Opened 5 years ago

Closed 8 months ago

Last modified 7 months ago

#10022 closed project (fixed)

We need a new blogging system

Reported by: phobos Owned by:
Priority: Medium Milestone:
Component: Webpages/Blog Version:
Severity: Normal Keywords: blog replacement upgrade www-team
Cc: lunar@…, isis, phoul, jens@…, jmtodaro@…, ultrasandwich, mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

The current blogging system is based on Drupal 5 and heavily hacked up to remove lots of surface area for classes of attacks. However, it doesn't work so much years later. The search functionality is broken. Lots of the admin functionality is broken as well. I've resorted to using raw SQL queries to manage the system. This is less than optimal.

Options I see are:

  1. Do nothing and let the blog further degrade.
  2. Migrate to a static blog generator like jekyll.
  3. Migrate to modern drupal in the debian repos.
  4. Use RedTeam's WordPress system for a more secure wordpress installation.
  5. Host it somewhere else and let them worry about it, so long as we can get our data out daily.

Child Tickets

TicketStatusOwnerSummaryComponent
#10477closedArgue about which git-based blog-system to useWebpages/Website
#10479closedultrasandwichExport blog posts from current blogWebpages/Blog
#10480closedultrasandwichExport comments from current blogWebpages/Blog
#10713closedEvaluate Juvia Comment SubsystemWebpages/Website
#13117closedDesign an updated look and feel for the blogWebpages/Website
#13118closedDesign an updated look and feel for the comment systemWebpages/Blog
#13261closedSetup new blog git repo for contentWebpages/Website
#13262closedtest blog migrationWebpages/Blog
#13263closedultrasandwichtest migration of comments to juviaWebpages/Blog
#13264closedintegrate the new jekyll blog into the tor website homepageWebpages/Blog

Change History (70)

comment:1 Changed 5 years ago by phobos

My personal favorite is static blog generators. But this removes the comment functionality, unless we sign up with a commenting service like disqus, intense debate, or we install a free software package like discourse and use it.

comment:2 Changed 5 years ago by arma

Like it or not, the blog comments have become our forum.

The mailing lists aren't it -- and many people rightly point out that they can use Tor to safely interact with the blog comments whereas getting a usable email address over Tor these days is becoming increasingly hard. And the stackexchange thing isn't a forum either.

So I think dropping the comment section, and not replacing it with something equivalent (even if somewhere else), would be a poor move.

comment:3 Changed 5 years ago by lunar

Cc: lunar@… added

comment:4 Changed 5 years ago by isis

Cc: isis added

FWIW, I use pelican for my blog, I tried a whole bunch like a year and half ago. This one is in Python, and it didn't suck as much as the other Python ones, plus the Extension API for it is really simple (I was able to write a BibTeX to anonbib-ish-thing in a couple hours). There might be better ones now, but the process of searching and trying them was painful to me -- I wouldn't really want to repeat it.

Pelican has a Disqus plugin which comes with it automatically. I tested that out, but it was pretty unusable over Tor, required registration (with an email address) on their site (which was HTTP-only). It was gross, and scripts galore, so I ditched it.

I agree with arma's comment that the blog is the safest way for users to give us feedback, we should try to find something at least as safe/non-privacy-invading to replace it.

comment:5 Changed 5 years ago by lunar

All in for a static blog generator backed by a revision control system.

The blog is also doing the event calendar. Should that be kept?

What about migration? We need to keep content, but do we also want to migrate comments?

Regarding comments, the main think I can think of here is social: who's taking care of them? Moderation, answering the bulk… Roger is doing a good amount of that for the current blog, but we might want to have more formal roles or processes?

(This is actually the reason why I always disabled comments for TWN posts. I don't want to feel sole responsible with the comments there and piling unmoderated ones are bad from our users point of view.)

I don't think Disqus is an option, otherwise we are going to have the same problem we are currently having with Stack Exchange: we can't trust their data retention policy.

