RobPVN.Net

Blog

  • PDT: Email Is Easy To Move, Calendars Are Harder

    The next part of Dawn Treader, my digital sovereignty project, is email and calendar. I have for many years had this via Google Workspace. This is effectively Gmail with my own domain, and since I started using it back when it was Google Apps for small businesses, I have had it for free ever since then.

    When it comes to email, I have two things I recommend to people: The first is to never use your work email for private things, because it is a hassle when you want to move jobs, and it makes things hard for IT administrators trying to respect your privacy and keep the company safe at the same time. Trust me – I’ve had that job, I’ve seen things I didn’t want to see.

    The second piece of advice applies to people in the tech industry, and that is to have your own domain. Moving email is easy when you have your own domain, all you have to do is update the relevant DNS records and all the mail sent to your current email address will start flowing to your new provider.

    Requirements

    That being said, my requirements for replacing Google Workspace were a bit more than just being able to receive emails at the same address as before:

    • I wanted a similar experience to Gmail’s automatic sorting of mails into primary, advertising, social and forums.
    • I have fallen into the habit of using my email as a document archive that I can search through when I need to find something. For me, this archive stretches back to 2009, and I would like to have it all imported. I have deleted about 40 000 largely unread emails from the non-primary inboxes in preparation for the move, but I still had 19 456 emails in my primary inbox (all read!).
    • Having the calendar well-integrated with my email is very useful.
    • The calendar needs to be sharable (specifically with my wife).

    In addition to email and calendar, my Google Workspace also provides Google Drive, Google Photos and the login I use for my Android phone. Replacing Drive and Photos are an upcoming part of Dawn Treader, but since I still will have an Android phone I may not be able to decommission the Google Workspace account completely. Emptying it out of content and keeping it alive will probably be more privacy-minded than closing it down and replacing my Android login with a regular ad-supported Gmail account.

    The contenders

    Now, for email in the simplest sense, there are thousands of alternatives. In fact, I have a generous amount of email accounts included in my web hosting plan for this website. But for calendars there is surprisingly little to choose from, even if you were not specifically looking only inside Europe.

    I identified two potential providers for my needs: a hosted NextCloud service (like Tab.Digital in Latvia/Sweden) or Proton Mail (Switzerland). NextCloud is a full business suite of software for businesses, while Proton Mail is a more consumer oriented privacy-minded Gmail replacement.

    While they both checked all the boxes in my requirement matrix, I felt that Proton Mail was probably easier to set up as a single user and has a stronger focus on Gmail-equivalent features. They also have a “Easy Switch” feature designed to make the transition from Gmail as easy as possible.

    Pedantry alert: Switzerland is not a member of the EU or the EEA, so it is not actually covered by the GDPR. But they adopted a new Federal Act on Data Protection that was intentionally designed to be compatible with the GDPR, and the EU has made an adequacy decision as per article 45 of the GDPR stating that data can flow freely to Switzerland. As an aside, article 45 is also the legal basis for allowing data transfers to the USA with the EU-US Data Privacy Framework, which seems to be on a more shaky footing than before.

    So I took the plunge! As expected, setting up a new account and all the needed DNS records for the email was straight-forward, with an easy wizard and lots of documentation. It’s still pretty nerve wracking when you are waiting for DNS records to propagate and you hope you haven’t made any silly errors causing emails to disappear in transit. One good tip is to prepare some days before by reducing your old DNS record’s Time-To-Live values to something like ten minutes, so that you don’t have to wait up to a day for the entire internet to catch up with every change.

    Of course, make sure your new records also have a short Time-To-Live initially in case you do like me and forget to add a period to the end of your MX records, meaning mails get sent to protonmail.ch.robpvn.net instead of protonmail.ch. So I may have lost about ten minutes of email in the switchover, oh well! To be a nice internet citizen and save servers constantly having to recheck your records you can set a longer TTL later.

    The Easy Switch feature was also really easy to use – you have to authorize Proton as an application with access to your Gmail, calendar and contacts, and then it just starts the import. It takes a few hours, but runs in the background quietly adding emails to your inbox one by one.

