Here are some notes from a recent meeting we had on this topic. Feel free to jump into this discussion!
Example Client path-smoothing for tire-kickers
28 Sept 2021
Alex, Scott, Claire, Shannon, Chris, James
Do we want to offer a running example client to users?
How do we enable interested parties to get up and running quickly?
We’re close. If you want to get the testnet up, a sample client up, we have a docker container. And the example client comes down to documentation. But then you’re on a private network and you can’t actually do fun things.
At that point, you’re not that far off from connecting to the QA net. Example client works on it, but the static servers that need to store content are not generally writeable. Your posts won’t be public. That’s just an http issue. How do we put things where people can see it? Do we make some sort of semi-secure HTTP client? We can have the static server that is behind some kind of simple auth and let people have some upload access, but then we let anyone (including the indexer) read from it without a password. That makes a security issue around running an open bucket for anybody to write to.
Another option is require an S3 login. Or provide a proxy or tunnel. ngrok has a feature that makes tunnels somewhat easy. Content only needs to be up long enough for the indexer to get it. Pagekite is also an option. https://Friendly-Pix.com is also a server possibility?
What about pushing to indexer? That doesn’t really work because the message needs a reachable URL.
Can we pay for the tunnels in bulk to lower friction for tire-kickers? Maybe? sounds complex. can we setup our own tunnel solution? Again, that sounds like a side quest we don’t want.
Claire suggests we just clear the storage daily, which is also a good idea.
Shannon says maybe a free API key might be the right answer. Alex likes this idea. We can make it a DSNP key and look it up on-chain.
What about a tor hidden service? You’ll have to run some kind of local httpd behind a tor server.
IPFS is also an option, via a gateway
* Alex: Look at Tor hidden service as an option
* A solid set of instructions
* Make all this legible via our site/documentation
* Document localhost-only option too
* Document an S3 solution (but don’t provide keys), verify that example client works against an S3 bucket
* James: post in the forum seeking feedback on what kinds of solutions people want here
Chris says: what about product managers? How do we give them a taste of this so they can jump in? That’s a different problem entirely. They need to see the front end. Any maybe we just give them a small S3 bucket that we flush every day.
Can we apply the Us App moderation here? Scanning, etc? Yes, but it’s non-trivial to make new workflow for this. We can’t just point the existing scanning infra at the bucket.
Scripted DigitalOcean S3-alike?