Doug's Home On The Web

The guilty cat, himself!

We know you killed those mice, dude.

My parents' cat Casey passed away early last week. He managed to live to be 20. That's not so bad for a cat that grew up on the streets and was eventually rescued by Forgotten Felines and Fidos. My parents adopted him when he was just a few years old, and gave him a loving home for the rest of his life.

That's not to say that Casey wasn't a jerk from time to time. Later in life, he took on the "grumpy old man" persona, and would eat pretty much anything he could get his paws on, just because he could. He'd even catch mice. That cat just did not care.

Anyway, here's a video that we shot sometime last year--in which Casey tries to steal food while we are seated at the table:

The Challenge

When hotel reservations open, that is the single busiest time of the year for Anthrocon's webserver. In fact, it even caused us performance problems last year. That was not so good.

So this year, I decided to try something different. Instead of leaving the regular website up and running, which involves using Drupal, I instead decided to replace the entire page with a relatively static "countdown" page, which displayed a countdown timer and automatically started displaying the hotel link at 11 AM on the opening day.

First, some stats for the Anthrocon website:

• Peak bandwidth: 1.6 Megabits/sec
• Peak connections: 1,400 concurrent connections

And now some status for Passkey, who handled most of the traffic:

• Peak bandwidth: 190 Megabits/sec
• Peak connections: 4,000 concurrent connections

Lightening the Load on the Webserver

Related Articles:
Chef 101: An Introduction to Chef
Vagrant 101: Simple Linux VMs

In this post I'm going to talk about using port 80 and 443 for web development on a Mac running 1 or more virtual machines under Vagrant.

Why use port 80 and port 443?

Port 80 is the standard port for HTTP and 443 is the standard port for HTTPS. While other ports can be used, they're non-standard, and some (if not most) webapps make assumptions about those port numbers. You can really get burned on matters of HTTP redirection, such as when a form is submitted or when redirection from HTTP to HTTPS happens. While applications can certainly be built to take the port numbers into account, many are not.

Unfortunately, it's not a simple matter of telling configuring your Vagrant instance to listen on ports 80 and 443. Any port under 1024 requires the program to be running as root. And running an app as the root user is generall y never a good idea.

Can I forward ports from the Vagrant instance?

Why yes, you can! It's as simple as putting these lines in your Vagrantfile:

config.vm.forward_port 80, 8080
config.vm.forward_port 443, 8443

Wait, those are ports 8080 and 8443!

Yes, they are. Remember what I said about needing to be the root user? But, under Mac OS/X we can forward ports 80 and 443 to ports 8080 and 8433. The trick is to use the ipfw utility which comes with OS/X and is used to manage its built in firewall.

Here's a "quick and dirty" way to do it from the command line:

sudo ipfw add 100 fwd 127.0.0.1,8080 tcp from any to me 80
sudo ipfw add 101 fwd 127.0.0.1,8443 tcp from any to me 443

It was a bit foggy last night, and I couldn't sleep last night. So I did the only sensible thing. I wandered around town and took pictures.

There's a few more such pictures. The full set can be found on Flickr:

http://www.flickr.com/photos/dmuth/sets/72157632512138031/

Enjoy!

Back when I built the Is Septa Fucked? website, I decided to use Heroku seeing how they supported node.js and I wouldn't have to worry about sysadmin tasks. Heroku proved to be a great choice, but along the way I noticed some strange log entries like these:

2013-01-05T03:26:41+00:00 app[web.1]: 10.44.130.226 - - 
   [Sat, 05 Jan 2013 03:26:41 GMT] "GET /favicon.ico HTTP/1.1" 200 
   - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8)"

Net 10.0.0.0/8 is normally non-routable, so it shouldn't be showing up in server logs like that. It turns out that Heroku uses reverse HTTP proxies to handling incoming traffic for their customer apps. That proxy then forwards the traffic to your application after storing the original client's IP address in the HTTP "X-Forwarded-For:" header.

To change how logfiles are written in Express, you have to mess around with the logger module, which is part of the connect library, and available within express as express.logger.

The first thing to do in node.js is to create a new "token" in the logger module which will extract the IP address from the X-Forwarded-For header:

//
// Create an IP token for the logging system that lists the original IP, 
// if there was a proxy involved.
//
express.logger.token("ip", function(request) {

   var retval = "";

   if (request["headers"] && request["headers"]["x-forwarded-for"]) {
      //
      // Proxied request
      //
      retval = request["headers"]["x-forwarded-for"];

   } else if (request["socket"] && request["socket"]["remoteAddress"]) {
      //
      // Direct request
      //
      retval = request["socket"]["remoteAddress"];

   } else if (request["socket"] && request["socket"]["socket"]
      && request["socket"]["socket"]["remoteAddress"]) {
      //
      // God only knows what happened here...
      //
      retval = request["socket"]["socket"]["remoteAddress"];

   }

   return(retval);

});

Impatient? You can view all of the photos over here!

Midwest FurFest was a furry convention held in Chicago from November 16th-18th, 2012. It was held at the Hyatt Regency O'Hare which was a rather nice venue, with plenty of public space for socializing and gathering. I worked in Convention Operations (Con Ops) again under Puma again, and when I wasn't working, I did what I normally did: I took pictures.

