https://whynothugo.nl/tags/open-source/Recent content in Open-Source on WhyNotHugoHugo -- gohugo.ioenMon, 25 Mar 2024 10:43:11 +0100https://whynothugo.nl/journal/2024/03/25/notes-on-s6/Mon, 25 Mar 2024 10:26:41 +0100https://whynothugo.nl/journal/2024/03/25/notes-on-s6/s6 is a collection of programs that can be used for service supervision and service management. It is composed of multiple simple tools that can be used individually or together. The s6 suite of programs can be used to supervise and manage system service, user-session service, or just ad-hoc collection of services. The official documentation does a good job of explaining every component in great details. This is merely a high level overview.https://whynothugo.nl/journal/2024/02/26/my-lock-and-sleep-script/Mon, 26 Feb 2024 00:00:00 +0000https://whynothugo.nl/journal/2024/02/26/my-lock-and-sleep-script/My lock-and-sleep locks the system and puts in back to sleep after 10 seconds of idle as long as it remains locked. Locking the system before going to sleep ensures that the system never shows an unlocked desktop when waking up from sleep. If the screen locker fails to start for some reason, this fact becomes clear sooner rather than later. Going back to sleep automatically prevents the system from remaining active if woken up by accident.https://whynothugo.nl/journal/2024/01/16/nine-months-of-xendmail/Tue, 16 Jan 2024 11:27:11 +0100https://whynothugo.nl/journal/2024/01/16/nine-months-of-xendmail/Last year I wrote xendmail, a tool based on the proposal mentioned in my thoughts on sendmail in 2023 article. Xendmail exposes the same interface as sendmail1, it takes an email as input, reads credentials from the user’s secret store, and dispatches the email via an the appropriate SMTP server. Xendmail implements the 5% of sendmail that I need, plus 5% extra which no other implementation offers. The approach has somewhat worked, but has some issues.https://whynothugo.nl/journal/2023/11/30/specification-and-development-status-for-valarmd/Thu, 30 Nov 2023 11:02:38 +0800https://whynothugo.nl/journal/2023/11/30/specification-and-development-status-for-valarmd/I have made a few mentions to valarmd, a project of mine which is paused for the moment. It is a daemon used to show desktop notifications for alarms in calendar entries. This is its specification. I hope to continue working on it after completing my current work on vdirsyncer. Specification for valarmd[permalink] The basic usage is: valarmd --socket /path/to/socket --vdir /path/to/vdir valarmd shall read icalendar components (both events and todos) from a local file-system directory, extracting their respective dates, alarms and summaries.https://whynothugo.nl/journal/2023/11/27/vdirsyncer-status-update-november-2023/Mon, 27 Nov 2023 19:51:45 +0800https://whynothugo.nl/journal/2023/11/27/vdirsyncer-status-update-november-2023/Designing the low level icalendar parser took longer than it should have taken. To be sincere, part of the problem was my trying to be too ambitious in its scope and growing beyond the strictly necessary requirements. Requirements[permalink] The main goal of this parser (now called vparser) is to parse only the basic structure of icalendar and vcard files. The main requirements for vdirsyncer’s use case are: Extracting the UID from an entry (calendar component or vcard).https://whynothugo.nl/journal/2023/11/01/vdirsyncer-status-update-october-2023/Wed, 01 Nov 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/11/01/vdirsyncer-status-update-october-2023/After having an initial version of the configuration parser, I’ve moved on to working on the actual command line for vdirsyncer itself. Replacing Box<dyn Storage> with Arc<dyn Storage>[permalink] This section is pretty technical and requires some understanding of Rust. In my synchronisation algorithm, the type representing the pair to be synchronised, SyncPair kept references to the Storage instances, and these shared references had started to become a pain point due to Rust’s lifetime rules.https://whynothugo.nl/journal/2023/10/05/a-configuration-format-for-vdirsyncer-v2/Thu, 05 Oct 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/10/05/a-configuration-format-for-vdirsyncer-v2/Settling down a configuration format for the upcoming vdirsyncer v2 has taken more than I anticipated. These is a summary of my journey, considerations and the current state. The previous format[permalink] My first approach was to retain the