Software Freedom Conservancy supporter

I think it’s important that organizations as Software Freedom Conservancy exist.
They provide a non-profit home, infrastructure, and advice for FLOSS projects. They take care that the will of the project members, choosing free software licenses, is respected by third parties. They care about “all the rest” so free software contributors can focus in improving the software itself. They have an agreement with the Debian community to protect the freedoms that Debian Developers provide to the Debian end users (and derivative distributions).

So I decided to join as supporter. I’m happy that this week there is a matching fund so my donation will count double.

I hope that many others join too, so the organization’s voice and action continues loyal to their goals and representative of all the projects (wether big or small) under their umbrella. This way (small donations from many individuals as funding model), no single or few actors can use their big money as pressure to deviate or block Conservancy’s action.

We free software/free knowledge contributors know very well the power that many micro actions can provide, when coordinated towards the common good, isn’t it?

Posted in My experiences and opinion | Tagged , , , , , , ,

Look at that nice looking FreedomBox!

This is a guest post by Alberto Fuentes, Debian contributor. Thanks!!

I’m rebuilding one my home server and decided to take a look at the FreedomBox project as the base for it.

The 0.6 version was recently released and I wasn’t aware of how advanced the project is already!

They have a virtualbox image ready for some quick test. It took me longer to download it than to start using it.

Here’s is a pic of what it looks like to entice you to try it 🙂

All this is already on debian right now and you can turn any debian sid installation into a FreedomBox just by installing a package.

The setup generates everything private on the first run, so even the virtualbox image can be used as the final thing

They use Plinth (Django) to integrate the applications into the web interface. More info on how to help integrate more Debian packages here.

A live demo is going to be streamed this Friday 30 Oct 2015 and a hackaton is scheduled for this saturday 31 Oct 2015.


Posted in My experiences and opinion | Tagged , , , ,

Long summer story, Welcome team, and I am a Debian Developer now

Note: 2015/10/16: I need to add some links but I won’t delay this more, posting now, will edit later.

Summer ended long time ago, but believe me, I’m still catching up with all the things that I began in June/July, all the things I left in August when I went holidays, and more things that appeared in August and September.

This is a long overdue post, I hope you bear with me for waiting so long, and writing (now) so long too!


In June, I was 100% sure that I would not attend DebConf15 (well, I was 98% sure until then), and when the new “Outreach Sponsorship” grants were announced, I decided to write some mails to several Debian contributors, so they consider applying for the grant and attend DebConf (and maybe trigger some i18n/l10n meeting…). They kindly declined, and I understood their reasons, but also wondered what would have happened if the proposal would have come from somebody more “official” instead of a random contributor that they don’t know. I also hoped that lots of other Debianites also write to newbies or not-yet-DD-contributors or non-packaging contributors to invite them to DebConf, and I hoped that they had better luck than me in convincing them 🙂


In July I usually work hard preparing the computer labs for next academic year at my workplace in the University, but I also have more free time in the long afternoons and evenings, since I don’t sleep much, and there is not much to do outside with the summer hot. So I used that month to go on contributing to DebConf publicity and think a bit more about Debian and the other free software communities.

I didn’t put much time in advancing my selfhosting (no SSL yet in *! booooo!) but I decided to deep my toe in, and try to selfhost an instance ( ) and try Etherpad inside Sandstorm (since I failed in deploying Etherpad by myself in my jessie+nginx+postgres box).

Sandstorm worked, and Etherpad was packaged in Sandstorm so it worked too; and I have my free-software-base pads now for writing and share.

So I joined #sandstorm IRC channel since then, and there I learnt that Asheesh Laroia (who works in and is also a Debian Developer and was going to give a talk about in DebConf15) was offering mentorship for people wanting to learn Sandstorm packaging, and his proposal was to begin packaging Framadate. I also failed in selfhosting Dudle (prepared for Apache + FastCGI, couldn’t make it work in my Nginx), so Asheesh’s proposal looked suitable for me. We talked and decided to invest the rest of July and first days of August in learning to package Framadate.

I learned a lot, but couldn’t finish the task. I encountered many issues (setting my dev environment, and later trying to package), and we solved some of them but my time ran out. I posted my work in the list, and I hope that my feedback on the documentation and the issues I encountered helped Asheesh and the Sandstorm community. Framadate is packaged in now, Drew Fisher packaged it, not sure if my stuff was useful or not (it’s been useful for me, for learning, at least). I’ll talk more about in a future blog post updating on my selfhosting adventures.

What I liked most was the kind of proposal of mentoring that Asheesh made. It was very detailed in every aspect: the task, the things you need to accomplish it, details about his availability for mentorship… I try to be welcoming in the teams in which I participate, but the fact is that I fail in actually mentor, maybe because of not making specific proposals to people (until now, I was like “Hi, newcomer! Go read this, this and this, and try for yourself any task you feel you like it, and come back if you have issues”, à la Debian…). This, plus the thoughts about my mails in June for diversity outreach in DebConf, made me feel the need of having a team where people willing to welcome newcomers share tricks and procedures, write together more specific proposals, and follow up the newcomers experiences in a regular way.

I talked with Enrico Zini and we wrote down some notes for a “Welcome Team” in Debian; he said he would spread the word during DebCamp/DebConf and we would see what people thinks about it.


August came, and the day before going on holidays I was really tired: too much luggage to prepare, too many hours in front of the computer, and the usual stress of traveling; and I took the bad decision of signing some GPG keys of several Debianites that I met in July. I say “bad decision” because the lack of sleep showed its black magic and I accidentally deleted my secring.gpg file. I knew I had a backup but I didn’t have too much time to invest and I didn’t want to mess it with the backup too, and my laptop was going to stay at home, powered off, during the whole month, so I just went on holidays and left the GPG issue for later.

The day after, meanwhile I was waiting in the airport for my boarding time, I received a mail accepting me as Debian Developer. Wow!! Really, I was not expecting that the process was already finished, I had interchanged several mails with my Application Manager (who happens to be the current DPL!) and I thought that his summer could be quite packed of Debian/DebConf work and my process could wait a bit. So it was a very happy news and very motivating after one month (July) full of free software work. On the other side, I was a bit scared: “what type of Debian Developer are you, larjona, not capable to sign some GPG keys without breaking your setup?!” but I answered myself “well, I’m the type of Debian Developer that has backups 🙂” and then, with that mixed feelings of excitement and impostor syndrome, I took my plane and went on holidays, not expecting to touch any computer until the end of the month.

August is probably the month in the year when I have more free time (holidays), but less time to dedicate to free software. I devote most of the month to visit family and stay with them, with no internet connection available or no free time to look at the mailbox or social networks or IRC…

But DebCamp and DebConf15 were happening during my holidays. And this DebConf15 was the first one in which I participated in the organization, and the first one in which I felt more than being a “consumer of Debian videos”. I could not follow the streamings, my only internet-capable device was my Android 2.x phone, but when I had wifi I fetched the mail, and during the nights, while everybody else was sleeping and I was laying on the terrace, below the sky full of stars, I could read batches of hundred of mails from debconf-discuss mailing list. And I could get some feeling from DebConf life, because I learned about the ad-hoc BoFs and discussions, the morning bike rides and swimming proposals, and the dancing classes, the i18m/l10n meeting, and many other things. I could answer some mail from time to time, and I also knew that a fellow Debianite from Madrid was going to bring me some stickers, maybe a t-shirt, and shake hands in my name to some persons.

