Since Ubuntu 22.04, firefox is based on snap, with various side effects, including inability to download files in fuse.fs mounted partitions. This post explains how to install firefox from mozilla repository instead.

Special thanks to Stéphanie who had a problem with her mounted partitions and pointed the issue to me so that I could fix it for her!

Important warning! Before you start, be sure to have saved your user profile (it is especially important if firefox stores for you your passwords or other login information). This can be done:

  • either by activating your firefox sync account. In this case, activating the same sync account on any brand new firefox will automatically activate your formally saved passwords and downloaded plugins;
  • or directly save the snap user profile (included in ~/snap/firefox/common/.mozilla/firefox). After firefox has been reinstalled, it can be copied into ~/.mozilla/firefox/.

Special thanks to >Pierre who had to experience the loss of his data and pointed that issue to me.

Finally, to install the mozilla repository based version of firefox, first remove firefox based on snap:

sudo snap remove firefox

and add mozilla PPA in you source list:

sudo add-apt-repository ppa:mozillateam/ppa

Then, as sudo, create a file /etc/apt/preferences.d/mozilla-firefox where you put the following lines:

Package: *
Pin: release o=LP-PPA-mozillateam
Pin-Priority: 1001

Package: firefox*
Pin: release o=Ubuntu
Pin-Priority: -1

To finish,

sudo apt update
sudo apt upgrade
sudo apt install firefox

should be enough to properly install firefox (and as an extra surprise, install a better version of thunderbird, compatible with more plugins, including the TbSync plugin that is the only one to handle Active Directory synchronization and is not functional in Ubuntu official release of thunderbird).


This post describes how to encrypt some files (containing secrets) in git repositories in a transparent way. The chosen solution encrypts files before they are pushed to the remote and decrypts it at pull locally (so you have to make sure that your secrets are well protected on your local computer).

Different tools exist to perform this task, including BlackBox, SOPS, transcrypt, git-secret. I chose git-crypt because it is available through a Ubuntu package, is really fully transparent, is well referenced, cited, and used, is regularly maintained, and can work over GnuPG.

First step: as a maintainer, initialize your git-crypt repository

git-crypt is easily installed with apt (install gnupg if you do not have it installed already):

sudo apt install gnupg git-crypt

Locally, initialize your git repository as usual and add the git-crypt initialization afterwards:

git init
git-crypt init

Then, create a .gitattributes file including the list of files and directories that you want encrypted in your remote repository:

secretfile filter=git-crypt diff=git-crypt
*.key filter=git-crypt diff=git-crypt
secretdir/** filter=git-crypt diff=git-crypt

Note that, to include all files of a given directory secretdir/, the syntax is secretdir/** and not secretdir/*!

GnuPG users can be added by ID or email by:

git-crypt add-gpg-user tuxette@my-domain.org

This creates an encrypted GPG key within .git-crypt/keys, which is automatically commited.

More information on GnuPG is available at this page (unfortunately in French).

Then, configure your remote directory (supposed, here, to be empty; this is done with git remote add ...), add and commit all the files that are supposed to be versionned, in addition to the file .gitattributes and push. Further add, commit, pull, push commands can then be used as usual.

Second step: as a new user to an existing repository, set your git-crypt configuration

You need first to install gnupg and git-crypt with:

sudo apt install gnupg git-crypt

Then, start by generating your GPG key (if you don't have one already) with:

gpg --gen-key

Once done, you can check it with:

gpg --list-keys

that should look like:

pub   rsa4096 2016-10-31 [SC]
      551C582A867ABF1865E86006378CDF2A339F144E
uid           [ultimate] Tuxette Chix <tuxette@my-domain.org>
sub   rsa4096 2016-10-31 [E]

which you can export using

gpg --armor --export 551C582A867ABF1865E86006378CDF2A339F144E > my_public_key.pub

(the ID 551C582A867ABF1865E86006378CDF2A339F144E has to be adapted to your own key). Send this file to the repository admin and waits for her/him to allow you to access the git-crypt repository.

When everything is ready, all you have to do is simply:

git clone gitolite@git.my-domain.org:my-nice-git-repo.git
git-crypt unlock

You can then add, commit, pull and push as usual.

Second step bis: as an admin, add a new user to use secrets

When a new user sends her/his GPG key, add it to your GnuPG configuration with:

gpg --import new-public-key.pub

You can check that it has properly been added with

gpg --list-keys

You may need to "trust" the key before you can proceed. You can do it by signing it:

gpg --edit-key 551C582A867ABF1865E86006378CDF2A339F144E

then type sign, quit, and finally yes to save the edition of the key.

Finally, in the git repository, run:

git-crypt add-gpg-user <new_user_email@other-domain.org>

where the email is the one referenced in the key (you can also add a user with the key ID). Do not forget to push the changes (the new user's encrypted key)!


This post describes how to properly install multiple versions of R alongside on Ubuntu OS and to set up a properly controlled renv environment.

