I attended the Free and Open source Software Developers’ European Meeting (FOSDEM) in Brussels, Belgium last weekend. There are hundreds of hours of talks in 35 rooms over a period of two days, and rooms are often full to capacity, so it’s impossible to see everything! Thankfully every room is live-streamed and recordings made available after the fact, so you can catch up on anything you miss.
§Friday
On the Eurostar over my travelling companion and I were lamenting about the Nix DSL, and we heard a French accent from behind:
Ah, NixOS. See you at FOSDEM then!
§Saturday
The day started with a coffee and a banana (probably not substantial enough in hindsight), an absolutely packed number 71 bus to the ULB Solbosch Campus, and arriving in plenty of time to get a seat for the 09:30 CET opening ceremony. I kicked off the day by attending:
- Screen Sharing on Raspberry Pi 5 Using VNC in Weston and Wayland with the Yocto Project and OpenEmbedded
- and Improving IPv6-only experience on Linux
Having, during my January tradition, spent some time revisiting my technical (in addition to non-technical) habits, after getting sufficiently frustrated with thunderbird I’ve started using the aerc mail client along with isync (mbsync)/goimapnotify/mu. So naturally I then moseyed on over to the Modern Email BoF.
I was a little early and caught the end of
the NGI Zero network meetup, and met someone who works for the Dutch
Standardisation Forum on, amoung other things, a neat website and
mailserver tester at internet.nl. My
website and mailserver had a couple of flagged issues including a DMARC
policy of none (which should really quarantine or reject once it’s
working properly), and DNSSEC support due my nameserver EON not (yet)
supporting DNSSEC. Switching to bind with a couple of configuration
changes got me scoring 100% on my apex freumh.org. The
www subdomain was a CNAME to the apex, which meant it also
served an MX record. I don’t serve any significant website on my apex
domain, so I simply dropped the subdomain. Now I’m told a free
internet.nl T-Shirt is on its way to my Cambridge
address!
I’ve been working on a nameserver
to provision TLS certificates recently for inclusion into my
one-stop-shop self-hosting solution Eilean. By including
the DNS zonefile data in the Nix configuration we can automatically
provision the necessary records for new services, as well as manage
records for e.g. DKIM/DMARC/SPIF. It would be great if I could get a
score of 100% on internet.nl on an out-of-the box Eilean
deployment as this would simplify the experience of self-hosting these
services greatly.
§Modern Email devroom
When the Email discussion
started I sat next to a person who develops the Go IMAP library used by
my mail client aerc. They also just so happen to be the lead maintainer
of wlroots,
a library which I was writing bindings to OCaml on the train over in
hopes of writing a performant, functional, modern display server. I’ve since
been added as a maintainer to the dormant bindings
library.
I then joined he JMAP discussion section and got some insight to the chicken-and-egg problem of Internet protocol ossification in a discussion between Dovecot developers and salespeople, and JMAP proponents. Talking to one such JMAP proponent developing a JMAP client for Android was very educational. It seems like JMAP is essentially an open standard for implementing a lot of functionality that comes from propriety client/server solutions like Gmail. For example, it supports the use of notification services of instead of polling (and not just maintaining an open TCP connection). I’ve heard this can be an issue using non-Google android distributions like GraphineOS, but apparently there are numerous alternatives such as microG. Another example is that it supports search on server functionality without having to download emails. I like to keep all my mail locally on my main machine, but the JMAP seems particularly well suited to mobile devices where that is not the case.
They also mentioned the Stallwart JMAP-compatible mailserver. This was mentioned by nlnet.nl in the NixOS devroom on Sunday as well. I might try deploying it for myself and integrating it into Eilean.
§OS Stands
After the Modern Email devroom I had a look around the stands in the AW building which were mainly OS related. A couple of really cool projects were PostmarketOS and SailfishOS building Linux (not Android) distributions for mobile devices, though apparently SailfishOS has some closed-source components such as for Android emulation. It seems Gnome and KDE both have mobile display environments, and Phosh is the on PostmarketOS. Sxmo is cool project that encourages allows the use of e.g. sway. It also allows SSHing to your phone and sending SMS messages! I can’t figure out how to send texts from the command line with KDE, It also looks to be possible to deploy a number of matrix bridges for this.
§Firefox
My choice of browser was vindicated with a free ‘cookie’ stand:
§More talks
I attended a bunch more talks after lunch (but still far less than I wanted too):
- Copyleft and the GPL
- Brewing Free Beer with ESPHome and Home Assistant. Being both a home-brewer (blog post incoming) and a Home Assistant user this was really cool! It may be worth exploring something like this if I ever get really into full-mash brewing.
