I found myself writing code again

I'm still not a hundred percent sure why or if it's ever okay to build technology, but somehow I found myself engrossed in it again. Maybe I can ask for some help on where to go from here, since I've been going against my previous intuition and keeping this one off github so far.

Anyway, so 2020. I still don't even know what to say that's relevant. I had some energy to walk around my city carrying protest signs earlier this year, and then I had to really focus on getting my house ready to accommodate a new roommate, a friend who lost their job earlier this year shortly after the pandemic took off here.

Since my friend moved in, I went through a period of time doing lots of work on the house, and trying to edit video but not actually finishing anything that I felt like sharing. I have been doing a bit of  video streaming this year, but the electronics projects hardly feel relevant at the moment.

The current project started when my housemate and I started talking more about decentralized video. I'm still running Diode Zone, and although I've been posting pretty rarely myself it's been nice seeing folks upload their own work. I'm still fairly dissatisfied with a lot of the technical aspects of PeerTube as a video server, and sometimes I think about building my own storage backend which would have some nicer decentralization properties, and support streaming video and streaming transcodes. Anyway, housemate and I had some conversations about it, and it left me feeling more motivated to work on the backend parts of a new peertube-compatible decentralized video server, and them more motivated to work on the design and frontend parts.

So, I did a bunch of research... and started trying existing projects... and reading code... and writing code... and now I find myself building a thing that's trying to be a stateless decentralized media server thing that is compatible with IPFS storage, written in Rust. So far my proof-of-concept will ingest a live stream from something ffmpeg understands, and a couple times a minute it will publish a "file" that is reachable via IPFS with an HLS video playlist and an HTML player that streams the video over IPFS.

That's the main big piece of code I have that I haven't published. It's starting to feel like it would be useful to stream or interact or something but I'm also not really sure how to do that intentionally and I'm wary of doing it unintentionally.

This also led me off on a sub-project within the media server, to try and find or make an easy to use sandbox that you can throw specific builds of ffmpeg into, in an attempt to do transcodes that are reproducible, and also more secure against 0days in the video codecs. I already have a version of this working using the "podman" container runtime, which is like a lightweight version of docker that runs the same images. Then I started looking for a way to make it work nested inside of the additional container image that folks will likely want to run or develop my video server inside. There are other options, but I think the most compelling option is to have a sandbox which requires very few privileges or OS features, like what you'd find inside a web browser. I'd want a sandbox that I can just construct as a library from a rust program, and hook some I/O pipes up to.

At this point I think the closest off-the-shelf project for that is gvisor, and it's possible I'll want to use or modify that in some capacity... but while I was waiting for some gvisor folks to get back to me about running it without kernel namespace support, I started hacking on my own thing.

So, now I've got another repo full of experimental rust code... it doesn't quite boot yet, and I fear it will still be a bit more work before it does, but I've got a lot of the components in place. It's a rust library without runtime dependencies, that works inside docker, which will download another docker container from the registry into a local cache, unpack the file metadata into a cached read-only in-memory filesystem while mapping the data right out of the object store. It creates a new process that runs a small built-in ptrace based system call emulator. And I'm just barely starting to emulate system calls. I have about half of an inter-process communication system built for getting messages between the ptrace based emulator thread and the outside world. I think the overall security properties are similar to the stripped down version of gvisor that would be possible to run inside docker, but I think I can make it much smaller and simpler and more convenient for simple use-cases like mine. Anyway. It feels like it's still too early to release but too late to give up on.

Computers are bad, really, but writing Rust is kind of nice. It doesn't feel depressingly google-ified like much of computing has become, and the community around it is quite nice, from what I've seen.

Let me know what you would like to see from me at this point. Thank you for everything.