    The Android apps also seem very polished and easily connected to the new account. One minor quibble is that the calendar widget takes up more space than the old Google Calendar widget, so I have to rearrange my home screen and lose all sorts of muscle memory. I will also have to spend some time tweaking labeling, sorting and that kind of thing to get back to the workflow I’m used to, but all in all I am very happy with the transition experience.

  • PDT: Domain & Website

    As I mentioned previously, owning your own domain is a tremendous help when you want to migrate services, as it is much easier to change where a DNS record points then it is to change your email address every single place you are registered.

    My website has always been a small, low-traffic site. All I need is enough to run a WordPress website with a custom domain and well under 1 GB of storage. In most any provider that means the smallest or second-smallest plan. The pay-as-you-go service provided by NearlyFreeSpeech has been a very good match for my needs until now.

    Looking at european-alternatives.eu and applying some local knowledge, I narrowed it down to three good candidates: OVHCloud (France), Hetzner (Germany) and Domeneshop (Norway). Hetzner is getting a lot of buzz as a local challenger to the American hyperscalers, and both it and OVHCloud have solid-looking and well-documented offerings. Domeneshop I know from previous use to be very good, but they have, well, Norwegian prices.

    Hetzners web hosting plans have an interesting model where you pay an up-front fee to establish the site, then get the domain purchase and renewals included in the monthly price. OVHCloud has a lower monthly price but domain renewals are a separate yearly expense (with the first purchase/renewal for free). Since my domain is pre-existing and recently renewed, I had to break out a spreadsheet to figure it out.

    The jumps in the graph are for domain renewals. If I had intended to keep the domain less than 21 months, OVHCloud would have been cheaper, but Hetzner edges it out over time. It also has a name that sounds like something out of Blade Runner. Therefore I have moved my domain and website to Hetzner.

    Hetzner’s web hosting tools are pretty easy to use, although I miss having the ability to ssh in and muck about more directly with things. (That’s reserved for the next step up in web hosting plans with them.) Installing WordPress, importing all my backups from the old host and setting up a Let’s Encrypt certificate went well. As an added bonus, this site is now available via IPv6!

    The domain transfer was also quite painless (which of course also reflects well on NearlyFreeSpeech). All the emails from Hetzner are unmistakably German, that is to say conducted in impeccable English, very polite and always making certain to include information about my rights as a consumer and how to contact them. This is the sort of EU goodness I’m looking for.

    The next part of the project will be swapping email & calendar providers, as well as some continuing progress on entertainment services and social media.

  • Project Dawn Treader

    I have decided that I want to move my digital assets and workflows away from services hosted in the USA. There are three reasons for this:

    1. The leadership of the United States of America has become so erratic and untrustworthy that the calculus of reliability has changed. They may reinforce their ill-thought-out trade wars and have their obsequious broligarchs deny services to other countries, or their political malpractice might lead to other situations where I can no longer trust services located outside Europe to maintain user privacy.
    2. As a European, I simply want to vote with my wallet in support of the big lifts we have to make, and send an infinitesimally small signal to the Americans that they are not doing themselves any favours.
    3. It is also an interesting hobby project, both from a technical and a planning and management standpoint. Possibly the only subject rivaling AI for attention in the Norwegian tech press and Linkedin-osphere these days is digital resilience and homeshoring. Doing it for myself will give me some insight into the challenges it entails.
    CC-BY-SA by David Bedell

    So, what’s with the name? I enjoy naming my projects, and the The Voyage of Dawn Treader is a story about sailing east across a great sea, much like I plan on having my data do. It’s also a children’s fantasy book, which some people might consider this project to be.

    Any good IT project starts with a discovery phase; what are our requirements and priorities? My main requirement is to replicate today’s functionality as close as possible, and have it hosted in the EEA. The secondary requirement is to keep the price reasonably low, even though I will have to accept increased costs compared to what I have now. Consolidating on as few providers as possible in order to reduce administration and, presumably, costs is a tertiary concern.

    I have no issue using Open Source software originating in the USA, since by its nature we can always fix things ourselves if push comes to shove.

