Episode: 3808
Title: HPR3808: Funkwhale A social platform to enjoy and share music
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3808/hpr3808.mp3
Transcribed: 2025-10-25 05:46:25

---

This is Hacker Public Radio Episode 3,808 for Wednesday the 8th of March 2023.
Today's show is entitled, Funkwell a social platform to enjoy and share music.
It is hosted by Ken Fallon and is about 61 minutes long.
It carries a clean flag.
The summary is, Ken interviews Keuron Ainsworth about Funkwell that lets you listen and share music.
Hi everybody, my name is Ken Fallon and you're listening to another episode of Hacker Public Radio.
Today we're going to have an interview, a chap that we met at the Fostem, at the Fostem,
so yes, come over to the HPR booth and that would have a chat.
So, can you introduce yourself, tell me who you are and where you're from?
Yes, my name is Keuron Ainsworth, I'm known online as SPARF and I am a technical writer from England
currently living in Berlin.
Here in the Irish ancestry there in the background somewhere?
Yes, Irish ancestry and Welsh ancestry.
Oh, very good.
Elves, Elves is strong on this one.
Yes, very Celtic, a little bit of French in there somewhere as well.
So, you know, no part of me likes the English part, let's put it that way.
No, no, no, it's fine, it's fine.
You had no passport?
No, no, unfortunately, all too far out to get the European passport,
that's why I moved here, it was to sort of rejoin myself.
So, you're in Germany now, so does that mean you can travel anywhere within Schengen?
Yes, so I have a visa that basically enables me to travel freely in the EU and yes, Schengen.
And my British passport does still obviously get me anywhere that isn't Europe perfectly fine,
so yes, but it was important to me to get the sort of visa so that my sort of travel within
Europe was unrestricted.
And of course, you can still travel to Ireland without anything
movement area.
Yeah, I mean, I think, I don't know about, I actually never looked into traveling to the
Republic, but certainly on my British passport, of course, I can just get into North and then
travel down and there's no restrictions.
Yeah, you don't even need the passport, just like an energy bill or something.
Yeah, exactly, just weird make-way, you know.
Yes, I'm back.
Yes, so we've had a lot of people.
Okay, so you were, we were talking actually and you followed up with some suggestions,
we were handed out leaflets for the free culture podcast that we were trying to gather.
As many shows as possible that were released under the free culture license,
and we followed, you recommended the VST now.
Yes, yeah.
So, a show I listened to a lot, I was a little bit surprised because I sort of,
I'm friends with a few people from a few other podcasts on your network, such as
Bugcast and Linux ads and things like that.
And I listened to BugBSC now a lot and I was like, oh, it's interesting that they aren't
sort of represented, but then as long as it's a license issue more than anything.
Yep, and actually due to, I already had pinged them back in September,
when you were going to post them.
And I pinged them again since, and it looks like they've agreed to release under a
Creative Commons license, albeit a non-free one, but something's better than nothing I'm guessing.
Okay, well, yeah, there we go.
Some good game with that.
Yeah, exactly, exactly.
Yeah, yeah, I did ask, you know, the non-convertial one, like,
you know, could you not opt-as, you know, but you're really going to be,
are you really going to make so much money from the commercials, you know?
Because anybody who's going to steal your stuff is going to steal your stuff.
And yeah, good luck trying to get my team of crack lawyers from an
yeah, international, international copy-ride case on onions,
trying to point that stuff.
It's very in keeping with BSD, though, isn't it?
Like, obviously with Linux, the whole thing is, you know, if I released it freely,
you've got to release it freely, whereas BSD, it's more, I release it freely, do what you like.
Yeah, I want to do commercial stuff, go for it.
Yeah, but the BSD license, and I was given this example to the one person
who didn't know the greater commons license.
So I'm familiar with the, you know, the BSD licenses and the MIT and the
PPL. So yeah, well, I would have ranked, like, you've got the public domain stuff,
is CC zero, and then CC, so CC just greater commons by would be a BSD license, I would have thought.
So you can do what you want.
You, there's no requirement in you to, no, we're not preventing you from sharing it.
We're not preventing you from reusing it.
We're not preventing you from doing everything.
The only thing is you have to get credit.
That's a BSD license, I would have thought.
Yeah, I could say that.
Yeah, I'm not, I'm feeling that directly from the creative commons website, so.
Well, you know, it's, it's whatever, if, you know, they were previously releasing it under no license,
so all that just was copyright Alan.
So, you know, anything is, like you say, anything's better than nothing.
And yeah, it's, it's just nice to be able to get in touch with people.
It's encouraging that you can just get in touch with them and talk to them.
And it's great that they did release it.
Well, great thing is a few people have come back to me,
no, you're wrong there.
When I say, you know, if you don't release it under a credit commons license by default,
um, it's my default copyright all rights reserved and then it falls back to whatever website.
So, the terms and conditions of the website that you download in the front.
And a lot of people are saying, no, that's not correct.
But definitely you can download and share and that's all fine.
And I'm going, I don't think so, but then again, I'm not a lawyer, so I'm trying to get
a follow-up, but that's not why we're here.
That's not why we're here.
We're here because of Honk Whale.
Tell me about Honk Whale and why we're talking about this.
Yeah, so, Honk Whale is a project that I sort of work on outside of my job.
It was started originally as a one person project by Agap Berrio back in 2015.