- Wayland’s input-method is broken and it’s my fault. The speaker of this talk had written the Wayland text-input-unstable-v3 proposal for the Phosh mobile UI, which is by their description horribly broken. I was intrigued about this talk as I spent a while figuring how to get Fcitx5 pop-up menus for international text input working on Sway and ended up using a patch set from an open PR.
- I want my own cellular network! Having fun with LTE networks and Open5Gs
- dnsconfd: system integrated DNS cache
§Tailscale Meetup
After the conference proper we were in want of something to do so we went to a Tailscale meetup for free drinks. To collect said drinks, one had to connect to a printer shared via Tailscale. Unfortunately as I’m using a self-hosted headscale control server I wasn’t able to have this machine shared with me. Thankfully my companions were more than happy to print a ticket on my behalf. Though, this reminded that my idea of a ‘federated tailscale’ would be really cool. In the bar I met some lovely people and got some podcast recommendations (e.g. Self Hosted).
§Sun
After another coffee breakfast, I headed to the ULB for the final day of conferencing. I mainly camped out in two rooms – the Nix and NixOS devroom and the Matrix devroom.
§Nix and NixOS
In this devroom I attended:
- In Fortifying the Foundations: Elevating Security in Nix and NixOS they mentioned they got funding for this project from the Sovereign Tech Fund.
- Nix for genetics : powering a bioinformatics pipeline was a lightning talk about using Nix to provide reproducible dependencies for their pipelines. They don’t manage the mutable state like datasets with Nix, though.
- Automatic
boot assessment with boot counting described a mechanism for falling
back to old NixOS generations in the case where a boot of a new
configuration fails. I experienced the exact problem this solves with my
new NAS (blog post incoming) after creating a
fstabentry for an invalid ZFS pool, which required asking a family member to be my remote KVM to boot an old generation for me to fix the entry.
During an intermission, I was hacking
on my VPS deploying DNSSEC with BIND9 for a free
internet.nl T-Shirt when I started to experience some
strange network issues. All requests to freumh.org were
being directed to
http://135.181.100.27:6080/php/urlblock.php?args=<hash>&url=http://135.181.100.27%2f
on eduroam. I wasn’t able to connect to my site on the IPv6-only
fosdem network either, despite it working the previous day.
Switching the dual-stack IPv4 compatible network seemed to alleviate the
issues, but before I uncovered these underlying network issues this
manifested itself in my being unable to connect to my headscale
Tailscale control server, which I exclaimed to my friend next to me.
Then the lead
developer for headscale, sitting right behind me, piped up
and said something along the lines of “I know it’s rude to look at other
people’s screens but if headscale is causing you any issues I
apologise”.
The talks continued with:
- Running NLnet on NixOS which was an unexpectedly interesting talk on NLnet‘s experience using NixOS to run their systems. They observed that once you realise everything in Nix is just a function, as suggested by the tag-line of a ’purely functional package manager’, all becomes very conceptually simple. NLnet use borg for backups and btrbk for snapshots, which might be worth looking into for Eilean. They noted that Nix is great at handling the software setup, but that it has no notion of the mutable runtime state like databases and secrets. This is where I see a lot of people having issues with Nix, e.g. with database migrations. I think a ‘Nix for data’ story would be very useful. Perhaps it could utilize some form of snapshots associated with NixOS generations.
§Matrix
Having self-hosted a Matrix homeserver for (checks logs) 2 years this February, I was keen to attend the Matrix devroom, where I learnt about:
- The Matrix State of the Union including a bit of the history of the project, how Third Room is apparently dead due to lack of funding, PseudoIDs MSC4014 & Crypto IDs MSC4080 which should provide account portability (though I don’t completely understand how yet) and which are a pre-requisite for P2P Matrix which uses a very cool overlay network that aims to provide end-to-end encrypted connectivity over any medium and providing multi-hop peer-to-peer connectivity between devices in places where there is no Internet connectivity. Some of this talk reminded me of discussions I’ve had about using Matrix as a communication channel for the Internet of Things.
- In Interoperability & Matrix I learnt that the new EU Digital Markets Act (DMA) requires an open standard for interoperable communications, how Linearised Matrix is one such proposal, and about the MIMI IETF working group.
All in all, attending FOSDEM was a great experience where I learnt a bunch about topics I’m passionate about and met some really cool people.