Managing binary package repositories

In Packaging for Arch Linux I described the ins and outs of binary repository management and some of the issues that come with the tooling currently used by Arch Linux.

In this article I will highlight the work on new tooling and its features.

Since my last write-up on this topic, the project formerly known as arch-repo-management has been renamed to repod (as in repo-d) and has just seen its first minor release. šŸŽ‰

You can find its documentation at


New PGP key ID 1793DAD5D803A8FFD7451697BB992F9864FAD168

As my current PGP key 91BD8815FE0040FA7FF5D68754C28F4FF5A1A949 will be expired soon, I have created a new one to replace it.

You can get my new key 1793DAD5D803A8FFD7451697BB992F9864FAD168 as well as the old one and the cross-signatures required to establish the chain of trust between the two via Web Key Directory (WKD) (which should be used automatically by gpg >= 2.1.23).

To not deal with the rather convoluted gnupg tooling I have created a deployment method for this using sequoia-pgp's sq, about which you can read in the rest of this article.


Packaging for Arch Linux

In Arch, a recap I elaborated a bit on my reasons for getting involved with Arch Linux. In this post I would like to highlight a few technical details and give a "behind the scenes" when it comes to packaging on and for Arch Linux. This post is written from the viewpoint of a distribution packager, but it is likely to contain information also useful to people packaging on different distributions or for private purposes.


Arch, a recap

One of the things, that has kept me (increasingly) busy over the past few years is my involvement with the Linux distribution Arch Linux. While I have been using Linux for probably about 14 years it is frankly hard to pinpoint when exactly I went down the rabbit hole that this operating system/ ecosystem/ community is (relevant XKCD). However, I can elaborate on my motivation and where that got me.


Electronic Orchestra Charlottenburg

One of the most fun and awesome projects of the past two years (but most likely ever actually) has been the Electronic Orchestra Charlottenburg (EOC). It's an endeavor, that started in 2017 at the Electronic Music Studio of Technical University of Berlin thanks to the efforts of Henrik von Coler, who is doing a great deal of work in the field of electronic music, spatialization and composition.

Some key factors turn the EOC into something special (IMHO):

  • it (usually) consists of electronic and electro-acoustic musicians (e.g. modular synthesizers, DIY hardware, tape, etc.) of different genres

  • its sound is spread out over multi-channel systems (e.g. 12 loudspeakers in a circular setup), using spatial rendering techniques such as ambisonics

  • it makes use of graphic notation

So far it has been immense fun (but also a lot of work) to be part of the EOC and I'm looking forward to (at least) two more concerts this year!

If you're interested, check out the live page or subscribe to the RSS feed. There are also many pictures and binaural recordings up already. Put your headphones on and enjoy!

Securely serving webapps using uWSGI

Ever since I have been running my own Arch Linux box to serve my services, I used nginx in conjunction with uWSGI.
So instead of using php-fpm and be limited to just PHP, I can use a single application server to do all of them (CGI, Python, PHP and even the stuff I don't use, such as Ruby Rack, Mono, Java, Lua, Perl, WebDAV). They are all separately installable as plugins.
Static sites, such as this, default to being served by nginx directly of course.
Over time I found uWSGI to be a very versatile and powerful piece of software that has many advantages (over e.g. Apache):
  • socket activation

  • webapp encapsulation and jailing

  • self-healing

  • being able to separetely manage services

  • exit after idle

I'll explain the services I use (MantisBT, roundcube, ownCloud, Mailman, Stikked, Wordpress, Postfixadmin, phpMyAdmin, cgit, MediaWiki, Etherpad ) along with configuration examples and their possible pitfalls.
In my last post about Let's Encrypt I already showed some examples on how to configure nginx for the use with uWSGI. Let's jump right in.


Let's encrypt it all

For a couple of months now I have been using Let's Encrypt to generate free and valid certificates for all the services I run.
In many places the free Certificate Authority (short CA) has spread like wild-fire. From small to large scale services, many adopted it and the amount of issued certificates has grown over 1 million in just four months.
As a visitor to this website you have probably noticed the small green lock sign next to the address bar. The certificate used for this website is accepted to be valid by your browser (and also by your operating system).
If you're up for some background knowledge, just read on. If you're up for some hands-on technical stuff, jump right on to the howto.
Just note: This is a veeeeeeery long article in any case.


Darmstadt 2016

Summer courses

In its 48th edition, the International Summer Courses for New Music were taking place in Darmstadt this year with a wide program.
Initiated just after World War II by Wolfgang Steinecke (then head of Department of Arts and Culture, in a city that was pretty much completely destroyed during the war), the Darmstadt School has risen to glory not only because of its famous seminarists such as Karlheinz Stockhausen, but mainly because of its diversity, international flavor and rehabilitation of art that was tainted by the Third Reich.
I am happy to have been a part of this year's spectacle, although I didn't really see much aside from the rehearsals and premiere of the piece I came to help establish: Tolerance Stacks by Annesley Black.


Linux Audio Conference 2016

The conference

The Linux Audio Conference is actually a quite old concept by now. Started as a small Linux Audio user group meeting at LinuxTag back in 2002, the conference more and more developed into a multi-national event, thanks to people such as Frank Neumann (who by the way initially had a "hacker meeting" in mind) and places like the ZKM.
As more universities hosted it, its academic side strengthened, leading to proper proceedings, paper and poster presentations.
Generally speaking it has also always been a place to present software, do workshops to show people how to use software and try it out - suited for developers, users and interested alike!
Another nice aspect that evolved over the years is the concept of the "Linux Sound Night", giving the stage to the artists to present their pieces or perform live.
There's obviously a lot more to the history of the Linux Audio Conference (which is no wonder after such a long time!), than I could elaborate on.
By now the LAC has taken place in many different countries: Germany, Australia, Italy, The Netherlands, Ireland, USA and Austria.