Introduction
Greetings,
I originally wrote this in February, but never posted it. I’ve updated parts since, but some of it might be out of date (or just wrong!). It’s also available to read on Daology.
You might have seen the discussion about forum software and that we’re not all in agreement. The views I hold will be obvious and I’d like to raise relevant points with some examples.
First I want to say that the last I want is to divide the community or cause excessive chaos. I present what I believe will give a superior user experience and public image. While marketing isn’t everything and perhaps won’t make or break Peercoin, I perceive a general underestimation of its value.
There will be drawbacks, and work to be done, probably issues, but we should move forward. We can handle disagreement, nobody is being attacked, we’re mature people in one of the best cryptocommunities, so let’s seriously consider what is best for the future of Peercoin. You’ll see this is more than “change for change’s sake”.
Parts have already been posted in the thread about integrating with Peercoin.net and forum software (post #26, #33, #41). The reason I create a new thread is because this post is very long, and to gather everything I want to say.
I hope it can be of value even if you don’t agree with the ideas. Nothing is meant to be criticising against the work of everyone involved, it has been great and all had its time.
“There is tremendous technical and sociological friction to change in any established community. Engage in serious discussions with your community about any such change well in advance. There needs to be broad dissatisfaction with the status quo and strong support for change from the community leaders.” — What is Discourse? | Discourse - Civilized Discussion
Recap of events
The whole discussion triggered the creation of an improved theme for PeercoinTalk. Follow the development in the other thread. It’s already available to select under Profile > Account Settings > Modify Profile > Look and Layout > Current Theme > url=https://www.peercointalk.org/index.php?action=theme;sa=pick;[/url], but I don’t think it’s finished yet. Now set as default theme!
It began with Sentinelrv mentioning in the chatbox he’d like us to integrate the forum with Peercoin.net and switch to Discourse. He’s since decided not to pursue this path.
I and others also rooted for new forum software about a year ago.
After I setup Discourse and PM:ed the three people that discussed it in the chatbox at that time, Sentinelrv had the idea to put the Peercoin.net menu in the Discourse menu bar and edited a screenshot plus set the colors of buttons and categories in line with Peercoin’s colorscheme.
I’ve since been working to give you the best impression of Discourse possible. We’ll see what you think of it.
Forum software
Alternatives I’m aware of:
[ul][li]Discourse: open-source and free of charge.[/li]
[li]XenForo: $140+ with one year of upgrades, and $40 per each additional year.[/li]
[li]Vanilla: $99+/month.[/li]
[li]NodeBB: Popular alternative to Discourse.[/li]
[li]Simple Machines Forum (SMF): our current software. Upcoming version 2.1 brings improvements. (demo of beta 1)[/li][/ul]
Discourse
[ul][li]Website[/li]
[li]About[/li]
[li]FAQ[/li][/ul]
At first I was admittedly a little intimidated by Discourse, but it really is a wonderful software after having familiarised with it. I understand most people are used to the classic forums, but I’m surprised by some’s perception that Discourse is complicated and makes it difficult to overview and follow threads. Quite the opposite in my experience!
If you’re used to classic forums like this one (SMF), phpBB, vBulletin, and the others, use the Categories view in Discourse. I’ve set it as default for Peercoin’s Discourse, but I think the ‘Latest’ view is more useful. Play around on NuBits’ Discourse!
I said in the thread a year ago that Discourse looks more radically different, but it’s basically just a forum that’s made with how people actually use them in mind.
Feature improvements with Discourse
We get a modern forum with all it entails. I recommend looking at their own examples at Discourse.org and the About page. They show it better than text explains.
[ul][li]Built for mobile, and is pleasant to use without users having to download an app or us purchasing a theme (not that $20 is much). Mobile view in SMF 2.1![/li]
[li]Automatically updating everything, real-time.[/li]
[li]Paste a link and it integrates the content into your post.[/li]
[li]Following a thread happens “intelligently” (with choice) and gives notifications.[/li]
[li]Linked topics. Break off discussion at any point.[/li]
[li]When returning to a thread you’re placed where you left to continue reading immediately.[/li]
[li]An editor that doesn’t cause hairloss during use. Explained after screenshots.[/li]
[li]Mentions. (Fuzzybear added a plugin for this to SMF) “Alerts” come in SMF 2.1, including Mentions integrated.[/li]
[li]Notifications through browser to desktop OS native ones.[/li]
[li]One search.[/li]
[li]Built-in mechanism for daily backups. Local and to Amazon S3.[/li]
[li]Simple upgrades by pressing a button. Good for urgent security fixes, “all software has bugs”. You may argue that software shouldn’t have write access to itself. It’s a trade-off that appears to make sense in this case.[/li][/ul]
There is simply so much that is better with Discourse than SMF. Sure, plugins and customisation can improve SMF to an extent, but we would have to maintain all that and it would realistically just not reach the same level. Even with the new upcoming version 2.1 while very welcome it doesn’t improve SMF that much.
