Python Overtakes JavaScript as Most Popular Language on GitHub by bjornsno in c/python@programming.dev
[-] bjornsno@lemm.ee 3 points 4 days ago

You need to get over the bloat of virtual environments. It's the same as node_modules and it's completely necessary if you want more than a single python project to live on your machine.

I personally use poetry as my dependency manager and build tool. It's not perfect but it's a lot better than pipenv or just rawdogging pip like a maniac. uv is the new hotness, but I haven't tried it so can't vouch. People seem to like it though.

JavaScript is also an interpreted language with tons of build tools. The reason to have one for python is mainly about packaging and code distribution, so same as JavaScript. If you want to distribute a program you probably don't want to just point people to a GitHub repo, and if you want to publish a package on pypi it needs to be bundled correctly.

For ecosystem there isn't much I can do for you, it completely depends on what you'll be working on. Baseline you want pydantic for parsing objects, assuming some APIs will be involved. You want black for code formatting, flake8 for linting, pytest for testing. If you're gonna write your own APIs you can't go wrong with fastapi, which works great with pydantic. For nice console stuff there's click for building cli apps and rich and textual for console output and live console apps respectively.

People are actively trying to replace flake8 and black with feature compatible stuff written in rust but again I haven't tried those so can't vouch.

Coming from react you're gonna need to pretty quickly switch gears to thinking more object oriented. You're gonna be annoyed at how you can't just quickly declare a deeply nested interface, that's just how it is. The biggest change other than object oriented thinking will probably be decorators. Typescript had them experimentally and only for classes, python has them for classes and functions natively. They're a bit tricky to wrap your mind around when you want to write your own, but not too bad. A lot of Google hits will be outdated on this front. Google specifically "decorators ParamSpec" to see how to make them properly.

Good luck in your new job, you'll be grand!

Python Overtakes JavaScript as Most Popular Language on GitHub by bjornsno in c/python@programming.dev
[-] bjornsno@lemm.ee 1 points 4 days ago* (last edited 4 days ago)

Definitely those used to be pain points, but they do exist now so type erasure after decorator application isn't a problem anymore, which used to be another huge one for me.

The discussion around how unpopular it was in other languages seems like such an obvious side track to me. Typing in general went out of fashion and then made a comeback when it was opt-in, why wouldn't the same apply to exceptions? Of course I'm not wanting warnings in every func call because of a potential MemoryCorruptionError, but if a library has some set of known exceptions as a de facto part of its interface then that's currently completely unknown to me and my static type checker.

One kinda bad example is playwright. Almost all playwright functions have the chance to raise a TimeoutError, but even if you know this you'll probably shoot yourself in the foot at least once because it's not the built-in TimeoutError, oh no, it's a custom implementation from the library. If you try to simply try...except TimeoutError:, the exception will blow right by you and crash your script, you've got to import the correct TimeoutError. If it was properly typed then pyright would be able to warn you that you still need to catch the other kind of TimeoutError. It's a bad example because like I said almost all playwright functions can raise this error so you'd get a lot of warnings, but it also demonstrates well the hidden interface problem we have right now, and it's the most recent one that screwed me, so it's the one I remember off the top of my head.

Python Overtakes JavaScript as Most Popular Language on GitHub by bjornsno in c/python@programming.dev
[-] bjornsno@lemm.ee 5 points 5 days ago

Yeah, they're useful when developing, which is why it's so frustrating when libraries don't implement types. I'm developing and I'm trying to use a tool that supposedly fits a use case I have, but the tool didn't come with instructions so it's practically useless to me. I could open the tool up and look at its guts to figure it out but are you kidding me no, I'm not going back to the stone age for your tool.

Python Overtakes JavaScript as Most Popular Language on GitHub by bjornsno in c/python@programming.dev
[-] bjornsno@lemm.ee 13 points 5 days ago

All documentation is optional and ignored at runtime, that doesn't mean you shouldn't do it. If your library doesn't have type hints I'm just not gonna use it, I don't have the time to figure out what you accept or return.

Python Overtakes JavaScript as Most Popular Language on GitHub by bjornsno in c/python@programming.dev
[-] bjornsno@lemm.ee 1 points 5 days ago

My biggest pet peeve is the complete inability to annotate a set of known exceptions that a function raises in a machine readable way. The discussion about it is quite heated.

