Wednesday, June 24, 2009

Substruct Web Store (Tutorial)

The goal of this article is to provide a detailed step-by-step introduction to installing Substruct for Debian (unstable). I installed Substruct on my Windows system, but server loading times were inordinately slow and I got the impression that it was putting an unnecessary burden on my local machine's processor.

Then, when I migrated my installation and database to a Debian system, I had strange problems crop up, like the "Not ready to buy yet?" message would not appear, and my "Add this item to your wishlist" button would start overlapping the "Add to Cart" button. Not cool! So, I decided to gut the provided installation of Ruby and try installing Substruct from scratch.

First step is to download Ruby from the Download Ruby website, compile and install. I recommend the old version 1.8.7, which you will have to dig out of the FTP archives; they are pushing ruby 1.9.1 now, which doesn't have support for the ftools library, something that's used by Substruct; you will surely need some basic developer tools installed already to begin the ./configure; make; make install procedure. Once you've got them all and started the compile, go and make yourself a sandwich. Should take 5 minutes unless you're strapped for memory.

Now that you have your own custom installation of Ruby, you'll need some Ruby Gems to commence the Substruct installation. Get the latest version of both, and follow the instructions to install Ruby Gems (basically ruby setup.rb), then install the gems required by Substruct (gem install RedCloth fastercsv mime-types mini_magick ezcrypto).

Someone needs to use the computer. I'll finish this debugging process later.

Friday, April 24, 2009

OpenAFS for Windows?

Does anyone know how to set up an OpenAFS client for Windows? Aww hell I'm going to pittsford.

Saturday, April 11, 2009

New Coke: The Home Network

We've got some new machines for the inventory:

  • 192.168.22.3: IRIE bare metal, an HP Pavilion Slimline configured to run either CentOS Xen or Windows XP SP3 from the RIT CS Department. Running Xen is a preferred configuration, but with one major deficiency: after all driver issues have been resolved, I'm left with a setup that can't play movies and boots flash videos! Bummer. At least it makes a good fileserver.
  • 192.168.22.48: WinXPSP3 xen cfg, boots under CentOS 5.3 Xen dom0 where everything works fine but network video performance is slow. One minor problem is a clock skew: the system reads UTC time properly from a registry hack, but when the system is left alone for a while, the clock flies ahead by four hours and has to be reset before kerberos authentication can connect to the OpenAFS cell hosted on debunst.rit.edu
  • 192.168.22.1: The router that needs to do the magic so you can connect to either of those new machines on my home network. It's a Linksys RVS4000!
  • 74.74.157.120: The public IP address of my home network.
The list of machines at the office needs to be updated, and a service catalog is soon to be extant.
Customers inquiring about the current state of the system: you can understand that the system is currently in use, and that a new shared instance can be provided at your request, but you should expect an expense of $300-600 for a server of similar quality delivered to your location. Configuration is a further expense that pertains to the state of the system, and I earmark this task at $200 per machine. You can run linux, you can resell services, and you ought to, if you like to help people and make money!

Wednesday, March 18, 2009

/home (exported from irie-arch:Tomboy)

No More Network Video! Please

We have managed to secure device (/dev/sda1 10GB:/srv) to keep some movies and a basic image of Debian Stable (lenny) for bootstrapping Xen instances of domU.

The deployment target is (/dev/sdc1 10GB:/home) where the disk is ext3 with reasonable permissions, and the space has been liberated from network video users.

Our system has a dangerous (/dev/md0 446GB:/) that is probably pretty safe formatted as XFS, with something like 100GB free thanks to a lost 100GB filesystem that was hosting a system running Ubuntu.

So, we ought not count on that 446GB! Instead, find a way to utilize that 100GB such that it can be "snapped" and utilized en-masse by another system, like the 120GB guest OS living on my VMware Infrastructure disk.

When we have another system somewhere with 500GB that we can trust, until then, scripted deployment is king and federated virtualization is a pipe dream that we need not realize now or in the near future.

There is no need to copy hundreds of gigabytes! Your application is insignificant.