    Scott Hanselman wrote that it is important to own your words, that is to own your own domain – and I find that to be true. If my email was a regular gMail and my homepage was only on a social network, migrating everything would have been much more of a hassle. (But it will still be something of a hassle!) Here is the list of services I have identified:

    RequirementCurrent solutionNotes
    EmailGoogle WorkspaceGrandfathered plan for Workspace from when it was free for “small businesses”
    WebsiteNearlyFreeSpeech.netPay-for-what-you-use web hosting, very cheap and good
    Domain registrar + DNSNearlyFreeSpeech.net
    Online DriveGoogle Drive (Google Workspace)
    Automatic backup of photos from phoneGoogle Photos (Google Workspace)
    CalendarGoogle WorkspaceNeeds to be shareable
    NotesGoogle KeepPrefer to be shareable
    Search EngineDuckDuckGoA recent change
    Operating SystemWindows 10Was going to go back to full-time Linux anyway since my PC doesn’t support Windows 11
    EntertainmentAmazon Prime video, Netflix, YoutubeThank goodness Spotify is Swedish
    Social NetworksFacebook, Instagram, Snapchat, LinkedIn, X-Twitter (long dormant)Cancelling X is easy, Facebook and LinkedIn may be too hard

    Will I be able to migrate away from all of these and abstain from using those services that I can’t find a suitable replacement for? Quite possibly not! But I am focusing on services that I pay for with money directly, and on all services connected to my domain, email and personal files. Time to peruse
    european-alternatives.euthe first migration will be this website.

  • A formula to determine Kubernetes pod reroll frequency

    If you have an application running in a Kubernetes pod that uses relatively short-lived HTTPS certificates (like from Let’s Encrypt or Vault), and the application loads the certificates at startup, you may need to reroll (rollout restart) the deployment in order to trigger renewal of the certificates.

    Some definitions:

    • a is the lifetime of the certificate.
    • b is the number of days before certificate expiry to start trying to renew the certificate, the renewal period.
    • c is the number of days between each reroll.
    • d is the number of times we expect a reroll to happen during a renewal period, a kind of safety factor. (In an ideal world, this would be 1, but sometimes CronJob rerolls aren’t triggered as expected.)

    We know that the renewal period can at most be as long as the certificate lifetime, and we know that the reroll must happen at least once during the renewal period. We also know that if you reroll an infinite amount of times, the time period between rerolls becomes infinitely small. Thus, we end up with this formula:

    c = b d , b a , 1 d <

    In practice, you would set d to some value you feel comfortable with based on your experience, and then you can vary b according to your needs and come up with a c.

    Or you could work the other way around and set c to a value that suits you (if you for example want a daily or weekly reroll for some purpose), in order to discover the ideal b.

    b = c d , b a , 1 d <

    This post also shows off a bit of MathML, which has been available in Firefox and Safari since 2011, but for some reason only arrived in Chromium-derived browsers in 2023.

  • For new readers: AI Act could lead to a rush of half-baked products

    Last year I wrote a op-ed in the digi magazine: AI Act kan gi et rush av halvferdige produkter. It was quite a buzz for me to see a big picture of myself “above the fold” on one of Norway’s biggest sites dedicated to technology news! Later that year it was translated into English for Sopra Steria’s corporate website: AI Act could lead to a rush of half-baked products.

    I was inspired to write it after attending some meetings with EU officials who were quite concerned with upholding the dates mentioned. I felt that outside of the EU bubble the distinction between before and after the deadlines was under-communicated, and ripe for a lot of rush jobs once it was more widely understood. So I took it upon myself spread the news, as it were.

    I think it did quite well, got me some new connections and allowed me to be invited into some interesting meetings I otherwise wouldn’t have, as a “subject matter expert” on the AI Act. The qualifications for being such an expert consisting of actually having read the whole act and writing notes, which is much the same experience as I had when the GDPR was new and scary. Of course, this is exactly the kind of thought work people are increasingly turning to AI agents to do for them. I definitely have some classical Luddite feelings on the matter.

  • Regarding Ace Combat

    Fourteen years ago, I wrote a review of Ace Combat: Assault Horizon, and gave it fanboy out of ten points. But since then, my feelings for it have cooled – it never really lasted in my playing rota like the other Ace Combats. I found myself missing the lore of Strangereal, the “other Earth” that allows Ace Combat to disregard which nation those wonderful planes come from.

    In 2019, Ace Combat 7: Skies Unknown arrived and showed me what it was I was missing. Six years later, and it is still a go-to in my limited playing time. A beautiful spectacle and a triumphant return to form.