existing configuration format. I’ll call this one the “legacy” format, to keep language simple. I wrote a parser for it but it was far from trivial and, honestly, extremely complicated code. The configuration format itself is a bespoke format designed for vdirsyncer.https://whynothugo.nl/journal/2023/09/05/debugging-a-non-functional-pylsp/Tue, 05 Sep 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/09/05/debugging-a-non-functional-pylsp/pylsp wasn’t working today for some reason. It wasn’t jumping to definitions, offering any auto-completions, nor formatting code. I had to figure out why. Usually, LSPs are executed directly by the IDE with stdin/stdout piped directly into an LSP client, which means that logging to stdout/stderr is not as simple as usual. Running the LSP manually on a TCP port makes following logs nice and simple. The following command should be executed in the root of a python project:https://whynothugo.nl/journal/2023/08/26/vdirsyncer-status-update-august-2023/Sat, 26 Aug 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/08/26/vdirsyncer-status-update-august-2023/I had family visiting during this past month, so I’ve taken some time off to spend with them. Progress has therefore been slower than usual. Sub-tasks missing from planning[permalink] As I mentioned a few months ago, the NLnet foundation is currently funding my work rewriting on vdirsyncer. As part of this process, I’ve shared a full plan with tasks that need to be done and an estimation for them. While I had a pretty solid plan on how to approach re-writing vdirsyncer, some requirements did fly under my radar.https://whynothugo.nl/journal/2023/08/04/building-and-running-sway-master/Fri, 04 Aug 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/08/04/building-and-running-sway-master/I wanted to run sway from upstream master branch to tests the yet-unreleased fractional scaling support. This recipe also works for trying to build sway with custom patches. First, I needed to clone sway itself and wlroots as a subproject. Building wlroots as a subproject is required since I need to use the current master of wlroots. Using the distribution/system provided wlroots is unlikely to work (due to it being the latest stable release).https://whynothugo.nl/journal/2023/07/17/vdirsyncer-status-update-july-2023/Mon, 17 Jul 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/07/17/vdirsyncer-status-update-july-2023/CardDav support[permalink] This month I’ve worked on missing CardDav support in existing libraries. Regarding libdav itself, this has helped tidy up parts of the code that are shared between the CalDav and CardDav. This wasn’t very complicated; the latter is very similar to the former, so it was just making sure that all of the little differences were tweaked currently. The recent rewrite of the parsers helped a lot since I could reuse most of the code from the CalDav implementation.https://whynothugo.nl/journal/2023/07/13/extending-an-expired-gpg-key/Thu, 13 Jul 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/07/13/extending-an-expired-gpg-key/Slightly over a year ago, I set up a new hardware-backed GPG key on my yubikey device. Today I needed to sign a release, and noticed my key expired two days ago. It’s time to renew it. Possible approaches[permalink] When a key expires, there are three alternatives on how to address this: Generate a new key pair. This requires updating my public key everywhere (e.g.: on services that use my public key, in the README for projects where I sign releases, etc), which is somewhat of a nuisance.https://whynothugo.nl/journal/2023/07/05/senpai-a-modern-irc-terminal-client/Wed, 05 Jul 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/07/05/senpai-a-modern-irc-terminal-client/I’ve been writing some IRC-related experiments using a bouncer lately. I don’t have anything useful yet. My code so far connects to a bouncer, enumerates bouncer networks, opens a second connection to the bouncer (you need an additional connection per upstream network), and then crashes. While trying to find some details on the AUTHENTICATE command using SASL (do I know what I’m doing at this point?), I ended up falling down a rabbit hole where I came across a particular IRC client I that had somehow slipped under my radar:https://whynothugo.nl/journal/2023/06/30/vdirsyncer-status-update-june-2023/Fri, 30 Jun 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/06/30/vdirsyncer-status-update-june-2023/This