Discourse looks nice from several aspects. That's a Rails app, not the worst to administrate but it needs a maintainer on the sysadmin side. It also have an impressive feature list and so it also needs someone to decide about how to turn all the little knobs.

comment:6 in reply to:  5 ; Changed 5 years ago by arma

Replying to lunar:

All in for a static blog generator backed by a revision control system.

Sounds good to me (in theory).

The blog is also doing the event calendar. Should that be kept?

I think an event calendar could be quite useful if we keep it up to date and if we make it findable for our community. It could be something very simple, like a text file we update via git, and point to from the end of the 'upcoming events' section of TWN.

What about migration? We need to keep content, but do we also want to migrate comments?

Unfortunately, my vote is yes. It sure sounds like a pain, but many of the comment sections of more recent posts (where I've put a lot of effort in) are useful resources.

Maybe that means we don't want to migrate, and instead just take static html from the old posts-with-their-comments?

Another option is to go through and extract everything perfectly into stackexchange questions and answers. I'd like that to happen, but I think it needs to be done by the community at their own pace.

Regarding comments, the main think I can think of here is social: who's taking care of them? Moderation, answering the bulk… Roger is doing a good amount of that for the current blog, but we might want to have more formal roles or processes?

I'm basically the sole blog person at this point. And it is a bit weird that we have a blog, we have helpdesk, and we have stackexchange. It seems like about half of the blog things, and an unknown fraction of the helpdesk things, could be resolved by making a good stackexchange entry and just pointing to it each time the issue comes up. But there's remaining value in both even if we do that.

As for more formal roles / processes... that's a tough one. I'd love to have some more volunteers here. But it's not clear that it would be the best use of our (at this moment limited) funding. On the third hand, here I am not doing some of the other just-as-critical things that I could be doing.

(This is actually the reason why I always disabled comments for TWN posts. I don't want to feel sole responsible with the comments there and piling unmoderated ones are bad from our users point of view.)

Makes perfect sense.

I don't think Disqus is an option, otherwise we are going to have the same problem we are currently having with Stack Exchange: we can't trust their data retention policy.

Yeah.

Discourse looks nice from several aspects. That's a Rails app, not the worst to administrate but it needs a maintainer on the sysadmin side. It also have an impressive feature list and so it also needs someone to decide about how to turn all the little knobs.

Haven't looked at it, but am open to it.

comment:7 in reply to:  6 Changed 5 years ago by phobos

Replying to arma:

I'm basically the sole blog person at this point.

I moderate comments and do direct sql to keep the spam down. If you mean by responding to comments, sure. In reality, ain't nobody got time for that. As we've seen with stack exchange, others in the community would be great at moderating and responding to comments.

comment:8 Changed 5 years ago by phobos

Owner: set to phobos
Status: newaccepted

comment:9 Changed 5 years ago by phobos

Keywords: blog replacement upgrade added
Milestone: 2014 Tor Blog Replacement

comment:10 Changed 5 years ago by ultrasandwich

Happy to report that I've scraped all blog posts and their comments (#10479).

comment:11 Changed 5 years ago by phobos

Keywords: www-team added

comment:12 Changed 5 years ago by lunar

Other free software alternatives to Disqus:

comment:13 Changed 5 years ago by phobos

The blog is currently broken, and increasingly more broken as time progresses.

  1. The search engine no longer works.
  2. The CAPTCHA module no longer works.
  3. A few of the admin views no longer work (like statusreport, search, profile edit)

comment:14 Changed 5 years ago by phoul

Cc: phoul added

comment:15 Changed 5 years ago by phobos

I think a rational stopgap is to simply upgrade to drupal 7 from the repositories. This gets us at least on modern code, fully functional, and we can then have time to discuss next steps. The process is likely to upgrade to drupal 6 and then 7.

comment:16 Changed 5 years ago by qbi

Cc: jens@… added

comment:17 Changed 5 years ago by phobos

According to Roger, our blog is even more broken now, see #12949 for fun.