And basically, she originally devised it as a self-hosted free software alternative to
Groofshark, hence the name Honk Whale. It's a play on the title.
Sure. What's that?
Oh, it was, it was a sort of music streaming platform where you could build radios and playlists
and that kind of thing. I believe you just uploaded your content to it. Like, I don't think they
hosted themselves. It was kind of just a tool kit for building things, although I'm not entirely
sure, because it was extinct by the time I came to look at it. But Wikipedia says.
Wikipedia says, well, word-based music streaming service owned and operated by escape music.
Users could upload it to the radio files streamed and organized and playlists.
That's exactly what I thought it was. So, that was originally the use case for Honk Whale,
as well. It was basically, it was a place for Agap to upload her music onto her own server
and play it back and organize it into playlists and all that lovely stuff.
And over time, other people picked it up and were sort of like, hey, this is neat. I like
having this, you know, the ability to listen to music from wherever. And they started asking
for more things like multiple users and multi-accounts and then multiple libraries per user,
the ability to share music. And over time, it kind of snowballed into this thing where eventually,
it basically gained activity pub support and became a federated platform,
which is quite an interesting little challenge.
Works outside of like, you know, micro-blogging, which is, you know, activity pubs,
bread and butter, really. You start getting into the into the Wild West of what activity pub can
actually do. So, peer-tube does video and cast-apopt does podcasts and funquels does music and we're
all sort of there going, how do we make this work? How do we federate these things?
And it's been a sort of a wild ride. I joined the project sort of back in 2018.
At the time, I had been using Spotify quite a lot. And weirdly enough, I think the reason I stopped
using them was because they removed, they might be Giants album that I had in my collection.
Like, for some reason, it wasn't accessible. I remember writing to the he might be Giants on Tumblr
and asking them, do you know why? This is gone. And John Lennell, and John Flanzberg actually responded
like, ah, it's not our thing. That's our, you know, that's our record label. We don't do that.
So I was like, okay. And I kind of realized, well, I have this big CD collection, lots of MP3s.
I should really just like host my own music. So, I was learning Docker at the time because I wanted
to, I was going into Sys Admin work and I'd recently started hosting Masterdom and was looking
for something to host a music on. I came across all the sort of usual suggestions like your
rampatchy and things like that. And at the bottom of a random Reddit thread, somebody said,
hey, how about Funquale? It's, you know, activity pub driven and it does all this stuff. And I was
like, oh, that's great because I'm running another activity pub thing. I'm running a Masterdom
server. Great. So I went to try and install it and I failed miserably. It just went orderly.
So I went into the chat room and I was like, help. And I got actually picked up my case and
started talking to me. It took me through the install process. Over time, I started helping other
people. And then I basically said, well, you know, the reason is going so badly for everyone is
because the documentation needs work. And I often to go and do that. And then over time, I also
started picking up, you know, front end bugs and eventually some even API bugs and stuff like that.
And kind of just worked my way into the project over time through sort of sheer contributions
and things like that. And nowadays, I spend most of my time on documentation. So we spent the last
year sort of reworking everything, which includes a complete rewrite of the documentation from scratch.
So it's been a sort of an interesting journey into the sort of open source field.
Considering I came from absolutely no technical background at all, it's been quite a pleasant
journey. I must say, the website here is excellent. I shouldn't do this when I'm doing interviews
around the website and start getting involved in the project, but it is, it's very, very well,
very clear. It looks, I just described it for our, our, none, what do we call them? None,
full-time people, like, my craze of this world, who has vision impairment.
So the website itself, isn't it just via the website, or can I, so what am I doing? I've got
my black paws. I'm hoping the flag will be supported. I put it on my fun quilt server here in my
house and I open up new ports with my firewall and button boomerick and share my music when I'm in
work. Yeah, yeah, absolutely. So basically, there are really two component parts to fun
quail. There's the API and there's the web app. Yeah, most people, when they think of fun quail,
they think of the web app, but really, the API is the, is the thing, you know, it's the,
the actual app behind it. Yeah, I mean, it's, it's basically something you can put onto a server,
can run on anything from a Raspberry Pi app. And you can store your music on, on there,
using either just a simple hard drive or S3 compatible store and sort it into libraries.
You can then share those libraries with other people, or you can make them public if it's sort of
creative, common, creative, common audio or freely licensed audio. And you can even publish
music or podcasts directly onto fun quail, which people can then follow, like a mastodon account,
like a channel, as we call them. So you can be on mastodon and you can follow a fun quail channel,
and when somebody posts a new episode or posts a, you know, a new track, you will get that in
your feed and you'll be able to listen to it. So yeah, it does, it does a few things. The project,
if you're looking at the website right now, is very different from, from what it once was.
This last year has been a lot of refactoring and sort of upgrading everything,
including a complete rewrite of the, the web app and lots of cleanup on the back end.
And Giorg, who is our sort of technical maintainer, is currently actually rewriting this website,
because it's, it's a bit of a heavy site, it's written in view, which is the same as the web app,
or fun quail. And we don't need that for a website. So it's currently just being rewritten as a
nice pretty static site, which was designed by our designer Matthew. Very good. So the websites,
it's all looking at the screenshots of the application. You got my account,
settings, notifications, logouts, which you'd expect browse library, favorites, play this,
and add content, yeah, fair enough. And administration, a few things there that you'd expect to
download on the bottom left hand corner. We've got your typical album art with a hard sign,
the name of this track, album and artist, and your play controls, obviously, somebody's play.