month started out rather slow, with me taking a week off on vacation and then coming back home only to be sick in bed for another week. But it ended up being rather productive after all. Configuration parsing[permalink] My initial goal since last month was to implement a small binary that can work as a drop-in replacement for vdirsyncer. With some basic sync scenarios working1, the next step was to parse the configuration file.https://whynothugo.nl/journal/2023/06/20/understanding-the-xdg-access-portal/Tue, 20 Jun 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/06/20/understanding-the-xdg-access-portal/The upcoming version of Firefox 116 will use Pipewire for camera access. This sparked my curiosity and I wanted to know if my setup would work for this. In recent times, Firefox has been moving rather quickly, adding dependency on these Flatpak portals (even in scenarios where Flatpak is not involved). This is no exception. Access to the camera via pipewire is mediated by the camera portal, an interface of the xdg-desktop-portal.https://whynothugo.nl/journal/2023/05/27/vdirsyncer-status-update-may-2023/Sat, 27 May 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/05/27/vdirsyncer-status-update-may-2023/So far, libdav seems to be working pretty solid for interacting with CalDav server, and davcli has been handy for interactively inspecting remote collections. There are a few reported issues for the previous vdirsyncer implementation that are related URL decoding. These can probably be inspected well with davcli, but I still need to write a proper guide that people can follow to do this. I want to use this to confirm that the new implementation handles all these scenarios fine (and debug them if necessary).https://whynothugo.nl/journal/2023/05/01/introducing-davcli/Mon, 01 May 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/05/01/introducing-davcli/I mentioned in the past that libdav (the library which I’ve written to interact with caldav and carddav servers) implements DNS-based discovery. This should make any tools built on this library a lot easier to configure for end users. One such tool so far is davcli, a simple command line tool to interact with caldav servers manually or via simple scripts. It is also useful for hosting providers that want to validate that discovery is set up correctly.https://whynothugo.nl/journal/2023/04/30/dns-based-discovery-for-caldav-and-carddav/Sun, 30 Apr 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/04/30/dns-based-discovery-for-caldav-and-carddav/rfc6764 describes a mechanism for caldav service providers to expose exactly where their server is located while requiring minimal input from the user. The main intent here is that if you are hosting your email and calendar for example.com, your users only need to provide their calendar application with the domain example.com and it can automatically figure out exactly where the caldav server is located. Let’s assume, for this example, that the caldav service is located at https://dav.https://whynothugo.nl/journal/2023/04/12/installing-postmarketos-on-a-oneplus-6-with-an-encrypted-filesystem/Wed, 12 Apr 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/04/12/installing-postmarketos-on-a-oneplus-6-with-an-encrypted-filesystem/I’ve been experimenting with postmarketOS for a long time now. My long-term aspiration is to set up a phone that I can use as a daily driver. I need to overcome a lot of obstacles to achieve this. Today, my goal is to encrypt the main partition. So if I lose the phone, it doesn’t have all my messaging, email and credentials totally unencrypted. This is a hard requirement before moving forward with a lot of other things.https://whynothugo.nl/journal/2023/03/30/thoughts-on-sendmail-in-2023/Thu, 30 Mar 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/03/30/thoughts-on-sendmail-in-2023/Sendmail is a classic mail transfer agent (MTA) in the world of Unix-like systems. It’s design is simple, and worked well for many setups for decades. For many scenarios it still works. For others, it does not. Sendmail as a system-wide tool[permalink] Sendmail is typically set up by a system administrator and configured to relay emails from any local user via some administrator-defined mechanism. This doesn’t play well with typical multi-users systems as we see today, especially if they each have their own different mailbox providers and accounts.https://whynothugo.nl/journal/2023/03/15/notes-on-podman/Wed, 