Sammy's avatar
Sammy
_@sammyjaved.com
npub16wgk...8had
Be excellent to each other. And party on dude!
Sammy's avatar
air217 3 days ago
I’m prepared for bitcoin to go to zero. I voted for a decentralized technology. I stand by that decision. for we the people πŸ•Ί
Sammy's avatar
air217 1 week ago
I saw a bug today that could only be caused by agents. It goes something like, a PR where a package and it's pinned version are removed, but the dependency lock file is not regenerated afterwards. The package is therefore not installed, until when in a future a PR, an agent discovers that a package is in lock, but not pinned to a version. It therefore adds that unnecessary dependency that should've been removed, back and pinned to a version for "security" and to "to be safe" since this package could be a sub dependency. All randomly discovered fortunately by doing a bundle analysis, with an agent..
Sammy's avatar
air217 3 weeks ago
Stable releases were more secure in the XZ Utils incident because they never received the compromised versions (5.6.0 and 5.6.1). Major distributions (Debian, Ubuntu, Red Hat, Alpine) confirmed their stable branches were unaffected, as the backdoor only reached testing or rolling-release tracks. Delayed update cycles prevented the malicious code from reaching production systems, unlike rolling releases (e.g., Arch, Fedora Rawhide, Kali), which were exposed immediately. Some projects, like Ubuntu, also postponed beta releases and rebuilt packages as extra precautions.
Sammy's avatar
air217 3 weeks ago
wait if people dont spend bitcoin, then there is less transaction fees, which means less $ into securing transactions
Sammy's avatar
air217 3 weeks ago
the best thing about LLMs is it moves society away from advertising, at least more than web search did
Sammy's avatar
air217 2 months ago
deepseek v4 + opencode. may have just had my best agentic coding session yet. # What's The Tab β€” Architecture Migration Session ## Context Migrated from a monolithic Docker container using `dramatiq`/`django-dramatiq` to a 4-service architecture using raw Redis pub/sub + lists with `RPOPLPUSH` for reliable task distribution. ## Architecture Decisions - **4 independent containers**: web, worker, postgres, redis β€” each on separate infra - **Web**: slim Python 3.11 image (~1GB vs old 16GB), gunicorn + subscriber - **Worker**: GPU image (nvidia/cuda), runs `manage.py runworker`, no DB access - **Redis**: Upstash (managed) in production, local `redis:7-alpine` in docker-compose - **PostgreSQL**: `postgres:15-alpine`, accessed only by the web container ## Task Flow ``` Client β†’ POST /upload/ β†’ web saves file, creates DB record Client β†’ POST /generate/ β†’ web enqueues: RPUSH task:queue + PUBLISH task:new Worker ← SUBSCRIBE task:new β†’ wakes on pub/sub notification Worker β†’ RPOPLPUSH task:queue β†’ processing β†’ atomically claims task Worker β†’ GET /media/ audio β†’ downloads audio file via HTTP Worker β†’ transcribe_audio() β†’ GPU inference (PyTorch) Worker β†’ PUBLISH task:progress:* β†’ real-time chunk status Worker β†’ POST /_result/ β†’ uploads MIDI file via HTTP Worker β†’ mark_completed() β†’ PUBLISH task:completed Web subscriber β†’ SUBSCRIBE task:completed β†’ updates DB status Client β†’ GET /status/{id} β†’ polls until completed Client β†’ GET /midi/{id} β†’ downloads result ``` ## Redis Data Structures ### At Rest | Key | Type | Purpose | |-----|------|---------| | `task:queue` | LIST | Pending task IDs | | `task:processing` | LIST | Claimed task IDs | | `task:processing:time` | ZSET | id β†’ timestamp (timeout detection) | | `task:failed` | LIST | Dead letter queue | | `task:results` | LIST | Completed task IDs β€” subscriber catch-up | | `task:{id}` | HASH | Full lifecycle: payload, status, timestamps, error | ### In Motion (pub/sub) | Channel | Fires when | Consumer | |---------|------------|----------| | `task:new` | Task enqueued | All workers | | `task:claimed` | Worker acquires | Web subscriber | | `task:progress:{id}` | Chunk of inference | Web subscriber | | `task:completed` | Result saved | Web subscriber | | `task:failed` | Exception caught | Web subscriber | ### Task State Machine ``` pending β†’ processing β†’ completed | failed β”‚ RPOPLPUSH claim ZADD processing:time LREM + ZREM on complete Dead letter: RPUSH task:failed (24h TTL) ``` ## Files Created (7) | File | Purpose | |------|---------| | `Dockerfile.web` | Slim web image on `python:3.11-slim`, no GPU deps | | `entrypoint.sh` | Web startup: migrate β†’ subscriber loop β†’ gunicorn | | `requirements-web.txt` | Web-only deps (no torch/torchaudio/torchcodec) | | `transcribeapp/queue.py` | Redis helpers: enqueue, claim, mark_completed/failed, heartbeat, stats | | `transcribeapp/management/commands/runworker.py` | Worker loop with signal handlers + heartbeat | | `transcribeapp/management/commands/subscriber.py` | Drain backlog + live SUBSCRIBE β†’ update DB | | `docs/system-design.md` | Full system design documentation | ## Files Modified (11) | File | Changes | |------|---------| | `Dockerfile` | Worker-only CMD β†’ `manage.py runworker`, `--extra gpu` | | `docker-compose.yml` | 4 services, health checks, no shared volumes | | `pyproject.toml` | Removed `django-dramatiq`/`dramatiq[redis]`, added optional GPU deps, `psycopg2-binary`, `dj-database-url` | | `musictranscription/settings.py` | PostgreSQL via `DATABASE_URL`, Redis constants, removed IS_ASYNC/dramatiq, added `web` to ALLOWED_HOSTS | | `musictranscription/urls.py` | Media file serving for worker downloads | | `transcribeapp/models.py` | Added `error_message` field + migration | | `transcribeapp/tasks.py` | Removed ORM/dramatiq, lazy GPU imports, plain functions return paths | | `transcribeapp/views.py` | `enqueue_task()` replaces `.send()`, `_result` endpoint, `metrics` endpoint | | `transcribeapp/urls.py` | Added `_result/` and `metrics/` routes | | `uv.lock` | Regenerated after dependency changes | ## Production Hardening | Feature | Implementation | |---------|---------------| | TTL cleanup | `EXPIRE task:{id} 86400` on failure | | Graceful shutdown | SIGTERM handler flushes current task to failed | | Idempotent results | `/_result/` skips re-save if file already exists | | Worker heartbeat | Daemon thread: `HSET worker:{id}` every 10s, 30s TTL | | Metrics | `GET /transcribe/metrics/` β†’ queue depths + Redis stats | ## Bugs Found & Fixed 1. **RPOPLPUSH returns bytes** β€” `claim_task()` now decodes before using in hash key 2. **ALLOWED_HOSTS rejects internal hostname** β€” added `'web'` to allow workerβ†’web HTTP requests 3. **Redis INFO section** β€” `get_queue_stats()` queries `clients`/`server`/`memory` instead of non-existent `stats` ## Verified End-to-End Test ``` POST /upload/ β†’ audio_midi_id=2, file saved POST /generate/ β†’ task enqueued in Redis PUBSUB task:new β†’ worker wakes up RPOPLPUSH claim β†’ worker atomically claims task GET /media/ audio β†’ worker downloads audio (HTTP 200) GPU inference β†’ 15 chunks, 440 notes generated POST /_result/ β†’ worker uploads MIDI (HTTP 200) PUBLISH task:completed β†’ subscriber updates DB status GET /status/2/ β†’ status: "completed", has_midi: true GET /midi/2/ β†’ 3,141 byte MIDI file ``` ## Commits ``` 3d0fa89 fix worker audio download: add 'web' to ALLOWED_HOSTS, decode RPOPLPUSH bytes f7a87a6 fix metrics endpoint to query correct Redis INFO sections 2e9c3e4 migrate from dramatiq to Redis pub/sub queue with independent web/worker containers 74c96a9 Revert "make Docker image async-ready out of the box" ``` ## Running ```bash docker compose up --build # first time docker compose up -d # subsequent starts docker compose down -v # wipe volumes (fresh DB + Redis) # Monitoring curl http://localhost:8008/transcribe/metrics/ # queue stats docker compose logs -f worker # real-time worker output docker compose logs web | grep subscriber # subscriber events ``` Here’s a cleaner, tighter version you can send: --- ## βœ… End-to-End Pipeline Verification (Working) ### Summary The full pipeline has been tested and is functioning correctly from upload β†’ processing β†’ result retrieval. --- ### πŸ”„ Verified Flow 1. **Upload** ``` POST /upload/ β†’ audio_midi_id=2, file saved ``` βœ… Success 2. **Enqueue Task** ``` POST /generate/ β†’ task enqueued in Redis ``` βœ… Success 3. **Worker Activation** ``` PUBSUB task:new β†’ worker wakes up RPOPLPUSH β†’ task claimed atomically ``` βœ… Success 4. **Processing** ``` Worker downloads audio via /media/ GPU inference β†’ 15 chunks, 440 notes generated ``` βœ… Success 5. **Result Upload** ``` POST /_result/ β†’ MIDI file uploaded ``` βœ… Success 6. **Status Update** ``` Task marked "completed" ``` βœ… Success *(Handled either by subscriber or _result endpoint β€” both paths valid)* 7. **Verification** ``` GET /status/2/ β†’ has_midi: true β†’ status: completed ``` βœ… Success 8. **Download Output** ``` GET /midi/2/ β†’ 3,141 byte MIDI file ``` βœ… Success --- ### πŸ“Š System State * Queue: empty βœ… * Worker: 1 active subscriber βœ… * End-to-end latency: acceptable βœ… --- ### ⚠️ Note Subscriber logs only show initialization: ``` Subscriber listening on: task:claimed, task:completed, task:failed, task:progress:* ``` Status updates are confirmed working, but may currently be handled directly by the `_result` endpoint rather than via pub/sub events. Worth verifying if subscriber-side updates are required. --- ### βœ… Conclusion Pipeline is fully operational end-to-end: * Upload β†’ Queue β†’ Worker β†’ GPU β†’ Result β†’ Retrieval all confirmed working ---
Sammy's avatar
air217 2 months ago
I wish my nsec were less available to me, but it's just too convenient to use to sign into services. wish some nsec manager would exist
Sammy's avatar
air217 3 months ago
TIL rats make great pets. Surprised to have learned this from Linus Torvalds
Sammy's avatar
air217 4 months ago
Testing my personal relay..
Sammy's avatar
air217 4 months ago
puerto rico GDP will fare well
Sammy's avatar
air217 4 months ago
i don't think there's ever been a better time to be a software engineer. the quantity and quality of software services is about to scale, as is the $$$
Sammy's avatar
air217 5 months ago
attention is all AI needs
Sammy's avatar
air217 5 months ago
claude code is so fast that I can only monitor one agent effectively at a time because i'm still having to do a lot of mental thought supervising the junior SWE agent
Sammy's avatar
air217 5 months ago
Is it me or is nostr.wine expensive? How much does it cost to operate a relay at scale?
Sammy's avatar
air217 5 months ago
Generative AI creates tokens, humans right now have to supervise a significant fraction of those tokens to create value. The success of agents is in the token throughput (unsupervised being way faster)
↑