Options are to either just migrate the blog to some 3rd party, or find someone to convert it to modern drupal 7.

comment:18 Changed 5 years ago by phobos

I sent an email to tor-www-team to see if we have motivated people to help us out.

comment:19 Changed 5 years ago by phobos

Step 1: Get our drupal blog working again.
Step 2: migrate the content to jekyll with a nice design.
Step 3: migrate the comments to juvia or something with a similarly nice design
Step 4: stop worrying about the blog

comment:21 in reply to:  19 ; Changed 5 years ago by ultrasandwich

Replying to phobos:

Step 1: Get our drupal blog working again.
Step 2: migrate the content to jekyll with a nice design.
Step 3: migrate the comments to juvia or something with a similarly nice design
Step 4: stop worrying about the blog

I'm ready to try the Drupal migration whenever the current blog can be exported somewhere with new admin credentials. Has there been any movement on this? https://lists.torproject.org/pipermail/www-team/2014-August/000360.html

comment:22 in reply to:  20 ; Changed 5 years ago by ultrasandwich

Replying to phobos:

https://gitweb.torproject.org/tor-blog.git exists

I also went one step further and imported these to a barebones Jekyll installation... http://tor-blog.deadhare.com

comment:23 in reply to:  22 Changed 5 years ago by phobos

Replying to ultrasandwich:

Replying to phobos:

https://gitweb.torproject.org/tor-blog.git exists

I also went one step further and imported these to a barebones Jekyll installation... http://tor-blog.deadhare.com

Awesome.

comment:24 in reply to:  21 ; Changed 5 years ago by phobos

Replying to ultrasandwich:

I'm ready to try the Drupal migration whenever the current blog can be exported somewhere with new admin credentials. Has there been any movement on this? https://lists.torproject.org/pipermail/www-team/2014-August/000360.html

Not much progress. I have the db export. Clearing the credentials breaks drupal it seems. I have to re-import the db export and then just reset passwords I think.

comment:25 in reply to:  24 ; Changed 5 years ago by ultrasandwich

Not much progress. I have the db export. Clearing the credentials breaks drupal it seems. I have to re-import the db export and then just reset passwords I think.

Cool, whatever works. Thanks phobos! Just keep me posted on where to grab the export when that's done.

comment:26 Changed 5 years ago by lunar

According to this LWN article, Discourse can import comments from Drupal:

A nice touch for sites with existing communities is that Discourse includes several utilities for importing existing user and comment databases from several other forum packages (including vBulletin, phpBB, Drupal, and BBpress).

comment:27 in reply to:  25 Changed 5 years ago by phobos

Replying to ultrasandwich:

Not much progress. I have the db export. Clearing the credentials breaks drupal it seems. I have to re-import the db export and then just reset passwords I think.

Cool, whatever works. Thanks phobos! Just keep me posted on where to grab the export when that's done.

Ended up just dropping the user table. Everything else should be clean, if not, oh well, https://people.torproject.org/~andrew/2014-09-08-torblog-clean.dump.gz

comment:28 Changed 5 years ago by phobos

My first attempt at migrating from drupal 5 to 6 failed miserably. It seems our DB is different enough from the stock drupal to result in migration scripts not working at all.

comment:29 Changed 5 years ago by phobos

In talks with ultrasandwich to convert everything to jekyll/juvia since drupal update isn't going so well.

comment:30 Changed 5 years ago by ultrasandwich

In talks with ultrasandwich to convert everything to jekyll/juvia since drupal update isn't going so well.

Indeed I'm very close to having this totally migrated, comments included. As briefly mentioned before, keep an eye on http://tor-blog.deadhare.com for progress. I expect the comment import into juvia to be complete later today.

[update 9/12]: Juvia is up and running with ~10,000 imported comments. Heroku's free db won't let me store more than that. http://torblog-juvia-4525.herokuapp.com

Anyone keen on designing/reskinning can pull the most recent code/SASS here: https://github.com/eschaefer/tor-blog.

(phobos, I can update the tor-hosted one if you send me the credentials)

Last edited 5 years ago by ultrasandwich (previous) (diff)

comment:31 Changed 5 years ago by jmtodaro

Cc: jmtodaro@… added

comment:32 Changed 5 years ago by ultrasandwich

Cc: ultrasandwich added

comment:33 Changed 5 years ago by phobos

Overall, this looks great. Once we have the design into html and jekyll, we'll be ready for a test migration.

comment:34 Changed 5 years ago by phobos

How I wish trac could automatically create a gantt chart and dependencies based on child tickets, and turn the milestone page into the summary of all this.