Compare to an alternative which already has everything we want. Except the chatbox, yet!
The developers are very active and friendly. By the way @irritant, they’re open to a site-wide setting to disable the “?u=” appendage in Share links in case you didn’t see in the other thread. Someone would have to code it, though.
We could benefit from the Assistant bot written by woolly_sammoth for NuBits’ Discourse.
Found this about SMF backups: (emphasis theirs)
SMF's Admin section has a built-in database backup function. [b]Do not use it![/b] It does work in some cases, but not in others, so it should not be used, unless you have no other way to acquire the backup of the database.— http://wiki.simplemachines.org/smf/Backup
Continued after screenshots!
Screenshots
These are also available in an Imgur album. Live demo at https://talk.peercoin.se (registrations are disabled).
Discourse’s category view and currently the startpage:
Discourse’s welcome thread:
Sunny King’s Weekly Update thread:
I’ve since added the “Weekly Update #130” into the post like Sunny King does. Perhaps it’s there to simplify for people copying the whole update.
Discourse profile:
[size=14pt]Dark theme[/size]
Discourse categories in dark:
Discourse welcome topic in dark:
I implemented the dark theme with help of a thread at meta.discourse.org and it’s not perfect.
Unfortunately, there might not be a convenient way to switch between them per user preference. I recall seeing a way to set custom themes with a query string, but I don’t find it now.
Intelligent following:
Mobile view of Sunny King’s Weekly Update #129:
Editor
[ul][li]Simpler syntax for posts with Markdown, while still supporting BBCode that you’re familiar with in SMF.[/li]
[li]Browse the forum while writing your post.[/li]
[li]Autosaves so you may continue composing from another device (comes in SMF 2.1). Protects against loss in the event of browser crashes or power outages.[/li]
[li]Inline code snippets (example).[/li]
[li]Code syntax highlighting.[/li][/ul]
[code][code][/code] isn’t inline and [inline]isn’t implemented[/inline], neither is [c][/c].
Syntax examples
A list with BBCode in SMF:
[ul][li]Ice.[/li]
[li]Water.[/li]
[li]Steam.[/li][/ul]
Ordered with “list type=decimal”.
Lists with Markdown in Discourse: (asterisk (*) and plus (+) do the same)
- Ice.
- Water.
- Steam.
1. One
2. Two
3. ThreeHeadings with BBCode in SMF:
[size=18pt]Food[/size]
[size=16pt]Maize[/size]
[size=14pt]Popcorn[/size]Headings with Markdown in Discourse:
# Food
## Maize
### PopcornBold and italics in SMF:
[b]bold[/b]
[i]italics[/i]Bold and italics in Discourse:
**bold**
_italics_
or
__bold__
*italics*Super User reference for Markdown.
GitHub article with Markdown basics.
Creator John Gruber at Daring Fireball about Markdown and its syntax.
BBCode reference.
Relevant is also CommonMark (“A strongly specified, highly compatible implementation of Markdown”), but it’s not strictly what’s used in Discourse.
Spam
Discourse has powerful built-in countermeasures against spam.
The trust level system, rate limiting, plus more! Co-founder of Stack Overflow and Discourse about spam.
No need for captchas or questions. Discourse makes housekeeping quick and easy.
System requirements
Discourse is a [i]JavaScript[/i] application designed for the next 10 years of the Internet, so the minimum web browser requirements are high:[ul][li]Internet Explorer 10+[/li]
[li]Google Chrome 24+[/li]
[li]Firefox 14+[/li]
[li]Safari 5.1+[/li][/ul]We do officially support Internet Explorer 9, but some functionality will be unavoidably broken.
[ul][li]Mobile Safari, iOS 6+[/li]
[li]Mobile Chrome, Android 4.1+[/li]
[li]Mobile IE, Windows Phone 8 or later[/li][/ul]
— Discourse FAQ
We are building something futuristic here. NuBits’ discussion forum thrives “despite” running Discourse.