  • FOSS4G + Twitter = SOSI

    This is a short but sweet tale of the fun you can have with FOSS4G and ideas sparking off each other. It all started when I attended the GeoTools DataStore Workshop on the first day:

    https://twitter.com/robpvn/status/643274320437903360

    SOSI is a Norwegian data format from 1987, by the way. So I was mostly kidding. But then a wild Open Source appeared!

    https://twitter.com/torehalset/status/643284254730940416

    Turns out that it was exactly what I needed for a quick leg up on the required code, so I hit my hotel room for a couple of hours, copied code from the workshop (that is to say, I applied my skills learnt at the workshop), and tah-dah! We had a working plugin.

    https://twitter.com/robpvn/status/643343048412409856

    Now, it’s horribly hacky and not something you’d want to use for anything serious, but it was great fun and an example of how quickly you can make things work with Open Source.

    I put it on GitHub for those who are interested in having a look. I’m sure looking forward to the rest of the conference!

  • Installing Jedi Knight II On Linux

    After seeing the new trailer for Star Wars Episode VII, I was suddenly overcome with the urge to play my favourite Star Wars game of all time, Jedi Knight II: Jedi Outcast. Since I’ve sworn myself to a Windows-free home environment, some challenges were posed.

    Lucikly, Raven Software released the source code for the game engine last year, and this helpful person has created binaries that will run it on Linux: https://github.com/xLAva/JediOutcastLinux. But since it is only the engine and not the game assets, we need to get them from somewhere. Steam to the rescue! I went ahead and bought the full Star Wars pack on sale. But when you open Steam, you’re told that you can’t install the game since it is not available for Linux on Steam. Booo.

    This is where SteamCMD comes in! It’s a commandline tool meant for administrating dedicated servers, but it can be used to download game data for any game! Follow the instructions on the site to download it and run it, and if you have Steam for Linux installed, it will automatically pick up on your Steam login.   Just remember to remember to force it to pretend it’s on Windows by setting the correct variable, and then download the  app.  For JKII, the Steam app ID is 6030. (Protip: You can check the steam app ID by looking at the page for it in the Steam store: http://store.steampowered.com/app/6030/ .)

    Installing JKII with SteamCMD.
    Installing JKII with SteamCMD.

    Next, you have to follow the README for JediOutcastLinux.  One snag I hit was that Ubuntu 14.04 LTS 64-bit does not have ia32-libs, but install lib32z1,  libopenal1:i386, and libXrandr2:i386 instead and things should work the same. (When you run the game from the command line error messages will tell you what you’re missing.) Just download the whole repo as a zip if you’re only interested in playing, and grab the binaries from the code/Release folder. Copy the base folder that you’ve downloaded via SteamCMD together with the binaries, mark the binary as executable, and you should be good to go! The game works beautifully, with fullscreen, crisp graphics and smooth framerates.

     

    Jedi Knight II Fullscreen on LInux!
    Jedi Knight II Fullscreen on LInux!

    Update: I just finished playing through the entire game without ever crashing! (Which I believe is better than when I played it on Windows back in the day…)  The only things that were a bit off were that debug messages sometimes appeared in the top left corner, and that dark or foggy places sometimes were overly dark/foggy. (I guess the video drivers behave a bit differently than ten years ago on Windows.) But no problem, because we have night-vision gear in the game!

    I even managed to make it load up a mod, but sadly it crashed after the mod’s intro was over. Ah well, still not a bad showing all in all!

  • FOSS4G (PDX + NOR) Summary

    Or, my rather unordered ramblings on what happened last week.

    On the city and social stuff (PDX)

    As a European I enjoyed it a lot! Portland has great public transport, is very bike-friendly, close to nature and is about the right size for me. It’s well known for its beer, but maybe less well known is that the Willamette Valley outside Portland is chock full of vineyards and wineries. I went on the FOSS4G wine tour and had a great time!

