Hacker News new | comments | show | ask | jobs | submit login
ArkOS for the Raspberry Pi (arkos.io)
129 points by waldohatesyou on Sept 2, 2013 | hide | past | web | favorite | 46 comments

Please add a torrent for the release. It's very convenient (for me, at least), because I am currently on my phone and opening torrent links automatically tells my home server to download them.

Plus, you know, it saves you a bunch of bandwidth. But mainly do it for me.

Sure! I'll look into it and have something ready soon. Thanks for the suggestion.

If a major goal of this project is to allow me to host my own reliable, modern, usable, email server with dead-simple auto-configuration for $25, I am extremely excited.

I'm curious, what will your email stack look like?

The backend will likely use Postfix as MTA and dovecot (or other more lightweight solution) as MUA. Haven't settled on a final configuration yet. The magic will happen with the frontend and the utilities that oversee its operation, of course, and those will be custom developed.

I'm also working on a system for optional caching (encrypted, of course) which would help if your arkOS node is knocked offline, as to not screw up mail processing locally or for your communication partners. But that is still in rough planning.

Sorry if I missed this somewhere but how does arkOS intend to handle delivery issues? Many consumer ISPs make it very difficult for an end user to have good mail delivery rates, and especially so to freemail providers like Google, Hotmail(MSN), Yahoo, etc.

Without getting into it too much (i could write a novel :p ), the caching system will have a role to play in this. There are many different ways to solve this problem, and rest assured that creating a competent and stable mail system (and all that entails) is top priority.

As a lot of the system already uses python, looks like lamson might be a good fit:

I'd love to hear more about why a whole new distribution, rather than some management tools on top of something like raspbian?

I understand that targeting a single platform is easier -- for an OS distribution -- but it sounds like what you actually want is an application server on top of a base os -- one that allows for a few standard tasks (email, web etc).

Why reinvent all the other parts of the stack?

Thanks for the link, I'll check it out! As far as it being a new distro is concerned, my goal was to make it as simple and powerful as possible. Simplicity means being able to have a clean download and install process, prepackaged for those who might be intimidated by having to install Linux on their own. Also being able to control package versioning and selection is critical for ensuring the dashboard remains as stable as possible. Powerful because it allows for many cool utilities to be installed, configured and ready to go with minimal intervention. For example, one of the existing utilities allows the RPI to cache log writes in RAM, reducing SD card wear which is critical when using the Pi. So there are many ways to dress up a system like arkOS. I acknowledge that making it its own distro is a more thorough solution than it would be otherwise, but at the end of the day I feel it is the one that allows for the best end user experience.

It still sounds like you're doing a lot of extra work for little gain vs making a Debian remix or something. I realize writing your own can be more fun, and seem easier, than establishing detailed knowledge of an existing system -- but all of the things you mention could be done quite easily starting from a working Debian distro.

You could fork into a complete distro, like Ubuntu, or just choose a few (core) packages and add some patches.

Either way, I wish your project the best of luck -- any project that tries to revert the asymmetric split of the Internet in "end-users"/consumers and "services" is welcome in my book :-)

From what I hear, you might be violating your internet provider's terms and conditions by hosting websites and email server on your personal connection. And other email providers might also reject emails sent from personal servers. Anyone here has more information on these issues.

That being said. It looks like an amazing product. As a long time Arch Linux user this is very pleasing.

My current project involves a RasPi, iRedMail, a handful of inexpensive VPS providers with APIs that allow automated provisioning (DigitalOcean, NineFold, and Hetzner – to spread out the jurisdictions) – with the RasPi opening a reverse SSH tunnel for ports 25 and 465. Add in a DNS provider with a useable API so the 'Pi can spin up and shut down VPSes itself and update MX records to suit, and VPS images configured to not log anything mail-related (I'm learning Chef and/or Ansible to automate this), and I think I've gone as far as I can to secure my end of all my email.

