Monthly Archives: December 2014

In need of a project…

I’ve been thinking over and over about joining some sort of open source project. But my problems (among many others) are:

  • I’m nervous about joining an existing project and not cutting it.
  • I don’t have a ton of time I can commit to a busy, fast-moving project.
  • I kind of like the idea of doing something completely from the ground up. (Ok, not completely—just doing something my way.

I’ve gravitated toward WordPress before because I know PHP, HTML, JavaScript, and CSS pretty well. But I decided it wasn’t for me. The Ghost project seems neat, but I think they have different views about blogging than I do. I mean, I like most of the interface well enough, but I don’t really want a split screen. I want to type in just Markdown, preview on the fly, then maybe have split screen to do final edits if need be. But really, the whole point of Markdown is to just write and not worry about HTML. With Ghost, I’m constantly looking back and forth between the two views. Plus, I still don’t have spell check. 🙁

So I think I might start building my own blogging platform. From the ground up. Just because. It’s not going to be better, it will just be mine.

Fighting Fire…

I learned something very disappointing today. I learned that the Amazon AppStore is nowhere near the Google Play app store. And that it isn’t easy, maybe not even possible, to put the Google Play store on a Kindle Fire. And there aren’t Google Apps on Amazon’s AppStore.

And the worst part of all, my favorite app, JuiceSSH isn’t available on the Amazon AppStore. I was really hoping that I could use the tablet for more than just movies and games. Not that I have any lack of devices. It’s just nice to be able to do as much as possible with the smaller devices.

But if you want to watch movies and play Candy Crush, then the Fire can do it.

Frustration just being secure…

Working at a company that makes a third of the world’s computer memory, you would think that I would be working with the latest technologies every day. Well, that’s not really the case. I deal mainly with software, developing and maintaining the stuff. And while the hardware under my desk might be top notch (i7 quad-core with 24 GB of RAM), the software running on it is probably 10 years old.

In order to get Python 2.7, I had to compile it myself. I also compiled Git. We have a NFS mounted home directory, so it’s available on all Linux boxes on the network. But that meant that I had to compile for both i686 and x64_86. Oh, and I can’t get root access on my box or get something better like Ubuntu 14.04.

Well, in this latest round, I’m trying to install some Ruby, Rails, and Node.js, along with the related packages. Well, everything was going great until I started the main install, and I got a weird error trying to download from Github over HTTPS. It wasn’t the proxy (I already had that setup correctly). I dug in and found two problems:

  1. The certificates on my machine were out of date, so I couldn’t download from some sites.
  2. The OpenSSL on my machine was so old, it didn’t support SHA-256 (which, funny enough, all new certificates will probably have, as most certificate authorities are phasing out SHA-1).
    So I tried to go down the road of compiling OpenSSL, Curl, and Git with support for the newer digest, as well as update the CA certificates. Oh, the nightmare this has been. Everything seems to go fine, but then Git just doesn’t work over HTTP/HTTPS. No error message — it just stops.

And all of this is to get OpenProject running on Linux because our sys admin gave me a old Windows box with a Core Duo processor to install OpenProject on, and now OpenProject doesn’t support Windows at all, and a Virtual Box Ubuntu server won’t run fast enough.

Anyway, that’s a long boring story. My point is: how can a technology company be so bad with software? Oh, the horror stories I could tell…

Welcome to Ghost…

Well, I did it. I successfully migrated my blog to Ghost. It was a bit of a wild ride. I’m going to jot down a few of the nerdier lessons learned, on the off-chance someone else runs into the same problems and happens upon this post.

Exporting from WordPress

Exporting the WordPress data was easy. I just used the Ghost export plugin for WordPress. I first exported all comments to Disqus, and I didn’t worry about images, since I don’t have that many and I didn’t really care if they were lost. I guess there are ways to save the images as well, but I didn’t bother. One caveat that you might also run into: tag descriptions cannot be more that 200 characters, so trim these first or you’ll be editing JSON by hand.

Installing Ghost

I chose to download from GitHub, in case I wanted to make any changes. I made my own fork as well. Anyway, that was the easy part. Just make sure you follow the right instructions (there are extra steps if you download from GitHub, in a “contributing” section). Once I did that it was a piece of cake.

The only tricky thing was that all off the post dates were way off, so I had to adjust the dates by +7 hours. Otherwise, all of my permalinks were broken. But now BYU students can still find the MRH.

Apache Reverse Proxy

I run Apache, including a few other blogs and other tools in PHP, so I needed to figure out a way to forward all https traffic to Ghost. I tried using a socket. That was a mistake. Apache’s Unix domain socket support is questionable, and documentation is nonexistant. Save yourself the pain and just use TCP/HTTP forwarding. I set Apache to redirect any HTTP traffic to mchasej.com, so I just had to worry about the SSL/HTTPS forwarding. But be sure to add the following line to your Apache conf file, or you’ll end up with endless redirect loops:

RequestHeader add X-Forwarded-Proto https

I’m sure that there’s a variable for the “https” but since this is a *:433 virtual host, it didn’t matter.

Ok, I guess that wasn’t as hard as it needed to be. Honestly, I probably spent a good 1-2 hours trying to get the socket thing to work. And before that, I spent 5-6 hours setting up SSL between my webhost and home server’s MySQL servers, as well as resyncing the slave. That was trickier than it needed to be, mostly because it left out the important detail that the CN for the requests had to be different between the CA, server, and client certificates. But now that’s finally secure. That wasn’t even something I thought of, then I stumbled upon the settings and realized that everything between my master and slave was plaintext. Oh, and tip: setup the slave certs through the CHANGE MASTER TO MASTER_SSL_CA=… command and not through the my.cnf file.

Well, I’m done with the nerdy stuff for now. I’m really excited to start using Ghost. The only thing I’m not happy with is the lack of browser spell-check support. Other than that, I’m tickled pink with this new blogging platform. My new little laptop handles it better as well.