That’s a good suggestion :)

How to solder off a tiny button without equipment:

Turn it into a giant solder ball. No, really, keep adding solder until the entire thing is one molten goo, covering all the legs. Then they detach at the same time.

How to solder on a tiny button:

No idea, I fucked it up 🤪

I did my rounds a year ago with Go and JSON. I think there’s some validation that’s very heavy and cannot be disabled. Perhaps utf-8 char checks.

Turns out it's a bug in the yubikey[.]rs library. It was reported 1.5 years ago, there's a patch waiting to be applied :)

Long story short, seems Rocket.Chat is the only project which actually got user authentication right (for my needs, your mileage may vary).

I'm certain I'm going to hit some snags, but it looks good for now 😊

Kudos for AmpCode for generating all the deploy code for me 🙌

Seems we have a winner!

It's not as shiny as @discord.com , but it seems a solid start for my purposes, and syntax highlight / file upload wise it's not limited vs. Discord.

Compared to Mattermost, the free tier is up to 50 active users, so I'm good for the immediate future.

Ok, there's a GitHub OAuth login. That's good!

It actually has vetting: oauth users need to be approved after signup, before they are let in!!

It can run with 0 local users, only GitHub OAuth, the site admin included!!!

It's a horrible mess out there! And then I dawned on Rocket.Chat.

Had AmpCode nuke out my 12h Mattermost & Postgres work and pop in RocketChat & MongoDB. Took 1-2 iterations, but for the most part it one-shoted the entire Ansible deployer.

Moment of truth...

All in all, after trying a gazillion hacks I just gave up on Mattermost. It's just a ticking time bomb.

So I was looking for alternatives:
- Slack doesn't auth GitHub
- Teams is not gonna happen
- Discord is overrun by scams
- Gitter was killed by Matrix
- Matrix does not GitHub

You *could* pre-create users to fake "inviting" them: you can do that via the API or via the CLI. On the user admin page you cannot actually *create* a user. Not implemented, sorry.

Mattermost pushes you towards the heavy corpo solution where you maintain your own ID provider.

If you enable OAuth form a provider (say GitHub), then you just permitted anyone on the internet with a GitHub account to log into your Mattermost instance. There is no mechanism to approve accounts, no mechanism to limit to orgs, no mechanism to even invite them individually.

I'm unsure what's the reasoning, probably some dispute or weird power-play. You *can* actually configure "log in with GitHub", it will just still display the Gitlab logo and label. WAT?

But lets ignore the sugar coating and look at the weirdness of it: you cannot vet users!

Hetzner worked wonderfully, kudos all around. Then came
Mattermost and me wasting about 12 hours of my life...

It's... not friendly. The thing that finally broke me is the (non-existent) GitHub OAuth integration for single-sign-on.

MM supports OAuth2, but hard codes GitLab. 🤦

But they did ack my account before I could properly set up
@digitalocean.com , so I stayed with Hetzner.

I really didn't want to manually maintain a server, so I had AmpCode generate the terraform stuff. Hey, never did it in my life, gotta start somewhere.

Luckily it was invented after ships! 😅