(Possible over-paranoid ideas include refusing port 25 smtp connections that wont negotiate a secured connection in response to a STARTLLS command, and possibly blacklisting mail originating from any of the 8 known PRISIM participants. I like the _idea_ of ensuring none of my mail arrives from known-intercepted sources, but reality dictates otherwise since way too many of the people I really do want to communicate with are exclusively using gmail/yahoo for email - or worse still, have migrated largely to Facebook messaging instead of email)

Of course neither I nor the project are able to endorse anyone contravening their ToS with arkOS. So that is something that everyone will have to keep in mind. Once the dynamic DNS/proxy service is online for arkOS servers, this will be made clear.

Also emails from personal servers don't have issues in my experience -- the only thing is that you need to do it right. The major webmail providers each have their own specific rules before they accept mail from unknown servers. Provided that you do those right, there isn't much of an issue. arkOS intends to implement these as default.

Are there plans to include Email as a service in the future?

Also, will it be ported to other, more powerful hardware?

Yes and yes! Email is in the works and should be ready within 1-2 months. First goal is to get it working well and out of beta on the RPi, then after that it will be ported to other architectures.

Please please please offer a secure (i.e. up to date and also TLS-preferring), pre-set-up email server with ArkOS, complete with instructions on how to create MX, SPF and DKIM records for one's domain. You will do everyone who's interested in privacy a great service and deal a blow to the mass surveillance agencies.

This is exactly the plan :)

Exciting project. Needs to have some more apps before it can be adopted by the masses. We need a platform that is as simple as an iPhone but designed simply to be 'the personal cloud platform'. It should offer the security the freedom box promises and still offer solutions to less serious problems like torrent downloading and music streaming.

ArkOS seems to have a really nifty dashboard for managing all the services, but I do not seem to gather any evidence that it works anywhere else. Are there any alternatives for the dashboard on other linux flavors?

The dashboard is the least interesting part of ArkOS. Using extremely inexpensive hardware for a decentralized cloud is the Big Idea.

I don't see much on how these things are supposed to integrate with each other, though. If they aren't trying to solve that problem...

Anyway, Webmin has been around for eons if you need that.

Without an intuitive, user-friendly dashboard, targeted for actual users and not just sysadmins, making the "decentralized cloud" a reality isn't really possible :) The first problem to solve is making reliably self-hosting one's own data no longer rocket science. After that, interaction with other devices (meshnets, etc) may be a focus.

Agree. Setup should be as easy as entering your domain credentials or choosing DynDNS name. Set password and all your basic services (email, PIM, cloud storage, blog, photogalleries) should be activated automatically. None of those need even power of Raspberry Pi. Should run on old Android phone with 256MB RAM and 8-16GB memory card (or as much as you can afford for storage). Hmm... it should be as easy as "What to do with your old Android phone? Download this app, enter credentials, put it on eternal charging, and enjoy".

Reliable self-hosting of data is not a technical problem or a UI problem. It's a political problem. True Cryptography for the masses is Too Dangerous.

But just talking about the UI question, "intuitive, user-friendly dashboard" is absolutely not the issue when it comes to systems administration. I can tell ArkOS/Genesis is already way too far off course because there is a separate GUI interface to /etc/fstab.

I wouldn't say that it's not a technical or UI problem. But I do agree that there are also political problems. Decentralizing "the cloud" isn't just something that can be addressed by technical means. But technology plays a big part in changing the status quo.

The dashboard was forked from a prior project called Ajenti, which the fstab interface and many other parts were included from. It is being converted in stages and that is one that has not been addressed yet. So be patient, the current version is far from what a usable edition is supposed to look like. :)

Do you have any plans to help users deal with difficult topics such as DNS, static vs dynamic IP, routing/port forwarding, etc?

It's so frustrating how consumer-level ISPs seem to continue to want to evolve their service into a consume-only (a la cable TV) system.

Yes, we are currently working on a dynamic DNS/proxying service and provisioning of special subdomains for those who don't have static IPs or their own domain name. Very early stages but eventually it will be directly integrated into Genesis for as close to "one-click operation" as possible. https://github.com/cznweb/deluge

The dashboard (Genesis) will be ported to other architectures (and maybe other Linux distros too) in the future. Though the idea is that you use the dashboard for everything you need, as if it wasn't even Linux, so differences between distros matter less and less.

