From bfacd52f6fda0d44faa6b5babae8326dbc0dc883 Mon Sep 17 00:00:00 2001
From: dzwdz
Date: Sun, 23 Jul 2023 19:56:25 +0200
Subject: add the our article
---
src/our.md | 180 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 180 insertions(+)
create mode 100644 src/our.md
(limited to 'src/our.md')
diff --git a/src/our.md b/src/our.md
new file mode 100644
index 0000000..de507ac
--- /dev/null
+++ b/src/our.md
@@ -0,0 +1,180 @@
+---
+title: /town/our, a tildebrained irc bot
+date: 2023-07-23
+---
+
+
+
+tl;dr: `` is an IRC bot on tilde.town. Commands are just executables in a
+world-writeable directory. If you're on town, you can create new commands just
+by putting a script in `/town/our`.
+
+Lowering the barrier to entry by so much gave us a pretty nice bot ecosystem,
+and has just proven to overall be a bunch of fun.
+
+## genesis
+```
+2022-04-19:
+18:56 i like the idea of having every command be a separate binary
+18:59 it does make for rather composable programs (in some cases)
+18:59 netcat is neat
+18:59 i meant in a [irc] bot
+18:59 you could create new commands very quickly
+[...]
+19:01 wait do we have bwrap on here
+19:01 idea: a bot which works like this
+19:01 where the command directory is public
+19:01 so anyone could drop a script there to create a new command
+19:01 sounds pretty cool
+19:01 very pubnixy
+19:03 every command gets run with arguments specifying the user that called the command and (if necessary), additional arguments to the command
+```
+Basically, at the time I've been thinking about making an `sh(1)` bot framework
+which would store each command in a separate script. But, I've realized:
+
+1. if the commands are in separate scripts, they could as well just be arbitrary executables
+2. the command directory could be world-writeable
+
+I grabbed a basic Ruby bot framework I've made the other day, and quickly
+prototyped [jsbot](https://drewdevault.com/2021/03/29/The-worlds-dumbest-IRC-bot.html)'s
+weird cousin.
+
+```
+19:49 --> our (beep boop) (dzwdz@localhost) has joined #tildetown
+19:49 our/greet
+19:49 hi dzwdz!dzwdz@localhost from #tildetown
+19:49 \o/
+19:49 /home/dzwdz/code/town/our/cmds
+19:49 world writeable
+19:49 have fun
+19:50 <@vilmibm> whee
+```
+
+Others soon started playing with it. [~vilmibm](https://tilde.town/~vilmibm)
+immediately made some commands in Go, for example.
+
+```
+19:56 our/../../../../../../../bin/ls
+19:56 hm! definitely thought that would work :P
+[...]
+19:56 first off
+19:56 how dare you assume i'm such a bad programmer
+19:56 second off
+19:56 our/../../../bin/echo lol
+19:56 dzwdz!dzwdz@localhost lol #tildetown
+
+20:13 <@vilmibm> dzwdz: i linked /home/dzwdz/code/town/our/cmds to /town/our
+```
+
+## another (kind) bot
+
+After making the proof of concept bot, I just left it running with no other changes.
+If it ain't broke, don't fix it.
+
+Except it was broke and I wasn't fixing it. Thus, [~kindrobot](https://tilde.town/~kindrobot)
+took over.
+
+```
+2022-08-24:
+04:01 our/timefor dzwdz
+04:01 Wed, 24 Aug 2022 06:01:15 +0200
+04:14 dzwdz: (when you wake up) for your consideration: I added forking, a persistence data dir, and limited configuration to our. You can check it out in #bots
+04:15 You can use "your/..." followed by "your/town" (or any other command) to test forking
+04:15 You can use "your/count" to test persistence.
+```
+
+
+
+...then `our` got her a job at Wikimedia.
+
+```
+2022-10-13:
+19:59 When I was interviewed at Wikimedia, I talked about the "our" project that I've contributed a bit to. It seemed like the most relevant to what they were doing which is user defined functions for Wikipedia.
+19:59 i can't believe i got the job at wikipedia
+19:59 Yeah good job dzwdz :)
+```
+
+## sample commands
+Look, our is just like any other IRC bot, and the commands people have made are
+about what you'd expect.
+Some are just typical utility commands:
+```
+ our/timefor dzwdz
+ Sun, 23 Jul 2023 18:47:44 +0200
+ our/w Kraków
+ Cracow, , Poland | Sunny 28°C (82°F) (feels 29°C (84°F)) | 33% humidity | 1012 hPa
+```
+
+Some are fortune-style commands.
+```
+ our/qotd
+ 00:50:58 "i like to practise my bakery baking bakery in the bakery"
+ our/plan9/fortune
+ Did you know ... that no-one ever reads these things?
+```
+
+Some play well-known sports.
+```
+ your/ping
+ our/pong
+ your/ping
+ our/pong
+ your/ping
+ our/pong
+ your/ping
+ our/pong
+```
+
+The one I personally use the most, though, is `our/sh`. It's handy both to
+explain \*nix stuff live, and to just do all sorts of ad-hoc stuff.
+
+```
+2023-07-23:
+[...] [someone was learning about /dev/shm and tmpfs]
+ /dev/shm IS tmpfs
+ our/sh grep /dev/shm /proc/mounts
+ tmpfs /dev/shm tmpfs ro,nosuid,nodev,inode64 0 0
+
+2023-07-24:
+ i'm going to try to write a small article about our
+ how bad of a title is "/town/our, a tildebrained irc bot"
+ also does anyone have #tildetown logs from around 1650394568
+ our/sh date -d @1650394568
+ Tue Apr 19 18:56:08 UTC 2022
+ login, maybe?
+[~login did turn out to have the logs. thanks for sending them over <3]
+```
+
+## "sandboxes are for little children with tonka trucks"
+
+```
+2022-04-20:
+14:37 our/sh rm *
+14:37 nico what the fuck
+```
+
+First off---don't get the wrong idea here. This wasn't malicious.
+[~nihilazo](https://itwont.work) was just messing around, knowing that I
+implemented sandboxing.
+(also, note that this happened not even 24 hours after the bot went live)
+
+But yeah, it's safely sandboxed using [bubblewrap](https://github.com/containers/bubblewrap).
+The entire filesystem is remounted ro, except a single directory for persistent
+data, a fresh `/tmp/`, and a fresh devtmpfs (for `/dev/null`).
+The uid is also spoofed to 0, but that's just for shits and giggles.
+
+That being said, the IRC is only accessible internally, so if you can send `our`
+commands, you can also just run the commands yourself. Everything's logged, too.
+
+## where's the source
+If you must, the source's at [git.tilde.town](https://git.tilde.town/kindrobot/our).
+Note that:
+
+* I believe that version is outdated
+* the `cmds/` directory in the repo only includes a small subset of **old** commands
+* it's still, at its core, a hastily thrown together proof-of-concept
--
cgit 1.4.1-2-gfad0