Tuesday, February 17, 2009

Red vs. Blue: The Phone Company

Payment processors: I got another call from my T-mobile representatives today, asking for a payment on my phone bill. I gave her the card number and she charged $80; I could have a G-one phone for that price every month... instead she said she'd apply the payment to my FlexAccount.

What she said next intrigued me: make sure you call tonight or tomorrow to make the payment.

Didn't I just make the payment? I guess she would have responded like this:

"No, you just put some money in the account. The payment is a variable amount, based on some combinator on the services you've asked for, the services you've received, and the numbers we gave you when you signed up for the account. The number that's deducted from your coffers every month should be a flat fee, and it shouldn't be too high. If you've got $140 in your flex account and you're using less than 300 minutes every month, it's not going to be $70.

"$73.83 is just a number I threw out to get us started."

Whoa. That's heavy shit. Sidekick Unlimited plan at $19.99 plus Individual Basic with FlexPay for $29.99 is just shy of $50. I asked for the Individual Basic plan with 300 whenever minutes, and I think I should have it. I don't use more than 300 minutes on my phone during prime-time. I've got other phones that don't charge me $0.15+ every minute past my allowance. Some of these phones don't even maintain an allowance!

The last few months I've been paying for 600 whenever minutes, in spite of my demands. Do you know we don't even get rollover? So here's what she did for me: she took some money off my credit allowance with Capital One, and she put it into my FlexAccount. Actually, she put a note into a message queue, and that payment will be finally processed when they get to it.

Meanwhile, I'm going to talk to someone else with the right to refresh my account, and they're going to listen when I say, "There ought to be enough in my FlexAccount to cover the amount due for my monthly payment. Now, can we see how much that is supposed to be?"

She's not from FlexPay team. She represents me, with T-mobile. The distinction is quite fine.

Monday, February 9, 2009

Tryouts: XulRunner Data Grab

So, I've got this hunk of data little over 1GB that I'm pretty sure is going to be essential to my business. It's not the 1GB size, or even the particular data that I'm working with, but the fact that I need access to it, at whatever machine I'm using today.

We've got two users on the same machine collaborating on that data using Unison File Sync. How's it going? One user wants to use Subversion, the other wants to use Git. Integration is a pain that we don't want to tackle now. So, we're giving each user their own copy of the data, with their own exclusive write permissions on that copy, and they can share that data with anyone. They're going to share passwords, or they're going to share a third-party data store on another machine, and it's going to handle the access control rights between these two folks.

Unison supports most popular file transfer mechanisms. Our hunk is exported via FTP to Kingdon's own location on the house machine, /export/ftp/home/kingdon, which is encapsulated in a chroot jail so FTP users can't get out without connecting by another protocol. The firewall is responsible for making sure that only appropriate users will access the machine by any protocol, either FTP, SSH, IMAP, so there are actually plenty of different ways in, but this port's VSFTPD process is restricted to data inside of /export/ftp because it was executed inside of a chroot jail.

The firewall isn't doing its job reliably. The first firewall gets its IP address from the cable modem, doles out a static IP on a private subnet to the second firewall, which assigns a static IP to the house machine on a second private subnet, exposes the whole internal network to anyone with an 802.11 wireless client device that knows how to read, and forwards port 21:FTP past both firewalls to the house machine, so users on the outside with a username and password can access FTP and that big storage area with about 120GB of space on /export/ftp

kpb1363@hilly:~/spring2006$ ftp house.tuesdaystudios.com
ftp: connect: Connection timed out

Bummer. Try again tomorrow? I'll look at the firewall and figure out what's up when I get home.

Ruby on Rails: http://getontracks.org/downloads/index

Tracks has a new version out! I'm going to deploy it on my ArchLinux host, currently represented by irie-arch.tuesdaystudios.com, and I wanted to put up a page there that describes the services exposed, including pricing info, in case someone asks for their own copy from me. Maybe I'll use Instiki for this.

Meet our customer and his ad-hoc server farm (two machines in one) that live in Rochester on a University network, with a nearby home-based backup server for super cheap.