JavaScript
There has been concern the JavaScript requirement might exclude those surfing through Tor. It was mentioned also that Sunny King likes the chatbox because it’s accessible through Tor, but the chatbox requires JavaScript as well.
It’s possible to use JavaScript through Tor, so it’d be similarly daring to use Discourse as the current chatbox.
The argument may have some merit, but I think it’s thin.
Structural revamp
We currently have a list of services hosted at services.peercointalk.org.
peercointalk.org → talk.peercoin.net
wiki.peercointalk.org → wiki.peercoin.net
wallet.peercointalk.org – Paper wallet generator
blockexplorer.peercointalk.org vs Blockr and bkchain?
articles.peercointalk.org (broken)
vanity.peercointalk.org – Vanity address generator
phpcoinaddress.peercointalk.org
builds.peercointalk.org – Fuzzybear’s Peercoin builds
poscalculator.peercointalk.org – Proof-of-stake calculator
findstakejs.peercointalk.org – Determine when staking is likely to occur (broken?)
charts.peercointalk.org (slow)
I don’t want to be rude, but I find this messy.
Suggestion:
Branding
“PeercoinTalk” is established, and I agree it’s better we continue calling the forum that. It would reside on talk.peercoin.net. Perhaps lowercase the ‘T’ (I think this particular one looks worse lowercased, but I’m in favor of consistency).
Search Engine Optimisation (SEO)
“We already provide a special highly crawlable and SEO optimized Discourse for crawlers (in NOSCRIPT tags).” — https://meta.discourse.org/t/seo-compared-to-other-well-known-tools/3914/2
There are several more threads at Discourse Meta about the matter. Considering they (Jeff Atwood & Co.) created and run large websites like Stack Overflow, they have some credibility.
Regarding the current search results for PeercoinTalk.org, it will indeed take some time for the new forum to show up.
I’ve disabled indexing of the demo site in ‘robots.txt’.
Sitelinks – Applicable regardless of Discourse
“At the moment, sitelinks are automated. We’re always working to improve our sitelinks algorithms, and we may incorporate webmaster input in the future. There are best practices you can follow, however, to improve the quality of your sitelinks. For example, for your site’s internal links, make sure you use anchor text and alt text that’s informative, compact, and avoids repetition.” — Learn About What Sitelinks Are | Google Search Central | Documentation | Google for Developers
We do not seem to adhere to this on Peercoin.net in the menu:
[code]
…and even less at the bottom of the front page:
<a href="newcomers" class="btn btn-primary btn-lg">Get started</a>
[...]
<a href="investors" class="btn btn-primary btn-lg">Get started</a>
I assume from what Google says we should at least add a descriptive alt text to the ones in our menu. Perhaps also redesign the bottom to have the the links say “Newcomers”, “Investors”, and so on. I like how it looks—I think the site is gorgeous—but it might be possible to improve.
We can’t choose what to display there, but it seems we can make what does show up look good.
The dream would be to have something like this in Google Search:
Content
We have quite some content on PeercoinTalk. It’s organised well to the point it can, but it should be more visible and accessible. I’m not sure how much sense it makes to serve it on the forum, but it might. Discourse has a wiki mode for posts if that would help.
I think it’s a project to put time into. Decide suitable places to put knowledge and media that doesn’t fit on Peercoin.net itself and migrate content from the current PeercoinTalk. The wiki, I guess.
Wiki
Alternatives: (WikiMatrix comparison)
[ul][li]MediaWiki: open-source, proven by Wikipedia, good mobile view.[/li]
[li]Confluence: free for open-source projects.[/li]
[li]TiddlyWiki: open-source, JavaScript.[/li]
[li]MoinMoin: open-source.[/li]
[li]DokuWiki: open-source, mobile view.[/li]
[li]XWiki: open-source, mobile view. Compared to MediaWiki.[/li]
[li]SlimWiki: Beautiful, simple, but only WYSIWYG, their servers, and costly.[/li]
[li]Torchpad: Their servers, Markdown.[/li][/ul]
MediaWiki is probably the most sensible choice after all, which is what’s currently hosted at wiki.peercointalk.org. There is quality content on it, but we should brush the Main Page up. A transparent Peercoin logo should be in the upper left corner.
