We are pleased to announce a new stable release of MauiKit and Maui Apps!
This version of Maui brings new features and bug fixes to Maui’s applications and the frameworks they rely on. The changes introduced in this release will make your experience with apps like the Index file manager, Vvave music player, and Nota text editor much more enjoyable and fun.
Read on to find out how Maui’s software has improved and what new features to look out for:
MauiKit is the framework used to build Maui applications. It comes with common widgets crafted to work well on small phone screens and bigger desktop computer monitors. But that’s not all: MauiKit also comes with a set of utilities that help developers build applications more quickly with more complex and ready-made widgets. These include a text editor, an image viewer, or a file explorer, among others.
In this updated version, the graphical components have been polished. New widgets have been added to the MauiKit Core library, making navigation easier on phones, desktop computers, and other devices. On Android, all the Maui Apps now make use of a dark style.
The following video goes over a few of the newly added changes to the MauiKit framework that directly improve all of Maui’s apps.
The Maui Project provides a set of applications to cover your phone, tablet, or desktop needs. The Maui line of apps currently includes a file manager (Index), a music player (Vvave), an image viewer (Pix), a text editor (Nota), an app for note-taking (Buho), a terminal emulator (Station), an app to manage your contacts (Communicator), a document viewer (Shelf), a video player (Clip), a camera app (Booth), and a web browser (Sol).
The Index file manager comes with a quick typing search feature that allows you to find files more easily as you type on a desktop computer with a keyboard. This feature is also found in Pix and other image gallery apps and in any other apps in general that allow you to browse your files. Index also includes an Overview section that shows you the most recently downloaded files, or your most recently accessed images and audio files, as well as your favorite files.
The Vvave, the music player, lets you edit music files’ metadata information within the app and get information about the current playing artist’s and album’s song. Pix, the image viewer and gallery manager, has a similar feature and can display EXIF metadata in a dialog with information about the camera’s model, ISO, and other technical details. Pix also allows you to edit images by doing transformations such as cropping and rotating.
The Nota text editor adds a Find & Replace feature and gives you an inline notification when the document you have opened has been modified or removed by another application. The improvements made to the text editor are part of one of the MauiKit sub-frameworks, so these features are also included in the new version of Buho, the note-taking app.
The MPV library powers the Clip video player. This allows you to play remote videos, such as videos from popular websites like YouTube. In fact, Clip comes with a dedicated view from where you can search and open videos from YouTube.
The terminal emulator is Station, and it’s a super touch-friendly console. This new version comes with an easy way to add command shortcuts to save typing on handheld touch devices like phones or tablets.
All of the apps that make use of tab views now use the MauiKit convergent TabView widget. TabView switches from a mobile-friendly tab system to the common tab style used on a desktop computer, depending on where you are using the app.
You can now try out all these changes on Android and Linux phones, tablets, and desktop computers.
You can find a more detailed list of the changes mentioned below:
The packages for Linux AMD and ARM AppImages, and Windows EXE, will be released soon. We will keep you informed when this happens.
Some apps might be missing features or present some bugs; if it is the case that you want to report a bug or a feature request, you can open a ticket at the corresponding project repo. You can access repositories from the Maui Invent Group.
Are you a developer and want to start developing cross-platform and convergent apps, targeting, among other things, the upcoming Linux mobile devices? Then join us on Telegram: https://t.me/mauiproject.
If you are interested in testing this project and helping out with translations or documentation, you are also more than welcome.
The Maui Project is a free and open-source software from the KDE Community developed by Nitrux Latinoamericana S.C.We are present on Twitter and Mastodon:
Nitrux is a Linux distribution that offers a relatively up-to-date system, including, of course, the latest stable version of Plasma and the KDE Frameworks, which comes by default in the distribution. However, it’s also possible to further test the beta releases and even the Git builds, all thanks to the hard work of the KDE Neon developers. This is fantastic since we can enjoy all the new features that the KDE community is working on before they’re tagged as stable, for example, the floating dock feature in Latte Dock.