I think the flow we want is:

  1. Get the content migration from drupal to jekyll working.
  2. Get the comment migration from drupal to jekyll working.
  3. Design and implement the html for jekyll.
  4. Design and implement the html for juvia.
  5. Test a complete content migration to our jekyll.
  6. Test a complete comment migration to our juvia.
  7. Pick a date, migrate content and comments to new systems.
  8. Document how to add posts to the blog for current authors.
  9. Setup blog.torproject.org vhost on static systems.
  10. Setup comment.torproject.org vhost in Tor infrastructure.
  11. On date, migrate content and comments to new systems.
  12. Shutdown drupal blog.
  13. A week later, decommission motor.torproject.org (current drupal blog machine).

comment:35 Changed 5 years ago by jmtodaro

Hi everyone! Here is the initial design implementation for review:
http://jmtodaro.github.io/tor-blog

And the code:
http://github.com/jmtodaro/tor-blog

A few things:

  • I took some liberties with hover link styling. Let me know if it could be better.
  • I didn't know what to put in the page footer so I've just left the base one.
  • Added the search box (present in the mockup) but not sure if/how we want to use it.
  • Currently both blogs and events are displayed on the review page, due to lack of support for jekyll plugins on github pages.
  • The tag cloud is ugly because the method I used to list the tags is weird and incredibly hard to style. We may need some sort of plugin to handle generating a tag cloud that works properly.
  • Archives page is a placeholder.

I based this code off of a clean jekyll base (jekyll new) and integrated components from ultrasandwich's repo as needed. I think I could merge the changes into ultra's codebase without too much trouble, if necessary.

comment:36 Changed 4 years ago by phobos

How is this coming along? What help is needed?

comment:37 Changed 4 years ago by jmtodaro

When I last spoke with Ultrasandwich, it sounded like he would take care of the functionality (archives, tagging, etc.) and I just need to integrate the design into his codebase. Unfortunately I've been tied up with other projects and I haven't gotten to it yet. I planned to get it going this weekend.

comment:38 Changed 4 years ago by Sebastian

Component: WebsiteBlog

Moving to new Blog component

comment:39 Changed 4 years ago by jmtodaro

Current Status

Here is an updated flow list to better reflect out current status:

  1. Get the content migration from drupal to jekyll working. - Complete
  2. Get the comment migration from drupal to jekyll working. - Complete
  3. Front-end development to implement tags, archives, events and search within jekyll - In progress
  4. Create Juvia web app and integrate into jekyll for dev/testing - Complete
  5. Jekyll and Juvia html styling. - In progress
  6. Setup transitional systems for testing complete data migration
  7. Test a complete content migration to our jekyll. - Ready
  8. Test a complete comment migration to our juvia. - Ready
  9. Pick a date, migrate content and comments to new systems.
  10. Document how to add posts to the blog for current authors.
  11. Setup blog.torproject.org vhost on static systems.
  12. Setup comment.torproject.org vhost in Tor infrastructure.
  13. On date, migrate content and comments to new systems.
  14. Shutdown drupal blog.
  15. A week later, decommission motor.torproject.org (current drupal blog machine).

I've set up a live working copy of the dev site in its current state here: http://tor.jmtodaro.com/blog/
Search, tagging, and archive functions have been added. The archives will require a bit more work if we want a navigation system and not just a flat list. Also I fixed the pagination links at the bottom of the page and added the ability to disable comments on posts (such as the tor weekly news) by adding "comments: disabled" to post front matter.

Design-wise everything is still a bit rough around the edges. I will move on to polishing the css when the functionality is fully implemented.

The test site currently contains 40 of the most recent blog posts and their respective comments (~3000 comments) imported to a fully working copy of Juvia. Please feel free to test the commenting system out. New comments will only appear on the test site, so go wild. If Juvia doesn't load right away, give it a few seconds as the heroku app goes to sleep after an hour of inactivity and can take it a bit to "wake up".


