I was trying to compile ownKeepass (https://github.com/jobe-m/ownkeepass) for aarch64 but it required libraries in the build engine that are yet to be available for 64 bit.
My trials to install and compile these libraries manually in the engine, although successful, didn’t yield success in compiling ownKeepass.
The core issue is that the developer stopped updating the app since 2019. And it’s an important app for many users.
I would gladly maintain it but have little skills in encryption and security.
So here’s a call for the community to help to revive and improve ownKeepass. I would be happy to help within my capabilities.
An excellent app worth saving. Its compatibility with KDBX means one can simply transfer one’s existing database from another device. The most viable alternative of Passilic requires way too much manual setting up. In fact, I wouldn’t’ve tried it to begin with if I hadn’t noticed ownKeepass was no longer supported. And even so, it was the best choice.
I myself have so far tried building this twice. On the first try I got frustrated really quickly, on the second try I actually managed to compile it. But then I got frustrated again when the packaging stage fails…
3rd time lucky? Would be good to get that into some automated build stage (OBS and TBuilder). After that we can start looking into updating some components, as needed
Not taking it on myself yet, but at some point, if needed, I would join the effort to make it work on newer base.
I’ve manually downloaded the source code of libargon2 and libsodium and compiled them in the build engine (mersdk@localhost).
But still when building the app in the IDE, I get the same errors for aarch64:
No provider of 'pkgconfig(libargon2)' found.
No provider of 'pkgconfig(libsodium)' found.
I use sfdk for building. I build all the packages with both the snapshot and output-prefix configuration options, so the dependencies get automatically installed on the build target. The key here being the output-prefix option, as with it sfdk searches for the dependencies in the shared output directory. The snapshot option is just there to make sure this doesn’t interfere with building other stuff.
I did install it for the aarch64 target. Something like this when compiling: sb2 -t SailfishOS-4.0.1.48-aarch64 -m sdk-install -R make and the remaining commands.
Not much familiar with the build engine and related stuff. I’ll have a better look at them after work.
It’s pretty much in a “works for me” stage and I’m not much of a project maintainer so I will post my build steps this weekend here so someone else can hopefully pick it up.
Use at your own risk since I have not published my steps yet. I’m also using crypto libraries I just grabbed off the net (although I think they’re the same as used by the original ownKeepass).
Like others said both ownKeepass and SailOTP are critical apps for me and with the upcoming Alien Dalvik the Xperia 10 II will be daily driver material for me.
(Final word: I have been surprised how easy it is to clone the repo of an old Sailfish OS app and recompile it for aarch64 (especially if they have no third-party dependencies.)
Side question: does it make sense to also publish a newer build for the other archs? I understand it is built against some parts of KeePass, which might have important changes also for non-aarch64 as well.
@nephros, I don’t think it’s just updating the keepass dependency as it requires testing to make sure upping the version isn’t breaking anything.
But I’m quite ready to help in testing. And as soon as @aerique publishes his build step, it’ll try tweaking things and playing around with keepassxc and see what can be done.
Here is what I did to build ownKeepass for aarch64.
I think the biggest problem people that want to repeat these steps will face is that I’m using my own build environment (Sailfish OS Builds in Docker). I will not go into the reasons why here, but I suggest first trying to repeat these steps in the same environment and then porting it to what most people use (which is the official Sailfish OS SDK I think).
ownKeepass depends on libargon2 and libsodium. In this example we’ll use the RPMs I already uploaded to my repository, but if you’re interested in building them yourself you can check out how I did it (thanks to @abranson for some clarifications!):
I only use Sailfish IDE and it’s build engine, I’ll see if I can replicate your instructions and compile a working RPM without using Docker and a specific build environment.
I have not tested anything, but looking at the commands I believe you could just replace sb2 -t SailfishOS-latest-aarch64 -m sdk-install -R with sfdk tools exec SailfishOS-4.1.0.23EA-aarch64 and mb2 -t SailfishOS-latest-aarch64 build with sfdk build. Please note however that this installs the build dependencies directly in the target. I’d prefer having them in shared output directory and installing them automatically in a target snapshot. So this might work better:
Download the dependencies and place them in /home/foobar/keepass-rpms
Myself I use coderus work from Docker Hub to build in docker.
I write Gitlab CI scripts to do that, because they can then be used both on a local machine using gitlab-runner, or using the CI feature on gitlab.
Anyway I have taken the recipe above and put it in a gitlab-ci file. Posting below in case anyone is interested in building that way.
Not too much interesting or new in there, but it stores the output rpms in a dir in docker, and creates a local repo for zypper to install from instead of using online repos.
stages:
- build
image: "coderus/sailfishos-platform-sdk-${TARGET}:${SFOS_VERSION}"
tags:
- docker
default:
variables:
#SFOS_VERSION: "4.0.1.45"
SFOS_VERSION: "4.1.0.23"
GIT_SUBMODULE_STRATEGY: recursive
OUTDIR: $CI_PROJECT_DIR/output
#BLDDIR: ~/build # this does not work because ~ does not expand. use a shell variable instead
YAMLNAME: ownkeepass.yaml
SPECNAME: ownkeepass.spec
TARGET: armv7hl # set this globally for local builds because gitlab-ci-runner can not deal with extends: foo
.build-local:
stage: build
script:
# prep
- BLDDIR=~/build
- mkdir -p $OUTDIR/$SFOS_VERSION/
- mkdir -p ${BLDDIR}
- cp -r $CI_PROJECT_DIR/* $BLDDIR/
- pushd $BLDDIR
# argon
- git clone https://git.sr.ht/~aerique/libargon2-spec libargon2-spec-git
- pushd libargon2-spec-git
- git submodule update --init --recursive
- mb2 -t SailfishOS-$SFOS_VERSION-$TARGET --no-fix-version prepare | tee $OUTDIR/prepare.log
- mb2 -t SailfishOS-$SFOS_VERSION-$TARGET --no-fix-version build | tee $OUTDIR/build.log
- cp -r RPMS/* $OUTDIR/$SFOS_VERSION/
- popd
# sodium
- git clone https://git.sr.ht/~aerique/libsodium-spec libsodium-spec-git
- pushd libsodium-spec-git
- curl -o libsodium-1.0.18-stable.tar.gz https://download.libsodium.org/libsodium/releases/libsodium-1.0.18-stable.tar.gz
- tar xvfz libsodium-1.0.18-stable.tar.gz
- mb2 -t SailfishOS-$SFOS_VERSION-$TARGET --no-fix-version prepare | tee $OUTDIR/prepare.log
- mb2 -t SailfishOS-$SFOS_VERSION-$TARGET --no-fix-version build | tee $OUTDIR/build.log
- cp -r RPMS/* $OUTDIR/$SFOS_VERSION/
- popd
# main
- LR=~/myrepo
- mkdir -p $LR
- for f in $(find $OUTDIR/$SFOS_VERSION -type f -name *.rpm); do cp ${f} $LR; done
- sb2 -t SailfishOS-$SFOS_VERSION-$TARGET -m sdk-install -R zypper ar --no-gpgcheck $LR localfiles
- sb2 -t SailfishOS-$SFOS_VERSION-$TARGET -m sdk-install -R zypper ref
- sb2 -t SailfishOS-$SFOS_VERSION-$TARGET -m sdk-install -R zypper --non-interactive install libgcrypt-devel
- sb2 -t SailfishOS-$SFOS_VERSION-$TARGET -m sdk-install -R zypper --non-interactive install --from localfiles libargon2-devel libsodium-devel
- git clone https://github.com/24mu13/ownkeepass.git ownkeepass
- pushd ownkeepass
- git submodule update --init --recursive
- cd Sailfish
- sed -i -e '/.*libargon2.*/d' rpm/harbour-ownkeepass.yaml
- sed -i -e '/.*libargon2.*/d' rpm/harbour-ownkeepass.spec
- mb2 -t SailfishOS-$SFOS_VERSION-$TARGET --no-fix-version prepare | tee $OUTDIR/prepare.log
- mb2 -t SailfishOS-$SFOS_VERSION-$TARGET --no-fix-version build | tee $OUTDIR/build.log
- cp -r RPMS/* $OUTDIR/$SFOS_VERSION/
- rm -r $BLDDIR/
artifacts:
when: always
paths:
- "output/*.log"
- "output/*.spec"
- "output/*.yaml"
- "output/$SFOS_VERSION"
cache:
key: ${CI_PROJECT_NAME}_${CI_JOB_NAME}
paths:
- $SRCNAME-$SRCTAG
- /home/.zypp-cache
- /srv/mer/targets/SailfishOS-$SFOS_VERSION-$TARGET/var/cache/zypp/
- /var/cache/zypp/
- /home/nemo/src
build-arm64:
stage: build
extends: .build-local
variables:
TARGET: aarch64
build-arm:
stage: build
extends: .build-local
variables:
TARGET: armv7hl
build-x86:
stage: build
extends: .build-local
variables:
TARGET: i486
If you have gitlab-runner instaled locally, this will run the build:
#!/usr/bin/env bash
BASE_DIR=$PWD
BUILD_DIR=$BASE_DIR/build
CACHE_DIR=${HOME}/.cache/gitlab-runner-cache
mkdir -p $BUILD_DIR
builder="$1"
if [[ x"$1" = x"" ]]; then
builder='.build-local'
fi
case $1 in
'-h'|'list'|'help')
echo these local builders exist:
grep '^\..*local' .gitlab-ci.yml
exit 0
;;
esac
DOPTS="--docker-pull-policy=never --docker-volumes "$BUILD_DIR/:/builds:rw" --docker-cache-dir $CACHE_DIR "
[[ -e $BASE_DIR/build.log ]] && mv $BASE_DIR/build.log $BASE_DIR/build.log.old
gitlab-ci-multi-runner -l warn exec docker $DOPTS $builder 2>&1 | tee $BASE_DIR/build.log | grep -v 'ERROR: Could not create cache adapter'
Now that SailSync ownCloud have a 64bit version, and thanks to @aerique build of ownkeepass, my workflow to sync (through nextcloud) and use my keepass passwords is working fully again natively.
Thank you all.
ownKeepass is now available at OBS via sailfishos:chum repositories. Currently, builds are available for all architectures and released SFOS versions starting from 3.4.0.24 till 4.1.0.24.
To make it possible, I have used @aerique work, adjusted his packaging scripts for libargon2 and libsodium that got also published in Chum repos.
ownKeepass had some libs bundled in binary format within the sources to simplify packaging. Those got removed. I also dropped generation of SPEC from YAML, SPEC got cleaned up and now the application is built from the root of the project.
When someone gets to develop ownKeepass further, please look into the changes made at sailfishos-chum/ownkeepass. Had to remove forking as it leads to submitting of local PRs into other repositories upstream of the forking tree.
Note that testing is limited, seems to work for my database and allowed to create new one as well which I successfully opened on PC. That’s on 4.1.0.24/aarch64.
@aerique mentioned something regarding libgcrypt - I have not used any updated version of the lib. It looks to be available in SFOS repos and I don’t know whether it needs to be updated for earlier SFOS versions. Please chip in and let me know. In that case we may have to add that to Chum repos as well.