In this tutorial, we’ll update our Plasma and KF5 Frameworks all the way to the Git builds. It goes without saying that you should only do this at your own risk.
With that said, we’ll start by updating to dev/stable and then to dev/unstable.
Nitrux 1.4.0 w/ floating Latte Dock.
First, we’ll create a copy of the APT sources file that we’ll be using. To do this, do the following.
The KDE Neon developers also use a custom version number for the packages they build, i.e., “5.81.0-0xneon+20.04+focal+release+build20,” packages from Debian would say “5.81.0,” both Debian packages being the same version of the same software.
The KDE Neon repository is completely independent of any Ubuntu infrastructure. The Ubuntu maintainers do not manage it; as such, it’s not an Ubuntu repository.
Here’s our first update on how the work for Krita 5 is going!We’re bringing you these updates to show what’s going on in Krita and why it’s a good idea to join Krita development fund! But first a short video by Ramon Miranda showing one the new features in Krita 5: the painting recorder. The painting recorder was created by Shi Yan and improved by Dmitry Utkin. Eoin O’Neill is sponsored to improve the interaction with ffmpeg. Also, looks at the nice new icons created by Timothee Giet!
This is the last month when we can still add new features. From June 1st, it’ll be bug fixing only. Not all features start with sponsored developers: many new features are coded by volunteers. Our sponsored developers then work with the volunteers to get the features ready. So here’s what got in last week:
Working together with Dmitry and Emmet, Know Zero completed a new feature: importing animations as frames, like animated gif files or mp4 clips. He also made it possible to export animated gifs with transparent backgrounds.
Then there’s Nabil Magfur Usman’s 2 point perspective grid assistant
Deif Lou added new texture blending modes for brush presets like hard mix, color dodge, color burn, overlay. Here is an in-depth discussion. Test image done by Hulmanen:
Agata Cacko was sponsored to work on the MyPaint brush engine. The MyPaint brush engine was created by Ashwin Dhakaita for the 2020 Google Summer of Code program. There were still a few things missing, like support for mirrored painting, and that’s what Agata added. Agata also worked on a new resource import dialog, as part of the resource rewrite.
Sharaf Zaman was sponsored to work on Krita for Android and ChromeOS. He implemented window management for dialog windows in Krita, so the dialogs can be resized and moved around. And he fixed a lot of Android and ChromeOS specific issues as well!
Ivan Yossi was sponsored to work on Krita on macOS. He fixed the quicklook and finder preview plugins. We’ll have to make a Krita 4.4.4 release for this, though. And now he’s investigating whether we can finally speed up the GPU canvas on macOS.
Felime Lema moved loading the thumbnails for the recent files in the welcome screen to a background thread, which solves the slow startup of Krita if you have ginormous tiff files recently used.
Dmitry Kazakov was sponsored to work on brush engines. Specifically, he worked on a new smudge brush engine. He also restored the cumulative undo feature that got broken in 2015.
Reinold Rojas has been working on improving the grid brush engine: he added a shortcut for changing the offset of the current grid brush. It’s still work in progress!
Emmet and Eoin have been sponsored to work on changes in the way onion skinning works, so people can use reference frames. That might only land in Krita 5.1, though…
Wolthera has been sponsored to work on the manual: we want the manual up to date when we launch Krita 5, and there are so many changes, and so many new things to describe.
Halla has been sponsored to work on making sure that we have a good default brush preset selected when Krita starts for the first time, and on making it possible to create new versions of brush tips.
So, if you like what we’re doing, join the development fund!
Can you believe how time flies? Today, ten years ago my first ever KDE patch was merged. A little while later I was granted KDE developer rights with write access to all of KDE’s git repositories. This power was somewhat frightening, after having submitted not even a hand full of patches at that time, and it actually took many years for the thrill of hitting Return on a “git push” to abate. Let me take this decennial as an opportunity to tell you stories from back in the days and how I ended up where I did, where I surely would not be without KDE!
