblr getting purged from the iOS app store over doing too little too combat cp[1].
With federated services, the problem is more difficult. For one, if a centralized service can't clamp down on cp to Apple's standards (as unrealistic and inconsistently applied as they may be), what chance does a decentralized system have, where individual instance operators have to collaborate to keep their own instances clean and not federate with poorly-janitored instances?
It also increases the barrier to running an instance. Dealing with cp is not fun and having to manage that on top of usual mod/maintenance tasks has the potential to escalate running an instance from reasonable hobby to hellish timesink. If running instances is too hard, your federated system is probably DOA.
Of course, if a federated system were created with strategies for dealing with cp and other cannot-host content in mind, that would be a genuine improvement over existing designs that'd be worthy of discussion.
Email isn't really a publishing tool however. It's apples and oranges. If the pedos on Tumblr were DMing each other with the pics (Tumbler has DMs right?) then Apple wouldn't have known about it and shut them down.
That said, if they aren't actually hosting any of the content they probably won't run into the same problem Tumblr did. They will be able to pin the blame on third party servers. The app store still has a Tor client for example, because the Tor project doesn't host any user editable content. It's when someone loads a CP image from movim.eu that they get in trouble.
Cp refers to child porn, the unfortunate publishing of which on Tumblr led to it being pulled from the iOS app store and then disallowing nsfw content on Tumblr.
Just to nitpick the causality here, Tumblr was bought by Yahoo in 2013 then Yahoo was bought by Verizon/Oath in 2017 and now the porn ban is hitting afterward.
Nah, we need something EASY either with IPFS or a competitor from Russia which is not in this stupid NSFW censoring scheme. I don't see how movim can be a good replacement for Tumblr.
> Movim is lightweight (only a few megabytes) and can be deployed on any server. We are providing a Docker image, a Debian package or a simple installation tutorial if you want to deploy it yourself.
I imagine a typical Tumblr user landing on this page and not getting a single word of the "easy to deploy" section. A lot of these distributed project suffer from this unfortunately. Developers not understanding what a typical user would look like.
Unless the user can click a button, enter a credit card and get an instance they are not going to use that service. And it has to look nice.