Important content
“EVERYTHING” you Need to Know About Peercoin - Important Links & Intro
Peercoins FAQ
New Members Please Read This First
Marketing fund
Marketing Fund Charter
Template for Submissions
Peer4commit
Peer4Commit.com (Create Projects & Raise Funds, Donate & Get Paid to Contribute)
Peerbox
[GUIDE] Create your own Raspberry Pi’s Peercoin wallet and Full Active Node
[ANN] Peerbox project
Peerunity
Peerunity v0.1.1 has been released
Mining
Guide for CPU and GPU Peercoin Mining on Mac OS X - Tested
Cgminer.conf example file for Peercoin mining
Trading & Exchanges
List of Exchanges accepting Peercoin (PPC) – Maintain one list, at Peercoin.net.
Fuzzybear PPC Escrow Service – This we want of course.
Bounties
Development Bounty Fund – Is this still active?
Marketplace
Primecoin
Quick Guide! - How to mine Primecoin
Logo files
Peershares Logos Files
Peerbox Logo Files
Peerunity Logo Files
Other
[Download] Peercoin-Raspi-Desktop 0.4.0 - Automated installer for raspberry pi
There’s more that’s deprecated, linking to different places, and should just be revised and put in one place.
Pinned threads from 2013. Today we’d recommend Peerunity?
url=https://www.peercointalk.org/index.php?topic=1104.0 Configuring Peercoin Proof-of-Stake Minting on OS X[/url]
Peercoin Proof of Stake Minting Setup Guide
Not that we need a new software to wrap this up, but if we don’t want to keep using SMF for the rest of the future, I think we better move sooner than later.
Users
Procedure:
[ol][li]Export users from SMF to “smf_users.tsv”.[/li]
[li]Securely transmit file to Discourse server.[/li]
[li]Disable emails in Discourse? How activate users without their interaction? Trust level![/li]
[li]Import all users possible to Discourse. (script)[list type=decimal]
[li]Read “smf_users.tsv”.[/li]
[li]Generate new password.[/li]
[li]Create user.[/li]
[li]Write list with username and generated password.[/li]
[li]Write second list with incompatible usernames.[/li]
[/list]
[/li]
[li]Securely transmit both lists to SMF server.[/li]
[li]Private message users their Discourse password, or ask them to create an account manually if their username is incompatible. (script)[/li]
[li]Freeze SMF and place an obvious pleasant notice explaining the situation with a link to the user’s inbox and Discourse.[/li][/ol]
Task: Export users from SMF.
Approach: Produce a tab-separated list consisting of the fields email_address, real_name, member_name from SMF’s MySQL database.
SELECT 'email', 'name', 'username' UNION ALL SELECT email_address, real_name, member_name FROM smf_members INTO OUTFILE 'C:\safe\directory\members.tsv' FIELDS TERMINATED BY "\t"I’m not familiar with how to run this on Windows Server, but under Linux one could do:
mysql -u <user> -p -e "SELECT 'email', 'name', 'username' UNION ALL SELECT email_address, real_name, member_name FROM smf_members INTO OUTFILE '/safe/directory/members.tsv' FIELDS TERMINATED BY \"\t\"" <database>Problem: Users with non-alphanumeric (plus underline) usernames can’t be migrated as Discourse chose not to support usernames like ▲ λ έ ξ α ν δ ρ ο ς. (might be a display name, but it would be valid as username in SMF)
Approach: Import all users possible, and create a list with those that can’t be. Send them a private message on PeercoinTalk telling them they’ll have to manually create an account, and include a link.
We could alternatively do it through the Discourse API, but I think that’s more work.
It is technically possible to make the PeercoinTalk (SMF) password hashes work with Discourse, but I advice against it because we would have to write custom security code (which must never be taken lightly) and maintain it with upgrades.
Server
I’ve set up Discourse at https://talk.peercoin.se. Registrations are disabled to avoid misunderstandings.
Please note it’s not the real Sunny King, but an account I made to show how it would look.
Currently hosted on DigitalOcean.
[ul][li]VPS with 2 GB RAM, dual-core, 40 GB, 3 TB traffic, and Ubuntu 14.04 LTS. Runs at $20/month. Scalable.[/li]
[li]Mandrill account for SMTP (email sending).[/li]
[li]SPF and DKIM records in DNS for Mandrill.[/li]
[li]webmaster@peercoin[.net] – forward necessary for some emails from providers.[/li]
[li]HTTPS/TLS.[/li]
[li]Automatic daily backups to Amazon S3.[/li]
[li]Discourse configuration, theming, and categories.[/li]
[li]Reply and create threads with email. (via Gmail)[/li][/ul]
I opted for a common setup (as per their guide) to avoid unnecessary complications. They now even have a Discourse application image making setup even simpler.
