The following contributors got their Debian Developer accounts in the last two months:
.
On the global stage, about a decade ago, Stephen J. Dubner and Steven Levitt argued in their book Freakonomics how legalized abortion both made the coming population explosion as well as expected crime rates to be reduced. There was a huge pushback on the same from the conservatives and has become a matter of debate, perhaps something that the Conservatives wanted. Interestingly, it hasn t made them go back but go forward as can be seen from the Freakonomics site.
Dr. Dipika Ghosh sharing an incident in Covid Ward
Interestingly as well, while in the vaccine issue, Brazil Anvisa doesn t know what they are doing or the regulator just isn t knowledgeable etc. (statements by various people in GOI, when it comes to testing kits, the same is an approver.)
ICMR/DGCI approving internationally validated kits, Press release.
Gaurav on Trump-Biden on vaccination of their own citizens
Pappu Yadav, President Jan Adhikar Party, Bihar May 11, 2021
Snippets from Karnataka High Court hearing today, 13th March 2021
Allahabad High Court hauling Uttar Pradesh Govt. for lack of Oxygen is equal to genocide, May 11, 2021
Gujarat Satya Samachar 2005 launched by Mr. Modi. 
Mr. Modi invoking Official Secrets Act, Feb 8 2005 Gujarat Samachar
Pandit Ranjan Mishra son on his father s death due to unavailability of oxygen, Varanasi, Uttar Pradesh, 11th May 2021.
To create a new apps script, click "New project" from the scripts dashboard: this will open a code editor, so now cut and paste this code (change the label name to match the one you want to use, and the header too if you're going to use this for another team):
function tagPythonTeamEmails()
// search for all recent threads (hours is the smallest interval searchable)
var threads = GmailApp.search("newer_than:1h");
// this is the label i want to apply to the messages
var label = GmailApp.getUserLabelByName("Debian_Python_Pkgs"); // <-- EDIT THIS
for (var i = 0; i < threads.length; i++)
// get all messages in a given thread
var messages = threads[i].getMessages();
// for each message in the thread
for (var j = 0; j < messages.length; j++)
var message = messages[j];
// needed to have access to the full email: headers + body
var email = message.getRawContent();
// this is the header i want to check for: if present, add label and archive
if (email.indexOf("X-Distro-Tracker-Team: python") > -1) // <-- EDIT THIS
threads[i].addLabel(label);
threads[i].moveToArchive();
(This code is largely inspired by this StackOverflow answer.)
Given we're going to perform changes to the emails, we need to add extra permissions to the script; first we need to toggle the option "View > Show manifest file" which will show the appsscript.json file. Once done, edit it and update the scope of the script to include:
"oauthScopes": [
...
"https://www.googleapis.com/auth/gmail.readonly",
"https://www.googleapis.com/auth/gmail.modify"
],
These new permission will be granted when we deploy the script, which we can actually do right now: from the editor window click on "Publish > Deploy from manifest..." and then "Install add-on"; it will make the app script available to operate on Gmail by opening the usual Google grants authorization popup.
Unlike filters defined on the web UI, apps scripts are not triggered every time a mail is received (there's a pub-sub mechanism, but it doesn't look like it would work for this), so if we want to execute periodically the new script, we need to create a time-driven trigger.
The simplest way is probably from the script editor (but you can also follow this doc): "View > Current project's triggers" and then "Add trigger" from there. For my specific use-case i set:
Be aware of quotas and limitations for Apps scripts; in particular the "Triggers total runtime" set to "90 min / day" is what led me to set the trigger every 510 mins.
Use the scripts dashboard (doc) to monitor the script execution logs, in the "My Executions" section, and specifically the "Duration" column: the script execution time depends exclusively on the number of emails to process at every execution, so fine-tune the trigger time to stay within your quota.
The newer_than search operator doesn't allow a granularity smaller than hours (although that's not even documented), so that means we're going to scan multiple times the same emails.
UPDATE (2020-12-26): I've already had to bump from every 5 to every 10 minutes, as otherwise i'd get Exception: Service invoked too many times for one day: gmail. (remember the quota!)
