How #Seppo! works

#Seppo! is meant for people[1] to operate their own, first-person (single-user) microblog. Therefore gentle onboarding and safe operation are paramount. And because server operation has it's pitfalls, #Seppo! encourages to rent cheap shared webspace and this way have professionals do the delicate but standard tasks (🏡 Webspace) on an affordable but sustainable business perspective.

You do not need privileged server access ('root') to have your own #Seppo! but you do need a CGI[2]-friendly webserver. E.g. nginx or caddy aren't.

Setup

#Seppo! is a CGI program driven by a webserver, e.g. Apache from a LAMP[3]-stack. Put seppo.cgi (see 🌱 Installation) on your CGI-capable shared webspace and enter the address in your browser's address bar, e.g. https://example.org/sub/dir/seppo.cgi. Being brand-new, the CGI doesn't find the marker file delete-me-to-restore-missing, unpacks all assets (xsl[4], css, delete-me-to-restore-missing, etc.) and creates private and public facing files, finds no app/etc/passwd.s either and so asks to set login credentials. Then it tries to create a symlink in the webspace's root /.well-known/webfinger/.htaccess. Only if self-hosting or not on Apache, you have to care about the webserver configuration. There are config file samples in contrib/etc/[5].

Discovery

In order to be found via WebFinger[6], a http GET request to https://example.org/.well-known/webfinger?resource=acct:alice@example.org must respond with the proper JRD[7] document.

#Seppo! sets this up automatically, see S1002 for details.

Add a Post

For now via web-interface. Posting does:

  1. append the message to the global app/var/db/o/p.s
  2. append to the most recent index page app/var/db/o/p/0.s or start a new one
  3. re-create the public facing according blog page o/p-0/index.xml
  4. evtl. change the symlink to the 'current' blog page o/p/index.xml
  5. do likewise for tags o/t/*-0/index.xml and daily o/d/*-0/index.xml pages
  6. queue a job to notify each follower in app/var/spool/job/new/
  7. trigger queue processing and loop via minutely HTTP calls to itself

Delete a Post

Typically via web-interface. Deleting does:

  1. find the entry in the primary page index app/var/db/o/p/0.s
  2. overwrite the post in the global app/var/db/o/p.s
  3. re-create the public facing according blog page o/p-0/index.xml
  4. re-create the according tags and daily overview pages
  5. queue a job to notify each follower in app/var/spool/job/new/
  6. trigger queue processing and loop via minutely HTTP calls to itself

Incoming followed Posts

Incoming activities[8]:

  1. verify signature[9],
  2. match sending actor[10],
  3. parse[11],
  4. serialize and purge after 90 days.

Design Decisions

To work unattended, #Seppo! avoids risks wherever possible. Namely

* * *

  1. The Internet is for End Users (RFC8890), back^
  2. The Common Gateway Interface (CGI) (RFC3875), back^, back^
  3. LAMP (software_bundle), #Seppo needs the L and A, back^
  4. XSL Transformations (XSLT), back^, back^
  5. contrib/etc/, back^
  6. WebFinger (RFC7033), back^
  7. 4.4 JSON Resource Descriptor, back^
  8. 3.1 Activity Types, back^
  9. 2.5. Verifying a Signature, back^
  10. 3.2 Actor Types, back^
  11. https://codeberg.org/seppo/seppo/src/commit/973d3bb/as2_vocab/decode.ml#L380-L384, back^
  12. tls, back^
  13. jsonm, back^
  14. xmlm, back^
  15. lambdasoup, back^
  16. 🐫 OCaml, back^
  17. Atom (RFC4287, RFC4685, RFC5005), back^
  18. XHTML™ 1.1 - Module-based XHTML - Second Edition, back^