I actually started writing on this blog post last December, to have plenty of time for collecting trivia and ideas, never before seen prototype screenshots, and more. I surely wouldn’t have thought this to turn into half an autobiography. Mind that I’ll try my best to verify the statements that follow but they can still be inaccurate or skewed from being just memories. Now grab a cup of your favorite beverage, sit back, and join me on this trip down memory lane.
My earliest recollection of using KDE was in 1999 on SuSE Linux 6.1. Back when the “KDE Desktop Environment” was the actual product name, which is why you still hear people say “I use KDE 5” today. I still fondly remember how it had an isometric K for its start button rather than the gears logo we know and love today. I was also quite fascinated by the green and blue, depending on your edition, crystal formations on SuSE packaging – the physical cardboard boxes, that is. You could even find those 2 kg boxes that featured a tome of a manual and several CD-ROMs at your local electronics store.
I still used Windows as my main operating system, though, originally Windows 95 and Windows NT 4.0, later Windows 98 because a video editing software I wanted required it, and finally Windows XP, which would be the last Windows release I used on a daily basis. I occasionally toyed around with later SuSE releases, I went to 6.4 and then 7.1, which was the first one to come on a DVD. We didn’t have a DVD drive back then, so I had to put up with the 7 or so CDs it came with. For some reason I don’t remember we had to reinstall the system several times and at some point we created a backup copy of the first CD, and as if we had known, it actually shattered in the drive on the next installation attempt.
At some point during the KDE 3 days I managed to wipe my hard disk while playing around with “dd” and was so upset that it didn’t warn me that I was about to override my “/dev/hda” with zeroes (hello, sudo!), that I turned my back on Linux for a while. I still had it running on my second PC but my main one was Windows XP only – after restoring a backup. Still, some school project I was tasked to do over the summer holidays was irrecoverably lost.
Going Linux full time
It wasn’t until July 2009 that I made the switch to Linux full-time. My computer was giving me random blue screens quite frequently and at some point I was so done with it that I just wiped the hard disk and installed Linux on it: Kubuntu 9.04 with Plasma 4.2.2 it was. I actually missed that whole 4.0 debacle, and from what I heard, I might not even be around now if I had :-) I just remember reading an article about 4.0 on heise, thinking “gosh, that black panel is horrendous.”
When Kubuntu wasn’t any more stable either, I thought to run a memtest, et voila: one of the RAM banks had gone bad, resulting in recurring page faults. At that point, however, Windows was already gone and I tried to just deal with the new operating environment. I believe that might actually have worked… Immediately I started tinkering with it, enabling backports repositories, and trying out beta releases. Reading Planet KDE became part of my morning routine, checking out what all those talented people came up every day. I’m sure many others out there are also being inspired by those blog posts, and I feel guilty for not blogging a whole lot more! One post I distinctly remember was about a rewritten Widget Explorer, albeit apparently from a later date than I thought it was until I just looked it up.
At this point I already had a 24″ monitor (16:10! Before that 16:9 plague took over consumer monitors) and that ATI All-in-Wonder Radeon 9000 with 64 MB of RAM just wasn’t able to run Compiz, Emerald, and whatever else was hot at the time, smoothly, and I never managed to get its analog TV tuner working on Linux either. Eventually, I got myself a shiny new computer with a Core i5-750 and I started playing with kdesrc-build, remotely monitoring its progress from school on my first Android smartphone, looking at a terminal window on my desktop via VPN because, hell, I had no idea SSH was a thing.
I also wanted to contribute to KDE but all I had programmed with before was Visual Basic, QBasic, BlitzBasic, and PHP – I surely didn’t know anything about C++, so I started by filing bug reports. One of my earliest bug reports I found was actually about notifications, go figure. Later I joined the German translators to whose mailing list I am still subscribed today and I occasionally send them bugs, but honestly I just can’t be bothered to use SVN anymore.
My first patch!