Python Overtakes JavaScript as Most Popular Language on GitHub by bjornsno in c/python@programming.dev
[-] bjornsno@lemm.ee 64 points 5 days ago

I code both typescript and python professionally, and python is almost as much of a mess, just a different kind of mess. The package manager ecosystem is all over the place, nobody is agreeing on a build system, and the type system is still unable to represent fairly simple concepts when it comes to function typing. Also tons of libraries just ignore types altogether. I love it, but as a competitor to JavaScript in the messiness department it's not a good horse.

love how you don't have to alter serious rightwing memes to meme them by bjornsno in c/memes@lemmy.ml
[-] bjornsno@lemm.ee 45 points 3 months ago

Come on, this one is funny but why pretend it was ever made by a right wing person in earnest? Everything about it screams classic mocking meme.

12
Help with authentik and traefik random drops (lemm.ee)
submitted 3 months ago* (last edited 3 months ago) by bjornsno@lemm.ee to c/selfhosted@lemmy.world
4 comments fedilink

Hello self hosters! I am hoping some of you wizards can help me troubleshoot my setup with authentik and traefik.

First about my setup. I have a synology nas that is running a docker compose stack. Synology is notoriously bad at keeping their docker version fresh, but hopefully that isn't relevant to this issue. I'm running traefik for reverse proxy, and authentik for auth. In authentik land I've split the outpost work into its own container, named authentikproxy. Any request to a service with the authentik-basic@file or authentik@file middleware labels applied should be routed through the authentikproxy service for auth. If it detects that one isn't authed, it will in turn send you to the authentik frontend for SSO.

The issue is that authentik randomly stops working for random routes, or randomly fails to start working for random routes. Every time this happens I need to restart my authentikproxy and traefik containers over and over until it randomly decides to work for all my routes. When this happens I am just sent straight to the app unauthenticated. I'll have to either input http basic credentials or use the app's login page, whichever it has. I have found nothing in the logs after months of this going on, neither authentik nor traefik seem to be aware that anything is amiss.

I suspect the issue is to do with the docker networks but that's honestly just a hunch.

My docker-compose file is hundreds of lines long, so I've stripped environment and volume info while preserving traefik labels to try to keep the info more or less concise. It is certainly still too much info but I did not want to accidentally delete something crucial. Here follows my setup.

docker-compose.yml

services:
  traefik:
    profiles:
      - prod
    container_name: traefik
    image: traefik:v2.11
    command:
      - "--entrypoints.websecure.http.tls.domains[0].main=${BASE_DOMAIN}"
      - "--entrypoints.websecure.http.tls.domains[0].sans=*.${BASE_DOMAIN}"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./traefik/middlewares.yml:/app/myconf/middlewares.yml
      - ./traefik/traefik.yml:/traefik.yml
    restart: unless-stopped
    networks:
      default:
        aliases:
          # Allow xcontainernet services to resolve authentik
          - "authentik.${BASE_DOMAIN-home}"
    ports:
      - 80:80
      - 443:443
    labels:
      - "traefik.enable=true"
      - "traefik.http.middlewares.redirectssl.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik.rule=Host(`traefik.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.traefik.middlewares=redirectssl@docker"
      - "traefik.http.routers.traefiksecure.rule=Host(`traefik.${BASE_DOMAIN-home}`)"
      - "traefik.http.services.traefik.loadbalancer.server.port=8080"

  transmission:
    image: lscr.io/linuxserver/transmission
    container_name: transmission
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.torrents.rule=Host(`torrents.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.torrents.middlewares=redirectssl@docker"
      - "traefik.http.routers.torrentssecure.rule=Host(`torrents.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.torrentssecure.entrypoints=websecure"
      - "traefik.http.routers.torrentssecure.middlewares=authentik@file"

  sabnzbd:
    image: lscr.io/linuxserver/sabnzbd
    container_name: sabnzbd
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nzb.rule=Host(`nzb.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.nzb.middlewares=redirectssl@docker"
      - "traefik.http.routers.nzbsecure.rule=Host(`nzb.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.nzbsecure.entrypoints=websecure"
      - "traefik.http.routers.nzbsecure.middlewares=authentik@file"
      - "traefik.http.services.nzb.loadbalancer.server.port=8080"

  sonarr:
    image: ghcr.io/linuxserver/sonarr:latest
    container_name: sonarr
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.sonarr.rule=Host(`sonarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.sonarr.middlewares=redirectssl@docker"
      - "traefik.http.routers.sonarrsecure.rule=Host(`sonarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.sonarrsecure.entrypoints=websecure"
      - "traefik.http.routers.sonarrsecure.middlewares=authentik-basic@file"
      - "traefik.http.services.sonarr.loadbalancer.server.port=8989"

