Several months ago I started the practice of using CFEngine Enterprise and its Mission Portal UI on a daily basis to manage the connected devices in my home. To start, I brought up an old desktop machine, cfengine-hub, to use as my hub and downloaded Enterprise, which is free for use up to 25 hosts. The next step in using best practices is to deploy policy from a version control repository. I use a local git server named git-server-zero instead of GitHub or GitLab as I like to be independent of the cloud when possible due to privacy and environmental concerns. I will use the Mission Portal Version Control Repository settings section to setup this repo as the source of policy for cfengine-hub.
As a follow up to my previous “personal policy” blog I have exciting news:
An improved CFEngine is available for Termux! This provides a way to play with policy and implement policy on your non-rooted Android phone! Version 3.17.0a1-termux is an alpha release so understand it’s not heavily tested. That said, CFEngine for Termux is looking pretty awesome and useful. Highlights of features:
allow self-bootstrap to loopback since Android devices often change their IP address and bootstrapping locally seems to make some sense for a developer device and ability to play around, this is just as helpful on the desktop for that matter. packages promises work with local masterfiles or with patched policy server masterfiles (pkg uses apt_get which CFE supports) since Termux supports “real” versions of commands and doesn’t rely exclusively on busybox, CFEngine considers a Termux environment as a fairly full featured linux box in terms of commands and features runs as un-privileged account, CFEngine for Termux does NOT require root files promises work inside the /data/data/com.termux/files scope, not outside (unless possibly you have a rooted device, which is completely untested) masterfiles policy framework works well, paths for common commands are modified to adjust to termux’s prefix $PREFIX being /data/data/com.termux/files/usr. Some common paths are setup for creating policy that works on Termux and other unices (etc_path, tmp_path, bin_path, var_path). Not supported (yet):
My laptop was getting staleā¦ I’ve been using it every work day for about 2.5 years now and so much software is installed it just boggles my mind. I really love it otherwise, open source, trying to be transparent, generally has worked amazingly! I have a Librem 15v3 from Purism. My home dir is a maze of old and new directories, odd files, tons of ~/Downloads junk. And the real kicker? I can’t build CFEngine core anymore! :( I tried to fix the situation but just couldn’t quite fix it. So the solution? Well reinstall PureOS of course and see if that helps things out.
Announcing CF4! (or is it CF-FORTH?!) I imagine you didn’t expect such a big release so soon after our most recent release of 3.12.4 and 3.15.1 on March 26, but here it is: our alpha-release. Thus the reason for the .-4 in the version number. Of course choosing -4 has something to do with the fun of spelling FORTH without the ‘U’. Also, it’s nearly a palindrome and I imagine we’ll have a few alphas/betas before the final release is finished. (a good palindrome: a man a plan a canal panama)