I’ve always been a visual person, wanting to provide a graphical user interface for the things I did, but since I didn’t know any of the programming or scripting languages needed to bring up a proper dialog window, I wrote horrible Bash scripts, with kdialog to provide some kind of graphical user interface, and I was a huge fan of the “–passivepopup” option resulting in a Plasma notification popup. I start to see a pattern here! The “–icon” command line argument affected the application’s windows, such as message boxes, but the notification popup was hard-coded to a generic “dialog-information” icon.
I can’t actually recollect how I wrote the patch or built it, where I looked for how to provide a patch – KDE was using Review Board back then, so the process has changed a lot in the meantime, but documentation has improved, too. Today we have a wonderful Get Involved page on our Wiki, and you don’t necessarily have to write code, there’s lots of other fun ways to contribute! It took me a while to find the original commit as I totally forgot it was actually committed by Christoph Feck. It wasn’t until my second patch (I think) that Aaron Seigo nudged me to apply for a developer account.
In July I attended my first KDE event, the KDE 4.7 release party in Karlsruhe. It’s when I met some of the people behind KDE for the first time: Lydia Pintscher, Martin Flöser, Sput, Torch (RIP), and a few others. Needless to say, we all sat there at a long table in a corner at Vogelbräu with our laptops out, and Torch showed how he could change virtual desktops by tilting his laptop, using the HDD’s fall damage protection accelerometer to trigger that. The next month I did a family roadtrip on the North American East coast, and I still recall sitting on the bed in a motel somewhere on the outskirts of Montreal watching an interview by Martin (on my newly acquired and later banned Samsung Galaxy Tab 10.1) about KWin on the Road to Wayland during the 2011 Desktop Summit in Berlin.
Drawing bars in Inkscape
Later that year I began studying computer sciences and if you decide on which university to actually go to on the very last minute, it’s surprisingly hard to find an apartment, duh. This meant I spent my first semester in a shabby Autobahn motel, 45 minutes away from uni by car, or like three hours by public transport.
The smartphone revolution still felt pretty much in its infancy, the Nokia N9 was still a thing, I was still using my first ever smartphone, and Android just learned to do hardware-accelerated 2D painting on phones with Android 4.0 released in October. Free Wifi wasn’t as ubiquitous as it is today and my apartment did not feature any Internet connection whatsoever. Mobile reception on the Autobahn in the middle of nowhere can still be a challenge in Neuland today but I managed to find a carrier which got me a decent 3G connection using a USB modem stick. For maximum coverage, I plugged it into a USB extension cord and stuck it to a window.
To be honest, I did not expect that it would just work under Linux. However, once I plugged it in, Plasma prompted me for the PIN and after selecting the correct carrier from a list of providers, I was well under way. This is when I noticed the Network Manager icon in the panel would just show a generic cell phone icon when connected via mobile broadband but I wanted signal strength bars like on my phone. Patching the network applet itself was straightforward but now I had to fire up Inkscape and draw a few dozens of signal strength bars for GPRS, EDGE, UMTS, from 0%, 20%, 40%, etc. Of course I had no idea you still had to pixel-align lines in an SVG to make 1 unit lines render crisply but my patch was accepted nonetheless and there was no VDG as we know it today to point out the blurry edges, so I quite proudly sat there in my room moving my antenna about, rejoicing at the signal bars fading in and out.
Obsessed with pixels
I failed to recollect what I actually did in 2012 and git history confirms that I wasn’t very active in KDE at that time. My highlight of that year was the KDE 4.8 Release Party in Karlsruhe in January, though. This time I didn’t have to drive home for the night but slept on Sput’s couch and after returning from the bar we spent the rest of the night watching StarCraft 2 replays. A while later I “Joined The Game” and set up a recurring, tax-deductible by the way, donation, to the KDE e.V. to help support my favorite open source community. In Summer I bought one of those newfangled Ultrabooks, an Asus ZenBook, which came with a FullHD screen – if you ever wondered where my obsession with pixels came from, this was it. Qt didn’t gain proper high dpi scaling support until Qt 5.4 so I started an effort to address bugs with large fonts caused by hard-coded layout and icon sizes throughout KDE libraries and applications.
