Garden Linux [link | Role: Developer]:
Garden Linux is a Debian GNU/Linux derivate that aims to provide small and auditable Linux images
for most cloud providers (e.g. Ali, AWS, Azure, GCP etc.) and bare-metal systems. Garden Linux is
the best Linux for Gardener nodes to increase you cloud platform and replaces the legacy and
discontinued CoreOS system. Garden Linux provides great possibilities for customizing and provides
a great feature set to fit your needs and is fully Open-source (MIT licensed).
By the given feature set it is possible to build Garden Linux with different features (options) like
CIS, FedRAMP, ReadOnly mode, etc. Next to this, all features allow full customization to fit the
operator's needs.
In default, Garden Linux already provides an awesome stack of features like:
* Repeatable and auditable builds
* Great test framework (PyTest based)
* Purely systemd based (network, fstab etc.)
* Aiming to always integrate the latest LTS Kernel
* Dracut generated initramfs
* Supporting all major platforms out-of-the-box
* OpenSSL 3
Garden Linux is easy to build and use. While only Python3 and a container runtime like Podman or Docker
will be needed the whole process, including the test framework, will be done within containers without
involving the host system. Garden Linux aims to be the perfect match for cloud host and node systems.
A short introduction of Garden Linux was given in 2021 at the MiniDebConfRegensburg (Debian Event).
A recording of this presentation in English can be found
here.
BoxyBSD [link | Role: Project Lead, Developer]:
BoxyBSD is a non-profit project dedicated to providing free virtual machine (VM) hosting on IPv6, with
a particular emphasis on BSD-based systems such as FreeBSD, NetBSD, and OpenBSD. The project's primary
objective is to contribute back value to the open-source community by offering a platform where beginners
and newcomers can learn and educate themselves using real systems.
By offering free virtual machine hosting, BoxyBSD aims to remove financial barriers that often deter individuals
from gaining hands-on experience with BSD-based systems. This initiative allows users to explore, experiment, and
learn about these systems in a practical and interactive manner.
BoxyBSD's focus on BSD-based systems ensures that users have access to a diverse range of operating environments,
enabling them to familiarize themselves with different BSD distributions and their respective features. This
approach not only promotes knowledge and understanding within the community but also encourages collaboration
and innovation among enthusiasts, students, and professionals alike.
Overall, BoxyBSD serves as a valuable resource for individuals seeking to deepen their understanding of
BSD-based systems and contribute to the broader open-source community. Through its free virtual machine hosting
services and commitment to education, BoxyBSD provides a welcoming environment for newcomers to gain valuable
skills and experience in the world of open-source technology. Together with BSD based community like the BSD Cafe
or the BSD Network this might be a great point to start with BSD systems. My hope relies in providing valuable
content for the community to get on track which might be very difficult, especially at the beginning. More details
about BoxyBSD can also be found on my initial blog post.
QualvoSec [link | Role: Project Lead, Developer]:
QualvoSec is a robust open-source (based on GPLv3) security patch management tool designed for unattended upgrades on a variety of
systems, encompassing mainstream Linux distributions (like Debian, Ubuntu, Garden Linux, RedHat, CentOS, RockyLinux etc.) and
BSD-based systems like FreeBSD. This tool empowers operators to exercise control over client systems' patch integration, offering
flexibility in managing updates, particularly for crucial components like kernels or glibc.
Unlike bloated solutions like Spacewalk or Landscape, this framework of QualvoSec is characterized by its minimalistic
design, ensuring simplicity and ease of use. It operates entirely in Python, utilizing only a handful of imports to
streamline the user experience. This simplicity makes QualvoSec accessible even to users with limited programming knowledge.
QualvoSec operates on a pull-based model, where client systems proactively poll the server at regular intervals to retrieve
information about their designated security patch windows from the server's metadata. This approach not only ensures a more
controlled and efficient update process but also helps prevent unnecessary strain on the server by avoiding constant metadata
requests. To optimize performance, QualvoSec intelligently caches metadata, minimizing redundant queries and enhancing overall responsiveness.
More details about QualvoSec can be found on my initial blog post or on the project's website.
manpageblog [link | Role: Project Lead, Developer]:
manpageblog is a small, lightweight blog engine written in Python and offers several advantages in a
look of a man page (Unix like manual page). Firstly, it provides simplicity and ease of use, making
it accessible even for users with limited technical knowledge. The lightweight nature ensures quick
installation and minimal resource consumption, making it suitable for various hosting environments.
No database is needed at all.
Python's readability and straightforward syntax make the blog engine easy to customize and extend,
allowing users to tailor it to their specific needs. Additionally, being Python-based means leveraging
a vast ecosystem of libraries and frameworks, enhancing the blog's functionality without unnecessary
complexity. Posts and pages are written in Markdown or HTML while the blog engine generates the whole website.
While using only flat files, this offers great possibilities in maintaining the content. Given this
approach, you can manage your whole blog in git.
The lightweight nature also contributes to faster loading times, improving user experience and search
engine rankings. Overall, a small, lightweight blog engine in Python combines simplicity, flexibility,
and efficiency, making it an ideal choice for those prioritizing a streamlined and customizable blogging experience.
To support this small and lightweight expression of the blog engine the default theme represents a man page (manual page or also known as handbook) design which provides all needed information in a simple document.
A live demo is available at manpageblog.org.
Changelog Fragments Generator [link | Role: Project Lead, Developer]:
Changelog Fragments Creator may be used in development setups where working on a single CHANGELOG.md file
might result in ongoing merge conflicts due to too many changes on the same file. This is where Changelog
Fragments Creator steps in to solve this by creating YAML based files for each PR according to its planned release version.
The output format is based on Keep a Changelog, and this
project adheres to Semantic Versioning.
Collection of Vagrant Boxes and Images [link | Role: Developer]:
Apple Silicon's hardware architecture is based on ARM64 (AARCH64) which is incompatible with the AMD64 (x86_64)
hardware architecture. To support common operating systems for Vagrant on ARM64 based system, dedicated
boxes and images are needed and must be maintained. This implies that all images must be recreated on this
architecture. This collection provides the most common Linux- & BSD systems in different flavours. All ones
can be found on Vagrant and my blog.
Ansible [link | Role: Contributor, Developer]:
Ansible contains the community.general Ansible Collection. The collection is a part of the Ansible
package and includes many modules and plugins supported by Ansible community which are not part of
more specialized community collections. More contributions and module plugins can be found on GitHub and here.
NTP Pool [link | Role: Sysadmin, Hoster]:
The pool.ntp.org project is a big virtual cluster of timeservers providing reliable easy to use NTP service for millions of clients.
The pool is being used by hundreds of millions of systems around the world. It's the default "time server" for most of the major
Linux distributions and many networked appliances. The states of my systems can be found on the NTP Pool project site, as well on my blog.