The dashboard is an Ajenti fork. :)

Genesis looks like old version of Ajenti.

It was forked from the old version of Ajenti. The documentation on the site (arkos.io) is out of date, there have been a lot of changes and visual improvements since.

Hi, just curious, any reason this is using Arch as a base instead of a Debian base? I understand if you want to target specifically the RPi first but I think that using Debian will make it easier to port to other arches in the future (specifically armhf for the BBB and other more modern CPUs.)

I saw this as well https://bbs.arkos.io/t/why-arch-linux-why-not-raspian/43 but still think you should consider moving over... :P

Anyways, very cool project!

A few reasons, including ease of maintaining package repos with pacman, rolling-release nature, easy networking tools, and more. I will also concede a bit of personal preference :) But like that post said, there isn't much of a reason in my mind to consider the specifics of individual distros, as arkOS is very "bare bones" and should require ideally no command line use in the first place. I haven't had any difficulty in getting Arch/ALARM to play nice with other architectures in the past but if you have specific experiences I'd love to hear about them. Thank you!

How can I use this as a home web server if my ISP blocks port 80?

"Don’t want the trouble of buying your own domain? Don’t worry. arkOS will allow you to connect your node to the Internet anyway, through a variety of services like dynamic DNS and port relays. Sometimes your Internet connection might prohibit you hosting your own data. In these circumstances, arkOS will provide ways to connect your node to the greater World Wide Web."

How does that work?

We are developing a dynamic DNS service as well as port proxying that allows you to serve traffic on non standard ports as if they were normal. https://github.com/cznweb/deluge (Disclaimer: We can't encourage you to violate the ToS of your ISP, so if port blocking is against the rules then that is for individuals to handle themselves.)

In the future (read: when the dashboard and the aforementioned tools are stable) there may be ways for individual arkOS nodes to communicate with each other without an intermediary, mesh-style. But that is a long way off.

Wow.. cool! I'm excited about this project. Are you looking for help with FOSS things (documentation, bug reports, etc.)?

Definitely need help with testing and development. Documentation as well but it takes time to understand the complexities of the working parts. Hit me up on Twitter if you want a full list of things, always looking for help at every skill level :)

Seems to boot fine in qemu if anybody would like to have a quick play with it, though it's fairly useless until I figure out how the network adaptor works.

awesome! You can run Genesis (the dashboard, which does most of the work) in any Arch-based VM as well, that's probably your best bet if you want to be able to look around quickly. https://github.com/cznweb/genesis

One of the key features of the windows environment I have found myself envious of recently is single sign-on and rule/group/permission based user and device management. While a reasonable equivalent can be constructed with Samba, Kerberos, SSH, Puppet, etc, a unified system would be absolutely fantastic. What is the chance of support for tools like these in the web interface?

ClearOS is a good choice if you're looking for something like that - all users are stored in a central LDAP database which everything else authenticates against, and it has a nice webui.

Very likely :) The exact shape and architecture of how this will work is still undecided but it is definitely something I'm thinking about.

Is this available for other platforms as well? I see no reason why this couldn't be available as a package for Ubuntu as well, but I can't find any mention of things other than RPi images.

I run a low-power x86 Ubuntu server at home and would love to try this (I was actually planning to move my e-mail from Google to my own server).

It's not available quite yet, but Genesis will eventually be ported to other platforms/architectures. I just wanted to start with a focus of 'one' for simplicity's sake. Genesis (the dashboard) itself is Python so you don't need to worry much about architecture. It's just distro compatibility that needs work. So stay tuned :)

I completely understand the desire to start with one uniform and ubiquitous platform, and eagerly await a cross-distro release :)

I have web, mail (so-so, testing only) and a super early concept of a distributed service monitor for rpi users (pi-up) in use a bit now. I'll reach out, would love to see more and so nice to see something like this out there!

Has anybody tried flashing this to a BeagleBone Black with any success?

Not yet, but I plan on adding support for the BBB in the future.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact