Tuesday, November 25, 2014

Turnkey Internet

I've been playing around with Digital Ocean's cloud servers lately, and appreciated the time to destroy and allocate VPS servers. They've been rock solid, and I can't complain about the price. This week, Turnkey Internet had their black friday deals. $10/mo for a 4GB Ram, 4 core, 40GB disk VPS is a pretty good deal. Turnkey uses Xen for paravirtualization, which should be fine.

My first disappointment or surprise was that they advertised debian 7 wheezy as a target, but only allowed preinstallation of squeeze. This for me is a pretty big deal, because I'd like the deployment environment and the development environment to be the same. Right now all my home computers (except this laptop) are on wheezy, and will likely be for a while. Since I have in the past done a squeeze to wheezy upgrade in situ (without reimaging), I'm curious how this will go in a VPS where the kernel is not under my control. I always do this wrong, that is, not doing it first. Upgrading takes longer when you have additional packages installed. Afterword - that failed. The remote console also failed to help - this was showing a public key rejected, suggesting the "PasswordAuthentication No" option I'd set in the sshd_config was being read by the 'serial console' (strange). However, at that point, having destroyed the OS and left it in an unbootable position, it looks like installation of a debian 7.2 system is supported once you log in to the control panel area.

They have a pretty strict policy about spam (thats good), at least on paper, including surprisingly punitive service fees for addressing complaints. It looks like they don't delegate the PTR records, so that might be my first support ticket. Right now this resolves back to my.ipv4.address.static.as40244.net. I'm not sure whether I care enough to pursue this.

Sunday, October 26, 2014

Interactive Programming in Web2py

I've been working on Beth's website over the past few months. I find the easiest way to work through building the logic is to leave the views empty in the controller, and work with the web2py debug view to get the locals(), when this is working, I can move on to the next step. I find I'm making a few temporary lists to hold intermediate results, and inspecting. The web browser is a pretty useful tool for what' essentially printf debugging. I haven't used the other debug tools much, but I think the tickets (unless the model gets so wrong the tickets won't load) are a good way to return to a stack trace, and present both a developer view of open issues, and allow the user to forward a link to the website.

I had initially been working live, which was nerve wracking when the changes would break a migration and take down the site. I think having many controllers is better for small local changes, since broken code in the same file can prevent interpretation. I might have structured this differently if python could ignore some blocks...

I just wish that the wsgi setup on cpanel servers weren't so counter-productive. I currently have a cron to ensure the socket is owned by the site user, since it defaults to root/nobody, and under cpanel's configuration (maybe this is suexec related), the account doesn't have access to the wsgi server.

Sunday, September 28, 2014

GPG and You

Last night I was reading through PGP & GPG - Email for the Practical Paranoid, and found this marvel of a tip when talking about non-repudiation.

WARNING Do not digitally sign email while drunk or emotional. Sending email at all in such a state is very inadvisable.   

I think they're right.

Wednesday, September 03, 2014

Ad Block and Do Not Track Me

I still use firefox. I know it's a little silly to post on a blogspot site that I don't have full faith in google to play nice, but I trust mozilla, and I know what it's doing. Plus, it still uses metaphors I've grown to love, like urls, menus with words, and so on. I know it's very 1993 of me, but it's what I expect from a user interface. Due to paranoia, I log out of google except to use their services, which I pop in, work, pop out. You're unlikely to 'hang out' with me in plus.

Using Firefox, there are a few addons that I prefer to use. Apart from some utility types (show ip/dns information for all pages), the ones I most commonly install are adblock plus (the internet is a very different place with this disabled) and Do Not Track Me. One thing I've started noticing is that the number of tracking requests being blocked seems to go down about 50% when ads are being blocked. I guess one or the other is effective in decreasing the noise to signal ratio, and the combination playing off each other seems particularly effective.

Sunday, August 17, 2014

First Javascript function

Well, I put it off for years. Today I wrote an (albeit short) javascript function to toggle a check. I find the checkbox with the name specified, and set it to on. I meant to have a much more rich selection of all items by name, but I was getting confused between the code I was using to call this, and the code I was writing in.

I think the web developers deserve credit for existing in three levels and three languages simultaneously (php/perl/python/ruby/whatever for programming the server, html/css for presentation, and javascript for manipulating the page content and animations). When I was using lisp more, I think I would have solved this problem by moving one syntax into each of the three domains, and maybe adding a translation to the outside language. I'd have to look more into hunchentoot and seaside to see if this is how those are done. It looks like the dominant pattern now is a rich set of client side processing in javascript/jquery, and a gradually thinning server side logic for persistence and ubiquity.  I don't think I can ignore javascript any longer, and may need to make this my next language (along with relearning python at a functional competency.)

Tuesday, July 01, 2014


I'm a little new at mercurial. The merge process, though I'm sure it is well documented, was a little intimidating (lots of diff's with little clear context.) I also had the backward desire to bring changes from the default/main branch into a feature branch (it's taking a while, but I want to make sure I'm close to current.) That wasn't what I got from randomly pushing buttons in bitbucket, so I decided to make a throw away branch from default, and merge this into the feature branch. That actually did the right thing, and edit/commit seemed more straightforward a way to deal with conflicts than a weird vimdiff window. In their defense, I remember the first time I saw a monticello merge window, and it was only slightly more friendly to figure out without instructions, and I think you really need an internal model of what's going on.

I decided to move the live site into the 'live' branch, so default doesn't matter or mean anything, and can take whatever merges make sense.

Saturday, March 29, 2014

Quick Thoughts about Digital Ocean

I recently started playing with DO Droplets. From 0.7 cents per hour, the cost of experimenting is very low. The total time from creation to up and running a website, for me, without extensive prescripted deployment recipes, is under two hours, and seems to be a manageable cost at $5. This is very favorably priced compared to shared hosting, and the KVM vps seems to handle memory more adequately than my vz vps. SBCL always segfaults during build process on a VPS with more ram on the VZ side, and correctly built on the 512MB DO system. I find that needing to destroy the container when done to release the resources is not too bad, I could imagine spinning up a test container on the fly (60 seconds to do this) and releasing it after finishing. I also found that the same hostname yielded the same IP address a second time, a week later. I don't know that I should count on this, but it certainly saved a little trouble fiddling with DNS.