September and October

September was about finishing reading all the mails and try to answer the pending ones, and preparing my computer to use my new Debian identity (and stop using larjona-guest). I still have some things to do, pending technical work, and some mails that I should have answered and I’ve forgotten, for sure (if you sent me a mail that needs answer or would be fine that I answer (even if it was months ago!), please resend or ping me). I recovered my secring.gpg but and just now I added to the ID in my GPG key, but didn’t signed the pending keys again (sorry dkg and holger! will catch up there soon). My subkeys expired and I’m trying to find out how to proceed (they are in my FSFE SmartCard) :/

About the Debian teams, I’ve resumed my work in publicity team (this year I’ll try to be more involved, in Debian Project News in particular), partially in the website team, and recently I’ve finished catching up with the Spanish translation of the website. I’ve also joined the DebConf team again (for DebConf16, no matter I probably won’t attend) and documented the Publicity task for DebConf, and I try to engage the mailing list and the IRC meetings.

I finally could have time to watch some DebConf15 videos and Andreas Tille’s talk (“Creating a more inviting environment for newcomers – New experiences from MoM, SoB, Teammetrics”) helped me to step ahead in welcoming people with more useful stuff than “Hi, newcomer! Go read this (general URLs), try for yourself whatever you like…”. I have made specific proposals for two people. In mid September I accepted an interview about Debian for a podcast with quite a lot audience (in Spanish), in which I explained the idea of the Welcome Team and offered myself as first-contact. Since then, two more people have contacted me and I have offered specific tasks I think are suitable for them. I also try to be more available in the IRC and offer some time spans for new contributors to DebConf to explain the git setup, the wiki, and all this stuff that looks more complicated than what it is.

And I think that’s all. My Debianite friend kindly brought me some stickers and a DebConf t-shirt, plus the organization t-shirt that the team gave me as present for my contributions in DebConf15.

Neil McGovern kindly sent me a certificate of my new “Debian Developer” status (thanks!!), and it’s posted in my wall at work. Here you are a photo!


(Note: my wall is full of stickers and pieces of papers with things I need, things I like and things I use to explain my work (sometimes sarcastically/ironically…). Maybe some day I’ll make a blog post about that!)

I feel very proud and happy. Still, a lot of things to learn and work to do, but my intentions are: to keep on progressing (sometimes fast, sometimes slowly), never give up, and enjoy the multiple flowers I find in my way 🙂

Thanks everybody!

October and future

Some other ideas/plans for the future (the ones I didn’t say yet):

  • Try to catch up with “Debian Contributors” development/news, adopt some data source (, try to create some new data source (about translators, for example).
  • Clean spam in the archive lists (now that I am DD I may help in not only “Mark as spam”, but actually remove the spam from the archive)
  • Help in the review/updates of the Debian website (ongoing: /users; future: children-distros/derivatives, /partners).
  • Try to get more involved in the Debian i18n team, at least in the part of internationalizing the Debian infrastructure (make translatable via PO files/templates many texts that used repetitively in the Debian website, for example) and in welcoming new members in translation teams or helping the weak ones (although I don’t know many languages, the workflow and tools are common, so I think I could help new translators at least to get hands on the matter).
  • Maybe some short screencasts/videos about the Debian infrastructure, for newcomers? (mailing lists, IRC, wiki, Alioth…)


If you want to comment you can use this thread.

Posted in My experiences and opinion, News | Tagged , , , , , , , ,

Family games: Robots

I play “Robots” with my kid. I’ve tested the game with other kids and it seems that for ages 5 to 7 they like it. I’ve talked about the game to several adults and it seems they like too, so I thought maybe writing about it here may be useful for somebody to enjoy some summer days.


One player is the Robot. The other one is the programmer. If there are more players, it can be several robots and several programmers. If players are older, you can make the game more complicated making robots cooperate or programmers cooperate. If not, you make pairs 1-1 or 1 programmer – 2 robots if the number is odd.

The game

The programmer must turn on the robot, pressing the ON/OFF button (robot chooses where’s the button: nose, ear, belly, whatever).
Then, the robot say “hello”, and the programmer asks for the list of commands available (like “Hello, robot, give me the list of commands”). The robot says the list of commands available, for example “Run, stop, jump, sing a song, somersault, say something in a different language”. Then, the programmer thinks a program, and loads it to the robot (speaks the list of orders, loudly, to the robot). Then the programmer presses the START button (Robot choses where it is) and then the robot has to perform the program without errors.

If the robot performs correctly, wins one point. If it fails, looses one point. The programmer can design another program (maybe longer, maybe with some conditional expression) and tries the limits of the memory of robot.

If the robot is tired, needs to charge batteries, or whatever, the roles programmer/robot are interchanged, and the one with more points in a certain amount of time or rounds, wins.

Variants, tips…

If the programmer does not like the list, of commands, she can ask for updates, and maybe some new commands will be installed (and/or other uninstalled, who knows).

Please be creative with the list of commands, or the game will be very boring.

Depending on the operating system which runs the robot, it will give more or less options to the programmer, and the behaviour will be more evil or good. Robots shouldn’t behave too much evil, though, otherwise the programmer will erase their disk and install Debian on them to make them obedient 😉

You can play with a third person being the Robot manufacturer, who controls the robot, even sometimes overriding the programmer instructions (if the robot has an OS which is not free software). Robot will win one point obeying the manufacturer, but if there are more robots, will loose one round of playing because the programmer got angry and turned it off or reinstalled the software.

The manufacturer and the programmer cooperate if the robot runs free software, though. Together they can expand robot memory (for example, lend a piece of paper where to store the program), or create new commands, fix bugs, or whatever.


You can comment about this post in thread about this post.

Posted in My experiences and opinion | Tagged , , , , , ,

Un paseo por XMPP

Si tienes trato conmigo, me habrás oído hablar algo de Jabber/XMPP.

¿Te vienes a dar un paseo por la mensajería instantánea libre?


Es un protocolo de comunicación, como el correo electrónico o el FTP.
Antes se llamaba Jabber, ahora se llama XMPP 🙂
Permite la mensajería instantánea entre dispositivos usando internet (ordenadores, móviles, otros aparatos).
Permite charlar persona a persona y también en grupo.

El estándar es abierto y funciona con un servidor donde se crean las cuentas, y programas clientes (para ordenador o móvil) que sirven para enviar/recibir los mensajes. Te puedes comunicar con personas que tengan cuenta en un servidor XMPP distinto al tuyo (como en el caso del correo, tu servidor le pasará el mensaje al servidor del destinatario, que lo entregará).

Se puede usar con software libre (y gratuito) tanto en el lado del servidor como en los programas clientes, y permite el uso de cifrado punto a punto, para que ni los servidores ni los “mirones” vean el contenido de los mensajes.

Buena pinta ¿eh?


Mi cuenta es

Me hice la cuenta hace algún tiempo y ese servidor está algo saturado, así que a la familia y amigos ahora les recomiendo otros, por ejemplo Si quieres buscar otro diferente, tienes una lista con muchos servidores aquí:

Para registrarse, puedes ir con un navegador web a la página del servidor y crear la cuenta, o puedes usar algún programa cliente que permita el registro automático (esto último no lo he probado).

Elige tu servidor, y elige un apodo que esté libre. Y ya está (bueno, algún servidor puede que te pida un correo electrónico para poder recuperar tu contraseña si se te olvida, o algún otro dato personal. Tú decides).

Programas clientes

Hay clientes para muchos sistemas operativos distintos.

También, muchos servidores, ofrecen un cliente web, para no tener que instalar nada. Por ejemplo:

En GNU/Linux, Android, e iOS, usa el repositorio oficial para instalar el que quieras (puedes tener varios, si quieres). En Windows/OS X, visita las páginas web de los proyectos para descargar los ejecutables.

Yo uso Xabber en mi móvil (Android 2.x), y Conversations esporádicamente en mi tableta (Android 4.x). También he probado Tigase y Yaxim. Todos disponibles en F-Droid.

En el ordenador (con Debian), he probado varios: Psi, Psi+, Jitsi. Tengo pendiente probar Gajim.

En Windows sólo he probado Jitsi, pero conozco gente que usa Gajim o Pidgin.

Algunos clientes tienen estructura modular, y hay que instalar complementos para poder usar el cifrado, o la videollamada, u otras funciones avanzadas.

Chatear, y grupos

Una vez hemos instalado el cliente, iniciamos sesión con nuestra cuenta identificativa o JID, por ejemplo y la contraseña.
Podemos añadir contactos (indicando sus JID), y se enviará una solicitud de autorización al contacto. También podemos entrar en grupos, (según el cliente que uses, verás que los llaman “grupos”, “salas”, “conferencias”, o MUC (“multi user chat”)). Por ejemplo en la sala (haz clic y echarás un ojo ahora mismo desde el navegador) o crear tú uno en un servidor que permita la creación de grupos ( es uno de ellos, simplemente creas un nuevo nombre como “” y ya).

Cuando nos unimos a una sala de charla, podemos usar un apodo diferente, invitar a gente, proteger la sala con contraseña, y otras cosas.

En la conversación uno a uno, podemos activar el cifrado OTR, llamada de voz, o videollamada, si nuestro cliente y el de nuestro interlocutor lo soportan.

Envío de archivos

El estándar XMPP permite enviar/recibir archivos de dos maneras diferentes, y cada servidor y programa cliente decide de cuál manera lo hacen. Esto es un poco problemático, porque tú con tu cliente y tu cuenta en tu servidor podrás enviar archivos y quizá el servidor del receptor o el cliente no admite ese método… es cuestión de ponerse de acuerdo.

En general, los clientes de escritorio permiten el envío de archivos, y algunos clientes móviles (Conversations) también.

El método que funciona en todo caso es subir el archivo a algún sitio y proporcionar a tu interlocutor o interlocutores la URL 😉 Pero no te des por vencido/a, haz pruebas y actualiza frecuentemente tus clientes porque esta situación está evolucionando para bien.


Existen aplicaciones que utilizan XMPP pero no son del todo compatibles, porque han adaptado el sistema a sus necesidades.


Un ejemplo de derivado libre es Kontalk (a partir de la versión 3, versiones anteriores no usaban XMPP).

El servidor es XMPP, pero el programa crea la cuenta de usuario aplicando una función “hash” al número de teléfono del usuario, con lo que se obtiene un JID algo complicado, tipo, y ése es el JID que tienes que decir a tus contactos que usan XMPP estándar para que te agreguen… Porque además el cliente de Kontalk no permite agregar contactos manualmente (aún), sólo usando la lista de números de teléfono. Además, no es posible hoy por hoy iniciar sesión con tu JID de Kontalk usando otro cliente XMPP, porque Kontalk usa cifrado GPG con un par de claves, en lugar de contraseña. Así que los usuarios de Kontalk, en la práctica, sólo pueden usar la aplicación de Kontalk para comunicar.

Kontalk, por ahora, no permite grupos, aunque se está trabajando en ello (así como en mejorar el sistema para que se puedan usar otros clientes XMPP para comunicarse).

El código del servidor y del cliente es libre, por lo que es posible, por un lado, instalar más servidores para crear una red federada como la XMPP estándar, y por otro, como sabemos, se puede adaptar y mejorar todo el sistema (de hecho, el desarrollo es comunitario, con 2 personas dirigiendo el proyecto y una comunidad bastante activa).


Un ejemplo de derivado no libre es Whatsapp.

Han adaptado el servidor, cliente y protocolo para que se registren las cuentas automáticamente mediante el número de teléfono (de forma similar a como hemos explicado con Kontalk), y al no estar el código fuente disponible, es difícil saber cómo lo han hecho, y si han hecho más cosas. Han eliminado prácticamente cualquier posibilidad de control por parte del usuario: el usuario no puede saber su JID, tampoco puede especificar otro servidor para usar, y aunque se averiguara el JID, por acuerdo de términos de servicio, no puede usar otra aplicación distinta a la “oficial” para conectarse. Así, la empresa proveedora se ha reservado para sí todo el control. Todas las cuentas están en el mismo servidor, y usan el mismo cliente, y el usuario no puede cambiar nada; se asegura entonces el funcionamiento del envío de archivos (aunque éste se limita a sólo archivos de determinados tipos) y se asegura que todas las comunicaciones pasan por el servidor de Whatsapp, lo que permite controlar la comunicación, pero también perjudica a todos los usuarios si hay un problema en ese servidor.

En conclusión, la empresa usa XMPP para aprovechar sus ventajas en exclusiva, sin conceder al usuario esas ventajas que XMPP podría ofrecerle.


GTalk era el cliente de mensajería instantánea de Google. Funcionaba usando el estándar XMPP, pero Google no implementó ciertos estándares de seguridad que exigen la mayoría de los servidores XMPP actuales. Como GTalk no era software libre, tampoco era posible arreglar esta situación por parte de la comunidad.

Cuando Google lanzó su nuevo sistema de mensajería y videollamadas, Hangouts (abandonando definitivamente GTalk), seguía sin ser libre, y además resultó incompatible con XMPP. Así, todas las personas que usaban XMPP estándar, dejaron de ver conectados a sus amigos que usaban GTalk/Hangouts, y viceversa. Google no informó a los usuarios de GTalk de que perderían la conectividad con sus contactos XMPP en otros servidores, al actualizar a Hangouts. Desde mi punto de vista, sólo eso es razón para dejar de usarlo y volver al XMPP estándar creando una cuenta en cualquier (otro) servidor…

Los usuarios de Hangouts tienen además el problema de la centralización del servidor, como hemos comentado anteriormente con Whatsapp. Si su servidor tiene problemas, no podrán usar ese sistema (no hay otro servidor de Hangouts donde crearse cuenta).


Cuando nos dicen que determinada empresa/aplicación de mensajería ofrece mejor experiencia de usuario, es interesante pensar cómo lo consigue, o a costa de qué. Desde mi punto de vista, centralizar la comunicación haciendo que todos pasemos por un mismo servidor es hacer “trampa” (y además, tiene implicaciones muy importantes acerca de la privacidad de las comunicaciones, por ejemplo).

Llevo un tiempo usando XMPP, y veo que las aplicaciones de cliente y servidor están en continua evolución, resolviendo  retos nada triviales (envío de archivos, videollamada, compatibilidad móvil/PC, comunicación síncrona y asíncrona…), sin renunciar a la interoperatividad y la federación (elementos claves de la supervivencia de una red que quiera ser una verdadera red) y a poner el control en manos de los usuarios y sus comunidades (elementos claves para que podamos comunicarnos con libertad).

Si piensas que el ecosistema XMPP se mueve despacio, y necesitaría un buen empujón para alcanzar la usabilidad y el nº de usuarios de los otros, ¿a qué esperas para colaborar? Úsalo, estúdialo, mejóralo, difúndelo. Es software libre, ¡tienes todo el derecho a ello!


Puedes comentar sobre este artículo en este hilo de

Y también, usando XMPP, en la sala 🙂

Posted in My experiences and opinion | Tagged , , , , , , , ,


Note: This blog post, in English, here.

No soy jugona, aunque quizá he jugado a máquinas/ordenador más que la mayoría de las chicas de mi época. Mi ruta fue: maquinita, Pong y tenis en la consola de mi tío, MSX (con ése, además de jugar, aprendí lo que era un algoritmo y un programa, y empecé a escribir pequeños programas en Basic, y copiaba pequeños juegos y programas para hacer gráficos de las revistas). Mis padres consideraban las máquinas arcade de los bares como si fueran tragaperras así que siempre estuvieron prohibidas (incluso el pinball, sólo se salvaba el futbolín y sólo si mi padre jugaba con nosotras).
En el MSX jugué a Magical Tree, Galaxians, Arkanoid, juegos españoles de Dinamic, Don Quijote de la Mancha, La Abadía del Crimen, y algunos arcade Golden Axe, Xenon, y quizá alguno más. Los siguientes ordenadores (PC AT, luego un 286…) ya no eran tanto para jugar; digamos que nos divertíamos más con la impresora (Harvard Graphics, Bannermanía…). Luego me interesaron otras cosas más que los juegos de ordenador, y luego llegaron los trabajos del instituto, dBase III, y luego la universidad y la programación de nuevo, y se acabó el juego, el ordenador era para la ofimática y los trabajos de la Uni. Luego llegó internet y desde entonces, leer y escribir y comunicar me han interesado mucho más que jugar.