And in the main window, we've got a person I presume is loved in, Lee Rosenberg. That's an artist.
That's an artist, okay? Yeah. They've got 187 tracks and 28 albums. And then we got start video,
play all albums, search Wikipedia, and embed uncle, albums by artists, music inspired by, then we've
got four different roles, four different albums available for me. Yeah. It's an interesting
experience looking at this screenshot, because it's quite an old one and a lot has actually changed
before, like this last year at work. So the bottom left player is now basically a player bar
along the bottom, which you can pop up into a full screen player, which is the album art and stuff
like that. The left hand side bar and a lot has changed there. The queue is now a virtual queue inside
the sort of collapsed play bar. So a lot has changed since then, but a lot more is going to change
in the future as well. So it's a bit of a snapshot of history at this point in time,
we'll be trying to update. Up at the top of Godbrows, albums, artists,
radios, and playlists. So I can just search my media there. Yeah. So there's a search bar in the
top left corner, which basically performs a quick search, and we'll return results, matching albums,
albums, artists, and sort of tracks. But then there's a full screen search as well, which you can
go into to do more sort of in-depth search on particular things like podcasts or albums or artists.
Right. So what does this, I am no intention of installing this just by the way.
I'm going forward to the next weekend, but I'm really good for the game.
So it'll run on a Raspberry Pi and I've got a lot of music, a lot of CDs that are on in
Plac format, but the method is all over the shop. So what happens there?
So we actually, let's go back. So I'm going to, what do I need to say I have a Raspberry Pi
and one terabyte hard drive with my music in all sorts of directories. Then what do I do?
So if you want to basically leave all of that music kind of where it is,
you can do what's called an in-place import. So you can basically, as long as the directory is
visible to the server, you can basically say import in place. And all that does is it says to Funquale,
just take a note of where these tracks sit in the sort of file system. But move them, don't do
anything with them, just reference them there. And then when I click play, that's where you access them.
You can also do, yeah, you can also do like an import where you actually basically
copy the files in from another place. Or you can just drag and drop files from your local hard drive
onto your server through the web interface and upload them that way. So it depends where it is,
but yes, you have options for in-place imports and things like that.
All three covered. Excellent. Okay. Yes. As for tagging.
How do you install it, by the way? How do you install it? Well, we've got a few ways to install.
So the two sort of simplest ways are we have a quick install script where basically you run the
script and you point it at a server and it goes and basically installs everything for you,
assuming a sort of a devian-based server. So it gives you some options like do you want to install
a reverse proxy, do you want to set up all these different things and then it just installs the
software for you. The other way to do it is to run sort of a Docker compose sort of setup,
which is how I run it, which is just a very sort of straightforward, we ship a compose file,
you basically just make the relevant directories and then run the compose file and it will create
the relevant sort of the Docker containers for you. Yeah, there are also guides available for,
so you can install it directly on Debbie and yourself if you want to. You can also,
somebody maintains a arch installation, instructions, there's why you know host or you know host,
if that's your fancy. So there's a few different ways to install it.
What's the underlying technology PHP or? It's Vue.js, so that's our front-end framework.
It's a, it's basically a JavaScript framework for creating single-page applications,
so with Funquale, you want certain things to remain on screen at all times. For example,
the player, you don't want that to disappear when you sort of go to another page,
so it's a single-page application, it will reload the stuff that you ask it to,
and it will leave the stuff that's currently doing something in place.
And then on the back end, it's Django Rest Framework, so that's Python-based.
The database that we sort of support is Postgres SQL and Postgres SQL, I guess some people say
to me, it's not SQL. I used to be a SQL administrator, I called it SQL this whole time,
nobody told me. And yeah, it also uses Redis for some caching and task management stuff,
specifically to do with Federation. So to, in order to sort of process lots of different
Federation tasks, we have a queue set up by Redis, which then sort of fires them off at the API,
or Fetchers Data from the database, or something like that. So it allows you to keep running things
smoothly, while it deals with the ins and outs of a federated service.
Cool, and that website is ujs.org, so Victor, Uniform, Echo, ULS, Sierra.org, or org.
Yeah, it's a very popular framework at the moment, and it's going from strength to strength
with its new sort of newly-rood sort of new sort of focus on VIT, which is a very fast sort of
JavaScript compiler and things like that. So they really go from strength strength at the
moments, and we recently moved from View2, which was their previous sort of major release to View3,
and from JavaScript to TypeScript. So basically Casper, who's one of our sort of contributors,
developers, took on that Herculean task pretty much single-handedly, and I don't envy him for
it at all. It was a lot of work, like every single front-end file had to be changed.
Right, so now I have the thing installed, presumably I go to a webpage and create an account
and log in. Yeah, so during the install process you will create a super user account,
that's done with a management script. So you create an admin account, and when everything is set up,
you can go to your sort of web frontend. So in my case, I have Tanuki Tumes, that's my front file server,
and I could just log in and then basically I land on a brand new. So you'll just land on a blank
page with nothing, and you'll be prompted to upload some content. And you have three options for
how you want to load content. Basically, you can upload things like your personal content,
your CD collection, or the stuff that's on your server. You can upload those into libraries,
and each library has sort of three possible privacy settings. So there's sort of private,
which means over you and people that you directly invite to see the content can actually listen.