This month I started working on ways to make hosting access easier for Debian Developers. I also did some work and planning for the MiniDebConf Online Gaming Edition that we ll likely announce within the next 1-2 days. Just a bunch of content that needs to be fixed and a registration bug then I think we ll be ready to send out the call for proposals.
In the meantime, here s my package uploads and sponsoring for September:
2020-09-07: Upload package calamares (3.2.30-1) to Debian unstable.
2020-09-07: Upload package gnome-shell-extension-dash-to-panel (39-1) to Debian unstable.
2020-09-08: Upload package gnome-shell-extension-draw-on-your-screen (6.2-1) to Debian unstable.
2020-09-08: Sponsor package sqlobject (3.8.0+dfsg-2) for Debian unstable (Python team request).
2020-09-08: Sponsor package bidict (0.21.0-1) for Debian unstable (Python team request).
2020-09-11: Upload package catimg (2.7.0-1) to Debian unstable.
2020-09-16: Sponsor package gamemode (1.6-1) for Debian unstable (Games team request).
2020-09-21: Sponsor package qosmic (1.6.0-3) for Debian unstable (Debian Mentors / e-mail request).
2020-09-22: Upload package gnome-shell-extension-draw-on-your-screen (6.4-1) to Debian unstable.
2020-09-22: Upload package bundlewrap (4.2.0-1) to Debian unstable.
2020-09-25: Upload package gnome-shell-extension-draw-on-your-screen (7-1) to Debian unstable.
2020-09-27: Sponsor package libapache2-mod-python (3.5.0-1) for Debian unstable (Python team request).
2020-09-27: Sponsor package subliminal (2.1.0-1) for Debian unstable (Python team request).
My laptop battery started to explode in slow motion. HP requires 10 business
days to repair my laptop under warranty, and I cannot afford that length of
downtime.
Alternatively, HP quoted me 375 + VAT for on-site repairs, which I tought was
very funny.
For 376.55 + VAT, which is pretty much exactly the same amount, I bought
instead a refurbished ThinkPad X240 with a dual-core I5, 8G of RAM, 250G SSD,
and a 1920x1080 IPS display, to use as a spare while my laptop is being
repaired. I'd like to thank HP for giving me the opportunity to own a ThinkPad.
Since I'm migrating all my system to the spare and then (hopefully) back, I'm
documenting what I need to be fully productive on new hardware.
Install Debian
A basic Debian netinst with no tasks selected is good enough to get going.
Note that if wifi worked in Debian Installer, it doesn't mean that it will work
in the minimal system it installed. See here
for instructions on quickly bringing up wifi on a newly installed minimal
system.
Copy /home
A simple tar of /home is all I needed to copy my data over.
A neat way to do it was connecting the two laptops with an ethernet cable, and using netcat:
# On the source tar -C / -zcf - home nc -l -p 12345 -N # On the target nc 10.0.0.1 12345 tar -C / -zxf -
mk-build-deps
from the devscripts package to create metapackages that make sure they are
installed.
Here's an extract from debian/control of the metapackage:
Source: enrico Section: admin Priority: optional Maintainer: Enrico Zini <enrico@debian.org> Build-Depends: debhelper (>= 11) Standards-Version: 3.7.2.1 Package: enrico Section: admin Architecture: all Depends: mc, mmv, moreutils, powertop, syncmaildir, notmuch, ncdu, vcsh, ddate, jq, git-annex, eatmydata, vdirsyncer, khal, etckeeper, moc, pwgen Description: Enrico's working environment Package: enrico-devel Section: devel Architecture: all Depends: git, python3-git, git-svn, gitk, ansible, fabric, valgrind, kcachegrind, zeal, meld, d-feet, flake8, mypy, ipython3, strace, ltrace Description: Enrico's development environment Package: enrico-gui Section: x11 Architecture: all Depends: xclip, gnome-terminal, qalculate-gtk, liferea, gajim, mumble, sm, syncthing, virt-manager Recommends: k3b Description: Enrico's GUI environment Package: enrico-sanity Section: admin Architecture: all Conflicts: libapache2-mod-php, libapache2-mod-php5, php5, php5-cgi, php5-fpm, libapache2-mod-php7.0, php7.0, libphp7.0-embed, libphp-embed, libphp5-embed Description: Enrico's sanity Metapackage with a list of packages that I do not want anywhere near my system.