Tampoco era muy buena jugando, y si no eres buena, juegas menos, y no mejoras, así que empiezas a buscar otras maneras de perder el tiempo, o de ganarlo 🙂

La nueva generación

Mi hijo tiene 6 años, y con él estoy viviendo una segunda aventura respecto a los juegos. Los juegos han cambiado mucho, y la informática familiar intenta permanecer en el lado libre siempre que puedo decidir yo, así que de vez en cuando se plantean algunos retos.

Android (móvil y tableta)

El peque ha jugado desde pequeño a juegos en el móvil y la tableta con Android, a algunos de los juegos populares de los últimos años. No soy mucho de prohibir, pero no me siento cómoda con los juegos populares de Android (la publicidad, no son software libre, elementos adictivos, recogida masiva de datos y posible vigilancia…), así que intento controlar sin parecer Cruella deVille. Algunas técnicas:

  • Acordamos el tiempo de uso de la tableta, “poniendo un tomate” para controlar el tiempo (gracias a Pomodoro en F-Droid)
  • Pongo el modo avión y corto internet siempre que puedo. Nunca registro cuenta o inicio sesión para jugar (si es obligatorio iniciar sesión en Google o crear una cuenta, lo siento pero no podemos jugar, o creamos un perfil vacío).
  • Pongo bastantes pegas para instalar juegos (por ejemplo, digo tiene que desinstalar 2 o 3 de los que tenga si quiere uno nuevo, o que me justifique bien por qué quiere ese juego y por qué de pronto los que tenía ya no son divertidos).
  • Nunca compré ni pienso comprar juegos para Android. Prefiero donar para algún proyecto de juego libre.
  • Derivo la atención hacia otros juegos (normalmente, no informáticos).
  • Si existe el juego no informático, jugamos a ése (por ejemplo, el 3 en raya, ahorcado, los barquitos…).
  • Rara vez juego en el móvil, salvo si es que juguemos juntos.

Por otro lado, en mi móvil no tengo Google Play, lo que nos ha permitido descubrir la sección “Juegos” de F-Droid.

Los juegos que hemos probado (todos disponibles en F-Droid, en negrita los que más le han gustado): 2048, AndroFish, Bomber, Coloring for Kids, Core, Dodge, Falling Blocks, Free Fall, Frozen Bubble, HeriSwap (this one in the tablet), Hex, HyperRogue, Meerkat Challenge, Memory, Pixel Dungeon, Robotfindskitten, Slow it!, Tux Memory, Tux Rider, Vector Pinball.

Jugar en mi móvil con CyanogenMod y habiendo descargado los juegos desde F-Droid proporciona una tranquilidad similar a la de jugar a un juego no informático. Al menos con los juegos que he listado. Quizá es porque son juegos más sencillos o que me recuerdan a los que yo jugué en su momento. Pero también es por la tranquilidad de saber que son software libre, que han sido auditados por la comunidad F-Droid, que no maltratan al usuario.

Lo mismo ocurre con Debian, lo que me lleva a la siguiente sección de este artículo.

Juegos de ordenador: Debian

El peque ha aprendido a jugar antes con la tableta y el móvil que con el ordenador, porque nuestros ordenadores no tienen ni joysticks ni pantallas táctiles. Aprendió a usar el touchpad antes que el ratón, porque no tenemos ratón en casa tampoco. El ratón lo aprendió a usar en la escuela, donde “trabajan” con unos juegos educativos a los cuales se juega vía CD o vía web, y usan Flash 😦

Así que Flash aparece y desaparece de mi instalación de Debian según le apetezca al niño jugar a los “juegos” del cole o no.

Hasta hace poco, en el ordenador jugábamos con GCompris, ChildsPlay, y TuxPaint.
Cuando aprendió a usar mejor los cursores, instalé Hannah y le gustó mucho, sobre todo cuando aprendimos a hacer “hannah -l 900” 🙂
Más tarde, en ClanTV anunciaban algunos juegos online para ordenador sobre sus series favoritas, que resulta que necesitan un entorno llamado Unity3D (no, no es el Unity de Ubuntu), y que tras indagar un poco decidí que no iba a instalar esa #@%! en mi Debian, así que cuando se empeñó en jugarlos, arranqué la partición con Windows 7 de este portátil y se lo puse ahí.
Windows es lento y triste en nuestro ordenador, y esos juegos vía web y con esa plataforma no van muy fluidos, así que por suerte no han resultado de mucho interés.

Poco más hemos jugado al ordenador, salvo alguna incursión en Minetest, lo que me lleva al siguiente apartado.

(No sin indicar antes mi eterno agradecimiento al equipo de Juegos de Debian. Creo que hacen una labor muy importante y creo que para el año que viene empezaré a implicarme de alguna manera, porque sé que el futuro de los juegos informáticos en mi familia pasa por los juegos libres en Debian).

PlayStation 3 y Minecraft

Hace algún tiempo mi marido compró una PlayStation 3 para casa. La tienda tenía precios con descuentos y esas cosas. Jugaría junto con el niño y esas cosas.

La máquina llegó a casa con algunos juegos “gratis” (incluidos en el precio), pero la mayoría estaban clasificados para +13, así que los únicos dos que quedaban eran Pro Evolution Soccer y Minecraft.

Decidí no conectar la máquina a la red. Quizá nos perdemos cosas chulas, pero me siento más segura así. Así que no hay cable Ethernet conectado, no hay registro en la tienda de Sony (o como se llame).

Los mandos son bastante complejos para nosotros tres. Son DualShock lo-que-sea, y creo que hay algo (de software) que hace que el juego se adapte a la persona que juega, porque mi marido es peor jugador al Pro Evolution Soccer cuando juega después del niño, si juegan por turnos y usan el mismo mando.

Al niño le ha gustado Minecraft. Yo no sabía nada sobre ese juego (bueno, sí que sabía, que hay un clon libre que se llama Minetest), así que para aprender las cosas básicas le eché un ojo a la wiki y buscamos vídeos sobre “cómo hacer…” y fuimos aprendiendo. Ahora el peque ya sabe leer así que necesita menos ayuda, y ha visto muchos vídeos sobre Minecraft, así que tiene interés por explorar y construir.

Eché un ojo a Minetest, y lo instalé en Debian. Tener que jugar con el teclado es una desventaja, y no sabíamos cómo cavar, así que resultó poco atractivo a primera vista. He mirado un poco cómo usar el mando de la PS3 en el ordenador, vía USB, y parece que funciona, pero creo que tengo que escribir algo para enlazar cada botón del mando con la correspondiente tecla y por tanto acción en Minetest. Esto es un trabajo, y soy perezosa, y el niño no muestra mucho interés por jugar en el ordenador.

A través de los vídeos hemos deducido que se pueden descargar partidas y mundos para cargar en la videoconsola. Hemos hecho algunas pruebas. Quise cargar una partida de un parque de atracciones en Minecraft, pero el fichero estaba en una carpeta tipo NPEB01899* y aunque la PS3 lo veía para copiarlo desde USB a la consola, luego no aparecía en la lista de partidas guardadas (nuestras partidas se graban en carpetas de nombre BLES01976). Comprendí que nos habíamos topado con restricciones de Sony, y busqué más info. Las partidas se guardan usando una clave de cifrado que hace que no se puedan usar partidas grabadas en consolas de otra zona distinta a la nuestra, o que usaran el juego en un soporte distinto del nuestro (el juego puede ser en disco, como el nuestro, o comprado desde la tienda digital, al parecer). ¡Muy feo todo! Leí por ahí que hay cierto software (libre, por cierto) que permite romper el cifrado y volver a cifrar con la zona y tipo de disco de tu consola, pero el programa al parecer sólo
funciona en Windows, y además necesita un código de consola que nosotros no tenemos (porque no tenemos registrada la consola, al no haberla conectado a la internet). Todas estas cosas me han parecido terreno pantanoso, desagradable, no quiero gastar tiempo en estas cosas, quizá debería aprender un poco más sobre minetest y hacerlo funcionar y que sea atractivo y mandar a Sony a freír espárragos. Al final he encontrado una partida guardada en el mismo formato que el nuestro (BLES01976
) que no es el parque de atracciones pero tiene sitios interesantes para explorar y bastantes cosas hechas, así que he probado con ésa y sí ha funcionado la copia, y mi hijo estará contento por un tiempo, supongo.

También hemos probado Minetest en la tableta, pero la pantalla táctil no es cómoda para este tipo de juegos.

Me he quedado bastante frustrada y enfadada con el tema de las restricciones de las partidas guardadas para los juegos de Sony. Así que supongo que en los próximos meses intentaré aprender más sobre Minetest en Debian, mandos de juego en Debian, y juegos en Debian, en general. Así espero poder ofrecer cosas atractivas a mi hijo, y que se interese más por jugar en un entorno seguro y que no maltrate al usuario.

Y con esto cierro

Juegos libres en GNU/Linux, Debian, e info sobre juegos en internet

Cuando busco en internet información sobre juegos, a menudo “toca” salir del entorno seguro: páginas con enlaces a descargas que a saber si tienen lo que dicen tener, páginas con anuncios, vídeos con partidas narradas en un lenguaje no adecuado para los niños (ni para nadie que aprecie su idioma)… Por eso definitivamente creo que el camino es profundizar en los juegos libres que proporcione la distribución que se use (en mi caso, Debian). Me apunto aquí una lista de sitios con información que seguro me es útil, para mirar a fondo:

Veremos cómo va


Puedes comentar en este hilo de

Posted in My experiences and opinion | Tagged , , , , , ,


Nota: Este artículo, en español, aquí.

I’m not a gamer, although probably I’ve played with machines/computers more than most of the girls of my age. My path has been: handheld machine, Pong and tenis in my uncle’s console, MSX (with that one, in addition to playing, I learnt what was an algorithm and a program, and I started to write small programs in Basic, and I copied and ran the source code of small games and programs to make graphics, which I found in MSX magazines). My parents considered that arcade machines in bars were like slot machines so they were banned for us (even pinball, only table soccer was saved from them, and only if my father was playing with us).

In the MSX I played Magical Tree, Galaxians, Arkanoid, Konami’s Sports Games, Spanish games from Dinamic, and some arcades like Golden Axe, Xenon, and maybe some more. The next computers (PC AT, later a 286) were not so for gaming; let’s say that we played more with the printer (Harvard Graphics, Bannermania…). Later, I was interested in other things more than in computer games, and later there were highschool homework, dBase III, and later the University and programming again and more, and it was the end of gaming, computer was for office and Uni homework.
Later, it came the internet and since then, reading and writing and communicating was more interesting for me than playing.

I was not good at playing, and if you are not good, you play less, and you don’t get better, so you begin to find other ways to loose your time, or to win it 🙂

The new generation

My son is 6 years old now, and I’m living with him a second adventure about games. Games have changed a lot, and the family computing try to stay in the libre software side whenever I am the one that can decide, so sometimes some challenges arise.

Android (phone and tablet)

The kid has played games in the phone and tablet with Android since he was a baby. We tried some of the last years popular games. I am not so keen of banning things, but I don’t feel comfortable with the popular games for Android (advertisements, nonfree software, addictive elements, massive data recollection and possible surveillance…), so I try to “control without being Cruella de Vil”. Some techniques I use:

  • We agree in the amount of time for using the table, “setting a tomato” to control the time (thanks Pomodoro in F-Droid)
  • I set the airplane mode and shut down internet everytime that I can. I never register account or login to play (if it’s mandatory to login in Google or create an account, sorry but we cannot play, or we create a new empty profile).
  • I put barriers to installing games (for example, I say that he should uninstall 2 or 3 games first if he wants a new one, or he should explain well why he wants that game and why the ones that were installed became boring suddenly).
  • I’ve never bought games for Android, and I’m not thinking about buying them in the future. I prefer to donate for some libre game project.
  • I try to divert attention to other games (not computer games, usually).
  • If the equivalent non-computer game exists, we play that one (tic-tac-toe, hungman, battleship…)
  • I seldom play in the phone/tablet, unless we play together.

On the other side, in my phone there is no Google Play, so we have been able to discover the section “Games” of F-Droid.

We have tried (all of them available in F-Droid, emphasis in the ones that he liked best): 2048, AndroFish, Bomber, Coloring for Kids, Core, Dodge, Falling Blocks, Free Fall, Frozen Bubble, HeriSwap (this one in the tablet), Hex, HyperRogue, Meerkat Challenge, Memory, Pixel Dungeon, Robotfindskitten, Slow it!, Tux Memory, Tux Rider, Vector Pinball.

Playing in my phone with CyanogenMod and having downloaded the games from F-Droid provides a relief similar to the one when playing a non-computer game. At least with the games that I have listed above. Maybe it is because they are simpler games, or they make me remember the ones that I played time ago. But it’s also because of the peace of mind of knowing that they are libre software, that have been audited by the F-Droid community, that they don’t abuse the user.

The same happens with Debian, what takes me to the next part of this blogpost.

Computer games: Debian

The kid has learnt to play with the tablet and the phone before than with the computer, because our computers have no joysticks nor touchscreens. He learnt to use the touchpad before than the mouse, because it’s easier and we have no mouse at home. He learnt to use the mouse at school, where they “work” with educative games via CD or via web, using Flash 😦

So Flash player appears and dissapears from my Debian setup depending on his willness to play with the school “games”.

Until few time ago, in the computer we played with GCompris, ChildsPlay, and TuxPaint.
When he learnt to use the arrow keys, I installed Hannah and he liked a lot, specially when we learnt to do “hannah -l 900” 🙂

Later, in ClanTV there were advertisements about some online computer games about their favorite series, resulting in that they need Flash or a framework called Unity3D (no, it’s not Ubuntu’s Unity), and after digging a bit I decided that I was not going to install that #@%! in my Debian, so when he insisted in play those games, I booted the Windows 7 partition in his father’s laptop and I installed it there.

Windows is slow and sad in the computer, and those web games with that framework are not very light, so luckily they have not become very interesting.

We have not played in the computer much more, maybe some incursion in Minetest, what takes me to the next section.

(Not without stating my eternal thanks to the Games Team in Debian. I think they do a very important work and I think that next year I’ll try to get involved in some way, because I know that the future of our family computer games is tied to libre games in Debian).

PlayStation 3 and Minecraft

Some time ago my husband bought a PlayStation 3 for home. The shop had discounts prices and so. He would play together with the kid an so.
The machine came home with some games “for free” (included in the price), but most of them were classified for +13 or so, so the only two left were Pro Evolution Soccer, and Minecraft.
I decided not to connect the machine to the network. Maybe we are loosing cool things, but I feel safer like that. So, no ethernet cable plugged, no registration in the Sony shop (or whatever its name is).

The controllers are quite complex for the three of us. They are DualShock don’t-know-what, and I think there is something (software) that makes the game adaptative to the person playing, because my husband is worse player after the son plays, if they play in turns and use the same controller.