15 Mar 2023 11:21:05 +0100https://whynothugo.nl/journal/2023/03/15/notes-on-podman/Podman is an alternative implementation of Docker which addresses some design issues in Docker. The most obvious/notable difference is that Podman doesn’t require a daemon running permanently, which is nice, but not a huge deal. It also has other design differences, but most of them are good ideas that have little to no impact in practice. A big feature of Podman was that it was the first to implement rootless support.https://whynothugo.nl/journal/2023/02/18/in-praise-of-alpine-and-apk/Sat, 18 Feb 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/02/18/in-praise-of-alpine-and-apk/Since the change of year, I’ve been using Alpine Linux on my main computing device (a new desktop PC that I assembled in December). These are some notes on in, some niceties and caveats. I used ArchLinux for over a decade before, so keep in mind that my main point of reference/background is using Arch+pacman. However, this is not an “Arch vs Alpine” article. My woes with package management[permalink] Over the years, I’ve experimented with many ways of “keeping a list of the list of packages installed”.https://whynothugo.nl/journal/2023/01/30/vdirsyncer-looking-for-hosted-dav-servers/Mon, 30 Jan 2023 15:48:50 +0100https://whynothugo.nl/journal/2023/01/30/vdirsyncer-looking-for-hosted-dav-servers/Current state of affairs[permalink] As part of vdirsyncer’s test suite, I currently run tests against a multiple CalDav/CardDav servers. The CI pipeline does this by downloading dockerised versions of all the servers, starting them up and then running tests. This isn’t ideal. On CI, the radicale, xandikos and baikal containers get downloaded on each test run which really doesn’t scale1. Adding more and more servers will just make the whole test suite slower, as well as more maintenance work.https://whynothugo.nl/journal/2023/01/20/notes-on-ruff/Fri, 20 Jan 2023 11:24:00 +0100https://whynothugo.nl/journal/2023/01/20/notes-on-ruff/ruff is a tool to check and lint Python code. It’s written in Rust and it really is blazing fast. The first time I ran it on a real codebase I immediately got an error and, for a split-second, though it was an execution error. It had actually run successully in a few milliseconds and found an issue in my code (a silly one, but a valid one). A flake8 replacement[permalink] ruff implements all the rules from pyflakes and pycodestyle, which essentially implies it serves as a full replacement for flake8.https://whynothugo.nl/journal/2023/01/12/notes-on-pre-commit/Thu, 12 Jan 2023 00:00:00 +0000https://whynothugo.nl/journal/2023/01/12/notes-on-pre-commit/pre-commit is a tool to configure git pre-commit hooks. It allows defining hooks in a simply syntax and runs them only if files of a specific type change (e.g.: run mypy only if *.py files have changed). Additionally, it’ll stash unstaged changes when running, so any files that are not being committed won’t interefere with the hooks. This makes hooks fail if you forgot to commit a file, and prevents hooks from failing if some uncommitted file has broken code.https://whynothugo.nl/journal/2022/10/26/systemd-locking-and-sleeping/Wed, 26 Oct 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/10/26/systemd-locking-and-sleeping/Locking the system[permalink] logind (part of systemd) emits events when the system is about to be locked or go into sleep. Typically, one can configure logind so that closing the laptop lid triggers a “lock the session” event. However, this just emits a D-Bus signal and doesn’t provide facilities for running any screen locker. One needs a separate process listening for this event, and this process itself needs to run a screen-locker and any other similar actions.https://whynothugo.nl/journal/2022/10/04/shotman-0.2-development-update-part-2/Tue, 04 Oct 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/10/04/shotman-0.2-development-update-part-2/After the initial proof of concept of the shotman rewrite, my next goal was to have an implementation that could fully replace the previous version for daily usage. My main use of shotman is “take screenshot of current window”, and I have two other (less frequent) use cases. They are all mapped to global hotkeys: Super+p to screenshot the current window. Super+Shift+p to screenshot a region. Super+Ctrl+p to screenshot the entire output.https://whynothugo.nl/journal/2022/08/28/shotman-0.2-development-update-part-1/Sun, 