/home and installing packages takes care of 99% of my needs.
There are a few system-wide tweaks I cannot do without:
/etc/NetworkManager/system-connections/update-alternatives --config editorsystemctl restart network-manager are enough. Note that Network Manager
will ignore the files unless their owner and permissions are what it expects.
Fine tuning
Comparing the output of dpkg --get-selections between the old and the new
system might highlight packages manually installed in a hurry and not added to
the metapackages.
Finally, what remains is fixing the sad state of mimetype associations,
which seem to associate opening file depending on whatever application was
installed last, phases of the moon, and what option is the most annoying.
Currently on my system, PDFs are opened in inkscape by xdg-open and in
calibre by run-mailcap. Let's see how long it takes to figure this one out.
Welcome to gambaru.de. Here is my monthly report (+ the first week in June) that covers what I have been doing for Debian. If you re interested in Java, Games and LTS topics, this might be interesting for you.
Debian Games
It's the end of the world as we know it, twice as fast
After Homemade Instruments Week on the facebook page, here is an article with some PVC pipes instruments! Percussion on PVC pipes A classic, long pipes for big bass, easy to tune by changing the length
"Ut queant laxis" or "Hymnus in Ioannem" is a Latin hymn in honor of John the Baptist, written in Horatian Sapphics and traditionally attributed to Paulus Diaconus, the eighth-century Lombard historian. It is famous for its part in the history of musical notation, in particular solmization. The hymn belongs to the tradition of Gregorian chant.
.co domains.
Leading to this auto linking:
Now I'm not sure if someone enocountered the same issue, or people just registered
random domains just because they could. I found registrations for
.conf files in /etc which could be interesting in an IT environment, but for the sake of playing with
it I registered nsswitch.co at godaddy. I do not want to endorse them in
anyway, but for the first year it's only 13.08EUR right now, which is okay to
pay for a stupid demo. So if you feel like it, you can probably register something stupid for yourself to play around with. I do not intent to renew this domain next year, so
be aware of what happens then with the next owner.
This year s FOSDEM conference was a lot of fun one of the things I always enjoy most about this particular conference (besides having some of the outstanding food you can get in Brussels and meeting with friends from the free software world) is the ability to meet a large range of new people who I wouldn t usually have interacted with, or getting people from different communities together who otherwise would not meet in person as each bigger project has their own conference (for example, the amount of VideoLAN people is much lower at GUADEC and Akademy compared to FOSDEM). It s also really neat to have GNOME and KDE developers within reach at the same place, as I care about both desktops a lot.
An unexpected issue
This blog post however is not about that. It s about what I learned when talking to people there about AppStream, and the outcome of that. Especially when talking to application authors but also to people who deal with larger software repositories, it became apparent that many app authors don t really want to deal with the extra effort of writing metadata at all. This was a bit of a surprise to me, as I thought that there would be a strong interest for application authors to make their apps look as good as possible in software catalogs.
A bit less surprising was the fact that people apparently don t enjoy reading a large specification, reading a long-ish intro guide with lots of dos and don ts or basically reading any longer text at all before being able to create an AppStream MetaInfo/AppData file describing their software.
Another common problem seems to be that people don t immediately know what a reverse-DNS ID is, the format AppStream uses for uniquely identifying each software component. So naturally, people either have to read about it again (bah, reading! 
) or make something up, which occasionally is wrong and not the actual component-ID their software component should have.
The MetaInfo Creator
It was actually suggested to me twice that what people really would like to have is a simple tool to put together a MetaInfo file for their software. Basically a simple form with a few questions which produces the final file. I always considered this a nice to have, but not essential feature, but now I was convinced that this actually has a priority attached to it.
So, instead of jumping into my favourite editor and writing a bunch of C code to create this make MetaInfo file form as part of appstreamcli, this time I decided to try what the cool kids are doing and make a web application that runs in your browser and creates all metadata there.