    Another tour I was on is the Keep Portland Wired tour, which also was a blast! It’s a real shame that not more people showed up. (The closing keynote went over time, so I had to bail out to make the tour, I guess a lot of people prioritised the keynote.) We toured the offices of Jive software and Mozilla’s office/working space in Portland. At Jive we were showed around by the company’s founders, two really nice fellahs who were happy to to engage with a bunch of geogeeks. They gave good insights on their experiences starting and running a tech company in the USA, and a killer tour of the building. Their offices were in the old Federal Reserve building, so the facilities included a indoor shooting range and a bank vault with a massive steel door, both of which had in typical Portland fashion been converted into bicycle garages. Otherwise the offices were typical movie-style tech offices with cool gadgets and free snacks and food all over. Local Portland craft beer was available on tap, of course.

    Mozilla was also awesome as expected (totally impartial judgement from the guy with a Firefox sticker on his laptop.) They had a slightly different vibe, as one might expect from a non-profit, idealistic type organisation, but were still equipped with a bike garage and Tardis stylings on their refrigerator. Nice conversations were also had in this space, and Firefox swag was secured! (They also had free beer and stuff.)
    The FOSS4G parties were good fun too. The opening reception was interesting, a vey nice building filled with interesting folks. I missed the Null Island party because I needed a rest, but in hindsight after talking to other attendees, I kind of wished I went anyway. The Gala evening had a misleading name, insofar as anyone in a tuxedo would have been sticking out like a gangrenous thumb. The location however was nigh on perfect for the gathering, at the World Forestry Centre, with lots of cool interactive museum exhibits for all the geeks to play with and cool local food options.

    I got to the Mapbox closing party after the walking tour. Super-hipster post-industrial space with heavy freight trains rolling past, and recent OSM edits being projected on to the wall. Beer, wine, snacks and a great atmosphere. What else could you expect from a Mapbox  party in Portland?

    Got to meet some really cool people, like Lyzi Diamond from Code For America, who wasted no time in getting me to promise I’d have a go at gauging the interest for Maptime in Norway. Kristin Bott, who did a great job on the organising committee and whose vision for more diversity in our space I totally share.  Vladimir Agafonkin of Leaflet fame who actually remembered my last name from the internet and said nice things about the Leaflet plugin I made at work, practically making me swoon. Also, like a true Norwegian I spent lots of time talking to other Norwegians, which is very useful. Why not do your local networking on the other side of the globe?

    Signpost helpfully showing me the way to Norkart's Lillehammer office.
    Signpost helpfully showing me the way to Norkart’s Lillehammer office.

    Trends & Impressions (PDX)

    • Macs. Everywhere! Come on folks, hooking up a Linux machine to projectors has gotten much better, only like 37% painful. You have to suffer for your art!
    • Javascript is surging ahead. FOSS4G isn’t a web tech conference yet, but you could probably pick your talks to make it look like that if you wanted to.
    • Lots of buzz about vector tiles and personalisation of maps. Nice to see the stuff that was future-tech back when I wrote my thesis is rapidly becoming reality. (Still bleeding edge though, but three more years from now it’ll be pretty pervasive, I think.) The talk on adaptive maps by John J Czaplewski was a very interesting conversation starter on what we might do with these technologies.
    • WebGL is  also maturing nicely, a lot of libraries and apps coming together now. We shall see which ones emerge victorious from the Thunderdome of adoption rates in a few years.
    • Speaking of the Thunderdome, in my opinion both the Leaflet + Mapbox GL combo and OpenLayers 3 are in sum promising a lot of the same things when they’re done, but neither are done yet and have different things finished. (OL3 even replicated MapBox Gl’s big party trick by showing off drone/sat video overlaid on a map!) So there is still room for both!
    • Like Atlefren mentioned, projections are hard and people would rather go shopping, so use WGS84 for vectors and Web Mercator for maps unless you actually have a compelling scientific reason. (Like if your data *actually* has the kind of accuracy and precision that warrants a local projection, or you’re mapping something north/south of 80 degrees. His observation on more and more non-classically trained folks entering the field also holds true. (AKA. you don’t need 5 years of univerity geomatics to put a pin on a map, and on some levels it probably doesn’t help, either!) But I still feel that scientific rigour has its place, especially for those who are making the tools everyone else wants to use. (But then again, that might just be the five years of university talking.)