The kid liked Minecraft. I didn’t know anything about that game (well, I knew that there was a libre clone called Minetest), so, for learning the basics I had a look at the wiki and searched videos about “how to …” and we began learning. Now, the kid can read a bit so he needs less help, and he has watched a lot of videos about Minecraft, so he is interested in exploring and building.

I had a look at Minetest, and I installed it in Debian. Having to use the keyboard is a disadvantage, and we didn’t know how to dig, so it was not much attractive at first sight. I have looked a bit about how to use the PS3 controller in the computer, via USB, and it seems to work, but I suppose I need to write something to match each controller button with the corresponding key and subsequent action in Minetest. This is work, and I am lazy, and the boy seems not very interested in playing with the computer.

Watching the videos we have infered that it’s possible to download saved games and worlds to upload them in the videogame console. We have done some tests. I wanted to upload a saved game about an amusement park, but the file was in a folder of name NPEB01899* and even when the PS3 saw it to copy it from USB to the console, later it didn’t appear in the list of saved games (our sved games were in folders named  BLES01976). And renaming the folder didn’t work, of course. I understood that we had met Sony’s restrictions, so I searched for more info. The games are saved using an encryption key and you are not able to use saved games from consoles in other world zone or using a media different than ours (the game can be played using a disc or purchasing it in the digital shop, it seems). Very ugly all of this! I read somewhere that there is certain software (libre software, BTW) that allows to break the encryption and re-encrypt the saved game with the zone and type of media of your console, but it seems the program only works for Windows, and it needs a console ID that we have not, because we didn’t register the console in the PlayStation network. All these things look shaky grounds for me, unpleasant stuff, I don’t want to spend time on this, maybe I should learn a bit more about Minetest and make it work and interesting and tell Sony go fly a kite. Finally, I found a saved game in the same format as ours (BLES01976), it’s not an amusement park but it is a world with interesting places to explore and many things already built, so I’ve tried to import it and it worked, so my son will be happy for some time, I suppose.

We have tried Minetest in the tablet too, but the touchscreen is not comfortable for this kind of games.

I feel quite frustrated and angry about this issue of Sony’s restrictions on saved games. So I suppose that in the next months I’ll try to learn more about Minetest in Debian, game controllers in Debian, and games in Debian in general. So I hope to be able to offer cool stuff to my son, and he becomes more interested in playing in a safe environment which does not abuse the user.

And with this, I finish…

Libre games in GNU/Linux, Debian, and info about games in internet

When we have searched info about games in internet, I found that many times you need to go out from the secure environment: webpages with links to downloads that who knows if they contain what they say they contain, advertisements, videoblogs with a language not adequate for kids (or any person that loves their mother language)… That’s why I believe the path is to go into detail about libre games provided by the distro you use (Debian in my case). Here I bookmark a list of website with info that surely will be useful for me, to read in depth:

We’ll see how it goes.


You can comment in this thread.

Posted in My experiences and opinion | Tagged , , , , , , ,

Debian Publicity Team meeting today!

Today at 18:00 UTC (this evening for me) there will be a Debian Publicity Team IRC meeting (open meeting, everybody invited), and I’m very happy because it will be the first meeting that I know of, since I joined the team (years!).

Being part of the Publicity team

There are many tasks handled by Publicity, and when I joined, I supposed that I was going to be part of a team with many members and well structured. And it was true… but not as I imagined. Publicity is a great team, in the sense that it accepts contributions from many people, and the few core members do an amazing work: on one side, get things done; on the other side, integrate all those occasional contributions from the wider community. But there are fewer core contributors than what one would expect by the output of the team. I would say we are maximum 10 people (out of 353 voters, 1033 Debian Developers, and 1197 contributors in the Debian Community in 2015). And as far as I know, everybody is member of some other teams too (I’m a translator, others in website team, sysadmins, packaging teams… and now we have a member sharing Publicity membership with DPL-ship!).

Organisation around the tasks

Publicity regular tasks (announcements, the newsletter “Debian Project News”, posting in social networks and in, and other…) are all well defined and documented, in order to allow anybody jump in and help, and this is great, because it ensures a way for contributions to “arrive” the wide audience from the very first day: you pick something, you follow the instructions, and you’re done. I love this approach, because I tend to prefer to follow instructions than to “create” something, and my Debian time is made of small chunks at random days/times. But sometimes I feel that we all work “alone”, in something like a cold, robotic do-ocracy, and I also wonder how many people don’t contribute or become regular contributors just because they don’t understand the procedures, or they don’t like them, or other reasons…

IRC meeting

IRC is something that I use only for contributing to free software, not in other parts of my life.  I like IRC, it’s productive and fun, but I’m not always there, and I don’t save logs when I am idle, and I usually prefer email for communication. However, I try to be more present in the Debian IRC channels of the teams where I contribute, because I’ve learned that it plays a big role in “feeling at home in Debian”. Currently you can find me in #debconf-team #debconf15-germany #debian-i18n #debian-l10n-spanish #debian-publicity #debian-women and #debian-www .

I’ve attended some meetings in IRC (MediaGoblin monthly meetings, and DebConf15 meetings) and I’ve learned about MeetBot and more or less how to chair an IRC meeting. Today it will be my first time chairing, it’s hard to emulate so great chairs as Marga or Chris Webber, bu I hope I do it decently, and we all have a nice time knowing each other and sharing  ideas for the Publicity team.

Want to attend? All the details (when, where, agenda…) in the wiki page of the meeting. See you in a few hours!

Posted in My experiences and opinion | Tagged , , , , , , ,

Six months selfhosting: my userop experiences

Note: In this post I mention some problems and ask questions (to myself, like “thinking aloud”). The goal is not to get answers to those questions (I suppose that I will find them soon or later in the internet, manuals and so), but to show the kind of problems and questions that arise in my selfhosting adventures, which I suppose are common to other people trying to administer a home server with some web services.

Am I an userop? Well I’m something in the middle of (GNU/Linux) user and sysadmin: I have studied computer technical engineering but most of my experience has been in helpdesk, providing support for Windows users. I’m running Debian in some LAMP boxes at work (without GUI) since 2008 or so, and in my desktops (with GUI) since 2010. I don’t code nor package, but I don’t mind trying to read code and understand it (or not). I know a bit of C, a bit of Python, of PHP, and enough Perl to open a Perl file and close it after two minutes,  understanding that it’s great, but too much for me 🙂 I translate software, so I’m not scared to clone a repository, edit files, commit or submit a patch. I’m not scared of compiling a program (except if it’s an Android app: I try to avoid setting up the development environment just to try some translation that I made… but I built my Puma before it was the binary available for download or in F-Droid).

In conclusion, I feel more like a “GNU/Linux power user” than a “sysadmin”. Sometimes just a “user” or even a “newbie” (for example, I don’t know very well the Unix/Linux folder tree… where are the wallpapers stored? Does it depend on the desktop that I use?).

Anyway. I won’t stop my free software + free networks digital life because I don’t know many things. I bought a small server for home last September, and I wanted to try to selfhost some services, for me and for my family. I want to be a “home sysadmin” or something like that, so I joined the “userops” mailing list 🙂

Here you have my experiences on selfhosting/being an userop until now.


I even didn’t try to setup my mail server, because many people say it’s a pain (although nice articles were published about how to do it, for example this series in ArsTechnica) and I need a static IP which is 14€/month more to my ISP, and Gandi, the place where I rented my domain name, provides mail, and they use Debian and Roundcube, and sponsor Debian too, so I decided to trust on them.

So this is my strategy now, to try to keep mail under my control:

  • Trust my domain provider.
  • Backup my mail and keep local copies, removing sensible stuff from the server.
  • Use and spread the word about GPG encryption.
  • Try not to send photos or videos by mail, just send the link to my MediaGoblin instance (see below).


