Logging non-proxy IP addresses in Heroku and Express for node.js

Back when I built the Is Septa Fucked? website, I decided to use Heroku seeing how they supported node.js and I wouldn't have to worry about sysadmin tasks. Heroku proved to be a great choice, but along the way I noticed some strange log entries like these:

2013-01-05T03:26:41+00:00 app[web.1]: 10.44.130.226 - - 
   [Sat, 05 Jan 2013 03:26:41 GMT] "GET /favicon.ico HTTP/1.1" 200 
   - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8)"

Net 10.0.0.0/8 is normally non-routable, so it shouldn't be showing up in server logs like that. It turns out that Heroku uses reverse HTTP proxies to handling incoming traffic for their customer apps. That proxy then forwards the traffic to your application after storing the original client's IP address in the HTTP "X-Forwarded-For:" header.

To change how logfiles are written in Express, you have to mess around with the logger module, which is part of the connect library, and available within express as express.logger.

The first thing to do in node.js is to create a new "token" in the logger module which will extract the IP address from the X-Forwarded-For header:


//
// Create an IP token for the logging system that lists the original IP, 
// if there was a proxy involved.
//
express.logger.token("ip", function(request) {

   var retval = "";

   if (request["headers"] && request["headers"]["x-forwarded-for"]) {
      //
      // Proxied request
      //
      retval = request["headers"]["x-forwarded-for"];

   } else if (request["socket"] && request["socket"]["remoteAddress"]) {
      //
      // Direct request
      //
      retval = request["socket"]["remoteAddress"];

   } else if (request["socket"] && request["socket"]["socket"]
      && request["socket"]["socket"]["remoteAddress"]) {
      //
      // God only knows what happened here...
      //
      retval = request["socket"]["socket"]["remoteAddress"];

   }

   return(retval);

});
3
Average: 3 (4 votes)
Your rating: None

Midwest FurFest 2012 Con Report

Impatient? You can view all of the photos over here!

Midwest FurFest was a furry convention held in Chicago from November 16th-18th, 2012. It was held at the Hyatt Regency O'Hare which was a rather nice venue, with plenty of public space for socializing and gathering. I worked in Convention Operations (Con Ops) again under Puma again, and when I wasn't working, I did what I normally did: I took pictures.

I tried to do more closeup fursuit muzzle pictures with Nikon D3000, and the results came out pretty well:

Shia Moorhen Closeup Fox Muzzle Manik Wolf
Tzup Closeup Cat at the Charity
Fursuit Photoshoot after the Parade
Shia Moorhen and Keenora Yawni Husky and Tzup

Of course, no convention could be complete without Raptor Jesus, Master Splinter, and The Drama Llama seen in that order:

Raptor Jesus Master Splinter The Drama Llama

Way too much fun was had at Midwest FurFest. (Want the full set of pictures? They're over here!)

At this time, my next furry convention will be Furry Connection North, to be held in April up in Michigan. Have a good Christmas, and I hope I see you all there!

3.166665
Average: 3.2 (12 votes)
Your rating: None

Vagrant 101: Simple Linux VMs


"I would totally trust this guy to run my apps!"

What is Vagrant?

Vagrant is command line utility that is used for setting up virtual Linux boxes with Oracle's VirtualBox

Vagrant is useful if:

  • You are a freelancer who works in many different development environments, and doesn't want a bajillion different services running on your machine.
  • You are a sysadmin who want to test out new machine configurations without the expense of provisioning a new EC2 instance (and possibly forgetting to turn it off, whoops!)
  • You work in a company where every developer needs their own development machine. Make some recipes in Chef, and now each member of the team can have an identically configured machine.

Wait, doesn't VirtualBox have a GUI?

Why yes, it does. However, using it is optional. Vagrant is simply another way to use VirtualBox. It also makes it easy to install different flavors of Linux, as we will see shortly.

How do I get started with Vagrant?

