Logo depicting the hackers emblem in a circle with a highlighted top square

robertkosten.de

Reactivating

I’m slowly beginning to reactivate this page, many things are still in a half-finished state (still no comments, for example) and I have to figure out a lot of things in my proof-of-concept software here before I can proceed with rewriting it properly. Please bear with me.

2014-03-15T16:38:39+01:00 Avatar of Robert Kosten Robert Kosten <>

Inaugural post

It has been a couple of years since I blogged with anything resembling consistency. I used livejournal back then, even though I could’ve set up wordpress or something similar on my own domain easily. I was always caught in the trap of wanting to build myself a monumental homepage instead though. It’s a common flaw among software engineering types: The feeling that all available solutions are not good enough and one could easily develop a better solutions oneself, from the ground up. It would only take time… In my case, it took nearly six years – I’ve kept a handwritten journal about things I learned along the way – and I’ve gone through two different philosophies for writing my own frameworks, one publicly available framework – Symfony 2, which I’m very fond of – and finally the realization that a smaller, static approach, where I could delegate the styling to, say, Bootstrap, might be a better one.

After a mere week total of coding I finally have the homepage I always wanted, sans a few things that are not really necessary yet, like comments. I mean, who is going to comment here when I haven’t had a proper blog in at least two years? If you do, shoot me an email, I’ll incorporate your comment as soon as the system is ready for it. The underlying structure is already in place, of course.

So, what can the blog do? From a technology point of view? Well, if you’d like a short introduction (I doubt you do, but this post is probably more of a reminder/cheat-sheet for myself anyway), I’d certainly like to give it. I’m proud of my creation, can you tell?:

Features

Markdown

Every piece of content on this blog is going to be written in Markdown a no-frills markup language similar to what people have been using in their emails and newsgroups for decades now. For many uses it has proven to be simpler than more complex languages such as XHTML, which this blog uses as frame, or DocBook, which is great when it comes to technical documentation. The fact that you can easily read a markdown document when you’re a non-techie is a big point in favour, too.

So? What can it do?

Aside from simple things like italics or boldface, technical terms, links (as the one to the spec above), images like this one An Example and headlines, which you’ve seen a lot in this document so far, and then there’ also blockquotes:

Which are written with leading “> “, just like you may be used to from your email programs. They can also be nested, though that looks daft…

Then there is lists, of course:

  • rather simple things
  • but hey
  • even those need to be listed
  1. numbering
  2. is automatic
  3. too, this list
  4. is actually one with all “1” in the source

and there’s source code snippets like this one:

protected function configure()
{
    $this
        ->setName('blog:calendar')
        ->addArgument(
            'date',
            InputArgument::OPTIONAL,
            'Date to center the calendar around'
        )
    ;
}

Source Code Snippets

This last feature is especially important for me, as I hope to share a good number of posts on programming topics, so I spend a little more time on it and have added “github style” source snippets, that are written a little differently in the markdown source, but can have syntax highlighting for different languages applied:

protected function configure()
{
    $this
        ->setName('blog:calendar')
        ->addArgument(
            'date',
            InputArgument::OPTIONAL,
            'Date to center the calendar around'
        )
    ;
}

or

<ul class="nav navbar-nav">
    {% for entry in navigation %}
        <li {% if entry.active %}class="active"{% endif %}>
            <a href="{{ entry.url|raw }}">{{ entry.title }}</a>
        </li>
    {% endfor %}
</ul>

YAML

All the configuration and the optional headers to posts (yes, it makes sense to be able to say things like “author” or which tags to apply in the source file somewhere (I use the same headers idea that Jekyll uses)) are written in YAML:

blog:
    index:
        template: posts.html.twig
        abstracts: 3
    alert:
        header_offset: 2
    breadcrumb:
        template: breadcrumb.html.twig
    post:
        template: post.html.twig
        header_offset: 1

Sadly I can’t syntax highlight this one at the moment, the library I use is missing YAML and Markdown. A future project, maybe?

MathML

Whe I find to time to toy with image synthesis, raytracing and it’s ilk, there will be math. Lot’s of it. And it will be the kind of math that made Donald Knuth sit down and write TeX first… I don’t have time for that and sadly Donald’s solution is really better suited to print publication (Though it powers wikipedia’s math displays, so there’s that), so I’m the XML kind of person and as it turns out there’s a good solution in that space already, MathML. Not all browsers support it and some not all of it’s features (firefox for example will probably display something not too pretty a couple lines down, because I prefer semantic markup over presentational and the former is sadly not implemented in FF. There is a plugin though), but it’s good enough.

x a y f x y

SVG

As I’ve already shown it is easy to include images and of course, I can just as easily include vector graphics like SVG (In fact my avatar is one), but one of the really neat features of XML is the ability to nest different namespaces in one document. What that means is that I can create a vector file and embed it in the post directly, allowing me to, say, link to certain ids in it directly, etc. I’ll make use of this whenever I can.

So this circle below is not an image loaded from an external file, but present in the actual XHTML document you’re viewing. If you look at the page source you can find an svg:circle tag.

Future

My TODO-List for this blog has shrunken significantly this past week and the only two big topics left are strongly intertwined, so I will probably not tackle one without the other. There’s a handful of small improvements still missing (automatic thumbnail generation comes to mind), but nothing I can’t build when the need actually arises.

Cryptography

I am a Crypto-Nerd and as such I want to make use of digital signatures for my content, so you, the reader, can be certain it was I (or rather the only known holder of the corresponding private key) who published a certain piece.

With XML doing signatures is a little difficult, because of issues surrounding whitespace normalization, etc. There is a standard for it, but I think it is far too complicated even for people like me to apply to real world browsing scenarios. It would be great if browsers started to support it though…

Instead I plan to make the Markdown sources available for download with every post and the (detached) signature along with it.

An advantage of this idea is that it would be very easy to incorporate it for comments as well.

Comments

This is a static blog, meaning no scripts are executed on the server, all files are generated locally on my machine and then uploaded. This reduces the number of possible vulnerabilities significantly. In addition, no Javascript is used at all (by default, I may have to include some in individual posts if I want to show off some particular script), so you can crank NoScript up to eleven and the site will still work as designed (I also don’t use externally hosted CSS, because that would violate your privacy in my opinion).

All this leads to one big problem though. Comments. They are the life-blood of the blogosphere and are inherently dynamic in the sense that they don’t originate on my home computer and need to be incorporated into the site anyway. Most static blogs get around this problem by using disqus or a similar service, which is not an option for me, because I don’t want an external provider to execute code, Javascript in that case, on your machine just because you’re reading my blog and I also don’t want them to be able to hold the comments hostage.

My solution to this dilemma is rather geeky, I admit, but it has several advantages. I want to get comments via email.

It is easy enough to set up a static form to send emailsand it allows you to actually sign your comments as well (see below why that may be more of an advantage than you know). And it means that my ordinary mail spam filters will also work for the blog without me having to build something for it at all.

The only thing I need is a cron-job that checks my email regularly and to render the page to the server in case a new comment was found. Since I don’t want to publish everything that comes along, it will only need to go through a particular mail folder that I can manually move comments I approve of into. This is something I can easily do from my mobile, so moderation should be much easier than if I had to log in at home!

And one advantage just sneaked in: If you sign your comment and your key is one I have marked as trusted, then the cron-job can verify your signature and publish your comment without me having to approve it first.

Imprint

Robert Kosten
Germersheimer Weg 82
13583 Berlin
Germany

© 2017 Robert Kosten

Licensed under cc by-nd 4.0