A word on Juvia
After implementing Juvia and understanding a bit more how it works, I must say that I have some serious concerns about whether or not this is the right comment system for us to migrate to. Here are a few highlights:

  • Juvia doesn't support nested replies, and only does inline comments when "replying". There is not even a "jump" link.
  • This completely breaks existing comment threads and make them very difficult to follow as Juvia sorts by date and there is no context to the comment it is replying to. Compare https://blog.torproject.org/blog/tor-browser-403-released#comments to http://tor.jmtodaro.com/blog/tor-browser-403-released/#comments . A crude workaround might be to programmatically insert a snippit of the parent comment into the replies or possibly a jump link during the scrape.
  • There is no way to close commenting on an old thread.
  • I'm not sure there is a way to differentiate between an actual author commenting or an imposter. I could be wrong about this if the user has moderator status, but I'm pretty sure juvia only supports one moderator per site.
  • Juvia is currently unmaintained. ( https://github.com/phusion/juvia )

I will begin research on other solutions unless we are dead set on using Juvia.


Last but not least, I've created a repo of all the scraped and converted data from our current blog. The most recent full dump is here: http://github.com/jmtodaro/tor-blog-data/
When using these, it will be necessary to update the urls relative to your own dev environment.

The development site repo can still be found here: http://github.com/jmtodaro/tor-blog


Todo

  • Implement author blogs/categories
  • Archive navigation
  • Site Description and footer links
  • Display start and end times on event posts
  • Clean up Gemfile cruft
  • Html styling
    • tag cloud
    • archive nav and results page
    • search results page
    • comments (if we switch systems)
    • markdown anomalies
    • events calendar and list


comment:40 Changed 4 years ago by jmtodaro

Status Update:

I've just updated the development site:
http://tor.jmtodaro.com/

Pretty much everything is completed. We just need to decide if we really want to use Juvia for the comments. If anyone cares to weigh in on this issue, I'd be glad to hear your thoughts. Here are the results of my research so far:

Unfortunately there really aren't too many options I found suitable. All said and done I only found two other acceptable candidates.

The first is Discourse, but here are my beefs;

  • it looks like it works the same way as juvia i.e. a flat commenting system that is going to break existing nested comment threads (without some sort of kludge).
  • Importing the comments does NOT look like it will be a trivial matter.
  • Actually has the reverse problem of REQUIRING a sign-in to comment. No Anonymous/Guest comments.

The second and most promising option I have come across is Isso: https://github.com/posativ/isso
I have not yet set up a local copy to evaluate, but when I do I will report back here with my findings.

comment:41 Changed 4 years ago by lunar

Isso looks indeed very nice!

comment:42 Changed 4 years ago by jmtodaro

Status Update:

I've done some digging into several commenting systems, and I'm afraid our options aren't great. Before I get started on the differences, I would just like to point out that over the history of the blog (2007- current), it has accumulated nearly 20000 individual comments. Roughly 6000 of those were made since January 2014. So what I'm trying to illustrate is that we have a fairly active comments section that will likely continue growing.

Unfortunately Juvia and Isso (I really like Isso btw) are designed with smaller blogs in mind and are missing many features that we will likely find necessary on a blog as active as ours, such as user authentication (for authors and moderating), ability to close comments, and moderation controls to name a few. I don't believe these are viable choices unless we are willing to further develop and contribute to these projects ourselves. Or are willing to sacrifice significant features that we currently have. If we do go this route, I think it might be a good idea to simply close comments on all existing threads and render them static with the blog posts, rather than importing them.

Hashover seems kind of interesting, but it is written in php and actually seems to require living on the same server as the blog. Bleh.

So, that really only leaves 2 viable choices (in my opinion), each with their own set of problems: Discourse or Third-party (such as Disqus).

Discourse is fully featured but the way it works is a bit strange. The main problem with this one is the fact that it requires a sign-up (with our instance of discourse, it doesn't leave our server) to comment, which in turn requires email validation. I saw no easy way around this. Switching to Discourse is also known for reducing comment activity in general due to the hurdles imposed, but according to the developers this is a feature designed to promote more thoughtful discussion.