So, behold the MetaInfo Creator! If you click this link, you will end up at an Angular-based web application that will let you generate MetaInfo/AppData files for a few component-types simply by answering a set of questions.
The intent was to make this tool as easy to use as possible for someone who basically doesn t know anything about AppStream at all. Therefore, the tool will:
Also, if you want to create a form for a new component type, please submit a patch as well.
C developer s experience notes for Angular, TypeScript, NodeJS
This section is just to ramble a bit about random things I found interesting as a developer who mostly works with C/C++ and Python and stepped into the web-application developer s world for the first time.
For a project like this, I would usually have gone with my default way of developing something for the web: Creating a Flask-based application in Python. I really love Python and Flask, but of course using them would have meant that all processing would have had to be done on the server. One the one hand I could have used libappstream that way to create the XML, format it and validate it, but on the other hand I would have had to host the Python app on my own server, find a place at Purism/Debian/GNOME/KDE or get it housed at Freedesktop somehow (which would have taken a while to arrange) and I really wanted to have a permanent location for this application immediately. Additionally, I didn t want people to send the details of new unpublished software to my server.
TypeScript
I must say that I really like TypeScript as a language compared to JavaScript. It is not really revolutionary (I looked into Dart and other ways to compile $stuff to JavaScript first), but it removes just enough JavaScript weirdness to be pleasant to use. At the same time, since TS is a superset of JS, JavaScript code is valid TypeScript code, so you can integrate with existing JS code easily. Picking TS up took me much less than an hour, and most of its features you learn organically when working on a project. The optional type-safety is a blessing and actually helped me a few times to find an issue. It being so close to JS is both a strength and weakness: On the one hand you have all the JS oddities in the language (implicit type conversion is really weird sometimes) and have to basically refrain from using them or count on the linter to spot them, but on the other hand you can immediately use the massive amount of JavaScript code available on the web.
Angular
The Angular web framework took a few hours to pick up there are a lot of concepts to understand. But ultimately, it s manageable and pretty nice to use. When working at the system level, a lot of complexity is in understanding how the CPU is processing data, managing memory and using the low-level APIs the operating system provides. With the web application stuff, a lot of the complexity for me was in learning about all the moving parts the system is comprised of, what their names are, what they are, and what works with which. And that is not a flat learning curve at all. As C developer, you need to know how the computer works to be efficient, as web developer you need to know a bunch of different tools really well to be productive.
One thing I am still a bit puzzled about is the amount of duplicated HTML templates my project has. I haven t found a way to reuse template blocks in multiple components with Angular, like I would with Jinja2. The documentation suggests this feature does not exist, but maybe I simply can t find it or there is a completely different way to achieve the same result.
NPM Ecosystem
The MetaInfo Creator application ultimately doesn t do much. But according to GitHub, it has 985 (!!!) dependencies in NPM/NodeJS. And that is the bare minimum! I only added one dependency myself to it. I feel really uneasy about this, as I prefer the Python approach of having a rich standard library instead of billions of small modules scattered across the web. If there is a bug in one of the standard library functions, I can submit a patch to Python where some core developer is there to review it. In NodeJS, I imagine fixing some module is much harder.
That being said though, using npm is actually pretty nice there is a module available for most things, and adding a new dependency is easy. NPM will also manage all the details of your dependency chain, GitHub will warn about security issues in modules you depend on, etc. So, from a usability perspective, there isn t much to complain about (unlike with Python, where creating or using a module ends up as a fight the system event way too often and the question which random file do I need to create now to achieve what I want? always exists. Fortunately, Poetry made this a bit more pleasant for me recently).
So, tl;dr for this section: The web application development excursion was actually a lot of fun, and I may make more of those in future, now that I learned more about how to write web applications. Ultimately though, I enjoy the lower-level software development and backend development a bit more.
Summary
Check out the MetaInfo Creator and its source code, if you want to create MetaInfo files for a GUI application, console application, addon or service component quickly.