As part of that I set out to fix the icon sizes in the icon dialog to follow your preferences. Partway through I realized I might as well clean up the code base and revamp its UI entirely, as the dialog still looked exactly from when I was a kid toying around assigning all sorts of icons to random folders on the system, which disappointingly didn’t show up when I booted back into Windows. Unfortunately, there’s quite a few different modes and flags the dialog supports; add to that complexity of custom Qt item view delegate painting and, I think, a looming feature freeze in preparation for KDE Frameworks 5, and I just never finished it. I still quite like the UI I came up with, so feel free to take it as an inspiration and rewrite the damn thing already!
Batteries and more!
2013 was the year I really got sucked into this KDE phenomenon. I did an apprenticeship at a web design agency but didn’t want to use their iMacs so I did BYOD before it was cool. I consider myself quite lucky to have been able to use Plasma on all the jobs I’ve had so far, apart from temporary project assignments, which were actually a welcome change to check out what nifty features I could steal get inspired from for Plasma.
Obviously, I needed an external mouse to work, so I paired one of those dreadful Bluetooth Apple Magic Mice they had lying around in the office with my laptop. That’s when I noticed that it was actually reporting its battery status to the system. However, Plasma could not cope with the fact that there were two batteries present, only one of which actually powered the system: it would take the average of laptop and mouse battery and display nonsensical charge percentage in the panel. I naturally couldn’t accept the fact that OS X could handle that but “we” couldn’t.
I learned that UPower added an “is power supply” property that indicated whether a battery was actually powering the device or merely reporting status of a connected peripheral, which I added to KDE’s Solid hardware abstraction framework – of course accidentally breaking ABI and builds for any other platform than Linux in the process. After cleaning up the mess I made I then patched Battery Monitor to handle those devices correctly as well as have PowerDevil’s (Plasma’s power management service) “low battery” calculation take this property into account. Furthermore, I also added a dedicated notification to warn when your mouse or keyboard are about to run out of juice.
Soon I realized the overall Battery Monitor layout could use some serious overhaul, and I began rewriting it basically from scratch, including the keyboard brightness support someone added to PowerDevil around the same time. I was a huge fan of Daniel Nicoletti’s work at the time and took inspiration from his then-new Print-manager applet: the battery list with its expandable details section was pretty much copy-pasted from it. KDE SC 4.11 to be released later that year was the final Plasma 4.x feature release, so I made sure my new Battery Monitor was in good shape for inclusion, or else it would have had to wait another year to see the light of day.
While I believe the layout fit Plasma 4 very well, it feels quite out of place on Plasma 5, having remained virtually unchanged from its initial release, compared to all the other applets that over time got polished as part of the KDE Consistency Goal. I would love to give it another complete overhaul at some point but so far I found none of the design suggestions people brought to me compelling. Finally, when KDE SC 4.11 came out in August 2013 I invited to a release party dinner in Stuttgart, trying to replicate the fun events I attended earlier. Alas, only two other people showed up. It was still a nice evening with good food and – of course – we had our laptops out and were playing around in VirtualBox with then-new Windows 8, giggling at its hideous non-intuitive Metro user interface.
Attending my first ever sprint
In December 2013 I stayed at Aaron Seigo’s place over the weekend and we visited Zürich Christkindlimarkt. They put up a massive Christmas tree decorated with Swarovski crystals in the platform hall of Zürich central station, alongside a bunch of christmas-markety boths. I believe I paid 8 CHF for a cup of Glühwi there. It was also the time KDE Connect was very new, so when Aaron left to visit his parents-in-law that Sunday, and called me to let him back in, I was perplexed to see a notification on my laptop that my phone which sat on the kitchen table was receiving a call. I just had both phone and laptop on the same WiFi network and the rest was magic – it truly felt like the future!