There's instance only or local, which means anyone who has an account on your instance can see it
in player, and then there is public, which means everyone, everywhere, all the ones.
So you can sort your music, depending on how you want to do it. So for example, I have a
very big private library. I mean, it's very big by my standards. It might not be you by your
standards, but it's about 16,157 tracks. And then I have a creator commons library, which is about
1,000 tracks. And that one is public so that everyone can listen to it, share it, have it open
air pod, have it on my pod. And then the private one, obviously, it's just for me, and a couple of
friends. So do you? Okay, I'm thinking of this very practical things here, actually, because
my kids have got, everybody's got their own taste and music and stuff. And my daughter now works.
And she has a, the alternate switching scene here and being in the town where she works.
So I could have a library and then have just a sign that library to her. And then she could,
yeah. So you can share it with her. So you can, you can make the library and then you can,
basically, you get a sharing link with that library. You can grant her access to it as a private
library. And then basically when she says, yes, I'd like access, you just prove that to make
sure that everything is in order. And then she's able to access everything in that library.
A lot of where I'm going with this is, you know, will the FBI knocking on my door when
I start using funquil, which is from the frequently asked question. Yeah. Yeah.
Yeah. And I mean, you know, obviously don't publish and publicize music that you don't own
the copyright to. That's that's kind of where this comes down to. Sharing content, sharing music
is something that, you know, people do and always have done. Most of my music actually comes from
my dad. And so I share the library with him. You know, so it's, it's sort of private in that
sense. We don't publish it. We don't broadcast if play. And, you know, we promote people
publishing music publicly. If using creative comments or Libra, I was it. LiSense are Lib
licenses. And that stuff can be published fine. But admins have controls that they can use
to, you know, take, take a content down. You can report it. You can make sure that the
moderators know about it. And it's really the responsibility of the individual admin to do that.
We are hoping to introduce better controls. So for example, ensuring that only creative
comments license media or freely license media can be made public in the first place is something
you might like to do. It's just not there yet. But it is something we're trying to do.
It's a good start. I have a clear separation. I'm like, really kind of stuck and
stuck like previously was collected. Yeah. I mean, it's not. Yeah, it's one of those things where,
you know, collection management is a hugely complex topic. And this, this sort of way that we've
done it, which is having these kind of, you know, you're able to create as many libraries as you
want. But they're all locked to those three privacy levels. And everything in that library
is at that privacy level. So you can't have, you know, if you start uploading and you upload to
a certain library, you upload 80 tracks and then you think, Oh, actually, I wanted this one to be
public. It's not particularly easy to move that, which is something we're trying to address in
in sort of later updates where we're moving to a collection space sort of way of handling things
where everything can just be dropped onto your fun quail. It doesn't need to go into a library.
It just kind of gets, you know, it's part of your library. But then you can create collections.
And those can be as generic or as specialized as you want. And you can, you know, basically share
individual tracks with people or you can share like whole content collections, whatever you want to
do. So we've got big plans to have to manage that because at the moment, that's something that
people, you know, are really sort of aching for is this really solid, you know, music management.
And when am I importing that as the renoption to, you know, correct the metadata anyway?
So currently, no, but it is something we'd like to do. Basically, what we suggest is we back
onto music brains per card or music brains, rather the database for music. And so we suggest music
gets tagged with the card. Now that's fine for, you know, some content, you know, that you're uploading
from CD collection, from your server, whatever. But it's a bit of an upfront load. We do have a
minimum amount of metadata that is required, like to have some way that's in app so that you don't
have to go, oh, no, it failed. I have to go and tag it with the card and then come back and try it
again. But, you know, that's something we're sort of trying to work out at the moment. We're
actually working with the Metabrains team to figure out a good way to do that. Of course,
some people don't want to use music brains at all. So we have to have, you know, four backs for
other tagging systems and supporting the sort of their minimum of ID free tagging.
So at the moment, it's kind of a two-step process. You tag the music first and you upload it to
funquel. If it's got a music brains ID, you're going to have a great time.
You know, it can be a little bit hit on this because it was just never really designed to do
anything but. So I also see that you have loads of clients for very strong platforms that
Android, iOS, etc. Yeah. And continue, actually. Yeah. And this is because basically, sorry,
blah, blah, blah. Sorry. And HCTP, DIRFS, use FS. Interesting. Yeah. So in terms of
actual official funquel, sort of apps, you basically have obviously the web app. We have an
official mobile client for Android, funquel for Android. And we have a Mopadee plugin.
So Mopadee, if you don't know, is the, is a sort of music, to Python-based command line music
server. And you can plug directly into a funquel server from that if you prefer to listen to
music using a command line client. But the majority of these actually are using subsonic.
So funquel supports a subset of the subsonic API. You can use your existing subsonic apps to
listen to your music collection off of funquel. If you, you know, are, for example, if you're on
an iOS device, we don't have an app that will you at the moment. I'm sorry. I say this, I'm an
iOS using myself. So, but, you know, if you have a subsonic app, you can listen through that.
Which is kind of our stopgap solution to, um, intel people, you know, support the funquel API
in their apps directly. Very cool. So why is there, yeah, I can understand having a media library
and whatever. Why would I want to publish this on the third of us?
