2022-07 Status Update
on 2022-08-01 in status-update
| alpine | apparmor | s6 | self-hosting |
This month, I’ve started writing about the experiments I do with various FLOSS software. There won’t necessarily be a meaningful outcome of this section. But with this section, I hope to inspire others to tinker with FLOSS software, and publish their experiences as well. It’ll be home to topics that can’t be expanded to long form articles.
Updated sphinx-click, a build dependency of todoman, to v4.3.0. I missed updating this project since upstream stopped publishing GitHub Releases after v3.0.2. Tracking upstream updates of packages that I maintain became tedious. This motivated me to use release-monitoring. They support notifying alpine’s (among various distributions’) package maintainers about upstream updates. I no longer have to subscribe to the project release feeds of packages that I maintain.
Updated hledger packages to
abump script that makes package updates easier. I wrote
abump-haskell that updates
cabal.project.freeze file before bumping the
package version. With this, the package definition updates are now completely
I fixed an issue where newly installed hledger-web-openrc service couldn’t
~hledger/.hledger.journal file on startup due to a misconfigured
adduser command in the
hledger-web.pre-install script. Contributing to
alpine linux has been such a pleasant experience due to psykose’s review(s).
Karthik suggested me to package Telugu Vijayam Fonts from Silicon Andhra for alpine linux. This was a tricky one. Upstream does not provide a convenient tarball to use, so I had to fetch and checksum every single font. The fonts are packaged and are available from testing repository. But I asked upstream about the issue and am awaiting their response.
I recently started tinkering with
apparmor profiles. While trying to package those
profiles for the alpine packages I maintain, I realized that I could add
support for apparmor in abuild, allowing all alpine package maintainers to
benefit from it. (alpine uses
abuild, i.e. alpine build tools, to build
I drafted a proposal and corresponding MR about it. With this change, any
alpine packager can place apparmor profiles in
$pkgname-apparmor-profile package created automatically. Which then will
be installed along with
$pkgname if the users have
package installed already. It may sound complicated, but it really isn’t, once
you get to use it.
This proposal was submitted around the end of the month. Stay tuned for next month’s updates.
- testing/py3-sphinx-click: upgrade to 4.3.0
- testing/hledger*: upgrade to 1.26.1
- testing/hledger-web: create home directory
- testing/font-teluguvijayam: new aport
- Draft: abuild.in: add default function for apparmor profiles
I recently started hosting internet services for my friends and family. Currently, the instance is hosting a DNS service, with DNSSEC support; and a mumble server, with automatic certificate renewal; protected by awall. The instance has its own status page to track. I’ve been privately hosting several services for years. I recently got more unused hardware to play with, and I’m going to put them to good use.
Everything on that instance is configured with care and I hope to start a series about it soon™. I intend to create high quality guides. It takes a lot of time, and research to write them. I have started giving dedicated time working on documenting experiments and writing guides. As they say, some soon™s are sooner than other soon™s.
I experimented with adding apparmor profile to hledger-web alpine package.
During packaging apparmor profile, I got to use some advanced concepts of APKBUILDs. When one installs hledger-web package on their system from testing repo, they will also get the hledger-web-apparmor-profile package installed if they already have apparmor-profiles package installed. Each package that provides apparmor profile will be automatically managed by apk this way.
If you develop software that are distributed to your users, please provide an apparmor profile; possibly write one with help from your package maintainers. Together, we can make your software more secure.
While I was at experimenting with new alpine software, I thought to package s6-rc service for hledger-web. Writing a service definition is quite simple in s6. Simple, but different. There’s no single configuration file you write (as in with other init systems). You create a service directory with necessary files in a specific structure, and let s6-rc-compile process it to derive a service database, which is said to be efficient. The s6 service structure is quite API friendly, as opposed to being user friendly. There will be some time until s6rc can come to alpine officially, but there’s growing community interest. Upstream is working on user-friendly frontend to create s6 services.
I’ll resume working on hledger projects, and moar-midi next month. Being able to work on anything is both boon and bane. I find it harder to strike balance between working on new projects and completing already started ones.
Near the end of the month I got introduced to azadMaidan Project by GN. The project is about hosting popular federated and decentralized services. Think of it as a suite of FLOSS collaborative services. I will write more about the project in future.
Until next time. Peace.
I welcome your feedback or constructive criticism to ~firstname.lastname@example.org. You can also visit the public archive.