Hello and welcome to my first blog post and status update.

In my ongoing effort to help out at Codeberg, I have put the finishing touches on cibot and helped with the deployment. The bot aids the team at Codeberg with administrating access to their Woodpecker CI. The latest features include a more sophisticated permission system and the ability to revoke CI access as well.
Next I will work on improving monitoring - initially by deploying a log aggregation system. To facilitate this, I have already finished some groundwork to replicate Codeberg’s setup on my own infrastructure.

hut v0.6.0 has been released. It contains a fix for an annoying bug - the pager could break the terminal - and lots of new hg commands to better mirror git. Thanks to a patch from Jens Schmidt hut can now detect whether you want to write some input with your $EDITOR or pipe it to hut through stdin. You should never have to specify --stdin again.
The most interesting feature of this release is probably the “project config”. The idea behind it is to act as a substitute for the not yet completed hub API, that allows to link a repository to a tracker and mailing list. This can be achieved by placing a top-level file called “.hut.scfg” like this in a repo:

tracker https://todo.sr.ht/~xenrox/hut
development-mailing-list ~xenrox/hut-dev@lists.sr.ht
patch-prefix false

In the past hut tried to guess your tracker - when it is not explicitly specified - by using the same name as your git repository and the mailing list from git’s sendemail.to setting. This of course only worked in some situations and for example not when multiple git repos share one tracker. Besides making it easier to work with hut, the project config can help potential contributors as well:
When a repository is cloned through hut (hut git clone https://git.sr.ht/~xenrox/hut), git’s sendemail.to and - if configured - the patch prefix will be correctly set.

As for server administration, I had some good fun with updating sourcehut to the latest python version. Two libraries either removed deprecated functions or changed the behaviour of existing ones. After downgrading the software I noticed that my builds worker would no longer start - reason: An update to how sourcehut parses the configuration files introduced a small bug. A bit later I got notified that my git repositories could no longer be cloned through https. A recent git version enforced ownership checks and caused fcgiwrap - which protects private repos - to deny access completely. My last problem appeared after updating the whole system: Now cloning via ssh was broken. After looking through all log files I found that my sshd config no longer included the correct AuthorizedKeysCommand (note: sshd -T prints the parsed configuration). This setting got overwritten by a new systemd config file. Luckily pretty simple to fix as well.