So in terms of publishing your music on the third of us. And remember, this isn't probably a
meeting and another user. It's an interesting question, though, because it was one of those things
where it was like, um, how, how do we, you know, we got Fediverse support around 0.17 was the
release, I think when we started to support, uh, activity pub and we started to support federation.
And mostly this was kind of for into funquel communications. So sharing libraries and those
kinds of things, it didn't really use activity pub all that much. It was more about, you know, funquel
to funquel API or sort of navigation. But what we decided quite early on, um, one of our
guts big goals was to be a place for podcasters. Because at the time podcasters were asking for
publishing on the Fediverse. They wanted to be able to have a podcast that you could subscribe to
using the normal mechanisms of RSS, but also you could follow it like a master on the game and see
the new episodes and things like that. So it became this big kind of R&D effort by Agats and, uh,
some more people on our sort of team to talk to podcasters and figure out what exactly they needed
from this, how we could build them. And, um, obviously being a music shop, we also decided this
was a good thing for artists. If you're an artist who publishes their work currently on things like
SoundCloud, um, funquel is a, you know, free and open alternative for you, but people can follow
your work and interact with it in some way, um, and play it on their pod, uh, you know, and whatever.
So the idea is how it works is that if I follow a, an artist channel on my funquel pod, they publish
a new, a new sort of track on their pod. It immediately shows up in my pod and I can stream it.
So yeah, so I don't know if that was clear, but that's kind of how it works. If you have a library
of content on your pod or a channel where you upload something, I can follow it on my pod,
which is what we call servers, um, and it basically shows me all of that content in my pod.
When I then click play, it goes to your server and says, hey, I'm playing this now, I would like
to stream the data from there. And basically that's what it does. It streams from wherever you've
stored it and caches it on your local server for later use. So if I play an album like, for example,
you have a, an album by Robin Gray on your server, I'm following that library, I play that album,
it will stream it to my server, cache all the content in case I listen to it again later,
and that's how it all sort of pulls together. So it's about creating this interconnected
network of people publishing, uh, basically freely licensed content. Right. Now I'm suddenly
interested in this. Yeah, the way to discover new music, you basically follow other people
who are posting music shows. Yeah. Absolutely. A lot of Dave podcasts, um, still, and yes, so they,
they published the, it's tracks that they have, then I could follow them and the people that they
follow, etc, etc. Exactly. They could create like, for example, because they've,
gets a lot of music from like, gemendo, for example. Um, there's no reason that you couldn't have
a cloud channel where he basically pushes, uh, the content that they play and, you know, it could
be like an album called, you know, the name of the week of the, of the episode, and you can go back
and listen to all the tracks they played there, and that would be a use case for it. Um, a better use
case that would be to follow through and those artists follow those artists themselves, so that,
you know, did like one song, but yeah, I want to follow the entire, uh, their entire work.
That's kind of where playlists come into it, and, uh, that's something that, so we do playlists,
playlists are a thing, and we are currently in the process of trying to expand those to be
federated as well, because currently, yeah, playlists are kind of locked to a specific
fun-quail instance, um, but I'm locking the ability to actually follow playlists and interact
with them, build them across people, like that sort of thing is one of the, one of the goals,
really, okay, is that, that's, that's a, that's a big use case, and it's one of those, uh, things
that aren't currently, I would then need to follow each podcast similar to, yeah, the artists,
in order to, basically, I'm asking, how do I, how do I find new artists, and how do I, so, yeah,
so content, uh, so content that is, um, so on a pod like mine, for example, I've got several
hundred users, not many of them are active, but, you know, there's some there, and basically,
when somebody who has an account on the same server that you do follows a channel, for example,
that shows up on your home screen, so if they start following a, um, you know, a musician,
and that channel appears for them, it also shows up for you.
All of that content shows up, and you could search for it, and you can fill to buy like,
you know, let's say you start a radio, and you're like, I don't really care, I just want
something that's tagged with heavy metal. Yep. Any content that is known to your pod, and is known by
followers, uh, by, by people on your pod, and people they follow, uh, that is accessible to you,
will start playing, basically, and you can discover new music like that, you'll pull in some tracks that
you've never heard from, you know, somebody followed someone random from open.audio, and they
have to be making metal music. Right, that's now accessible to you, so you'll hear it in that radio,
and you can like it, and you can follow them yourself, and you can, you know, sort of get involved
with that sort of thing. And the more people sort of follow, obviously, it's very similar to
mastered on in this way. Um, if it's a single person pod, it's very lonely. It's entirely usable,
you can upload your music content, you get all the features, that's great. But discovery wise,
not much, it gets better when you have more people on the pod, and they start following people
from across Funquale, all the different Funquale pods, they go over and they go, hey, uh, Funquale.uk
has this really cool artist or podcaster who's making something cool. I'm going to follow them,
and then you, being on my pod tonic, you tunes, you see, all of that content appear,
and you can just start listening. So that, that, that, actually, um, that, that pushes me away from
the idea of having my own server. Yes. Internally. Yes. For the, for the use case of internally.