The next year, Alex Fiestas invited me to my first in-person KDE sprint in Barcelona’s Blue System offices in April 2014. It was the KDE Frameworks sprint during which important decisions, such as the rapid monthly release cycle, were decided upon. Having been my first real solo trip abroad, I was quite nervous. I will never forget that unease feeling of “how come my backpack is so light?” while waiting at the bus stop. It quickly dawned on me that I forgot to pack my laptop charger! USB-C power delivery is becoming ubiquitous nowadays but surely, not bringing that giant Asus charger brick (which is the most annoying thing on a sprint as it basically occupies three outlets on an extension cord) would have been a disaster. I lived close by that bus stop, luckily I was there early, and still had time to run back and fetch the charger. This was the day I started using checklists for everything.
When I arrived in the afternoon I met for the first time Alex Fiestas, David Faure, Kevin Ottens, David Edmundson, and others I can’t remember :) I believe I shared an apartment with Mark Gaiser and Alex Merry for the week. During the sprint I worked mostly on Solid again, trying to build a proper QML import and model for querying and enumerating hardware. However, I wasn’t very experienced with Qt yet and completely lost when the objects in my model, managed by a shared pointer in C++, would randomly disappear on the QML side when the ListView created and destroyed items as you scrolled through the list. That model was never finished in all these years but I assume the remnants of it can still be found in some abandoned branch in Solid’s repository.
An amusing coincidence was that a group of students from my former school was in town that week. I’ve been to Barcelona twice before from student exchange programmes, so I joined them for that obligatory visit to the Museu Nacional d’Art de Catalunya. Sunday morning I had to catch my flight back around noon but left the apartment a little late and then had huge trouble finding the right bus stop for the Aerobus at Plaza España, because of course it’d be opposite of where I arrived, or so I thought. Having missed two buses and the ride taking more than half an hour, time was running out. Naturally, when I finally got to the airport, there was a huge queue at the check-in desk. Fortunately, there had been a printer at the office, so I was checked in online already and got a sheet of paper with my boarding pass on it (I did not trust my phone with that sort of thing then) and arrived at the gate just as boarding was commencing.
My first Akademy
In Summer 2014 Jos Poortvliet persuaded me to sign up for my very first Akademy, KDE’s annual developer conference, in Brno, Czechia in September. Getting there was quite a chore, as I had to fly into Vienna and then proceed to Brno by coach. That bus departed every other hour but I didn’t want to risk missing it so I had to spend three hours at Vienna airport. I still vividly remember a thread on the Akademy mailing list about “bring your own toilet paper” and indeed the hotel we stayed at featured the roughest, grayest recycling tissue I have ever seen. The week was great fun with delicious food and made me wonder why I didn’t go to an Akademy sooner – make sure, whenever we can meet again in person that you, dear reader, go, too!
We have now arrived in the year 2015 where I will wrap up this post. This blog instance was set up in that year and from now on you’ll be able to follow my development on your own. While there are surely many more fun stories and anecdotes to tell, there has to be some material left for a sequel ;) I hope you enjoyed this history lesson and I can only encourage you to do the same, reflect on what you’ve achieved and tell the world, inspire others! Bhushan Shah once told me how some of my posts on Google+ years ago got him into KDE and can you imagine KDE and Plasma Mobile without him? I owe my entire professional career, pretty much all my debugging, and programming skills to all those talented people in the KDE Community.
The Annual General Meeting (AGM) of KDE e.V., the association
that supports the KDE community financially and organizationally,
has been announced. As usual, it takes place at
Akademy – online again this year, and the AGM is on monday june 21st, the longest day in the northern hemisphere – and will hopefully consist of
quick and boring financial stuff, followed by a spirited discussion on
the goals and activities and working groups of the e.V.
If you watched enough of the Muppet Show long ago, like I did,
then “the continuing stooory, of a cat .. who has gone to the dogs”
should trigger Pigs in Space memories. Like a good(?) soap opera,
Wayland on FreeBSD just keeps giving material for a new episode,
so let’s take a look at recent changes.
I should emphasize again that much of the actual work is being
done by other people: much of the time I’m just the monkey
clicking things and then complaining on various instant-messanger
channels. My favorite response is “that’s fixed already”.