Which leaves Disqus. I am actually somewhat sad to say that Disqus is nearly perfect in every way. I seriously have zero complaints regarding the functionality, and migrating would be a breeze. And yes it allows anonymous/guest comments without a sign in. The main drawback of course, is it being hosted by a third-party that does who knows what with the data it collects.

So I begrudgingly recommend Disqus based on featues alone. It would hands down be the most painless transition, for both us and our existing audience. Maybe we can add some sort of warning at the top of the comments section to encourage viewers to use tbb when commenting? I did not actually test it with tbb yet, I guess we would need to make sure it doesn't pull some cloudflare bs.

I've also put together a small chart to help compare the differences, available here. I look forward to hearing your feedback on this issue.

comment:43 Changed 4 years ago by mcs

Cc: mcs added

comment:44 Changed 4 years ago by peluza

I would suggest to take a look at

  • Ghost (Blogging Platform)

It has a really nice admin page (supports multiple users)
However it doesn't support comments either.

For the comment stuff we need something we can host (Disqus is not an option, it tracks users, and it requires registration - even as a guest it requires you to put your email address)

So, stay with the solutions:

  • Isso
  • Juvia
  • Hashover
  • Commentar
  • Commentics

Also, (if we are obligated to use a static generator (you don't like ghost)) We can take a look at

  • Antwarjs
Last edited 4 years ago by peluza (previous) (diff)

comment:45 in reply to:  44 Changed 4 years ago by ultrasandwich

Replying to peluza:

I would suggest to take a look at

  • Ghost (Blogging Platform)

Correct me if I'm wrong, but jmtodaro already put a bunch of good work into a really nice Jekyll solution already in place for the blog content (after I dropped the ball).

Right now we just need a good commenting system figured out. These are crucial, and need to be migrated from the current blog as well. Isso seemed like the closest thing to workable, esp regarding anonymity and threading.

Let's keep our discussion focused on this commenting solution. I'm willing to further explore the Isso solution with another person. I need to be accountable to someone else to actually get this shit done, haha.

comment:46 Changed 4 years ago by isis

Milestone: 2014 Tor Blog Replacement
Owner: phobos deleted
Status: acceptedassigned
Type: enhancementproject

Reassigning/recomponentising phobos' tickets, since we deleted phobos' password (#15896). Please feel free to reassign/recomponentise again if you feel there's a better category.

comment:47 Changed 4 years ago by isis

Status: assignednew

comment:48 Changed 4 years ago by nickm

I wonder how much hacking would be needed to get Discourse to support some kind of alternative signup/registration system. I share your concerns about Disqus.

comment:49 Changed 4 years ago by ultrasandwich

The author of Isso seems to have made it a lot easier to set up in the last few months... I am working on a comment migration script to see if I can get those at least set up.

[UPDATE] Actually, yeah I got a migration successfully run from the JSON blob of scraped comments. Only took some tweaking of the existing migration script that the Isso author has in place for Wordpress/Disqus import.

Last edited 4 years ago by ultrasandwich (previous) (diff)

comment:50 Changed 4 years ago by jmtodaro

Glad to see you got Isso working. I think I just used the wxr when I did it. There were only 2 things holding us back from using Isso:

  1. It needs to nest more than one level deep in order to retain the flow of pre-migration conversations. The current drupal blog nests 10 levels.
  2. If I recall the moderation system was rather spartan and was limited to post approval via email. I don't think this will cut it.

Have either of these issues improved by chance?

After some time to reflect, I've decided that the best course of action is likely going to be Discourse. It contains all of the features we will need to manage a blog of our size. However it is going to require some modifications to get it up to speed. Unfortunately the required work is beyond my skills. Basically:

  1. We need to create or purchase a plugin to allow anonymous posting. Or perhaps figuring out how to disable email verification on signup will be enough?
  2. Can't remember if it has nesting issues, but I want to say no?

Well, I guess number 1 is the biggie though.

comment:51 Changed 4 years ago by ultrasandwich

  1. It needs to nest more than one level deep in order to retain the flow of pre-migration conversations. The current drupal blog nests 10 levels.