I’ve setup two MediaGoblin instances (yes, two!). I managed to do it in Debian 7 stable (I think NodeJS’ npm was not needed then), but soon later I upgraded to Jessie so now it’s even better.

I installed Nginx and PostgreSQL via apt, to use them for both instances (and probably some more software later).

One instance is public, and I use a Debian user, a PostgreSQL database, and it’s running in
I have requested an SSL cert to Gandi but I still didn’t deployed it (lazy LArjona!!).

The other instance is private, for family photos. I didn’t know very well how much of my existing setup could reuse and how to keep both instances in case of downtimes or attack… I know more or less the concept or “chroot” but I don’t know how to deploy it in my machine. So I decided to use another Debian user, another PostgreSQL database, deploy MediaGoblin in a different folder, and create another virtual server in my Nginx to serve it. I managed to setup that virtual server to http-authenticate and to serve content via a different port, and use a self-signed SSL certificate (it’s only for family, so it does not matter). I created another (unprivileged) Debian user with a password for the nginx authentication, and gave my family the URL in the form and the user and password (mediaprivate is a string, and PortNumber is a number). I think they don’t use the instance too much, but at least I upload photos there from time to time and email the link instead of emailing the photos themselves (they don’t use GPG either…).


I upgraded MediaGoblin from 0.7.1 to 0.8.0 successfully, I sent a report about how I did it to the mailing list. First I upgraded the public instance, when I figure out the process, I upgraded the second instance to test my instructions, and then, I sent the report with the instructions to the mailing list.

Static site and LimeSurvey: the power of free software (with instructions)

I wanted to act as a mirror of and since they suffer a downtime and I participated in that project (not in the sysadmin part, but in the research and content creation).

The static site offered a zip with the whole website tree (since the website was licensed as AGPL), and I had access to the git repo holding the development copy of the website. So I just cloned the repository and setup another nginx virtual server in my machine, and tuned my DNS zone in Gandi website to serve from home. 10 minutes setup YAY! #inGitWeTrust #FreeSoftwareFTW 🙂

For I had to install a LimeSurvey instance. I knew how to do it because we use LimeSurvey at work, but at home I had Nginx instead of Apache, and PostgreSQL instead of MySQL. And no PHP… I searched about how to install PHP in Nginx (I can use apt-get, nice!) and how to install LimeSurvey with Nginx and PostgreSQL (I had documentation about that, so I followed, and it worked).

For making available the data (one survey and its results, so people can login as visitor to query and get statistics), I downloaded the LimeSurvey export dataset that we were providing in the static website, followed the replication instructions (hey, I wrote them!), and they worked #oleole! (And here, dear researchers, gets demonstrated that free software and free culture really empower your research and help spreading your results).

Etherpad: not so easy, it seems!

I’m trying to install Etherpad-Lite, but I’m suffering a bit. I think I did everything ok according to some guides but I get “Bad Gateway” and these kind of errors when trying to browse with Lynx in the host:

[error] 3615#0: *24 upstream timed out (110: Connection timed out) 
while reading response header from upstream, 
request: "GET / HTTP/1.0", 
upstream: "", 
host: ""

2015/04/17 20:52:56 [error] 3615#0: *24 connect() failed 
(111: Connection refused) while connecting to upstream, 
request: "GET / HTTP/1.0", 
upstream: "http://[::1]:9001/", 
host: ""

I’m not sure if I need to open some port in iptables, my router, or change my nginx configuration because the guides assume you’re only serving one website in the port 80 (and I have several of them, now…), or what… I’ve spent three chunks of time (maybe ~2h each?) on this, in different days, and couldn’t figure it out, so I decided to round-robin in my TODO list.

Userops thoughts

Debian brings peace of mind (for me)

On one side, maintaining a Debian box it’s quite easy, and the more software that it’s packaged, the less time that I spend installing or upgrading. I like being in stable, I’m in Jessie now (I migrated when it was frozen), but I’ll stay in stable as much as I can.

I like that I can use the software that I installed via apt-get for several services (nginx, PostgreSQL…). About the software that is not packaged (MediaGoblin, LimeSurvey, EtherPad, maybe others later), I wonder how dependencies and updates are handled. And maybe (probably) I have installed some components several times, one for each service (this sounds like a Windows box #grr).

For example MediaGoblin uses PyPump. PyPump 0.5 is packaged in Debian Jessie. MediaGoblin uses PyPump 0.7+. What if PyPump 0.7+ gets, let’s say, into Jessie-backports? Can I benefit from that?

I know that MediaGoblin upgrade instructions includes upgrading the dependencies, but what about some security patch in one dependency? Should I upgrade the pip modules periodically? How to know if some upgrade is recommended because patches a vulnerability, or it’s just new features (and maybe breaking my setup)?

This kind of things are the “peace of mind” that Debian packaging brings to me: when some piece of software is packaged, I know maybe I need to care about proper setup and configuration, but later, it’s kind-of-easy to maintain (since the Debian maintainers care about the rest). I don’t mind about cloning a repo and compiling, I mind about later, or coexistance with other program/services. I trust in the MediaGoblin community and I’m an active member (I’m not developer, but hang on IRC, follow the mailing list, etc) but for example I don’t know anything about the EtherPad project. And I don’t feel like joining the community (I’m already an active member in Debian, MediaGoblin, F-Droid,, translator of LimeSurvey and many other small apps that I use, and in the future will use more services, like OwnCloud, XMPP…), joining the community of each software that I use is becoming not sustainable :s

Free software is more than software

I follow the userop mailing list, and it’s becoming very technical. I mostly understand the problems (which are similar to the problems that I face: how to isolate different services, how to easily-configure them, how to make them installable by average user…) But I don’t understand most of the solutions proposed, and I think that probably we need technical solutions, but in the meanwhile, some issues can be addressed not with software, but with other means: good documentation, community support, translations, beta-testers…

This is my conclusion until now. When a project is well documented, I think I can find my way to selfhost no matter if the software is packaged (or “contained”) or not. MediaGoblin, and LimeSurvey, are well documented, and the user support channels are very responsive.

I find lots of instructions that assume that you will use a whole machine for their service (and not for other things). And lots of documentation for the LAMP stack, but not for Nginx + PostgreSQL and Node instead of PHP… So, for each “particularity” of my setup, I search the internet and try to pick good sources to help me do what I wanted to do.

I’m kind of privileged

Some elements, not software related, to take into account as “pre-requisites for succeed” selfhosting services:

  • I knew what to search.
  • I knew which sites to visit from the results (arch wiki, debian wiki, stack overflow, etc: some of them were not the Top1 in the results).
  • I had time to read several sources and make my mind about what to do and how.
  • I can read, understand, and write in English.
  • I have no fear about my broken English.
  • I have no impostor syndrome.
  • I felt welcome in the FLOSS communities where I hanged out.

These aspects are not present in a lot of people. If I look around to the “computer users” that I know (mostly Windows+Android, some GNU/Linux users, some Mac OSX users, some iOS users), I find that they search things like “X does not work” or they cannot write a proper search query in English. Or they trust some random person writing a recipe in their blog, without trying first to understand what the recipe does. Other people just say “I’m not a professional sysadmin, I’ll just do what «everybody» does (aka use Google services or whatever). What if I try and I don’t succeed?”. Things like that.

We may need some technical solutions (and hackers are thinking about that, and working on that). But I feel that we need (more) a huge group of beta-testers, dogfooding people, aventurers that try the half-cooked solutions and provide successful and unsuccessful experiences, to guide the research and make software technologies advance. I’m not sure if I am an userop, but I feel part of that “vanguard force”, I want to be part of the future of free software and free networks.


You can comment about this post on this thread.