For many years now, I have been driving a diesel based VW Passat Estate. It
has served me very well and been as reliable as I might have hoped given how
awful I am with cars. Sadly Gunther was reaching the point where it was
going to cost more per year to maintain than the car was worth, and also I've
been being more and more irked by not having a car from the future.
I spent many months doing spreadsheets, trying to convince myself I could
somehow afford a Tesla of some variety. Sadly I never quite managed it. As
such I set my sights on the more viable BEVs such as the Nissan Leaf. For a
while, nothing I saw was something I wanted. I am quite unusual it seems, in
that I don't want a car which is a "Look at me, I'm driving an electric car"
fashion statement. I felt like I'd never get something which looked like a
normal car, but happened to be a BEV.
Then along came the Hyundai Ioniq. Hybrid, Plug-in Hybrid, and BEV all looking
basically the same, and not in-your-face-special. I began to covet.
Eventually I caved and arranged a test drive of an Ioniq plug-in hybrid because
the BEV was basically on 9 month lead. I enjoyed the drive and was instantly
very sad because I didn't want a plug-in hybrid, I wanted a BEV. Despondent,
I left the dealership and went home.
I went online and found a small number of second-hand Ioniq BEVs but as I
scrolled through the list, none seemed to be of the right trim level. Then,
just as I was ready to give up hope, I saw a new listing, no photo, of the
right thing. One snag, it was 200 miles away. No matter, I rang the place,
confirmed it was available, and agreed to sleep on the decision.
The following morning, I hadn't decided to not buy, so I called them up, put
down a deposit to hold the car until I could test drive it, and then began the
long and awkward process of working out how I would charge the car given I have
no off-street parking so I can't charge at home. (Yeah yeah, you'd think I'd
have checked that first, but no I'm just not that sensible). Over the week
I convinced myself I could do it, I ordered RFID cards for various schemes,
signed up with a number of services, and then, on Friday last week, I drove
down to a hotel near the dealership and had a fitful night's sleep.
I rocked up to the dealership exactly as they opened for business, shook the
hand of the very helpful salesman who had gone through the purchase process
with me over the phone during the week, and got to see the car. Instant want
coursed through me as I sat in it and decided "Yes, this somehow feels right".
I took the car for about a 45 minute test drive just to see how it felt
relative to the plug-in hybrid I'd driven the week before and it was like night
and day. The BEV felt so much better to drive. I was hooked. Back to the
dealership and we began the paperwork. Emptying Gunther of all of the bits
and bobs scattered throughout his nooks and crannies took a while and gave me a
chance to say goodbye to a car which, on reflection, had actually been a
pleasure to own, even when its expensive things went wrong, more than once.
But once I'd closed the Passat for the last time, and handed the keys over, it
was quite a bittersweet moment as the salesman drove off in what still felt
like my car, despite (by this point) it not being so.
Sitting in the Ioniq though, I headed off for the 200 mile journey back home.
With about 90% charge left after the test drive, I had two stops planned at
rapid chargers and I headed toward my first.
Unfortunately disaster struck, the rapid (50KW) charger refused to initialise,
and I ended up with my car on the slower (7KW) charger to get enough juice into
it to drive on to the next rapid charger enabled service station. When I got
the message that my maximum charge period (45m) had elapsed, I headed back to
the car to discover I couldn't persuade it to unlock from the car. Much hassle
later, and an AA man came and together we learned that it takes 2 to tango, one
to pull the emergency release in the boot, the other to then unplug the cable.
Armed with this knowledge, I headed on my way to a rapid charger I'd found on
the map which wasn't run by the same company. Vainly hoping that this would
work better, I plugged the car in, set the charger going, and headed into the
adjacent shop for a rest break. I went back to the car about 20 minutes later
to see the charger wasn't running. Horror of horrors. I imagined maybe some
nasty little oik had pressed 'stop' so I started the charger up again, and sat
in the car to read my book. After about 3 minutes, the charge stopped. Turns
out that charger was slightly iffy and couldn't cope with the charge current
and kept emergency-stopping as a result. The lovely lady I spoke to about it
directed me to a nearby (12 miles or so, easily done with the charge I had)
charger in the grounds of a gorgeous chateau hotel. That one worked perfectly
and I filled up. I drove on to my second planned stop and that charge went
perfectly too. In fact, every charge since has gone flawlessly. So perhaps my
baptism of failed charges has hardened me to the problems with owning a BEV.