    Random Observations (PDX)

    • Somebody needs to make a LCARS interface for GRASS.
    • Compostable utensils and cups that still feel like plactic confuse the hell out of me, I never know which bin to use.
    • Dear Portland: “MAX Light Rail” and “Portland Streetcar” are really just two different names for “Trams in Portland”. Why not just call them “the large tram” and “the small tram”.
    • Did not see any werewolves or supernatural policemen while visiting, did see at least two locations I recognised from episodes of Grimm.

    FOSS4G NOR

    Two days after I got back from Portland I attended the local Norwegian FOSS4G event, where 86 happy hackers and useful users of open source geospatial software in Scandinavia’s most coast-liney country (award-winning fjords!) got together for a day of presentations and chatting. Together with Alexanno I did a ten minute lightening talk on impressions from FOSS4G PDX, in which our rate of speech steadily increased throughout as we tried to cram in more and more information in the allotted time.

    The other talks were also very interesting, like Bjørn Sandvik’s presentation on the impressive open source-based stack the journalists at NRK use to publish maps with their news stories, and the talk on how the Norwegian Defence Research Institute makes maritime monitoring systems  for the coast guard using open standards and open source. We were told that the Norwegian Armed Forces mandate OGC compliance in their internal secured systems, which is pretty cool. OGC standards, open source software, and things that are expensive and make other things explode. Can it get any better?

    I believe all the slides from the talks should soon make it out to the internet, sadly not full recordings like the big FOSS4G does. Next year we’re hoping to attract a bigger crowd of students and others to FOSS4G-NOR, making it less dependent on the big companies. All in all I’ve had two great FOSS4G’s in two weeks, and I hope to attend many more in the future!

  • #monohackily ever after – days four, five and six

    I’ve been neglecting to blog the last three days because I’ve been going full steam ahead since the last blog post! After I finished the GTK#3 template for MonoDevelop, I moved on to use it to create a new Mono.Addins subproject named GuiGtk3. This subproject was needed so that apps depending on Mono.Addins.Gui (Pinta, Tomboy, F-Spot)  could move forward, while still allowing GTK2 projects to use the original Gui. The API is identical, so all you need to do is drop it in place of ye olde one and change the using statement. Right now the pull request is pending.

    With that successfully concluded, I took over where Stefan Hammer left off on Tomboy, and using all the knowledge I learned from Pinta, Mono.Addins, Mirco Bauer and Bertrand Lorentz I powered through Tomboy’s porting work. (Hopefully there will be a technical post/memo for future use forthcoming…) The net result is Tomboy, in GTK3, using GSettings, and with every last scrap of horrible icky C code evicted!

    Right now the code is living in this branch, but we can expect a release in time for the next version of Ubuntu, when all the needed library dependencies have made it in. (If you want to run it, you need to pull down the Mono.Addins.GuiGtk3 branch mentioned previously and make install it to have the GTK3 Gui available.)  There is one thorny issue remaining, which is the state of GTK3 on Windows and Mac. Someone will have to make installers for this on these platforms before we can make GTK#3 releases there, but I think that the current attitude is that Linux is the lead platform and the others will just have to wait.

    The port is complete, but we don’t yet take advantage of all the features of Gnome Shell and/or Unity, so among the things we have noted for future improvement are improved DBus connections to allow direct interaction with the shell and making the panel applet an add-in which can be deactivated where appropriate.

    The hackfest, summarised

    I didn’t get to finish porting Pinta, but by tackling it head-on I learned some important things that were very useful when I did the projects I’ve completed this week. (Talk about diving in on the deep end!) I managed to make important contributions to tooling and dependencies for future GTK#3 work, and I managed a complete port of my first open source love, Tomboy Notes. We have had a great time together and been super productive, and there is no doubt in my mind that the benefits of inspiration and  direct knowledge transfer that come from being in the same room cannot be matched in any other way.

    Finally, let me once again thank our gracious sponsors:

    Norkart AS, Norway’s premier supplier of Geographic Information Systems and related consulting and my most lovely employer (website, logo)

    Collabora Ltd, Open Source Consulting (website, logo)

    Hotel Schottenpoint, Our hotel partner (website, logo)

    Novacoast IT, Professional Services and Product Development (website, logo)

    The GNOME Foundation, providers of the GNOME desktop (website, logo)

    Venue sponsor: