libravatar
You may know gravatar which is a service that allows you to attach a picture/avatar to your email address which then allow any other services (blogs, forum…) to display your avatar as soon as you provide your email address.
Those services lookup a specific URL on gravatar's website to get your avatar if any. This is how my picture is displayed on my github account or on this blog (as well as people commenting).
That's a cool service with a major drawback: it's centralized (like github, twitter, facebook, google…). That mean that I'm not in control of my data (ok, there is little data here) and the day they decide to stop the free service, or sell their email database, or close the company, we will be fucked.
Here enters libravatar. They provide a similar service and in fact their API is based on gravatar's one, but with a major difference: you can host your own avatar service.
They provide an open source server, there is also an other implementation called surrogator. Since the libravatar API is quite simple, there is nearly no need of a server in order to have a basic implementation.
There is a description on how to install a simple libravater service on Puslingblog and I'm going to do something very similar here.
DNS
First let start with the DNS which is the magic part compared to gravatar. The idea is that given an email address, lookup the DNS server of that domain which server is taking in charge of providing the libravatar service.
The method used is similar to email configuration discovery or xmpp configuration, you have to provide an SRV field in your zone configuration:
_avatars._tcp IN SRV 0 0 80 avatar.example.com.
And if you also provide it over HTTPS:
_avatars-sec._tcp IN SRV 0 0 443 avatar.example.com.
So here I'm telling that the server avatar.example.com. Libravatar provides a service to check if your DNs is properly configured.
For an email address like foobar@example.com, the avatar will be on an URL like http://avatar.example.com/avatar/bfaa47fff290d85cd956cc303edb6033.
Web server
So here we are serving the avatars as static images in an Apache server. Let start with creating a new vhost in Apache:
$ sudo emacs /etc/apache2/sites-available/avatar
<VirtualHost *:80>
ServerName avatar.example.com
ExpiresActive on
ExpiresByType image/jpeg "access plus 1 week"
ExpiresDefault "access plus 1 day"
DocumentRoot /path/to/avatar/root/directory
ForceType image/jpeg
Options -Indexes
</VirtualHost>
Here I'm forcing all content delivered on this webserver to have MIME type image/jpeg (since avatars won't have any file extension) and then setting a default TTL to 1 week (the libravatar specify that the TTL must be at least 1 day). Note that with this configuration, if an avatar does not exists, a 404 error will be returned. You can add something like ErrorDocument 404 /path/to/default/picture.jpg if you want to specify a default picture.
Now we need to create the vhost root directory and put images in it. The images must be in a sub-directory called avatar and their name must be the MD5 or SHA256 of the email address (for "foobar@example.com" that's 0d4907cea9d97688aa7a5e722d742f71 for the MD5 and 3bc3ca01dd1d501ca1c22e1c5d7d16feac90b8a3178fb17c710510d8a85e21bf for the SHA256).
$ sudo mkdir -p /path/to/avatar/root/directory/avatar
$ sudo cp /path/to/picture.jpg /path/to/avatar/root/directory/avatar/`echo -n foobar@example.com | md5sum | sed 's/-//'`
$ sudo cp /path/to/picture.jpg /path/to/avatar/root/directory/avatar/`echo -n foobar@example.com | sha256sum | sed 's/-//'`
There is a more automatized command explained on Puslingblog.
Now finish the installation:
$ sudo chown -R www-data:www-data /path/to/avatar/root/directory
$ sudo chmod -R ug=rX /path/to/avatar/root/directory
$ sudo a2ensite avatar
$ sudo service apache2 reload
Of course libravatar provides a service to check that your avatar is set up properly.
Comments Add one by sending me an email.