I've spent the past few days trying different charge points around Manchester
enjoying my free charge capability, and trying different names for the car
before I finally settled on which is a reasonable Korean boy's name
(since the car is Korean I even got to set that as the bluetooth ID) and it's
roughly pronounced sock/gin which are two wonderful things in life.
I'm currently sat in a pub, eating a burger, enjoying myself while suckles
on the teat of "free" electricity to make up for the fact that I've developed a
non-trivial habit of leaving Audi drivers in the dust at traffic lights.
Further updates may happen as I play with Android Auto and other toys in an
attempt to eventually be able to ask the car to please "freeze my buttocks"
(a feature it has in the form of air-conditioned seats.)
If you read Planet Debian often, you ve probably noticed a trend of Free Software activity reports at the beginning of the month. First, those reports seemed a bit unamusing and lengthy, but since I take the time to read them I ve learnt a lot of things, and now I m amazed at the amount of work that people are doing for Free Software. Indeed, I knew already that many people are doing lots of work. But reading those reports gives you an actual view of how much it is.
Then, I decided that I should do the same and write some kind of report since I became a Debian Developer in July. I think it s a nice way to share your work with others and maybe inspire them as it happened to me. So I asked some of the people that have been inspiring me how do they do it. I mean, I was curious to know how they keep track of the work they do and how long it takes to write their reports. It seems that it takes quite some time, it s mostly manual work and usually starts by the end of the month, reviewing their contributions in mailing lists, bug trackers, e-mail folders, etc.
Here I am now, writing my first report about my Free Software activities since July and until September 2017. I hope you like it:
-n option for dpt-takeover in how to adopt pkg-perl manual.
$ sudo apt-get install gobby
$ sudo gobby infinote://gobby.debian.org/debconf17/talk/ayatana-indicators
apt-get update apt-get upgrade apt-get autoremove apt-get clean dpkg --list > original.dpkg apt-get --download-only install dpkg:amd64 tar:amd64 apt:amd64 bash:amd64 dash:amd64 init:amd64 mawk:amd64 for pack32 in $(grep i386 original.dpkg egrep "^ii " awk ' print $2 ' ) ; do echo $pack32 ; apt-get --download-only install -y --allow-remove-essential $ pack32%:i386 :amd64 ; done cd /var/cache/apt/archives/ dpkg --install libacl1_*amd64.deb libattr1_*_amd64.deb libapt-pkg5.0_*amd64.deb libbz2-1.0_*amd64.deb dpkg_*amd64.deb tar_*amd64.deb apt_*amd64.deb bash_*amd64.deb dash_*amd64.deb dpkg --install --skip-same-version *.deb dpkg --configure --pending dpkg --install --skip-same-version *.deb dpkg --remove libcurl4-openssl-dev:i386 dpkg --configure --pending dpkg --remove libkdesu5 kde-runtime apt-get --fix-broken install apt-get install $(egrep "^ii" ~/original.dpkg grep -v ":i386" grep -v "all" grep -v "aiccu" grep -v "acroread" grep -v "flashplayer-mozilla" grep -v "flash-player-properties" awk ' print $2 ')Reboot. Then the system failed to boot, missing lvm2 package. Boot with a live CD.
sudo -i mount /dev/sdc2 /mnt mount /dev/vg100/usr /mnt/usr mount /dev/vg100/var /mnt/var mount -o bind /proc /mnt/proc mount -o bind /sys /mnt/sys mount -o bind /dev/ /mnt/dev mount -o bind /dev/pts /mnt/dev/pts chroot /mnt /bin/su - apt-get install lvm2 exit rebootStill somethings do not work, like command fakeroot.
for pack32 in $(grep i386 original.dpkg egrep "^ii " awk ' print $2 ' ) ; do
echo $pack32 ;
if dpkg --status $pack32 grep -q "Multi-Arch: same" ; then
apt-get -y install $ pack32%:i386 :amd64 ;
fi ;
done
for pack32 in $(grep i386 original.dpkg egrep "^ii " awk ' print $2 ' ) ; do
echo $pack32 ;
apt-get -y install $ pack32%:i386 :amd64 ;
done
Now is time to find what still does not work and how to solve it.
