_Status update, April 2023

_Topio

Let’s start with some meat-space updates! Unfortunately they require some German skills to consume, but maybe there are a few German-speaking readers who can appreciate it. To recap, I spend some of my time helping the fine folks of Topio e.V. to put more on FOSS on people’s devices. The focus is phones, but we also do Laptops. We specifically try to target non-technical folks, as those are the least likely to be able to e.g. flash their phone even if they wanted to. This has worked pretty well so far, and now our little operation got featured by two very much non-technical media productions: an RBB radio feature and a (web-only) ARTE feature (starting at ~14:00). It’s targeted at a mainstream audience, so don’t expect much :) - but it still is nice to see that there is at least some interest, even from mainstream media.

_NPotM: hdig

I have been meaning to do some more Hare work again, and this is what kind of just happened: hdig, a tool similar to the venerable dig, though only in terms of functionality, not in terms of messed up command line syntax. Chances are you won’t be able to just compile it, though: I am using it as a test tool for improving the Hare net::dns module, and at any given time there is a good likelihood that it is using code that has not been merged yet. This will obviously change eventually, and it will just become a dig replacement with proper syntax.

_AMS infrastructure

We are still working on the foundations, but some interesting progress was made. For once, yours truly contributed a docker auth server Alpine package. This allows us to properly secure our docker registry, which means we can make it publicly accessible (it is currently exposed internally only). Thus, anyone wishing to run sr.ht will be able to simply pull and run the same containers that we are using.

I also spent some time improving the upstream Ceph documentation. Ceph is progressing at a pretty impressive pace, but unfortunately the documentation tends to fall behind because of this. For example, no matter how insisting the current radosgw man page is, I can assure you that you do not need FCGI to run it (my next target for improving the docs).

I know that because our cluster now supports everything that Ceph has on offer: remote block devices, S3-compatible object storage, and finally also CephFS, a true multi-writer cluster filesystem. The last piece missing here is the ceph-csi configuration for a CephFS-based Kubernetes storage provider. I have a slight YAML-fatigue, but it’s almost done :)

_Anemos

Last but certainly not least, there has been a good deal of progress for Anemos and makeimg. For some background, I have long been using makeimg for some of my private servers, but for deploying the images I relied on setup-specific methods (e.g. access to the hypervisor). However, for my two name servers, I had no such method. So I used what the hosting provider offered: a proprietary API to re-image the servers with FreeBSD (the best OS choice that Leaseweb offers) and a script that runs afterwards to set them up.

Now I’ve reached a first milestone for Anemos: I have converted the setup script for the name servers into a proper IMGBUILD (i.e. a makeimg image definition), switching to Alpine Linux (because it’s possible now), and use Anemos to deploy the image.

This has a couple of advantages. Most obviously, it allows me to use Alpine. More subtly, it allows me to e.g. re-partition the disk during setup, which would have previously been impossible, even when using a Leaseweb-provided OS.

I tend to be a bit shy about my private stuff, but this whole setup has now become an excellent demo of what Anemos can do. Hence, I am making it public. The README has a link to a video where you can see it in action. This is the code I actually use to deploy the servers, so it will always reflect the latest developments of Anemos for the time being. I even plan to make the deployment itself happen automatically on builds.sr.ht.

I am still busy writing proper documentation for Anemos, but I hope this real world use-case answers some question in the meantime.

As always, feel free to reach out with any questions or comments!