But does it? ;) The Isso author marked this as a WONTFIX (https://github.com/posativ/isso/issues/79), and frankly the article he links to is convincing. My personal opinion on this is that flattening the comments might not be the worst idea, and that done is better than perfect in this scenario.

  1. If I recall the moderation system was rather spartan and was limited to post approval via email. I don't think this will cut it.

True. But how much moderation do we need other than deleting spam?

I've looked at Discourse, and that app is a monster. It's totally great, but I wouldn't know where to begin, changing (eliminating) the auth flow, ensuring anonymity, etc. These issues are easily solved with Isso, which is very anon-friendly. Discourse will be a time investment.

comment:52 Changed 4 years ago by wilbns

Hello, just wanted to check-in and see what needs to be done here to move this along toward being resolved? I see where there was an implementation in the works, but that seems to have gotten hung-up on the comment reporting.

Another user mentioned the Ghost platform - I would also second that as something that could allow us to get rolling sooner rather than later with minimal effort without having to do so much reinventing of the wheel, ourselves.

Thoughts?

comment:53 in reply to:  52 ; Changed 4 years ago by ultrasandwich

Replying to wilbns:

Another user mentioned the Ghost platform - I would also second that as something that could allow us to get rolling sooner rather than later with minimal effort without having to do so much reinventing of the wheel, ourselves.

Ghost doesn't have any commenting built-in. It relies on third party addons like pretty much every minimal blogging framework.

Comments are the big issue still. We have quick solutions for scraping all the existing blog content, dumping it into markdown files, and generating the new site. Comments and all. But the actual comment system to be used is... yeah... still not solved.

comment:54 in reply to:  53 ; Changed 4 years ago by wilbns

Replying to ultrasandwich:

Comments are the big issue still. We have quick solutions for scraping all the existing blog content, dumping it into markdown files, and generating the new site. Comments and all. But the actual comment system to be used is... yeah... still not solved.

Thanks for the feedback - here's a plugin for Jekyll that might be able to handle the comment requirement, however, it is in PHP (not sure if that is an issue?). If so, here is a port of it in Ruby.

Please let me know if there are other specifics I can research that might be helpful.

comment:55 in reply to:  54 ; Changed 4 years ago by ultrasandwich

Replying to wilbns:

Thanks for the feedback - here's a plugin for Jekyll that might be able to handle the comment requirement, however, it is in PHP (not sure if that is an issue?). If so, here is a port of it in Ruby.

Cool, I didn't know about this. Worth looking at either of these to see how nesting can be handled, and if moderation (deleting spam, etc) is possible in a sane way. These seem to use email behind-the-scenes to generate the comments, so at least there isn't a DB to muck things up.

comment:56 in reply to:  55 ; Changed 4 years ago by wilbns

Replying to ultrasandwich:

Cool, I didn't know about this. Worth looking at either of these to see how nesting can be handled, and if moderation (deleting spam, etc) is possible in a sane way. These seem to use email behind-the-scenes to generate the comments, so at least there isn't a DB to muck things up.

Ok, great. I see where there is a repo for the blog, however, it hasn't been updated in about a year. But it seems there was a bit of work subsequently done after that by jmtodaro - around six months ago. Is that where the most recent bit of progress was made and where we should look to resume? If so, is that work available in another repo or medium we can extract from?

comment:57 Changed 4 years ago by lunar

Another free software alternative to Discourse recently released: https://github.com/flarum/flarum

comment:58 in reply to:  56 Changed 4 years ago by jmtodaro

Replying to wilbns:

Ok, great. I see where there is a repo for the blog, however, it hasn't been updated in about a year. But it seems there was a bit of work subsequently done after that by jmtodaro - around six months ago. Is that where the most recent bit of progress was made and where we should look to resume? If so, is that work available in another repo or medium we can extract from?