Go to the Vagrant website and download the latest version. Make sure you have VirtualBox, too. Once you've done those things, type these commands:

vagrant box add base http://files.vagrantup.com/lucid32.box
vagrant init
vagrant up
3.76923
Average: 3.8 (13 votes)
Your rating: None

Chef 101: An Introduction to Chef

Find this code on GitHub
Here
Related Articles:
Vagrant 101: Simple Linux VMs

I've been using Chef for awhile at work, and seeing how complicated parts of it can be, I wanted to take the time to write a blog post about it, and give an introduction on how to be up and running with Chef. Hopefully it will save others some the aggravation I dealt with early on. Also, I tested these recipes out on an Ubuntu 12.04 box. (If you aren't running Ubuntu, no problem! Just install Vagrant)

Different Parts of Chef

There are a few different parts of chef:

  • Chef-server - The software that runs on a server and holds "cookbooks", "recipes", and "data bags". We won't be covering that here.
  • Chef-client - The software that runs on machines managed by Chef. It talks to the machine running Chef-server, downloads cookbooks from it, and runs the recipes in those cookbooks locally. We won't be covering that here, either.
  • Knife - A tool used to manage machines with chef-client on remotely. We definitely won't be covering that here.
  • Chef-solo - A tool used to run recipes out of cookbooks in the absence of a server. That will be the focus of this article.

Chef Configuration

If we try and run chef-solo right away, it will freak out because it doesn't have a configuration. So the very first thing we need to is create a configuration file, which we'll call config.rb:

base_dir Dir.pwd + "/"
file_cache_path base_dir + "cache/"
cookbook_path base_dir + "cookbooks/"
4.125
Average: 4.1 (16 votes)
Your rating: None

Creating Self-signed X.509 SSL Certificates the Easy Way

Find this code on GitHub
Here

If you're even a small-time sysadmin, chances are that you've had to create SSL certificates more than once. Creating a certificate signing request is generally easy enough--you create the .key and the .csr files, and send the .csr file off to your Certificate Authority (CA), pay them a ton of money, and they send you back your signed public key (usually a file ending in .crt).

But what if you don't want to go through all of that trouble? What if you just want to have a self-signed SSL certificate for a small project? Or for submitting to Amazon Web Services (AWS) so that you can access their API?

I wrote a script to help automate that:

#!/bin/sh
#
# This is a wrapper script for making self-signed certificates
#

#
# Make errors be fatal.
#
set -e

if test ! "$1"
then
	echo "Syntax: $0 basename"
	exit 1
fi

BASENAME=$1

#
# Our secret key
#
KEY="${BASENAME}.key"

#
3.375
Average: 3.4 (8 votes)
Your rating: None

Shutting Down the PA-Furry Mailing List


Cheetah express! It gets there... after 12 naps.

Howdy!

The PA-Furry mailing list was originally started by me back in February, 2000. For the better part of a decade, it was a place for furries who lived in and near Pennsylvania to chat with each other.

Sometime in 2010, traffic on the mailing list started to drop off, due in part to the popularity of Facebook, Twitter, and other online venues, and due partly to the Pennsylvania Furries website picking up steam. By 2012, the list was fairly inactive, except for the occasional spam. Between the decline in mailing list activity, and an unrelated server move, I felt it was time to shut down the mail server and retire the mailing list. I intend to keep the archives online indefinitely.

Here are some related links:

For the curious, here is a graph of mailing list activity, by month:

As you can see, activity picks up in the middle of the decade, then drops off by the end of the decade. By 2011, the list is virtually dead, with only the occasional post here and there.

For the UNIX-heads out there, I generated the data for that list by running this command under the mail archive directory:

find . -type f \
    |grep -v attachments \
    |egrep "[0-9]{6}" \
    |sort \
    |sed -e s/'\/[0-9]\{6\}.html'// \
    |cut -c3- \
    |uniq -c

If there are any questions or comments, feel free to reach out to me. My contact info is over here.

3.375
Average: 3.4 (8 votes)
Your rating: None

Is this really the world's oldest surviving Transformers webpage?

Primacron

"I have no idea how this happened!"

As far as I can tell, the answer to that question is a surprising yes.

Here's a brief history of the page:

  • 1996 - I started this webpage, back when I was a dialup customer of the company Oasis Telecommunications. The URL was then http://oasis.ot.com/~dmuth/tf/, and later became http://www.ot.com/~dmuth/tf/.
  • 1998 - I decided it was time for webhosting that was separate from my Internet account, so I became a customer of the company SSI Data Systems, down in the Atlanta area. (if memory serves, the principal was a gentleman named Mark Finkle). For awhile, the URL was http://www.ezbweb.net/dmuth/tf.
  • 1999 - I bought the domain name claws-and-paws.com, and set up a forwarder so the page could now be accessed at http://www.claws-and-paws.com/tf/.
  • 2010 - Having bought the more professional looking dmuth.org domain many years prior, I decided it was time to start using that domain name for my official web presence. So I once again switched domains to http://www.dmuth.org/tf/. The website was mostly static by this point.
  • The Present - The page is still sitting around, and all of the fan fiction and spinoffs are still archived here. Some of what I have here isn't available anywhere else on the net, and in at least one case, the author of some stories here passed away some years ago. So I'm inclined to leave everything exactly the way it is for the foreseeable future.

