In my spare time, I currently develop two Android apps using Flutter: AniTrack, a simple anime and manga tracker based on my own needs, and Moxxy, a modern XMPP client. While I don't provide release builds for AniTrack, I do for Moxxy. Those are signed using the key-pair that Flutter generates. I thought to myself: "Wouldn't it be cool if I could keep the key-pair on a separate device which does the signing for me?". The consequence of this thought is that I bought a YubiKey 5c. However, as always, using it for my purposes did not go without issues.

Hello everyone. Long time, no read.

In 2020, I published a post titled "Running Prosody on Port 443 Behind traefik", where I described how I run my XMPP server behind the "application proxy" traefik. I did this because I wanted to run my XMPP server prosody on port 443, so that the clients connected to my server can bypass firewalls that only allow web traffic. While that approach worked, over the last three years I changed my setup dramatically.

TL;DR: This post also talks about the problems I faced while working on my logging. To log to syslog from within my containers that do not support configuring a remote syslog server, I had syslog-ng expose a unix domain socket and mounted it into the container to /dev/log.

I love static site generators. They are really cool pieces of software. Give them some configuration files, maybe a bit of text and you receive a blog or a homepage. Neat!

TL;DR: This post is about running prosody with HTTPS services both on port 443. If you only care about the how, then jump to Considerations and read from there.

Roughly eight months ago, according to my hosting provider, I spun up my VM which I use to this day to self-host my chat, my mail, my git and so on. At the beginning, I thought that it would allow me both to get away from proprietary software and to learn Linux administration. While my first goal was met without any problems, the second one I achieved in ways I did not anticipate.

About one year ago, I made plans to ditch many of the proprietary services that I used on a daily basis and replace them with FOSS alternatives. Now it is a year later and while my project is not done, I really did quite a lot.

In the first post of the series, I showed what information I gathered and what tricks can be used to debug our mainline port of the herolte kernel. While I learned a lot just by preparing for the actual porting, I was not able to actually get as close as to booting the kernel. I would have liked to write about what I did to actually boot a 5.X.X kernel on the device, but instead I will tell you about the journey I completed thus far.

Ever heard of PostmarketOS? If not, then here's a short summary: PostmarketOS aims to bring "[a] real Linux distribution for phones and other mobile devices [...]" to, well, phones and other mobile devices.

I love Linux. In fact, I love it so much that it runs on every computer I use, except for my phone but that can be changed. It always amazes me how much control Linux gives me about my computer and how easy it is to create a script that just does everything that I was doing manually before.