Preparation

It is better to start with a fresh installation of R. However, if R is already installed, especially if it is installed from the Ubuntu repository, it is better to get rid of the old version first:

sudo apt autoremove --purge r-base r-base-dev r-recommended

In addition, removing the packages is not enough to remove R most of the times. A safe approach is to simply change the binary name in /usr/bin with:

sudo mv /usr/bin/R /usr/bin/R2

(which is an ugly way to solve this issue, indeed).

Installing R from scratch

Inspired by this tutorial, we can now install any R version obtained from the RStudio repository (under the form of a .deb package). The following lines of codes are given for R version 4.0.3 and Ubuntu 20.04 LTS (they have to be adapted for other versions of R and other OS and OS versions):

export R_VERSION=4.0.3
export UBUNTU_YEAR=2004
curl -O https://cdn.rstudio.com/r/ubuntu-${UBUNTU_YEAR}/pkgs/r-${R_VERSION}_1_amd64.deb
sudo dpkg -i r-${R_VERSION}_1_amd64.deb
sudo apt install -f

At this stage, R should be properly installed and work with:

/opt/R/${R_VERSION}/bin/R

The last stage of the installation would ensure that the R binary is properly linked into a bin folder:

sudo ln -s /opt/R/${R_VERSION}/bin/R /usr/local/bin/R
sudo ln -s /opt/R/${R_VERSION}/bin/Rscript /usr/local/bin/Rscript

If you are using RStudio with multiple R versions installed as described here, you can choose between them as described here.

renv environment

Within our project directory, if the renv.lock file is already present and has never been used, the virtual R environment is installed with the following R command lines:

install.packages("renv")
renv::init()

In our case, some packages have shown additional issues:

  • nloptr required the installation of an additional Ubuntu library:
    sudo apt install libnlopt-dev
    
  • some packages depended on curl and required the installation of:
    sudo apt install libcurl4-openssl-dev
    
  • ps had a problem with a wrong installation directory for sed that can be resolved creating a symbolic link:
    ln -s /bin/sed /usr/bin/sed
    

When the renv initialization process is interrupted, it can be resumed with:

renv::restore()

Special case of Bioconductor packages

Bioconductor packages can produce errors at installation within renv. The reason is that the Bioconductor packages are linked to a Bioconductor version that is not itself well handled by renv. Hence, you first have to check that your local Bioconductor version is identical with the Bioconductor version of the initial renv installation (for ASTERICS, it is 3.12). To check your local Bioconductor version, do:

BiocManager::version()

(BiocManager has previously been installed with renv::install("BiocManager") for instance). You have to specify:

BiocManager::install("3.12")

and to install your Bioconductor packages with:

BiocManager::install("pkg_name")

before proceeding to renv::restore(). If it still does not work, check your renv.lock file and replace

"Source": "Repository",
"Repository": "Bioconductor"

by

"Source": "Bioconductor",

for Bioconductor packages.


This post describes the best practices for asterics in branch management.

Creating a new branch

Branches are created at the head of dev as follows (within asterics repository):

git checkout dev
git pull
git branch dev-new
git checkout dev-new
git branch --set-upstream-to origin/dev-new

Merging a branch

Feature branches are merged into dev when they reach a stable state. Before merging, ensures that R tests are all successfull (start a new R session at the project root and proceed as described here.

When you decide to merge, go to the ASTERICS project on ForgeMIA, into the menu (on the left) Repository/Branches and click on the "Merge request" button of the branch that you want to merge (be careful to ask for a merge into dev and not another branch). Once the merge resquest is performed, ask for someone else to review your code and to perform the merge (this is a two-step process during which you first have to review and correct possible conflicts and then to approve the merge).

Deleting a branch

The person merging its branch into dev is responsible for deleting his/her branch locally and remotely (after it has been merged and pushed):

git branch -d dev-new
git push origin --delete dev-new

If this change is not properly spread with pull on a local repository, you can check which branches are present (with git branch -a) and if they fit the branches as described on the forge. If not, delete the branch locally (as described above) and prune its remote counterpart:

git remote update --prune

This post describes how R unit tests are organized and managed in asterics using testthat.

Tests organization

Tests are present in the directory backend/R/tests in separate files starting with test- (this is mandatory for the test to be run). In addition, as a naming convention, each test refers to a single function and is named from this function (for instance, the tests for r_multivariate_dotplot are in the file test-rmultivariatedotplot). They are all based on the testthat package and can be executed with this **R** command line:

test_dir("backend/R/tests")

(if launched from the project root directory)

Automatic testing at the project startup

Tests are launched at the project startup within **R** with:

tests <- TRUE
source("backend/R/conf_wd.R")

Tests and branch merging

When a branch is merged,

  • either this branch pre-existed before the merging of tests into dev and the merging of the branch has to be done with: 1/ git merging of the branch into dev; 2/ testing everything with a session restart; 3/ systematically correcting failed tests and documentation accordingly directly in dev,
  • either this branch was creating after test support has been merged into dev. In this case, tests have to be performed and fixed along with documentation before merging into dev.