But my creative commons music would probably be better off on somebody else's server. Yeah. I mean,
it, it, it comes down to who is going to offer you an account space. Yeah. Because you have a lot of
flak files and they quite, they're quite big. The reason to host your own server more than anything is
to, you know, have as much space to do with as you will. And obviously the more servers you have
in the Fediverse, the better it is for everyone. Yeah. So I would, as a member of the project,
I would encourage you to set up your own server. Yes. As a, as a, as a person who also sort of,
you know, got their starts with Funquale, using someone else's pod originally. So I,
I used Open.Audio, which is the kind of flagship pod. I can see the, the sort of use in it.
But you can quickly start populating your, your server. So Open.Audio offers the entire free
music catalog from archive.org as a library that you can follow. So you can immediately populate
that in your pod by just following that library. And there's a few libraries like that. Mine,
mine is one of them. So I have lots of music like the entire works of Jonathan Colton and stuff
like that because that's all creative commons. You can just follow that. And you get a lot of content
that you might never have even heard of. And I buy a lot of creative commons music to, you know,
give people more content to listen to. Spread the love, spread the love, yeah. And spread the money
to people who, you know, are making creative commons music because I think it's a little thing.
It is, it is. Yeah, I've been exclusively listening to creative commons music since
last seven years, I guess. Oh, wow. No, that's, that's not, I, not like I put on my headphones
and don't listen to any other music, but I mean, yeah, any new music. So I am interested
in getting access to better creative commons music because I feel that the innovation
together, you know, you know, in every town there's the cool bar where you go in and they've got
they got the bands thing and some nights it's good and some nights it's not, but the nights it's
the night, it's good, very good. And that's what I feel we get with creative commons, that spirit of,
you know, it's a bit rough around the edges, but oh, there's some good stuff out there.
Absolutely. Like, there are some really fantastic artists that I've come across who some of them
I came across because they're creative commons, some of them I came across and they happened to
be creative commons. So you've heard, you listen to the bug cast, I don't know if you heard the
tracked by like solar fear ants and the blasting company that were playing a couple of weeks ago,
but those were my suggestions. And they are bands that I, so solar fear ants I saw live in exeter
when I was living there. And it just happens to be that they release everything under creative
commons. And the blasting commons are well known for being the band behind the soundtrack to
over the garden wall, which is a very famous miniseries on Cartoon Network. And they release
everything under creative commons. And it's just, it's wonderful. Sometimes you come across these
bands and you're like, wow, I didn't realise that, you know, they would do that. Jonathan Colton,
another one who's like a long time favourite of mine. And I didn't realise he released everything
under creative commons. I'm the absolute, I got into it because he released everything on
Richard Colton's. I think I got into him because he did the music, or he did some of the songs for
Portal and Portal 2. And so I thought I think that's where I heard of him. And then I started
listening to his thing a week. And he also tours a lot with, he also tours a lot with, they might
be giants who are my favourite band of all time. So I kind of fell into him that way and then
realised later I'm like, oh, his entire collection is like, you know, just a credit based. And
so I bought the whole thing. I bought every single track album, anything he's ever done. And I put
it all on Funquale for people to listen to and hopefully go and do the same for themselves.
Fantastic. Okay, now, right, security issues about doing this. I mean, there's some risks with this.
No, you put in the wrong library and suddenly Metallica are coming, I'm not going to ignore
for the music, but I want my music back. Yes. And then there's the band with Colts.
And then there's the security implications of having a server just open to the world out there.
Talk to me about this. So I mean, security features, why I'm not exactly the best person to talk about
because I'm not a programmer, but I can sort of take you through some of the stuff that we've done.
So one of the first things is going to this point about sort of content being uploaded,
it shouldn't be uploaded. This is a risk with any sort of service where people can upload their
own content. If you're having, you know, if you have a service where anyone can upload anything
in theory, you're going to get a lot of copyrighted work. The important thing is giving people the
ability to basically report that to a moderator and then giving a moderator the tools to
handle that. So in funquels case, we have a report option on everything. You can report users,
you can report libraries, you can report artists, albums, tracks, whatever. And this sends
basically a notification to the admin or the moderator team of the pod and basically says,
so this has been flagged as copyrighted. It can go in and verify, yes, that is copyrighted.
It shouldn't be public and then they can choose how to deal with that, whether that be to make the
content private or if it's a repeat offense or something like that to basically remove the content
and ban the account. So, you know, we're trying to say the D.C.M.
Yeah, exactly. And we're trying to make it even easier. So we've been floating around this
idea of saying like giving admins the ability to lock down like can users create public libraries
at all or giving them a mechanism that says if something gets put in a public library,
it checks to see does it have a license that is freely available? And if not, basically,
no, you can't put it in there. So we have some thoughts on that. It's, you know,
it's something that's kind of been in the background minds, but this past year has been sort of
learning experience. It's a new team who basically took over the old sort of the previous developer
sort of left the project and we took over and we've basically been trying to learn the ropes.
To security, so we've had security audits and we will have another security audit soon because
basically we funding from an Lnet and yeah, we're sort of talking with them at the moment to
to get another fund, another sort of round of funding from them and basically they offer a
security audit. It's a pretty sort of standard security audit. It mostly tests like the front
phasing web app for security issues, but it's a good, it's a good thing to do just to make sure
you catch some of those more obvious ones. The major problems that you will have on any app like
this are things like access control for the API and, you know, basically port maintenance and
management. So we have, you know, everything is developed in the open. Our Docker files are pretty
well sort of sort of shown and we use fairly standard ports for everything. We don't use that
many sort of non-standard ports. We document which ones need to be open in order for things to work
and for things like subsonic, which is a, you know, a slightly older API, which is a little bit
sort of, it's a bit of an add-on. That sort of stuff is disabled by default. So basically the
admin has to opt into pretty much everything that would expose them to any greater risk and the
expectation there is that they will assess that risk for themselves and make sure that it works
with them. Similarly, our engine X config files, we've actually taken a step to harden those.