Posted in My experiences and opinion | Tagged , , , , , , , , , , , , ,

Upgrading my home server (HP Microserver N54L G7) to Debian Jessie

Note: this is a long overdue post. I upgraded some months ago… but I promised myself to blog about my selfhosting adventures, so here you are.

You may know the story… TL;DR

  • I wanted to self host my web services.
  • I bought a Microserver (N54L).
  • I installed Debian stable there, RAID1 (BIOS) + cryptsetup + LVM (/ and swap, /boot in another disk, unencrypted).
  • I installed GNU MediaGoblin, and it works!
  • When rebooting, the password to unencrypt the disk (and then, find the LVM volumes and mount the partitions), was not accepted. But it was accepted after I shutdown, unplug the electricity, replug, and turn on the machine.

After searching a bit for information about my problem and not finding anything helpful, I began to think that maybe upgrading to Jessie could fix it (recent versions of kernel and cryptsetup…). And the Jessie freeze was almost there, and I also thought that trying to make my MediaGoblin work in Jessie now that I still didn’t upload lots of content, would be a nice idea… And, I wanted to feel the adventure!

Whatever. I decided to upgrade to Jessie. This is the glory of “free software at home”: you only waste your time (and probably not, because you can learn something, at least, what not to do).

Upgrading my system to Jessie, and making it boot!

I changed sources.list, updated, did a safe-upgrade, and then upgrade. Then reboot… and the system didn’t boot.

What happened? I’m not sure, everything looked “ok” during the upgrade… But now, my system even was not asking for the passphrase to unlock the encrypted disk. It was trying to access the physical volume group as if it was in an unencrypted disk, and so, failing. The boot process left me in a “initramfs” console in which I didn’t know what to do.

I asked help from @luisgf, the system administrator of (a public server) and (an XMPP public server). We met via XMPP and with my “thinking aloud” and his patient listening and advice, we solved the problem, as you will see:

I tried to boot my rescue system (a complete system installed in different partitions in a different disk) and it booted. I tried then to manually unencrypt the encrypted disk (cryptsetup luksopen /dev/xxx), and it worked, and I could list the volume group and the volumes, and activate them, and mount the partitions. Yay! my (few) data was safe.

I rebooted and in the initramfs console I tried to do the same, but cryptsetup was not present in my initramfs.

Then I tried to boot in the old Wheezy kernel: it didn’t asked for the passphrase to unencrypt the disk, but in that initramfs console, cryptsetup was working well. So after manually unencrypt the system, activate the volumes and mount the partitions, I could exit the console and the system was booting #oleole!

So, how to tell the boot process to ask for the encryption password?

Maybe reinstalling the kernel was enough… I tried to reinstall the 3.16 kernel package. It (re)generated /boot/initrd.img-3.16.0-4-amd64 and then I restarted the system, and the problem was solved. It seems that the first time, the kernel didn’t generate the initrd image correctly, and I didn’t notice about that.

Well, problem solved. My system was booting again! No other boot problems and Jessie seemed to run perfectly. Thanks @luisgf for your help!

In addition to that, since then, my password has been accepted in every reboot, so it seems that the original problem is also gone.

A note on systemd

After all the noise of last months, I was a bit afraid that any of the different services that run on my system would not start with the migration to systemd.
I had no special tweaks, just two ‘handmade’ init scripts (for MediaGoblin, and for NoIP), but I didn’t write them myself (I just searched about systemd init scripts for the corresponding services), so if it was any problem there I was not sure that I could solve it. However, everything worked fine after the migration. Thanks Debian hackers to make this transition as smooth as possible!

Reinstalling MediaGoblin

My MediaGoblin was not working, and I was not sure why. Maybe it was just that I need to tune nginx or whatever, after the upgrade… But I was not going to spend time trying to know what part of the stack was the culprit, and my MediaGoblin sites were almost empty… So I decided to follow again the documentation and reinstall (maybe update would be enough, who knows). I reused the Debian user(s), the PostgreSQL users and databases, and the .ini files and nginx configuration files. So it was quick, and it worked.

Updating Jessie

I have updated my Jessie system several times since then (kernel updates, OpenSSL, PostgreSQL, and other security updates and RC bugs fixes, with the corresponding reboots or service restarts) and I didn’t experience the cryptsetup problem again. The system is working perfectly. I’m very happy.

Using dropbear to remotely provide the cryptsetup password

The last thing I made in my home server was setting up dropbear so I can remotely provide the encryption password, and then, remotely reboot my system. I followed this guide and it worked like a charm.

Some small annoyances and TODO list

  • I have some warnings at boot. I think they are not important, but anyway, I post them here, and will try to figure out what do they mean:
[    0.203617] [Firmware Bug]: ACPI: BIOS _OSI(Linux) query ignored
[    0.214828] ACPI: Dynamic OEM Table Load:
[    0.214841] ACPI: OEMN 0xFFFF880074642000 000624 (v01 AMD    NAHP     00000001 INTL 20051117)
[    0.226879] \_SB_:_OSC evaluation returned wrong type
[    0.226883] _OSC request data:1 1f 
[    0.227055] ACPI: Interpreter enabled
[    0.227062] ACPI Exception: AE_NOT_FOUND, While evaluating Sleep State [\_S1_] (20140424/hwxface-580)
[    0.227067] ACPI Exception: AE_NOT_FOUND, While evaluating Sleep State [\_S2_] (20140424/hwxface-580)
[    0.227070] ACPI Exception: AE_NOT_FOUND, While evaluating Sleep State [\_S3_] (20140424/hwxface-580)
[    0.227083] ACPI: (supports S0 S4 S5)
[    0.227085] ACPI: Using IOAPIC for interrupt routing
[    0.227298] HEST: Table parsing has been initialized.
[    0.227301] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug

And this one

[    1.635130] ERST: Failed to get Error Log Address Range.
[    1.645802] [Firmware Warn]: GHES: Poll interval is 0 for generic hardware error source: 1, disabled.
[    1.645894] GHES: APEI firmware first mode is enabled by WHEA _OSC.

And this one, about the 250GB disk (it came with the server, it’s not in the RAID):

[    3.320913] ata6: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
[    3.321551] ata6.00: failed to enable AA (error_mask=0x1)
[    3.321593] ata6.00: ATA-8: VB0250EAVER, HPG9, max UDMA/100
[    3.321595] ata6.00: 488397168 sectors, multi 0: LBA48 NCQ (depth 31/32)
[    3.322453] ata6.00: failed to enable AA (error_mask=0x1)
[    3.322502] ata6.00: configured for UDMA/100
  • It would be nice to learn a bit about benchmarching tools and test my system with the nonfree VGA Radeon driver and without it.
  • I need to setup an automated backup system…

A note about RAID

Some people commented about the benefits of the software RAID (mainly, not to depend on a particular, proprietary firmware, what happens if my motherboard dies and I cannot find a compatible replacement?).

Currenty I have a RAID 1  (mirror) using the capabilities of the motherboard.

The problem is that, frankly, I am not sure about how to migrate the current setup (BIOS RAID + cryptsetup + LVM + partitions) to the new setup (software RAID + cryptsetup + LVM + partitions, or better other order?).

  • Would it be enough to make a Clonezilla backup of each partition, wipe my current setup, boot with the Debian installer, create the new setup (software RAID, cryptsetup, LVM and partitions), and after that, stop the installation, boot with Clonezilla and restore the partition images?
  • Or even better, can I (safely) remove the RAID in the BIOS, boot in my system (let’s say, from the first disk), and create the software RAID with that 2nd disk that appeared after removing the BIOS RAID (this sounds a bit like science fiction, but who knows!).
  • Is it important “when” or in which “layer” do I setup the software RAID?

As you see, lots of things to read/think/try… I hope I can find time for my home server more often!


You can comment on this thread.

Posted in My experiences and opinion | Tagged , , , , , , , , ,