I ve had a kludgy mess of electronic address books for most of two decades,
and have got rather fed up with it. My stack consisted of:
~/.mutt/aliases, a flat text file consisting of mutt alias commands~/.mutt/aliases, Debian s LDAP database, and Canonical s LDAP database,
so that I can search by name with Ctrl-t in mutt when composing a new messagemutt such that I can continue using the same query interfacemutt, and whatever query glue was necessary to get mutt to understand vCards.
There are lots of different alternatives here, and if anything the problem
was an embarrassment of choice. In the end I just decided to go for things
that looked roughly the right shape for me and tried not to spend too much
time in analysis paralysis.
CardDAV server
I went with Xandikos for the
server, largely because I know Jelmer and have generally had pretty good
experiences with their software, but also because using Git for history of
the backend storage seems like something my future self will thank me for.
It isn t packaged in stretch, but it s in Debian unstable, so I installed it
from there.
Rather than the standalone mode suggested on the web page, I decided to set
it up in what felt like a more robust way using WSGI. I installed uwsgi,
uwsgi-plugin-python3, and libapache2-mod-proxy-uwsgi, and created the
following file in /etc/uwsgi/apps-available/xandikos.ini which I then
symlinked into /etc/uwsgi/apps-enabled/xandikos.ini:
[uwsgi]
socket = 127.0.0.1:8801
uid = xandikos
gid = xandikos
umask = 022
master = true
cheaper = 2
processes = 4
plugin = python3
module = xandikos.wsgi:app
env = XANDIKOSPATH=/srv/xandikos/collections
xandikos user and group first (adduser --system --group --no-create-home
--disabled-login xandikos). I created /srv/xandikos owned by
xandikos:xandikos and mode 0700, and I recommend setting a
umask as shown above since uwsgi s default
umask is 000 (!). You should also run sudo -u xandikos xandikos -d
/srv/xandikos/collections --autocreate and then Ctrl-c it after a short
time (I think it would be nicer if there were a way to ask the WSGI wrapper
to do this).
For Apache setup, I kept it reasonably simple: I ran a2enmod proxy_uwsgi,
used htpasswd to create /etc/apache2/xandikos.passwd with a username and
password for myself, added a virtual host in
/etc/apache2/sites-available/xandikos.conf, and enabled it with a2ensite
xandikos:
<VirtualHost *:443>
ServerName xandikos.example.org
ServerAdmin me@example.org
ErrorLog /var/log/apache2/xandikos-error.log
TransferLog /var/log/apache2/xandikos-access.log
<Location />
ProxyPass "uwsgi://127.0.0.1:8801/"
AuthType Basic
AuthName "Xandikos"
AuthBasicProvider file
AuthUserFile "/etc/apache2/xandikos.passwd"
Require valid-user
</Location>
</VirtualHost>
service apache2 reload, set the new virtual host up with Let s
Encrypt, reloaded again, and off we go.
Android integration
I installed DAVdroid from the Play Store: it
cost a few pounds, but I was OK with that since it s GPLv3 and I m happy to
help fund free software. I created two accounts, one for my existing Google
Contacts database (and in fact calendaring as well, although I don t intend
to switch over to self-hosting that just yet), and one for the new Xandikos
instance. The Google
setup was a bit fiddly
because I have two-step verification turned on so I had to create an
app-specific password. The Xandikos setup was straightforward: base URL,
username, password, and done.