One of the things we've done in this latest release is basically package those into
into the Docker containers. So if you're running it on Docker, basically you have a,
sort of a, what we would call like a sort of a sensible default. You can override it if you want to,
like we give you a mechanism to override it, but the point is we don't want it to end up where you
have an updated your your engine X files and ages. And you know, you've just kept updating the
software but not the engine X files. So we've sort of put that as part of our new update mechanism
to try and make sure that we're shipping security updates as sort of well as we can.
But yeah, so we do take care and we've actually had some really excellent contributions recently
that harden up security of the sort of infrastructure itself. And with version two of our API,
which is something we're developing at the moment, security is going to be sort of a big
a big thing that we look into. So we really want to get into the mode of speccing everything
to within an inch of its life, making sure that we've really assessed the access control requirements
and the behavior, frankly, at the endpoints to ensure that they only do what we expect them to do.
And obviously, this will all be developed in the open. Every single spec gets put up a discussion
in a forum where people can go and talk about it. But you know, we will always do what we reasonably
can. I know the Georg, for example, who's like, say, that was sort of a main technical resource.
He works in a sort of a company which deals with Kubernetes and large scale deployments. So
he's pretty obeyed with security and has been doing a lot of work to try and solidify that for us.
So yeah, it's a challenge, like anything like you say, anything on the internet, anything that's
federated. The other thing that you know, you need to touch on is things like abusive content.
Why? What happens if something on your on your server, for example, follows a podcast that
advocates for, you know, Nazism? Well, how do you deal with that? So we implement allow listing
and deny listing. You can put your server into allow list mode where only specific pods that you
allow through will get in. Same with denial list, you can say that one in particular can't come in.
You can purge content from different domains. So if there's a domain that's particularly sort of
questionable, you can basically say, basically, you know, block that domain and purge everything
it's ever sent to me. I don't want to know anymore. So we have a lot of sort of tools for admins to
handle all of that sort of stuff. And importantly, as well, users in the meantime, after they
reported something, can also hide all content from artists or from from podcasts and basically say,
I really don't want to see that. So while the admin is dealing with my report, hide it. Yep,
yep, don't see it anymore. Sorry, very good. We're trying. Like we had a lot of help on anti abuse
with, so we had Ginny who was working on anti abuse back in the day. And she did a lot of a lot of
work sort of as making it, making it better than it was, shall we say. But it's an ongoing,
it's an ongoing battle and always having things that we haven't considered. So we just have to keep
catching and working. I realized we're coming up in an hour here, which it, which,
amazingly, I thought we were just chatting for 10 minutes. In the company, what sort of license
your software is released under? Yeah, so if you say now, it's a totally preferential open
core license. No, we're pretty, we're pretty against that now. The software is AGPLV3,
so that's the Afro very general public license. It's the only license really, I think that makes
sense for hosted service side software. It's, you know, it's an excellent license. It gives us
all the freedom that we want and it gives our users the them as well. We've had people come up and
say, we'd like to fork the software to put it on the blockchain and do all this stuff and we're
like, well, good luck. You can have it. It's free and open, we're winning now. Not to do
good blockchain is coming near us. People have this thing in their head that like,
they think that funquels goal is to dodge copyrights. And they're like, well, if we put it on the
blockchain and we had like a doubt that sort of did everything and we put everything in IPFS,
there will be no central authority to take down content and all this and we're just like, we don't
hate copyright. I don't understand where this, where this concept comes from that we, for some
reason, hate copyright. We love copyright. Copyright is fantastic. We just prefer open licensing.
That's about it. A question that is copyright fantastic in the forum that we wouldn't need
to create a licensey if copyright wasn't broken, but the idea that somebody should be able to
copyright their work and not have that copyright violated, say, for example, an individual
creates a piece of music and wants to have it sort of, they want to shift it a certain way,
they don't do creative comments or whatever, that's their right. And we should decide something
out of ten of those solutions. Personally, necessarily think that that's correct,
because, you know, if I go out and I go to work and I work on a project and I create some beauty
there, I get bit first. Thank you very much. That's it. Copyright is essentially a monopoly
that we, the state grant and I think, yeah, maybe it's a way, but there's also, there could be
other ways. Because the way it is done, you're reluctant to it now.
I have an existential question over a point. Yeah, I would say that it's not funquels,
not funquels position to question that. And more to the point, it's a tab position to,
you know, like I say, promote releasing your, your content freely. When you upload content,
we say, hey, who's a license? You know, this is great. And if you publish content on funquels,
it's going to be public. So you should put a license on it. But like, yeah, the, you know,
if you don't want to do that for whatever reason, we're not going to make a technical solution that
gets around that by putting it on the onto the blockchain for everyone to see and you can never
take it down. No, it's a whole thing that we just don't, don't want to get into. Yeah, absolutely,
absolutely. There's a zex on the zex on the only thing is that I don't really want to be running
yes another server. Yeah, I understand that. If you want to get a taste, yeah, if you want to get
a taste, like this, it was on the, you got to hold that new house, no, my house on spreading outside
the house. I'm sorry, if I'm talking over you, it's because of the latency and mumbles or my apologies.