Our Discourse server would stay separate from the one hosting Peercoin.net for security reasons and in case any of them unexpectedly go down. A risk that remains is super3 who controls Peercoin.net being compromised and the DNS records being changed. I have a professional impression of super3, and considering the work he’s doing with Storj I don’t think this is a concern with much weight. Still valid of course, but we have to trust someone as far as I know. Perhaps Amazon’s Route 53 or similar has useful access controls.
Wildcard certificate (SSL/TLS) and security
Using one wildcard certificate on all servers is not a good idea. If one of the servers is compromised, the attacker can man-in-the-middle (MITM) people connecting to either of them.
Let’s say we host a calculator at calculator.peercoin.net and the server happens to have a security hole giving an attacker access to the wildcard certificate. We could assume for argument’s sake the private key is passphrase protected and thus would require its passphrase each startup. The attacker if savvy (and not technically prevented) may then be able grab the passphrase next time it’s entered and the same situation ensues. Intrusion detection would help, and the scenario might be unlikely, but why take this risk at all if we can avoid it?
Whichever way a wildcard certificate’s private key is acquired it grants the ability to pretend to be any subdomain of peercoin.net if in a position to MITM. It puts users at risk of downloading a maliciously modified wallet. We could simply use a wildcard certificate and not include the root domain (peercoin.net) as alternate name, get another certificate for the root domain and then host wallets only from there, but there is a better way approaching.
Furthermore, if Forward Secrecy is not implemented then all previous traffic between any of the sites and the users can be decrypted. It would of course require the attacker to have captured that traffic.
“some certificate providers, like DigiCert, allow you to create as many new wildcard certificates (using the same domain name) as needed for all of your servers, each with a [unique] private key.” — The Risks In Wildcard Certificates
That should prevent a compromise’s impact to other servers’ data transfers, but not impersonation (MITM).
The reason I mention it is because I noted this was the intention for PeercoinTalk.org and its subdomains.
DNSSEC would be welcome too. Some will claim what I ask is overkill and the situations are unrealistic, but we’re supposed to be secure and should glow with competency. Specifically DNSSEC might require too much work for the time being though.
Keep in mind I’m an amateur enthusiast, so I might be inaccurate or misguided in some statements.
Let’s Encrypt by Mozilla
Luckily, there’s a great option about to be released! Let’s Encrypt is an initiative by Mozilla to simplify TLS certificate management.
“Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open.” — https://letsencrypt.org/
“Let’s Encrypt CA is planning for general availability of its services in the week of November 16, 2015.” — Frequently Asked Questions (FAQ) - Documentation - Let's Encrypt Community Support
Administration
I’m hoping someone trusted with the time and energy can setup and manage this (Fuzzybear?). I previously said I could do it, but with better alternatives I’d rather not and perhaps shouldn’t. I’m still at least partially available if there’s demand, though.
I want to re-express my willingness to operate the Discourse server.
I’m strict with security, but you be the judge (some operational details) and I’m certainly not infallible. I’d be wary of anyone making the same claim, and I fully understand a hesitance to trust me with the responsibility of running the server and handle your personal information (email address, PMs, IPs, possibly full name). I have no references either. Fuzzybear has built up recognition and trust from running PeercoinTalk.
I’m rarely unavailable for longer than a week, and if I get this role a sort of hotline could be set up in case there is urgent need for action. I shouldn’t be the only one in control if possible.
I have a passion for this and happily work long hours to make everything excellent, but saving money or time should not weigh heavily as argument when picking such an operation critical person like system administrator.
All the current moderators would remain in charge of course.
You the community will have to wager whether I am trustworthy, competent, and reliable enough to take on this responsibility. I’m happy as long as the job is done well.
I’m public with who I am, whether this has value or even is disadvantageous is up to you. I would prefer not being a target.
Timing, and an alternative?
Assuming we decide to change, when is a good time?
On the NuBits forum there is a thread about creating a ‘Peershares master forum’. I’m not sure whether that’s relevant for Peercoin, but you should be aware of it.
Cheers,
Esko (jooize)
