My software stack revisited – Server

The addition of the server (in my case, an old laptop onto which I installed Ubuntu server) has made a rather substantial difference on how I work.

While I don’t have any love or trust for the cloud when operated by others, deploying my own miniature cloud is something different altogether. The difference being that in my setup, the data is under my control, and as long as I don’t screw the security settings up, the data is only available to me and the ones I grant access.


Mercurial, albeit being a distributed version control system, can be made centralized. It is simple. You just set up all your repositories on a computer, and make it easy to clone, pull and push from and to that computer.

The mercurial-server package does just that, by providing an SSH interface over which people who are authorized (mercurial-server uses SSH keys) can then access the repositories, based on rules in an access configuration file.

All my small projects are now under version control, along with the configuration-files of both my desktop and my netbook.


In a comment on my original post, archie asked me about how I consume RSS feeds. The answer now is the same as back then: “Thunderbird.”

Back then using Thunderbird for that was a hassle: I had it installed on two computers, my desktop and my laptop, and I’d set both up to fetch the same feeds, which either of the Thunderbird instances would only do if the computer was powered up and Thunderbird was running.

That meant I’d sometimes miss posts in feeds that were aggregating feeds themselves. But what was even more frustrating was when both computers fetched the same feed items, and after having read it in one place, I would then need to prune it from the other location.

Sometime near the end of my time at ITU, pesa made me see the light of IMAP, that mails are stored on the server, and marked as either read or unread. And that any other client connecting in to the same account, would see the emails with the state the first client had left them in.

And I began thinking that it would be awesome to have that for RSS as well. Then there would be no problems synchronizing the feeds, because they’d all be in one place, and no matter which computer I was sitting at, it would have the most updated state.

Also, putting this on a central server would ensure that I wouldn’t miss any posts due to powering down either the laptop or the desktop.

After a bit of searching I found what I was looking for: feed2imap. It polls the feeds specified in the configuration file, at regular intervals as defined in the crontab which executes the feed2imap script, and then converts everything new it finds into the funky mail format hokus pokus which I have yet to fully grasp, putting the output in a Maildir.

Having done that, I would then need an IMAP capable mail-server to serve said mails (feed items) to me, and this is where Dovecot comes into play. With these two components, I can continue using Thunderbird (any IMAP-capable mail-reader actually) to consume my feeds, but in a much better way.


Another advantage of running a server is that it is supposed to be up and kicking and online, all of the time, and with the remarkable little software GNU Screen one could for instance start irssi (any CLI-application really) in screen, and then attach and detach it and have it live on until you decide to shut the application down. This means that you can have irssi stay online and thus get full access to what is happening in the various channels, even if you yourself are sleeping, or have shut down the work-computer for the day and are on your way home.


The above services I run on the server, with the exception of the “RSS service”, require access to the system via some secure means (SSH), so openssh-server is installed. I have disallowed all password-based authentication, which leaves key-based authentication the only viable option.

However, sometimes one might need access to the server but either don’t have the SSH private key with you (USB-stick) or don’t feel comfortable using / unlocking it from the computer you are currently sitting at.

This is where OPIE comes into play. My cellphone can run Java, so I installed a program called OTPGen on it, which generate the response to an OPIE challenge as sent from the server.

Which basically means that I can log in to the server and any password sniffer can just suck it, because that password I just used is now useless.


In part six I wrote about calendars, about appointments, and more specifically about when and remind. In part three I wrote about version control. About mercurial. And in the beginning of this post I wrote about how this server hosts repositories, not just projects, source code etc, but also configurations. Configurations such as the appointment files for when and remind.

In Ubuntus repositories (and in Archlinux AUR) there lies a little package named sendxmpp, with which one can send messages.

I put together a little service of my own, using crontab, a shell script, and sendxmpp. Every morning it pulls updates from the repository, runs when (I haven’t gotten around to updating the script to use remind yet) and parses the output, and if any messages with a specific tag (most notably #Birthday) is found in the filtered output, send that to my primary jabber-account through sendxmpp.

We’re nearly at the end now. Just a final post to summarize and glance forward left in this series.


Tags: , , , , , , , , , ,

Comments are closed.