Operating System Bias in Next Generation Internet and NLnet

In Grants for Operating Systems I discussed my journey through the grant application writing business since beginning of last year. To keep things light and somewhat focused, I left out a topic, that I would like to write about in more detail in the following sections.

It's about selection bias in grants provided by Next Generation Internet (NGI), that can be applied for directly or through NLnet.

Read more…

Grants for Operating Systems

Over the past years I have written (unsuccessful) funding applications for free software projects, associated with the Arch Linux Operating System. This article is about my experiences with applying for numerous funds and my advice for people trying to get their work funded.

TL;DR: Writing funding applications is extremely tedious and the selection process mostly intransparent and discouraging. Depending on what you apply for and who you apply with, you may never get funding due to other, additional factors.

Read more…

Managing binary package repositories

In Packaging for Arch Linux I described the ins and outs of binary repository management and some of the issues that come with the tooling currently used by Arch Linux.

In this article I will highlight the work on new tooling and its features.

Since my last write-up on this topic, the project formerly known as arch-repo-management has been renamed to repod (as in repo-d) and has just seen its first minor release. 🎉

You can find its documentation at https://repod.archlinux.page.

Read more…

New PGP key ID 1793DAD5D803A8FFD7451697BB992F9864FAD168

As my current PGP key 91BD8815FE0040FA7FF5D68754C28F4FF5A1A949 will be expired soon, I have created a new one to replace it.

You can get my new key 1793DAD5D803A8FFD7451697BB992F9864FAD168 as well as the old one and the cross-signatures required to establish the chain of trust between the two via Web Key Directory (WKD) (which should be used automatically by gpg >= 2.1.23).

To not deal with the rather convoluted gnupg tooling I have created a deployment method for this using sequoia-pgp's sq, about which you can read in the rest of this article.

Read more…

Packaging for Arch Linux

In Arch, a recap I elaborated a bit on my reasons for getting involved with Arch Linux. In this post I would like to highlight a few technical details and give a "behind the scenes" when it comes to packaging on and for Arch Linux. This post is written from the viewpoint of a distribution packager, but it is likely to contain information also useful to people packaging on different distributions or for private purposes.

Read more…

Arch, a recap

One of the things, that has kept me (increasingly) busy over the past few years is my involvement with the Linux distribution Arch Linux. While I have been using Linux for probably about 14 years it is frankly hard to pinpoint when exactly I went down the rabbit hole that this operating system/ ecosystem/ community is (relevant XKCD). However, I can elaborate on my motivation and where that got me.

Read more…

Electronic Orchestra Charlottenburg

One of the most fun and awesome projects of the past two years (but most likely ever actually) has been the Electronic Orchestra Charlottenburg (EOC). It's an endeavor, that started in 2017 at the Electronic Music Studio of Technical University of Berlin thanks to the efforts of Henrik von Coler, who is doing a great deal of work in the field of electronic music, spatialization and composition.

Some key factors turn the EOC into something special (IMHO):

  • it (usually) consists of electronic and electro-acoustic musicians (e.g. modular synthesizers, DIY hardware, tape, etc.) of different genres

  • its sound is spread out over multi-channel systems (e.g. 12 loudspeakers in a circular setup), using spatial rendering techniques such as ambisonics

  • it makes use of graphic notation

So far it has been immense fun (but also a lot of work) to be part of the EOC and I'm looking forward to (at least) two more concerts this year!

If you're interested, check out the live page or subscribe to the RSS feed. There are also many pictures and binaural recordings up already. Put your headphones on and enjoy!

Securely serving webapps using uWSGI

Ever since I have been running my own Arch Linux box to serve my services, I used nginx in conjunction with uWSGI.
So instead of using php-fpm and be limited to just PHP, I can use a single application server to do all of them (CGI, Python, PHP and even the stuff I don't use, such as Ruby Rack, Mono, Java, Lua, Perl, WebDAV). They are all separately installable as plugins.
Static sites, such as this, default to being served by nginx directly of course.
Over time I found uWSGI to be a very versatile and powerful piece of software that has many advantages (over e.g. Apache):
  • socket activation

  • webapp encapsulation and jailing

  • self-healing

  • being able to separetely manage services

  • exit after idle

I'll explain the services I use (MantisBT, roundcube, ownCloud, Mailman, Stikked, Wordpress, Postfixadmin, phpMyAdmin, cgit, MediaWiki, Etherpad ) along with configuration examples and their possible pitfalls.
In my last post about Let's Encrypt I already showed some examples on how to configure nginx for the use with uWSGI. Let's jump right in.

Read more…

Let's encrypt it all

For a couple of months now I have been using Let's Encrypt to generate free and valid certificates for all the services I run.
In many places the free Certificate Authority (short CA) has spread like wild-fire. From small to large scale services, many adopted it and the amount of issued certificates has grown over 1 million in just four months.
As a visitor to this website you have probably noticed the small green lock sign next to the address bar. The certificate used for this website is accepted to be valid by your browser (and also by your operating system).
If you're up for some background knowledge, just read on. If you're up for some hands-on technical stuff, jump right on to the howto.
Just note: This is a veeeeeeery long article in any case.

Read more…