28 Aug 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/08/28/shotman-0.2-development-update-part-1/Update: This article was renamed to “part 1” when publishing part 2. These last couple of week I’ve been putting a lot of time into shotman. Shotman is a small GUI tool I wrote a few months ago. It shows a small preview window when a screenshot is saved, and has controls to copy the screenshot into clipboard or delete it right away. The previous version was 0.1. This newly written version is to be 0.https://whynothugo.nl/journal/2022/08/13/my-packaging-policy/Sat, 13 Aug 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/08/13/my-packaging-policy/The open source sphere has continuously had a lot of discussion regarding packaging, and there’s often an expectation that upstream developers should distribution packages. I want to make it clear where I stand on this, what users of my projects can expect, and what how packagers can contribute. As a general rule, for projects I maintain, I’ll only do source releases (e.g.: tag a version as v2.0.1 and sign that tag or tarball).https://whynothugo.nl/journal/2022/07/26/meson-for-python-applications/Tue, 26 Jul 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/07/26/meson-for-python-applications/I’ve ported caffeine-ng to use meson rather than python-wheel for building and installing. Python’s packaging ecosystem is moving in a direction that will only support python packages, but not packages that need to install data files outside python’s package location. This last scenario is deprecated and will become unsupported in future. It already doesn’t work when using python wheels, as discussed on that issue. caffeine-ng, like many other desktop applications, ships with data files including manual pages, desktop entry files, icons, translations, etc.https://whynothugo.nl/journal/2022/07/12/announcing-caffeine-ng-v4.0.0/Tue, 12 Jul 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/07/12/announcing-caffeine-ng-v4.0.0/caffeine-ng is a small tool that shows an icon on the desktop status bar to temporarily disable screenlockers, screensavers, and screen dimming. It is typically used to temporarily avoid the screen turning off for things like watching a movie, a videoconference and alike. Version 4.0.0 of caffeine-ng is now available. Many of the changes in this release are thanks to the contributors who have both written and tested many of these improvements, so a huge thanks to all those who have made this possible!https://whynothugo.nl/journal/2022/07/11/using-a-yubikey-for-gpg/Mon, 11 Jul 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/07/11/using-a-yubikey-for-gpg/I’ve written recently on how I use a Yubikey as a hardware security token for two factor authentication. One item I was missing was GPG, and this was mostly because setting up GPG is a bit tricker to set up and I simply hadn’t had the time. My previous key recently expired, so this is a good time to address that. This article explains the basics of how Yubikey + GPG works, and how to get started.https://whynothugo.nl/journal/2022/07/01/quick-and-simple-vms-with-qemu/Fri, 01 Jul 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/07/01/quick-and-simple-vms-with-qemu/I don’t use VMs very often, so there’s no chance I can remember all the dozens of command line flags for qemu. I end up using virt-manager most of the time. It’s a GUI for managing QEMU (and other VM backends) and has dozens of checkboxes and buttons, which come in handy for really complex virtual hardware configurations where I’d need to know a dozen obscure command line flags to replicate the same results.https://whynothugo.nl/journal/2022/05/27/status-update-may-2022/Fri, 27 May 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/05/27/status-update-may-2022/vdirsyncer rewrite[permalink] I’ve been working on some foundational code for the vdirsyncer rewrite. I have some basic traits that all storages will implement, and have a working filesystem storage, which reads a vdir. The filesystem storage itself also helps validate that the API is sound enough before starting to write the other storage implementations. I considered exposing async APIs, but this turned out to not be a great idea. Async functions in trait are not something fully stabilised.https://whynothugo.nl/journal/2022/05/07/how-i-secure-my-setup-with-a-yubikey/Sat, 07 May 