.sig
signature files (another example is OpenResty).
First install GnuPG for your OS. Ubuntu has it usally installed from scratch. For OS X use Homebrew and install it with brew install gnupg
.
Get the public key of the owner first. According to this page the public key is 83135D45
. So import the public key from a public keyserver (here from MIT):
1
|
|
Download KeepassX install file and its signature file from www.keepassx.org/dev/projects/keepassx/files.
Verify signature (in this example with beta2, OS X):
1
|
|
The last command should tell you that the file was correctly signed. You can also recheck that everything is ok by printing the exit code of the last command with echo $?
which should be 0. Otherwise you have a WRONG file without valid signature! Redownload it and check again, if it fails again do not install it!
One note: Most likely you will also get a warning (but no error!) like:
1 2 |
|
this is something you cannot prevent because it tells you basically that you trust the owner of the key and that the owner is really him (do you know him personally? Me neither ;) so please ignore this last warning. You can read more about this little warning here.
So this whole file checking is a little bit safer than a normal md5 or sha256 checksum because it involves the private key of the KeepassX owner. As always in computer science and life: Nothing is 100% safe.
]]>Never ever store secret keys in your source code repository!
If someone gains access to your repository then they will also gain access to your whole infrastructure!
But when you setup a server with Ansible you maybe need to copy a private key or SSL/TLS certificates to your servers at some time. Copying them manually was not a real option for me so I was happy when I found Ansible Vault which seemed at first like a simple and secure solution for encrypting files for storing them in a repository. However I was very disappointed when I tried it out because it only works with variables and not with files in a transparent way. I really wonder why?!
So when you copy a file you maybe have something like this in your playfile (danger! this is the wrong way to do it):
1 2 3 4 5 6 7 |
|
So I thought I can simply run ansible-vault encrypt deployment_id_rsa
and do the same copy command as above. But this will not work because Ansible Vault is only working for variables.
The solution is simple as long as you do not have binary secret data: You have to convert the secret private key file to a variable file which you need to import and also keep hidden in the (verbose -vvvv
) logs!
Copy&Paste your key into a variable file in your roles directory like e.g. roles/yourrole/vars/secret_key.yml
. It should look like this, look at the syntax and the usage of |
in the YAML:
1 2 3 4 5 6 7 8 9 10 11 |
|
Now encrypt that yaml with Ansible Vault:
1
|
|
At this point it is safe to include it also into your git repository because it is encrypted.
This variable file now needs to be imported in a playbook without logging no_log: true
and copied to the right destination. The copy
command can use a content
attribute for reading from a string. So we will use the variable here.
1 2 3 4 5 6 7 8 9 10 11 12 |
|
This way you can copy encrypted non-binary files contents without logging them.
On provisioning you only need to add --ask-vault-pass
to the command. Example:
1
|
|
In the last couple of years I’m educating myself more and more with videos from YouTube to learn new things or keep up to date with the dev world. Especially live-video talks from developer conferences which are often recorded and available for free. Just search for the “conference-name-of-your-choice” and their videos (keep an eye on their playlists)! Also many of this conferences are often not cheap to attend (time, travel costs, conference entrance, invitation only? etc.) so it is a very valuable source and convenient way just to sit in front of your TV (thanks Chromecast) and learn something new and useful whenever you want!
I don’t want to write much about React, Flux, GraphQL and Relay. You probably heard about them anyway but if you want to learn how they basically work you can save a lot of time by just watching this 4 videos. They are 122 minutes in total and I’m sure you will save a lot of time in comparison to only reading about them.
Btw. it took me some time by finding the best videos about the topics ;) and IMHO we have to thank Facebook and their developers for developing React, Flux (the concept), GraphQL, Relay and making them all open source!
They are truly simplifying development, extendibility, maintainability and testing of complex dynamic JS web pages (aka SPA) with RESTful server backends.
Also read:
ReactJS For Stupid People from Andrew Ray
Also read:
Flux for stupid people from Andrew Ray
– This guide works for docker toolbox and old boot2docker, some boot2docker steps uninstall steps are not needed but it will not hurt for docker toolbox uninstallation –
But I absolutely do not like the official Docker OS X installer (install manual). Things are improved with docker toolbox but uninstalling is still not trivial.
The reason for this are:
.pkg
and no uninstall app or instructions anywhere!In summary it tries to do too much. Many developers use tools like Vagrant & Homebrew. Why not go that way?
