Category Archives: Communication

Rocket.Chat at Simulakrum

Users in the appropriate group in Simulakrum directory can use Rocket.Chat now. Rocket.Chat works from within a browser, and allows for very fast and quality multi-user video-conferences, desktop display, and many other useful functions. It is using a jitsi-based server in the background.

Rocket.Chat is the second multi-user video-conferencing tool available for Simulakrum – HipChat, the Atlassian’s proprietary commercial solution that integrates well Jira and Confluence, is also currently available at Simulakrum’s. Ask for the access to those tools if you don’t have the access already.

Fedora 21 and the spirit of changes

While the infamous systemd brought into the Linux community through the gates of Fedora is in its peak of sowing, yet another sensitive detail regarding Fedora was recently brought to my attention: bitlord from LUGoNS noticed a supposed behaviour for 21 that he soon reported to the tracker:

To me, the most interesting part of the thread was the initial reaction of many of the community members, derogating the issue of a program (NetworkManager) pinging the world in a pretty conspirational manner.

Binding GNOME3 so tightly to fully linux-centric systemd (and vice-versa, making reserved space for GNOME3 manoeuvring inside systemd space) was an obvious demonstration of the force, but it was an open one, clearly visible from all points of interest. “A pinging service” within the NetworkManager is far less obvious, so if it becomes a model of incorporation of novelties for Fedora, it will become a very bitter vector of equally bitter change.

As Peter Mlakar once read for Laibach, I too do not like moralities and surely even less like to preach about moralities, but the ideas that becomes obsessed with moral values (and the distros that take the leadership away from technical persons just to give it to the lawyers) is now forcing me to do so.

Or I can quietly and completely switch to something I still consider sane, like OpenBSD… crusaders

I have not seen one of these crusaders for at least ten years, until today, when I wanted to find out more about a site apparently helping you learn foreign languages; once I tried to enrol and subscribe to whatever they are offering, a bizarre message welcomed me:

“Livemocha is not supported on Linux”

Screenshot from 2014-10-04 10:50:09

Furthermore, suggests that I should use a Mac or a PC (I guess they thought I came there using a mainframe and a teletype, or what?) because they can’t wait to see me there?!?

Makes you wonder if they can actually help you with anything, if they cannot adopt an agnostic approach to own service, deep in the XXI century. I haven’t seen such a crusade since the days when Microsoft was a serious contender on the scene.

Livemocha, you are a catastrophe!

Initiating rapsodia, a fork of diaspora

Recently, I’ve stumbled upon diaspora, a social network platform that has more than enough potential, but a giant show-stopper as well – the SSL certificates, used (amongst other things) to enable secure communications between diaspora’s nodes, or “pods” in disapora lingo, have to be “official”, signed by an “authoritative issuer”. Since some of us see that detail as a general problem for proper communication, especially in the light of the events and affairs surrounding “the official authorities” for the SSL certificates in recent years, I have decided to try to overcome that detail, and use otherwise good and usable code of diaspora, and fork it into something that would provide similar usability, yet be tolerant for the self-signed certificates. After I have read the copyright documents that comes with diaspora’s code, I conclude that there should be no problems to fork it, as long as the Affero General Public License version 3 is respected.

Initial brainstorming are going to happen it the next few days on #rapsodia channel at IRC server, and everyone with a piece of code, a constructive idea, or more, is welcome. See you at rapsodia, hopefully more than just an IRC channel, soon 🙂

Self-signed certificates for diaspora pods

Installation of a diaspora pod for OpenBSD 5.4 went rather smoothly, considering the fact that there are still no instructions at Diaspora foundation wiki. I skimmed through instructions for FreeBSD, tried (and gave up on) PostgreSQL and installed with MySQL backend, following rather simple text on installation.

On creation of the first few accounts, a “500 server error” would pop up, but the accounts were accessible immediately after a reload of the front page. At first I thought this was a sign that diaspora’s code is still in its infancy, but I was wrong – it was my admin’s skills that are slowly degenerating: after I reckoned it has to be my mistakes, logs proved that Webrick wasn’t able to communicate with redis over UNIX socket. I changed the connection type to TCP, and the “500 error” was gone.

Adding contacts from another pod was yet another problem. The logs showed that my pod had no trust in other pod’s SSL certs, and kind people on #diaspora channel at explained to me that ‘certificate_authorities’ in config/diaspora.yml should point to a CA cert that people can trust, and my self-signed cert isn’t one of those.

Install p5-Mozilla-CA for OpenBSD and point your ‘certificate_authorities’ there, and you’ll be able to communicate with those who use ‘official’ [sic!] certificates to sign their communications.

Since a cert authority file is not a binary, but a text file, would it work if I simply add another self-signed cert on top of the existing ones, in my CA.pem, and the peer does the same? Probably! I am currently looking for a partner in such a ‘crime’, to test the solutions we can come with regarding the self-signed certificates. Finally, I concatenated my server.crt to Mozilla’s, in hope that it might work. I’ll happily write down the findings here, once I have more on this… annoying bug.

For those willing to try, the cert is here:


Add it to your CA.crt, search for “” and let me know if it worked. If your pod has the self-signed cert, like, remember that I have to add that key to my CA.crt, too, in order to try the workaround.