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/05/07/how-i-secure-my-setup-with-a-yubikey/YubiKeys[permalink] I have a pair of YubiKey 5C NFC, which I use for authentication a lot. They’re small USB-C authentication devices which can generate multiple types of keys and are usable for different types of authentication. There's also a USB-A version if USB-C ports aren't your thing. The keys generated on-device cannot be extracted, which means that the only way to steal the keys is to physically steal the device itself.https://whynothugo.nl/journal/2022/04/29/open-source-platforms-for-open-source-software/Fri, 29 Apr 2022 19:11:35 +0000https://whynothugo.nl/journal/2022/04/29/open-source-platforms-for-open-source-software/There’s something that’s been low-key bothering me for many months now: the fact that so much open source software is hosted on proprietary platforms and has such a strong dependency on non-open source non-free forges. Now, sometimes we must be pragmatical, and use the closed sourced software when we don’t have a choice. But when it comes to products like GitHub, there’s plenty of choices. And most of them are, feature-wise and UI-wise, superior.https://whynothugo.nl/journal/2022/04/29/fairphone-please-lead-by-example/Fri, 29 Apr 2022 09:29:22 +0000https://whynothugo.nl/journal/2022/04/29/fairphone-please-lead-by-example/The FSFE published an open letter a couple of days ago, asking for legislation to allow users to freely user their own devices, contrary to the status quo, where devices are locked down and controlled fully by the manufacturer rather than the end-user. I whole agree with this stance and applaud this request: if I can’t install the software I want on devices I paid for, do I really even own them?https://whynothugo.nl/journal/2022/04/18/a-vdirsyncer-rewrite/Mon, 18 Apr 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/04/18/a-vdirsyncer-rewrite/I’ve been planning a full rewrite of vdirsyncer for quite some time now. So far work on vdirsyncer (both on the original version and on this rewrite) has happened during free time and is mostly unpaid. My intention is to seek sponsors for this rewrite, so that I can dedicate more hours to this project and deliver a well polished product to the open source ecosystem. By becoming a sponsor, you will allow me to focus on this endeavour and spend much more time on it than I ever could on “another side project”.https://whynothugo.nl/journal/2022/02/25/introducing-darkman-v1.0.0/Fri, 25 Feb 2022 00:00:00 +0000https://whynothugo.nl/journal/2022/02/25/introducing-darkman-v1.0.0/I’m pleased to announce the release of darkman 1.0. Darkman is a session service that transitions a desktop environment between colour schemes. It switches to dark mode at sundown, and back to light mode at sunrise. This small project started in 2020, out of frustration with dark mode being too hard to read during sunny days, and light mode being blinding at night-time. Darkman runs as a session service. It sets a timer for the next sunrise/sundown based on the current location and sleeps 99% of the time.https://whynothugo.nl/journal/2021/12/14/i-like-that-signal-is-looking-for-sponsors/Tue, 14 Dec 2021 00:00:00 +0000https://whynothugo.nl/journal/2021/12/14/i-like-that-signal-is-looking-for-sponsors/Recently Signal has started asking people to sponsor them, and I’m actually really glad that this is happening. There are many companies out there offering “free services”, but, generally, companies that offer free instant messaging are often doing it to build a detailed profile on you, what you believe, how you behave, and how you feel about an important topic. They do this so they can then sell advertising (or, often, propaganda).https://whynothugo.nl/journal/2015/03/17/open-source-your-website/Tue, 17 Mar 2015 17:15:28 +0000https://whynothugo.nl/journal/2015/03/17/open-source-your-website/Unless your business’s value is actually on your website code itself, there’s little reason not to share your site’s code. I understand why facebook or gmail won’t release the code to their site (I understand, without condemning nor condoning), but if you’ve got a blog, an institutional website, a three-page site that merely links to “download our app”, there’s little reason not to share the source with the public. All of us web developers (or just curious designers) have come across some site and wondered “Hmm, wonder how they did X and Y with just jekyll”, or wondered what plugin they used on Z platform to achieve something.