No, no, not at all. But yeah, if you want to try out funquel, there are publicly accessible pods.
So if you go to our website, there is a pod picker, which actually shows you pods that you can sign up to.
The important thing to look out for is what's the upload limit? Because obviously storage isn't
free. That's the big limiting factor for people who host content publish per sort of public.
I offer, on my pod, I offer 10 gigabytes, which is one of the more generous offerings out there.
I'm not trying to sell it because obviously, it's something I pay for our pocket.
But some admins offer two gigabytes, some offer 15, it really depends on what you want.
But if you try it out, if you go to Open.Audio and sign up for an account there and just test
the software out, see how you like it. Maybe you'll think to yourself, yes, I actually do want to run
this on a server. And particularly if I'm running it on my own internet for a while, just to get a
feel for it. Is it possible to replicate the data so that you have different time zones
or would that be just better replicating the data underlying? Is there a way to have
decentralized three copies of the same server serving different regions of the planet?
That's a question beyond me. But in theory, I mean, in theory, there would be,
you're talking about scaling sort of solutions here. In theory, you would double to run several
instances of certainly the web app is easy enough to plug it into the same API. In theory,
you'd be able to do low balancing with the API and you'd be able to do redundancy
deduplication with the database. It's not something that we currently document or really offer
support for. It's one of those things where somebody has written up a helm chart for running
Funqueryl in Kubernetes and hats off to them. In my opinion, a little bit overkill, but there we go.
Yeah, but the thing about this is the easiest way to do it would be to basically host multiple
instances of Funqueryl and just follow the content libraries because they will all show up
the different sort of servers. If you have three servers,
which is kind of the lead server and has all of the data on it, just follow that content from
the other two servers, it'll show up and you can play it. It's kind of how it does. It functions.
Can you randomly, without uploading stuff, can you randomly listen to other people's pods
without having an account? So the admin can choose to allow public
unauthenticated content. So if you go to, for example, my part to Nuki Chunes and you wanted to
listen to Jonathan Colton, you can. But you don't have to have an account. Basically it's
free in public and I have turned off basically requirement for authentication on certain endpoints.
So obviously anything to do with accounts, to do with uploads, to do with anything like that,
that's all protected. But listening and stuff like that is open. That's down to the administrator to
decide. Obviously, there's a performance cost there. There's a, you're obviously, yeah, well,
I mean, it's covered in my digital ocean bill. So I can just read it after a month goes by and cry.
But I'm an aggressive sort of compressor. I upload all of my content as opus files, which
retain very, very high quality despite being tiny, tiny. So I tried to keep it down that way.
But obviously other people can upload stuff publicly. They can upload flat files,
web files, you know, ALAC files or whatever they call it. I think those are supported AAC.
So yeah, whatever they're doing, I'm not exactly sure. But it is possible. There might be a way
to dip your balls into it, at least to the apps before you start building your own server.
Absolutely. Yeah. So I know Open.Audio, some of the content there is free to listen to.
So anything on these in anything that is publicly visible to you, you can listen to it,
just click play on something and it should start playing. You can also log in if you wanted to test,
for example, fun, quite often Android, just pointed to a server that you know is sort of free and open.
And basically just say anonymous authentication. And you won't be able to do things like
favoriting tracks, you won't be able to go playlists or do anything like that. But you will be
able to play music and just see what's out there. Fantastic. I'm a big conscious of the time.
Is there anything that we haven't covered that you want to talk about that I missed?
I mean, I don't think so. I mean, we didn't really touch much on on podcasts, but it is an
area of the app which has languished a little bit. We're planning to pick up focus on it again
at some point. But obviously on the Fediverse Cast-A-Pod exists. So people who are looking for
a more sort of featureful experience can always go and look at Cast-A-Pod. But Funquel is,
you know, we were the first, we were doing podcasts back in the day before anyone else was.
And yet you can publish a podcast on Funquel and just download the RSS feed and listen to it
wherever using your normal pod catcher. So, you know, that was kind of a feature we baked into it.
That's actually quite interesting because we get asked a lot. I'll do a start my own podcast and
this might be a good solution for people. Okay. Yeah, I'm fantastic. I'm going to have to wrap
it up there, Karen, I think. Unless there's anything else? No, I don't think so. It's been
really nice talking to you. Thank you very much. Have me on. No, no problem. The feed we could have
we need to have a chat about this. Maybe we can do a round up movie in a six months to year again.
And come back when I have a little bit more experience of having used it or maybe installed it or
if you have new speakers or if there's anything else you want to announce. Yeah, absolutely.
Sure, just send me an email and I'm happy to come along. Perfect. Okay. Well, thanks very much for the
interview and the links as always to everything that we've discussed will be in the show notes
of this episode. See you tomorrow for another exciting episode of Hacker Public Radio.
You have been listening to Hacker Public Radio at Hacker Public Radio. Does it work?
Today's show was contributed by a HBR listener like yourself. If you ever thought of recording
broadcast, you click on our contribute link to find out how easy it really is. Hosting for HBR has
been kindly provided by an honesthost.com, the internet archive and our sync.net. On the
Sadois status, today's show is released on their creative commons, attribution, 4.0 International