Hi! The current repo is here: http://github.com/jmtodaro/tor-blog

comment:59 in reply to:  57 Changed 4 years ago by ultrasandwich

Replying to lunar:

Another free software alternative to Discourse recently released: https://github.com/flarum/flarum

This is so nice... but no standalone commenting option. Seems to be full-blown forum software.

comment:60 Changed 4 years ago by lunar

The general opinion here at the dev. meeting is that migrating the blog is long overdue. So we should probably go with Discourse (and maybe ask people to provide patch to enable anonymous comments).

What's missing to make that happen?

comment:61 Changed 4 years ago by ultrasandwich

So we should probably go with Discourse (and maybe ask people to provide patch to enable anonymous comments).

AFAIK this kind of patch is doable, but we need some Ruby wizards to pull it off. Discourse is one massive code base.

comment:62 Changed 4 years ago by arma

Be sure to check with Mike too! He is coordinating some drupal folks to do up a more maintainable blog with Tor Labs in mind, and we are hoping the same platform will be easily re-usable for replacing our main blog too.

(I bet Mike and his people would appreciate some reminders of all the things we look for in a blog. Are these hopes written up clearly somewhere? And of course we should also remember that our magic unicorn blog, with every possible requested feature, might be out of reach.)

comment:63 Changed 4 years ago by lunar

Given the amount of work that has already been done and how close we are to getting the new blog, I would *not* wait for the Tor Labs thing to be ready.

comment:64 Changed 3 years ago by yawning

Severity: Normal

Someone just spammed ~17 pages worth of comments only containing "1" as blog comments. As much fun as it is to clean this out (or when someone spammed several hundred pages worth of comments), can we do any of:

  • Replace the blog system.
  • Update the captcha to something that isn't apparently trivially breakable.
  • Disable commenting.

comment:65 Changed 3 years ago by cypherpunks

Hi,

I regularly visit blog.tpo and often check the comment section, particularly when new releases are published because I feel it's useful for testing the waters. Often I will reply to "please halp" comments by non-technical/new users, or interesting topics, if I think I can help.

I do not know how much you care about this since the matter hasn't been mentioned in this ticket so far, but I will not be visiting the comments anymore if they require me to enable javascript.

Given the target public for Tor, I suspect I'm not the only one with this stance.

Thanks for considering this.

comment:66 in reply to:  65 ; Changed 3 years ago by teor

Replying to cypherpunks:

Hi,

I regularly visit blog.tpo and often check the comment section, particularly when new releases are published because I feel it's useful for testing the waters. Often I will reply to "please halp" comments by non-technical/new users, or interesting topics, if I think I can help.

I do not know how much you care about this since the matter hasn't been mentioned in this ticket so far, but I will not be visiting the comments anymore if they require me to enable javascript.

Given the target public for Tor, I suspect I'm not the only one with this stance.

Thanks for considering this.

I would avoid commenting or reading the comments if they required JavaScript, too.

It would exclude everyone who uses High Security mode in Tor Browser, and anyone who disables JavaScript on any browser.

Do we really want to be teaching people to enable JavaScript on the Tor website itself?

comment:67 in reply to:  66 ; Changed 3 years ago by cypherpunks

Replying to teor:

Do we really want to be teaching people to enable JavaScript on the Tor website itself?

That lesson is already in place. Atlas/Globe require Javascript and enabling them enables Javascript on all of *.torproject.org.

comment:68 in reply to:  67 Changed 3 years ago by teor

Replying to cypherpunks:

Replying to teor:

Do we really want to be teaching people to enable JavaScript on the Tor website itself?

That lesson is already in place. Atlas/Globe require Javascript and enabling them enables Javascript on all of *.torproject.org.

I'm not convinced - there's a difference between requiring people interested in relays to run JavaScript so they can query OnionOO directly, and requiring people interested in tor to enable JavaScript to read the Tor front page and blog.

comment:69 Changed 8 months ago by traumschule

Resolution: fixed
Status: newclosed

this is obviously done. #17393 is a good choice to discuss the need of js maybe.

comment:70 Changed 7 months ago by teor

Component: Internal Services/BlogWebpages/Blog

Moved closed tickets from Internal Services/Blog to Webpages/Blog

Note: See TracTickets for help on using tickets.