Siosm's blog

Some thoughts from a systemd, Rust and security aficionado

systemd and the crashing tweet

By now you have probably read all about how systemd is so easy to “crash” that one can make it fit in a tweet (How to Crash Systemd in One Tweet).

This post led to a first response by David Timothy Strauss (How to Throw a Tantrum in One Blog Post), answered by Andrew Ayer (Systemd is not Magic Security Dust), and replied by David Timothy Strauss (Ayer vs. systemd, Part 4).

But let’s take a look at the bug and the arguments against systemd presented in the first post by Andrew Ayer.

Last updated on 2017-02-05.

Let’s Encrypt, automated, but please not as root

I made the switch today to Let’s Encrypt for all the certificates used by services hosted at

The official setup instructions are well written and simple to follow but not safe enough for my taste. The Let’s Ecrypt page on the Arch Wiki also has most of the information required to get a working setup but does not care for security either.

So here is a non root, confined setup for certbot, the official Let’s Encrypt client.

Although this was done on Arch Linux, this is probably generic enough to work on any systemd enabled distribution.

Ubuntu 14.04 LTS: Why you should not use it, at all

Ubuntu 14.04 LTS (Trusty Tahr) has been released on April 17th 2014, thus this Long Term Support (LTS) version is brand new. So why am I already telling you not to use it?

Well, there are a couple of reasons, so read on!

Get rid of syslog (or a journald log filter in ~100 lines of Python)

We’ve recently switched the host behind the domain and thus decided it was time we dropped syslog logging entirely and use journald only. We used to get weekly log reports sent by mail by logrotate, but we never read them as they were way too big, thus this was useless.

Note: The ‘we’ here refers to PO and I.

Leselys, a web based, self-hosted RSS reader not written in PHP

Update: Fix systemd units.

I must confess: I’ve almost never used Google Reader as I’ve only been using Akregator as far as I remember. I didn’t want to rely on anyone to host my feeds and I guess I needed Google to stop providing Google Reader for free to realize I could just host my own web based reader, like many will probably do from now on.

Setup a Firefox Sync Server with nginx and systemd

I needed a way to synchronize my bookmarks in Firefox across three computers, and doing it manually wasn’t an option anymore, so I turned to sync-like extensions. I needed something which would give me full control on the data storage part (I don’t want to use their servers). The first one I tried was Xmarks, which just can’t handle the 4MB bookmarks I have, so that was a dead end. Then I realized you can host your own Firefox Sync Server and that’s how I did it. now with comments thanks to Wt Comments!

(Last updated on 2014-08-12)

This blog now has interactive comments thanks to the Wt Comments project started by my friend Martin Peres. On his blog, you’ll find all the reasons that make Wt Comments a must have for us users of static blogs. However, they’re still a few features missing:

  • Allowing users to delete their comments;
  • Allowing users to subscribe/unsubscribe to an article in order to receive mails for new comments;
  • Locking comment threads manually or after a pre-defined period of time.

Feel free to comment(!), request features or, even better, send patches to improve it!