Charm Time Tracker (deskutils/charmtimetracker) hasn’t had an
upstream release for some time,
but there is a patch fixing a crashes-always-after-a-minute
on Wayland. It has a downside: idle detection doesn’t work on
Wayland (er .. maybe just in KDE Plasma) at all. This will be good
for my efficiency numbers.
Focus-follows-mouse could be tricked by slowly moving the cursor from
one window to another. Reported, fixed upstream for 5.22 and
backported to 5.21.4 for FreeBSD for me (being a packager has
Cursor-weirdness was my own fault for fiddling too much with settings.
Simplifying the settings made things better. I think I saw one odd
cursor – shifted over by one pixel, with wrap-around – this week,
but can’t reproduce it.
VirtualBox is unhappy, both as a Wayland client and as a XWayland
client, in KDE Plasma Wayland but reportedly also in Sway;
this shows there are still some specialized protocols to come
up with for the special cases like (Full-Screen) VMs.
Until I hit the VirtualBox problem, I had spent all week in Wayland
doing the things I always do – building new UI bits in Calamares,
hacking on KDE Frameworks, doing FreeBSD ports work and
doing web-front-end work for some LDAP tomfoolery –
and just didn’t notice. It’s in great shape for me. Huh,
maybe this soap opera has a happy ending?
Let’s Encrypt revolutionized the SSL certificate management for websites in a short span of time — it directly improved the security of users of the world wide web by: (1) making it very simple to deploy SSL certificates to websites by administrators and (2) make the certificates available free of cost. To appreciate their efforts, compare to what hoops one had to jump through to obtain a certificate from a certificate authority (CA) and how much money and energy one would have to spend on it.
I make use of letsencrypt in all the servers I manitain(ed) and in the past used the certbot tool to obtain & renew certificates. Recent versions of certbot are only available as a snap package, which is not something I’d want to or able to setup in many cases.
Enter acme. It is shell script that works great. Installing acme will also setup a cron job, which would automatically renew the certificate for the domain(s) near its expiration. I have recently setup dict.sayahna.org using nginx as a reverse proxy to a lexonomy service and acme for certificate management. The cron job is supposed to renew the certificate on time.
Except it didn’t. Few days ago received a notification from about imminent expiry of the certificate. I have searched the interweb quite a bit, but didn’t find a simple enough solution (“make the proxy service redirect the request”…). What follows is the troubleshooting and a solution, may be someone else find it useful.
acme was unable to renew the certificate, because the HTTP-01 authentication challenge requests were not answered by the proxy server where all traffic was being redirected to. In short: how to renew letsencrypt certificates on an nginx reverse-proxy server?
Certificate renewal attempt by acme would result in errors like:
# .acme.sh/acme.sh --cron --home "/root/.acme.sh" -w /var/www/html/
[Sat 08 May 2021 07:28:17 AM UTC] ===Starting cron===
[Sat 08 May 2021 07:28:17 AM UTC] Renew: 'my.domain.org'
[Sat 08 May 2021 07:28:18 AM UTC] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sat 08 May 2021 07:28:18 AM UTC] Single domain='my.domain.org'
[Sat 08 May 2021 07:28:18 AM UTC] Getting domain auth token for each domain
[Sat 08 May 2021 07:28:20 AM UTC] Getting webroot for domain='my.domain.org'
[Sat 08 May 2021 07:28:21 AM UTC] Verifying: my.domain.org
[Sat 08 May 2021 07:28:24 AM UTC] my.domain.org:Verify error:Invalid response from https://my.domain.org/.well-known/acme-challenge/Iyx9vzzPWv8iRrl3OkXjQkXTsnWwN49N5aTyFbweJiA [NNN.NNN.NNN.NNN]:
[Sat 08 May 2021 07:28:24 AM UTC] Please add '--debug' or '--log' to check more details.
[Sat 08 May 2021 07:28:24 AM UTC] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Sat 08 May 2021 07:28:25 AM UTC] Error renew my.domain.org.