Since I didn t completely trust the new setup yet, I followed what seemed
like the most robust option from the DAVdroid contacts syncing
documentation,
and used the stock contacts app to export my Google Contacts account to a
.vcf file and then import that into the appropriate DAVdroid account
(which showed up automatically). This seemed straightforward and everything
got pushed to Xandikos. There are some weird delays in syncing contacts
that I don t entirely understand, but it all seems to get there in the end.
mutt integration
First off I needed to sync the contacts. (In fact I happen to run mutt on
the same system where I run Xandikos at the moment, but I don t want to rely
on that, and going through the CardDAV server means that I don t have to
poke holes for myself using filesystem permissions.) I used
vdirsyncer for this. In
~/.vdirsyncer/config:
[general]
status_path = "~/.vdirsyncer/status/"
[pair contacts]
a = "contacts_local"
b = "contacts_remote"
collections = ["from a", "from b"]
[storage contacts_local]
type = "filesystem"
path = "~/.contacts/"
fileext = ".vcf"
[storage contacts_remote]
type = "carddav"
url = "<Xandikos base URL>"
username = "<my username>"
password = "<my password>"
vdirsyncer discover and vdirsyncer sync then synced everything
into ~/.contacts/. I added an hourly crontab entry to run vdirsyncer
-v WARNING sync.
Next, I needed a command-line address book tool based on this.
khard looked about right and is in
stretch, so I installed that. In ~/.config/khard/khard.conf (this is
mostly just the example configuration, but I preferred to sort by first name
since not all my contacts have neat first/last names):
[addressbooks]
[[contacts]]
path = ~/.contacts/<UUID of my contacts collection>/
[general]
debug = no
default_action = list
editor = vim
merge_editor = vimdiff
[contact table]
# display names by first or last name: first_name / last_name
display = first_name
# group by address book: yes / no
group_by_addressbook = no
# reverse table ordering: yes / no
reverse = no
# append nicknames to name column: yes / no
show_nicknames = no
# show uid table column: yes / no
show_uids = yes
# sort by first or last name: first_name / last_name
sort = first_name
[vcard]
# extend contacts with your own private objects
# these objects are stored with a leading "X-" before the object name in the vcard files
# every object label may only contain letters, digits and the - character
# example:
# private_objects = Jabber, Skype, Twitter
private_objects = Jabber, Skype, Twitter
# preferred vcard version: 3.0 / 4.0
preferred_version = 3.0
# Look into source vcf files to speed up search queries: yes / no
search_in_source_files = no
# skip unparsable vcard files: yes / no
skip_unparsable = no
khard list shows all my contacts. So far so good. Apparently there
are some awkward vCard compatibility
issues with creating or modifying
contacts from the khard end. I ve tried adding one address from
~/.mutt/aliases using khard and it seems to at least minimally work for
me, but I haven t explored this very much yet.
I had to install python3-vobject 0.9.4.1-1 from experimental to fix
eventable/vobject#39
saving certain vCard files.
Finally, mutt integration. I already had set query_command="lbdbq '%s'"
in ~/.muttrc, and I wanted to keep that in place since I still wanted to
use LDAP querying as well. I had to write a very small amount of code for
this (perhaps I should contribute this to lbdb upstream?), in
~/.lbdb/modules/m_khard:
#! /bin/sh
m_khard_query ()
khard email --parsable --remove-first-line --search-in-source-files "$1"
~/.lbdb/rc now reads as follows (you probably won t want the LDAP
stuff, but I ve included it here for completeness):
MODULES_PATH="$MODULES_PATH $HOME/.lbdb/modules"
METHODS='m_muttalias m_khard m_ldap'
LDAP_NICKS='debian canonical'
~/.mutt/aliases into the new system. This
is only about 30 contacts so shouldn t take too long.
Overall this feels like a big improvement! It wasn t a trivial amount of
setup for just me, but it means I have both better usability for myself and
more independence from proprietary services, and I think I can add extra
users with much less effort if I need to.
Postscript
A day later and I ve consolidated all my accounts from Google Contacts and
~/.mutt/aliases into the new system, with the exception of one group that
I had defined as a mutt alias and need to work out what to do with. This
all went smoothly.
I ve filed the new lbdb module as
#866178, and the python3-vobject bug as
#866181.
Since I use this as base for other PHP packages like SimKolab, I ve updated my packaging
example with:Next.