Be sure you’ve only used the official installer. This uninstall guide is not the right one if you have installed Docker with e.g. Homebrew or other methods.
If you also want to delete all your docker machines first run:
1
|
|
Stop boot2docker and delete the VBox image:
1 2 |
|
Remove boot2docker & docker app:
1 2 |
|
Remove all Docker and boot2docker command line tools:
1 2 3 4 5 |
|
Remove docker packages:
1 2 3 4 |
|
Remove boot2docker VBox image:
1 2 3 |
|
Remove boot2docker ssh keys:
1
|
|
Remove additional boot2docker files in /private
folder:
1 2 |
|
Remove docker toolbox config folder:
1
|
|
Remove the environmental variable DOCKER_HOST
in case you have fixed it somewhere like e.g. in .bash_profile
.
You can also delete Virtualbox of course. But if you are a developer you probably need it anyway. In case your VBox got also downgraded: Reinstall Virtualbox.
If you really want to uninstall Virtualbox:
~/.docker
directory./private
folder.this is is code
in blog posts.
Octopress has a wonderful documentation how to get it running on github pages and the standard design is very good for my needs.
I managed to migrate my old (two only) blog posts from Blogger and get everything setup on the weekend. I will maybe describe in a seperate posts how to install, migrate, publish on Github and fine tune Octopress.
Octopress 2.0 also seems a little bit dated and has some small bugs / missing features and I can strongly recommend the article Octopress Paper Cuts from Alex Rothberg.
The only main thing I do not like on Octopress is that everything is Ruby/Jekyll based with lots of dependencies (I wonder how smooth upgrading Octopress will work out) and I wished something like Hugo (written in go and one single binary) would have a bigger fan base. But Octopress beside Jekyll is the biggest player on static blog creation systems and has the most 3rd party plugins. A big dev community is priceless!
I also switch to my own domain entirely and the Github server which is serving this site has enough bandwidth if I will ever write some meaningful articles which will get linked to HN ;) :p
]]>So I tested Chrome 24 with this MathML browser test site: MathML Browser Test
First I was very excited because the first examples looked promising and right in Chrome. But when looking at more complex MathML Chrome rendered it wrong.
I installed Chromium Dev 26.0.1380.0 and I was hoping the Chromium team already fixed it. But my hope did not lasted long. Chromium 26 was showing me the same results as Chrome 24. This bug is already reported to Chromium’s bug tracker (star it if you’re interested in a fix).
I recently installed also Opera just to cover the last to me known modern browser which supports MathML natively (winkwink Internet Explorer). Opera had the most issues with rendering and some serious font problems with MathML on my Ubuntu machine.
So I guess we still need to use the very good MathJax JS library for a longer time to display all kind of MathML right in every browser except Firefox.
Result:
But see the rendered browser results yourself:
]]>The problem with transforming HTML5 to a more structured HTML5 is the parsing. The way to make this transformation is currently XSLT and we need XML compatible (X)HTML5 for this.
In the past we used HTML tidy which handles all HTML soup and transforms it to valid XHTML. The only problem is that it is dated, the last version is from 2008 and it does not support HTML5 (and we also want MathML support).
After some searching we’ve found http://w3c.github.com/tidy-html5%C2%A0which is a fork of tidy with support of HTML5. After my quick tests it seems compatible with the old tidy and (more important for me) also compatible to pytidylib so that I can still use my old python code but with new HTML5 tidy options. :)
Here are instructions on how to replace the old HTML tidy which is included in Ubuntu (tested on 10.04 & 12.04) with the new HTML5 tidy:
Remove all old tidy implementations
1
|
|
Get git, libtool and automake if you do not have them already
1
|
|
Clone tidy-html5 repository in a directory of your choice
1 2 |
|
Building the libtidy shared library and install libtidy and tidy program (copied from here)
1 2 |
|
So tidy and libtidy are now installed but Ubuntu will not find
libtidy by default because libtidy installed to the folder
/usr/local/lib
which is normally not searched for
runtime libraries. So we have to edit ldconfig’s search folders.
Open (with root/sudo rights) the file “/etc/ld.so.conf”. Example:
1
|
|
and add this line to the file /etc/ld.so.conf
1
|
|
Finally restart ldconfig and you are set!
1
|
|
Just a side note:
To remove HTML5 tidy and install old tidy again just go to its cloned
directory and type
1 2 |
|