  radarr:
    image: ghcr.io/linuxserver/radarr:latest
    container_name: radarr
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.radarr.rule=Host(`radarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.radarr.middlewares=redirectssl@docker"
      - "traefik.http.routers.radarrsecure.rule=Host(`radarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.radarrsecure.entrypoints=websecure"
      - "traefik.http.routers.radarrsecure.middlewares=authentik-basic@file"
      - "traefik.http.services.radarr.loadbalancer.server.port=7878"

  readarr:
    image: lscr.io/linuxserver/readarr:nightly
    container_name: readarr
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.readarr.rule=Host(`readarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.readarr.middlewares=redirectssl@docker"
      - "traefik.http.routers.readarrsecure.rule=Host(`readarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.readarrsecure.entrypoints=websecure"
      - "traefik.http.routers.readarrsecure.middlewares=authentik-basic@file"
      - "traefik.http.services.readarr.loadbalancer.server.port=8787"

  bazarr:
    image: ghcr.io/linuxserver/bazarr:latest
    container_name: bazarr
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.bazarr.rule=Host(`bazarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.bazarr.middlewares=redirectssl@docker"
      - "traefik.http.routers.bazarrsecure.rule=Host(`bazarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.bazarrsecure.entrypoints=websecure"
      - "traefik.http.routers.bazarrsecure.middlewares=authentik-basic@file"
      - "traefik.http.services.bazarr.loadbalancer.server.port=6767"

  prowlarr:
    image: lscr.io/linuxserver/prowlarr:latest
    container_name: prowlarr
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.prowlarr.rule=Host(`prowlarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.prowlarr.middlewares=redirectssl@docker"
      - "traefik.http.routers.prowlarrsecure.rule=Host(`prowlarr.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.prowlarrsecure.entrypoints=websecure"
      - "traefik.http.routers.prowlarrsecure.middlewares=authentik-basic@file"
      - "traefik.http.services.prowlarr.loadbalancer.server.port=9696"

  jellyfin:
    image: linuxserver/jellyfin:latest
    container_name: jellyfin
    networks:
      default:
      xcontainernet:
        ipv4_address: 192.168.0.201
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.jellyfin.rule=Host(`tv.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.jellyfin.middlewares=redirectssl@docker"
      - "traefik.http.routers.jellyfinsecure.rule=Host(`tv.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.jellyfinsecure.entrypoints=websecure"
      - "traefik.http.services.jellyfin.loadbalancer.server.port=8096"

  authentikserver:
    image: ghcr.io/goauthentik/server:2024.2.2
    command: server
    depends_on:
      - postgresql
      - redis
    labels:
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.authentik.rule=Host(`authentik.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.authentik.entrypoints=web"
      - "traefik.http.routers.authentik.middlewares=redirectssl@docker"
      - "traefik.http.routers.authentiksecure.rule=Host(`authentik.${BASE_DOMAIN:-home}`)"
      - "traefik.http.routers.authentiksecure.entrypoints=websecure"
      ## HTTP Services
      - "traefik.http.routers.authentiksecure.service=authentik-svc"
      - "traefik.http.services.authentik-svc.loadbalancer.server.port=9000"

  authentikproxy:
    image: ghcr.io/goauthentik/proxy:2024.2.2
    labels:
      - "traefik.http.routers.authentik-proxy-outpost.rule=HostRegexp(`{subdomain:[a-z0-9-]+}.${BASE_DOMAIN:-home}`) && PathPrefix(`/outpost.goauthentik.io/`)"
      - "traefik.http.routers.authentik-proxy-outpost.entrypoints=websecure"
      - "traefik.http.services.authentik-proxy-outpost.loadbalancer.server.port=9000"

  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    depends_on:
      - redis
      - immich-database
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.immich.rule=Host(`photos.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.immich.middlewares=redirectssl@docker"
      - "traefik.http.routers.immichsecure.rule=Host(`photos.${BASE_DOMAIN-home}`)"
      - "traefik.http.routers.immichsecure.entrypoints=websecure"
      - "traefik.http.services.immich.loadbalancer.server.port=3001"

networks:
  default:
    ipam:
      config:
        - subnet: 172.22.0.0/24
  xcontainernet:
    name: xcontainernet
    driver: macvlan
    driver_opts:
      parent: eth0
    ipam:
      config:
        - subnet: "192.168.0.0/24"
          ip_range: "192.168.0.200/29"
          gateway: "192.168.0.1"

traefik/traefik.yml

providers:
  docker:
    exposedByDefault: false
    network: homeservices_default
  file:
    directory: /app/myconf
    watch: true

entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"
    http:
      tls:
        certResolver: dnsresolver

traefik/middlewares.yml

http:
  middlewares:
    https-redirect:
      redirectScheme:
        scheme: https
        permanent: true

    authentik-basic:
      forwardAuth:
        address: "http://authentikproxy:9000/outpost.goauthentik.io/auth/traefik"
        trustForwardHeader: true
        authResponseHeaders:
          - Authorization

    authentik:
      forwardAuth:
        address: "http://authentikproxy:9000/outpost.goauthentik.io/auth/traefik"
        trustForwardHeader: true
        authResponseHeaders:
          - X-authentik-email
          - X-authentik-groups
          - X-authentik-jwt
          - X-authentik-meta-app
          - X-authentik-meta-jwks
          - X-authentik-meta-outpost
          - X-authentik-meta-provider
          - X-authentik-meta-version
          - X-authentik-name
          - X-authentik-uid
          - X-authentik-username
24
Help with deployment (lemm.ee)
submitted 4 months ago by bjornsno@lemm.ee to c/selfhosted@lemmy.world
19 comments fedilink

Hello nerds! I'm hosting a lot of things on my home lab using docker compose. I have a private repo in GitHub for the config files. This is working fine for me, but every time I want to make a change I have to push the changes, then ssh to the lab, pull the changes, and run docker compose up. This is of course working fine, but I want to automate it. Does anyone have a similar setup and know of a good tool? I know I could use watchtower to update existing images, but this is more for if I change a setting or add a new service.

I've considered roughly four approaches.

  1. A new container that mounts the whole running directory and the docker socket. It will register a webhook in GitHub to receive notifications when I push to the repo, run git pull and docker up. My worries here are the usual dind gotchas.

  2. Same as 1, but don't mount anything, instead ssh from container to host and run the steps there. This solves any dind issues, but I don't love giving the container an ssh key to the host.

  3. Have a service running on the host outside of docker. This is probably the correct approach, but very annoying since my host is a Synology nas and it doesn't have systemd or anything like that afaik.

  4. Have a GitHub action ssh to the machine and do the steps. Honestly the easiest way but I would prefer to not open ssh to the internet.

Any feedback or tips are much appreciated. I don't feel like any of my options are very good and I feel like I am probably missing something obvious.

5
Bug: "clear read" buttons do nothing (lemm.ee)
submitted 5 months ago by bjornsno@lemm.ee to c/boostforlemmy@lemmy.world
6 comments fedilink

I have two ways to supposedly "clear read" posts when viewing a community, however doing so has no effect. I've got the app set up to hide read posts, so clearing read posts should let me see the ones that were previously hidden but that does not happen. My only way to see those posts now is to open the community in a web browser.

canYouTakeALookAtThisDateTimeBug by bjornsno in c/programmerhumor@lemmy.ml
[-] bjornsno@lemm.ee 29 points 6 months ago

I leave the country for six goddamn months and they pull this shit while I'm away???

Introducing selfh.st/apps, a Directory of Self-Hosted Software by bjornsno in c/selfhosted@lemmy.world
[-] bjornsno@lemm.ee 26 points 7 months ago* (last edited 7 months ago)

Quick feedback: your css transitions are way too long, opening the hamburger menu should not make me feel like I'm waiting for it to open.

Also you've gone for the card layout on the app list, however cards create the expectation that they are actionable yet clicking them does nothing. At least make the app names clickable.

POV: You’re getting ready at Helm’s Deep by bjornsno in c/lotrmemes@midwest.social
[-] bjornsno@lemm.ee 30 points 1 year ago

?? this is exactly what a random soldier's POV at Dunharrow would have been.

A Black Man Was Elected Mayor in Rural Alabama, but the White Town Leaders Won’t Let Him Serve by bjornsno in c/usa@lemmy.ml
[-] bjornsno@lemm.ee 39 points 1 year ago

Lol lawsuits for naming elected officials in a news article? Sounds like America.

Texans Die from Heat Exhaustion After Governor Bans Water Breaks by bjornsno in c/politics@lemmy.world
[-] bjornsno@lemm.ee 25 points 1 year ago

When individual humans reach a certain level of power and wealth they tend to self isolate. This is a natural response, they need to start to see themselves as different and set apart from regular humans, because the things they need to do to keep growing their wealth and power start to become increasingly inhuman.

Here's a link to an article full of the insane things billionaires have tried to justify, in their own little books, and these are just the things they are happy to share. The complete disconnect from their reality and ours becomes terribly pain to see once you read their thoughts.

view more: next ›

bjornsno

joined 1 year ago