Subsonic with Caddy

Ok, now that there is Let’s Encrypt, I thought that I shouldn’t have to do this certificate hackery all the time when Subsonic updates or the StartSSL certificate expires.

Caddyserver is the first Webserver/Proxy that I found that has most of the process automated and build in, so I’m using this. Getting started with this was pretty straightforward: Download, expand,  create a config file and before you start up, make sure that Caddy can run on port 80 without requiring to be root:

sudo setcap cap_net_bind_service=+ep ./caddy

My Caddyfile eventually ended up looking like this:

server.mydomain.de {
 proxy / localhost:4040 {
 proxy_header Host server.mydomain.de
 proxy_header Scheme https
 }

Well, it turned out to not be quite as easy. First I also had to make Subsonic stop hogging port 443. Those settings are found in /etc/default/subsonic. And while you’re at it, also edit out any certificates you may have added earlier in /usr/bin/subsonic. Oh, and make sure to note down which port non-https Subsonic runs, hopefully not 80, because Caddy needs that! I may have chosen 4040.

Restart Subsonic and make sure that you can reach it on the correct ports.

As stated, Caddy also needs to run on Port 80 for a brief moment. This is so it can do the certificate domain validation process. So edit your /etc/apache2/ports.conf to make sure not to block anything.

Restart apache2.

Now, to find out if everything works, start Caddy. If all is good, you’ll see a glorious all-ok message and can now access the server via https with a valid certificate.

But as you’ve undoubtedly noticed, Caddy isn’t running as a service yet. Thankfully Ubuntu has Upstart. So, add in a new file /etc/init/caddyservice.conf (thank you Mathias):

description "Caddy Server startup script"
author "Mathias Beke"
start on runlevel [2345]
stop on runlevel [016]
setuid runasme
setgid runasme
respawn
respawn limit 10 5
script
 cd /home/runasme/
 exec ./caddy

At this point I want to take a short moment to mention that whoever thinks that the Upstart Cookbook is an easy entry-level document is clearly out of their mind. Seriously, this „Cookbook“ has a whole chapter named „Critique of the System V init System“!

But I digress. If you don’t make the same mistake as me and confuse init with init.d, then you’re golden and now have a Caddy running as a service, forwarding requests to your Subsonic installation.

The only issue I haven’t been able to solve is that Subsonic has some stupid static URL linking going on so I have to open the settings in a new tab. But I can live with that.

The Perils of JollyOrc in the Lands of the „feeling Lucky“

My music player is usually set to shuffle over all songs in my library. Now, my music library is… diverse. You’ll find nearly everything in there. Well, it’s very light on Techno and similar things, but you get the drift.

And sometimes, that shuffle mechanism produces pure gold by chaining just the right things together:

How to fix the (social) web

I just had the most amazing idea (according to my standards, that is. YMMV): This is how we fix the social web

For starters, let’s have a look what makes different components awesome:

  • Social Networks are great at providing us with a stream of activity from those we deem „friends“ or at least those individuals who are interesting enough that we spend time with their output.
  • Blogs are a great thing to publish without a central authority or website. Trackbacks enable notifications across different websites in possibly realtime.
  • RSS is a great way to syndicate content automatically
  • OpenID provides us with a single source of authentication for each user, but still allows for distributed sites.
  • XMPP / Jabber does essentially the same as Blogs and OpenID, except for (text-)chat.

Each of these things have a downside though:

  • Social Networks lock you in to one provider. Currently, this means either Google or Facebook.
  • Blogs usually require a healthy dose of site-jumping around. Also, the comment sections are often messy to maintain or read.
  • RSS is as good as your reader.
  • OpenID is a bit hard to set up for newbies, and may or may  not have security issues.
  • XMPP / Jabber is nice to simply use, but has limited functionality when compared to Hangouts for example.

Now, why don’t we add these things together? Let’s create a functional social-network-layer for the blogosphere. We expand the weblog standard with the following functions:

  • More user-centric approach: Allow creators to logically connect all the blogs they contribute to under one person ID. Ideally tie this in to OpenID with cross-site user authentication (for comments and API use).
  • Create an „add as friend“ trackback notification: When someone adds someone to their blogroll, add in a notification.
  • Standardize the rss-for-comments feed url and create an API to allow comments without visiting the site. Make sure that said API can get spam-proofed.
  • Create a web GUI that basically recreates the bog-standard social media stream out of your subscribed blogs and their comments.
  • This GUI will also allow you to publish content to your own blog(s) and will utilize the API mentioned above so you can comment on other peoples blogs.
  • For good measure, throw in an AJAX Jabber client

The result should be a distributed web application that anyone could either use from a hoster or host themselves. The components are all using open standards and thus allow a plethora of other implementations, so everyone can potentially have the GUI they love most. And we won’t have any central authority that can willy-nilly change things and break everyones use-case.

Granted this is a very rough draft, but so far, I cannot see anything wrong with this idea…

Innovationen auf molekularer Ebene!

Als Apple vor einiger Zeit den neuen iMac ankündigte, war ich ja zunächst beeindruckt:

Wir haben überall nach Ideen gesucht und schließlich einen Prozess gefunden, der Rührreibschweißen genannt wird. Er wird gewöhnlich bei Flugzeugtragflächen, Raketentreibstofftanks und anderen Teilen verwendet, die nicht versagen dürfen. Der Prozess kombiniert enorme Reibungshitze und hohen Druck, um die Moleküle der beiden Aluminiumoberflächen zu vermischen.

Weltraumtechnologie anyone? Rührreibschweißen, oder Friction-Stir-Welding, wie es auf englisch heisst, ist schon was ganz Schickes. Aber so neu, und hochtechnologisch wie Apple es darstellt?

Hmm, dann doch nicht, schaut Euch mal den Mattel Spinwelder an:

Weltraumtechnologie!

Jepp, Weltraumtechnologie. Aus den 70ern. Nicht, dass sowas heute noch durch irgendwelche Sicherheitsregularien als Spielzeug durchrutschen würde… (Wiederentdeckt bei Fran Blanche.)