I tried to do more closeup fursuit muzzle pictures with Nikon D3000, and the results came out pretty well:

Of course, no convention could be complete without Raptor Jesus, Master Splinter, and The Drama Llama seen in that order:

Way too much fun was had at Midwest FurFest. (Want the full set of pictures? They're over here!)

At this time, my next furry convention will be Furry Connection North, to be held in April up in Michigan. Have a good Christmas, and I hope I see you all there!

"I would totally trust this guy to run my apps!"

Related Articles:
Chef 101: An Introduction to Chef
Web Development on Port 80 and 443 in Vagrant

What is Vagrant?

Vagrant is command line utility that is used for setting up virtual Linux boxes with Oracle's VirtualBox

Vagrant is useful if:

• You are a freelancer who works in many different development environments, and doesn't want a bajillion different services running on your machine.
• You are a sysadmin who want to test out new machine configurations without the expense of provisioning a new EC2 instance (and possibly forgetting to turn it off, whoops!)
• You work in a company where every developer needs their own development machine. Make some recipes in Chef, and now each member of the team can have an identically configured machine.

Wait, doesn't VirtualBox have a GUI?

Why yes, it does. However, using it is optional. Vagrant is simply another way to use VirtualBox. It also makes it easy to install different flavors of Linux, as we will see shortly.

How do I get started with Vagrant?

Go to the Vagrant website and download the latest version. Make sure you have VirtualBox, too. Once you've done those things, type these commands:

vagrant box add base http://files.vagrantup.com/lucid32.box
vagrant init
vagrant up

Find this code on GitHub
Here

Related Articles:
Vagrant 101: Simple Linux VMs

I've been using Chef for awhile at work, and seeing how complicated parts of it can be, I wanted to take the time to write a blog post about it, and give an introduction on how to be up and running with Chef. Hopefully it will save others some the aggravation I dealt with early on. Also, I tested these recipes out on an Ubuntu 12.04 box. (If you aren't running Ubuntu, no problem! Just install Vagrant)

Different Parts of Chef

There are a few different parts of chef:

• Chef-server - The software that runs on a server and holds "cookbooks", "recipes", and "data bags". We won't be covering that here.
• Chef-client - The software that runs on machines managed by Chef. It talks to the machine running Chef-server, downloads cookbooks from it, and runs the recipes in those cookbooks locally. We won't be covering that here, either.
• Knife - A tool used to manage machines with chef-client on remotely. We definitely won't be covering that here.
• Chef-solo - A tool used to run recipes out of cookbooks in the absence of a server. That will be the focus of this article.

Chef Configuration

If we try and run chef-solo right away, it will freak out because it doesn't have a configuration. So the very first thing we need to is create a configuration file, which we'll call config.rb:

base_dir Dir.pwd + "/"
file_cache_path base_dir + "cache/"
cookbook_path base_dir + "cookbooks/"

Find this code on GitHub
Here

If you're even a small-time sysadmin, chances are that you've had to create SSL certificates more than once. Creating a certificate signing request is generally easy enough--you create the .key and the .csr files, and send the .csr file off to your Certificate Authority (CA), pay them a ton of money, and they send you back your signed public key (usually a file ending in .crt).

But what if you don't want to go through all of that trouble? What if you just want to have a self-signed SSL certificate for a small project? Or for submitting to Amazon Web Services (AWS) so that you can access their API?

I wrote a script to help automate that:

#!/bin/sh
#
# This is a wrapper script for making self-signed certificates
#

#
# Make errors be fatal.
#
set -e

if test ! "$1"
then
	echo "Syntax: $0 basename"
	exit 1
fi

BASENAME=$1

#
# Our secret key
#
KEY="${BASENAME}.key"

#

Cheetah express! It gets there... after 12 naps.

Howdy!

The PA-Furry mailing list was originally started by me back in February, 2000. For the better part of a decade, it was a place for furries who lived in and near Pennsylvania to chat with each other.

Sometime in 2010, traffic on the mailing list started to drop off, due in part to the popularity of Facebook, Twitter, and other online venues, and due partly to the Pennsylvania Furries website picking up steam. By 2012, the list was fairly inactive, except for the occasional spam. Between the decline in mailing list activity, and an unrelated server move, I felt it was time to shut down the mail server and retire the mailing list. I intend to keep the archives online indefinitely.

Here are some related links:

• The Pennsylvania Furries Website
• 12+ years of the PA-Furry mailing list archives
• Pennsylvania Furries on Facebook

For the curious, here is a graph of mailing list activity, by month:

As you can see, activity picks up in the middle of the decade, then drops off by the end of the decade. By 2011, the list is virtually dead, with only the occasional post here and there.

For the UNIX-heads out there, I generated the data for that list by running this command under the mail archive directory:

find . -type f \
    |grep -v attachments \
    |egrep "[0-9]{6}" \
    |sort \
    |sed -e s/'\/[0-9]\{6\}.html'// \
    |cut -c3- \
    |uniq -c

If there are any questions or comments, feel free to reach out to me. My contact info is over here.