"Were there other Transformers webpages before this one?"

Oh, you bet there were. I know of pages that went back to at least 1993. Two of the names I remember were Iggy Drougge and J.J Hoxey, both of whom had very popular Transformers pages of their own. Sadly, their pages (and many others) have since gone 404.

I do not know of any other Transformers webpages on the net older than 1996, so it seems that I have the dubious honor of running the World's Oldest Transformers Webpage. Not exactly something I planned, I'll deal with it. Smiling

2.866665
Average: 2.9 (15 votes)
Your rating: None

My FurFright 2012 Pictures and Con Report

Impatient? You can view all of the photos over here!

I attended FurFright a few weekends ago and just now got to upload my pictures and make a blog post about it.

As I mentioned previously, I worked some pretty odd shifts in security, so I was often sleeping during the day, and didn't get to take all of the photos that I wanted to. That said, I did get some great photos taken during the Fursuit Parade, due to the fact that I was outdoors and had natural light to work with.

Hurricane Sandy put a damper on things and I was forced to return home early, which was Not Fun. Since I was concerned about traffic in NYC, I instead used Scranton as a waypoint of sorts. I set Scranton as the destination on my GPS, and when I was 50 miles away, changed the destination to my home. This turned a 4 hour trip into a 5 hour trip, but it was a very nice drive. I got to drive on US-209 to PA-33, and drive by my old stomping grounds in the Lehigh Valley. Along the way, I passed several dozen utility trucks heading south, towards the expected disaster area. The drive was cool enough that I think I'll do it on future trips back from FurFright.

Enough of that, here are some pictures:

Imaginary Skye Shia Moorhen Wii
Pink Husky Face Costello hiding behind plants
Nevask and another owl
Bierzun Imaginary Skye Giant husky plush

That's about all of the pictures that I care to post here. I have the entire archive at Flickr:

http://www.flickr.com/photos/dmuth/sets/72157631984367189/

Share and enjoy!

The next convention I'll be at is Midwest FurFest. I hope to see you there!

3.25
Average: 3.3 (16 votes)
Your rating: None

My FurFright 2012 Duty Hours

Loki on his Motorcycle
Professional dragon. Don't try this at home.

Once again, I will be working security at FurFright this year with the Dorsai Irregulars. I will be serving as a "sergeant" in this contract, which basically means I get to work longer shifts, and have less time off between shifts. Smiling Here is my duty schedule:

  • Thursday: 8 PM to Midnight
  • Friday: 8 AM to Noon
  • Saturday: 12 AM to 4 AM, 2 PM to 4 PM (fursuit parade), 4 PM to 8 PM
  • Sunday: 8 AM to Noon, 4 PM to 8 PM, 8 PM to 9 PM (fursuit parade)

Outside of those this, I'm available to hang out, socialize, and generally have fun. I hope I'll see many of my friends there!

2.46154
Average: 2.5 (13 votes)
Your rating: None

Career Paths for Software Engineers

Performance metrics can be harmful, too
Performance metrics can be harmful, too.

In years past, software engineers who performed rose up the corporate ladder would eventually find themselves in management. This usually ends poorly, since us nerds tend to talk to computers better than we talk to people. This means that while we're great at managing technology, we're not so great at managing fellow humans.

When I worked for Symantec some years ago, they had a career path for technical people (software engineer, sysadmins, etc.) that I thought was a great idea. It went something like this:

0-2 years experience Associate Software Engineer
0-8 years experience Software Engineer
6-14 years experience Senior Software Engineer
12-20 years experience Principal Software Engineer
15+ years experience Senior Principal Software Engineer
20+ years experience Distinguished Software Engineer
25+ years experience Senior Distinguished Software Engineer
3.014285
Average: 3 (70 votes)
Your rating: None