Blog posts

Fetching packages from authenticated HTTP URIs with Gentoo Portage

Gentoo Linux's package manager Portage is designed to build packages from source code. Packages are installed from ebuilds which represent the installation instructions for a given software. Ebuilds specify the location of one or more source archives which are automatically fetched by the package manager. Several URIs are supported: http and https, ftp and sftp, rsync, and ssh.[^1] This works perfectly well for open-source software, where the source tarball is publicly available. However, if the sources are not public, things get more complicated. In this post, I present different ways to fetch tarballs from URIs that require authentication.

Full article

A unified data model for token-based authentication and credential authentication

Read about how the authentication system in Ameto has evolved over time. I evaluate different approaches for modeling user data for token-based and user-password authentication and present a secure approach for treating them uniformly in the data model.

Full article

Multi-Tenancy Data Models in Kafka

Data modeling for relational databases is a well researched field. NoSQL databases, however, are more specialized and require different approaches for deriving an appropriate data model. My current project Ameto is making use of the distributed streaming platform Apache Kafka. Ameto is a multi-tenant application and requires an appropriate data model. While there is some advice available on the internet about how to organize your data in Kafka,[^1] little can be found about how multi-tenancy can be approached. In this article, I would like to share my thoughts and findings about structuring your data in Kafka for a system with multiple users.

Full article

Breaking up the Monolith – Assessing the status quo

Breaking up the Monolith is a series of articles about transforming a concrete monolithic application into microservices. This post shows my personal decision making approach on the matter. The architecture of the Ameto image processing service will serve as an example.

Full article

Staves – A Container Image Builder based on Gentoo Linux

I came across a couple of articles about packaging container images, specifically for Docker. The fact that many people are working on their own solutions indicates that the Dockerfile syntax is lacking.[^6] Buildah, for example, promises more low-level control over the creation of image layers. Projects like deck-build or Kubler try to give the user more high-level abstractions by providing composition and more expressive commands that can be run during build. In this article, I present my reasoning why the existing tools were not suitable and show what the Staves image builder is capable of. You can either hear me out or skip the rationale and dive directly into Staves. Knowledge of Gentoo Linux is helpful, but not strictly necessary.

Full article