The key error to notice is
Verify error:Invalid response from https://my.domain.org/.well-known/acme-challenge/Iyx9vzzPWv8iRrl3OkXjQkXTsnWwN49N5aTyFbweJiA [NNN.NNN.NNN.NNN]
Sure enough, the resource .well-known/acme-challenge/… is not accessible. Let us try to make that accessible, without going through proxy server.
First, create the directory if it doesn’t exist. Assuming the web root as /var/www/html:
Then, edit /etc/nginx/sites-enabled/my.domain.org and before the proxy_pass directive, add the .well-known/acme-challenge/ location and point it to the correct location in web root. Do this on both HTTPS and HTTP server blocks (otherwise it didn’t work for me).
Make sure the configuration is valid and reload the nginx configuration
nginx -t && systemctl reload nginx.service
Now, try to renew the certificate again:
# .acme.sh/acme.sh --cron --home "/root/.acme.sh" -w /var/www/html/
[Sat 08 May 2021 07:45:01 AM UTC] Your cert is in /root/.acme.sh/my.domain.org/dict.sayahna.org.cer
[Sat 08 May 2021 07:45:01 AM UTC] Your cert key is in /root/.acme.sh/my.domain.org/my.domain.org.key
[Sat 08 May 2021 07:45:01 AM UTC] v2 chain.
[Sat 08 May 2021 07:45:01 AM UTC] The intermediate CA cert is in /root/.acme.sh/my.domain.org/ca.cer
[Sat 08 May 2021 07:45:01 AM UTC] And the full chain certs is there: /root/.acme.sh/my.domain.org/fullchain.cer
[Sat 08 May 2021 07:45:02 AM UTC] _on_issue_success
With the upcoming KF6 transition we have the chance again to further untangle and clean up dependencies between
KDE Frameworks. There’s a number of tools that help us with analyzing the current state of dependencies, one that
we didn’t have when KF5 was started is ELF Dissector.
When looking at dependencies we usually start at the module or library level, with something as simple and widely
available like ldd. For nicer visualization, script like KDE’s draw_lib_dependencies
exist to visualize the result. CMake also provides a similar option to produce a built-time dependency graph.
While that is good enough in many cases, sometimes we need to dig deeper, and that’s where ELF Dissector can help.
After opening the library or executable to analyze and switching to the dependency view, you’ll find three different ways
to look at dependencies, described below.
The first view is closest to a tree view of what you’d get from ldd as well. However, it has one major addition,
it shows which symbols (and how many) are used from a library. This helps with determining why a dependency exists
in the first place, and to asses how strongly coupled two components are.
This is done by looking at the imported symbols of a component, which means this cannot distinguish how often a
specific symbol is used. So even a dependency on just a single symbol can mean a very strong coupling in practice.
Nevertheless this is often a good indicator.
For answering the question why an application or library pulls in a specific dependency the symbol-level view can
get hard to navigate when there’s many components involved. That’s where the inverse dependency view comes in.
There you can select a library and see everything that depends on it, again down to the symbol level.
The third view is the list of unused dependencies. What you can see in there heavily depends
on whether the --as-needed linker flag has been used or not. Either way, the most common case for a dependency
showing up in here is a transitive dependency that ended up in the public link interface of a library that is
This isn’t a problem as such, but it can be useful to review if everything that’s in the public link interface
is really needed there, or if we are leaking implementation details to the outside. Fixing this has no immediate
impact on the overall dependency situation, but it does enable future changes without breaking the public interface.
It’s also worth noting that “unused” in this context merely means that no symbol from a library is used by the
component linking to it. That doesn’t however mean that the library can safely be removed, there are a few special
cases like ICU’s data library that are used by other means (and that’s also why we can’t just use --as-needed unconditionally
There’s of course more that could be done here, for example combining the graph visualization with
edge weights based on the symbol counts.
I also should finally get ELF Dissector into the KDE release service to make it easier available via distribution packages.
Getting it built as standalone app bundle is unfortunately tricky due to its dependency on internal binutils API.