Mike Pirnat

I finally got fed up with not having SSL for my Wordpress instance on Webfaction and decided to rectify it today. I ran into a couple of surprises along the way that were really irritating, so once I sorted them out I figured I owed the internet an explanation so that things would be easier for anyone else wanting to do the same thing.

Assumptions

I’m going to assume that you already have a Webfaction account with a Wordpress instance running on it. If not, the control panel screencast is an oldie-but-goodie that’ll get you started. I’m also going to assume that you’re on one of the basic, shared hosting plans, and that you’ll be running your secure stuff on the same box as your non-secure site. And I’m also assuming that you’ll be okay using Webfaction’s default SSL certificate rather than your own–this will throw warnings in many browsers, but saves you the cost of purchasing your own cert and the time required to request a private IP from Webfaction. And this only applies to Wordpress 2.6 and above. (You really should upgrade, you know.)

Create a secure site

In the Webfaction world, a single “site” can only be non-secure or secure, so you need to create a new site that will largely mirror your existing, non-secure site. To do this:

1. Log into the Webfaction control panel.
2. From the Domains/websites menu, pick Websites.
3. Click the little green + icon at the bottom-right of the websites panel to begin creating a new site.
4. Give your new site a meaningful name (I like it to be the same as the non-secure site, but with “_secure” or something similar tacked onto the end).
5. Choose the same IP as the non-secure site that you’re adding SSL to. Unless you are fancy enough to have multiple IPs, this shouldn’t really be a choice at all.
6. Check the HTTPS checkbox. (This is important.)
7. Choose the same subdomains as the non-secure site that you’re adding SSL to–so if your site is at http://www.yoursite.com, you might want to make sure that you select yoursite.com and www.yoursite.com subdomains so that both will be connected to this configuration.
8. In the Site apps section, add your existing Wordpress instance with the same URL path that it has in your non-secure site. If you’ve got an app called my_blog at /blog, make sure you do the same thing here.
9. Click Create.

Fix your Wordpress URL configuration

If you visit your blog now (in non-secure/http mode), depending on your browser, you might see a complete and total failure to load your stylesheets–meaning that your site is now probably fairly ugly. If you view source, you’ll see that, even though you aren’t loading your page from over HTTPS, Wordpress is generating HTTPS links for all your content–stylesheets, images, everything.

To fix this:

1. Log into your Wordpress instance and go into the Dashboard.
2. Go to the General Settings page.
3. Change the WordPress address (URL) and Blog address (URL) fields to begin with http instead of https.
4. Don’t forget to Save Changes.

Now try your site on its non-secure/http link. When you view source, all your resources should be coming from URLs that start with http.

Update your wp-config.php

Edit your wp-config.php. Depending on what you want to do, you’ll add one or the other of the following two lines.

To require only login to be secured:

define('FORCE_SSL_LOGIN', true);

To require login and admin pages (my preference) to be secured:

define('FORCE_SSL_ADMIN', true);

Profit!

Log out of your Wordpress instance, then hit your login link. You should now see that your login and registration pages are served up via https links. If you chose to use FORCE_SSL_ADMIN, you should also see https in all of the URLs as you navigate around your Wordpress admin area.

Things should be hunky-dory now. I hope it worked out all right for you!

geekery, howto, wordpress ssl, webfaction, wordpress

Robert Kern asked me to share my Atomisator configuration for the Unified Python Planet. So, here it is:

[atomisator]
 
# sources
sources = 
    rss http://www.planetpython.org/rss20.xml 
    rss http://planet.python.org/rss10.xml
 
# filters
# "doublons" is French for "duplicates" --  this is what de-dups the feed
filters =
	doublons
 
# enhancers
# I'm not using any, just leave this blank (default)
enhancers =
 
# outputs
outputs =
    rss /home2/mpirnat/webapps/pirnatwp/static/unified_python_planet.xml "http://feeds2.feedburner.com/UnifiedPythonPlanet" "Unified Python Planet" "A uniqued union of the Official and Unofficial Python planet feeds.  Generated by Atomisator FTW!" 
 
# database
database = sqlite:///atomisator/unified_python_planet.db

The example configuration files that come with Atomisator are really good at illustrating how you would use them; I’ve omitted the explanatory comments from my example, but they’re in the examples and will point you in the right direction. Thanks again to Tarek for this very handy tool!

geekery, python atom, atomisator, config, geekery, python, rss

I mentioned the “Diaper Pattern” in a recent post and got some comments asking what the term meant. I had hoped to just link to an explanation, thinking it was a well-known antipattern, but several minutes of frustrated Googling have left me convinced that there’s actually a tiny knowledge gap to be filled here.

“Diaper Pattern” is a term that I picked up from working with Matt Wilson and David Stanek. It’s an anti-pattern about naively over-broad exception catching. A very basic example in Python might be:

try:
    do_something_that_might_throw_various_exceptions()
except Exception:
    pass

If anything at all goes wrong in do_something, the except will catch and silence it–but we know that errors should never pass silently (unless explicitly silenced). It’s called a Diaper because it catches all the shit.

In practice, unless you have a good reason to catch everything, it’s a lot better to only catch the specific exceptions that need special handling, so that you’ll know right away about any runtime surprises and where they came from:

try:
    do_something_that_might_throw_various_exceptions()
except IOError, e:
    # handle just IOErrors; let everything else make noise

Maybe it’s just a coincidence, but I’ve heard the term used more by developers who have young children than by those without kids.

geekery, naughty-words, python antipattern, diaper, geekery, pattern, python

A coworker unearthed this little treasure today… I think it’s a vestigial structure to assist Diaper (anti)Pattern treatment during testing or debugging, but it’s still gross to see it in real, live production code. (Oddly enough, I couldn’t find a good “Diaper Pattern” link whilst Googling about–surely I’m not the only one who uses this term?) Anyway, without further ado:

        try:
            os.remove(filename)
        except:
            raise
            pass
        try:
            os.remove(os.path.join(TMP,'out-%s' % base_filename))
        except:
            raise
            pass
        try:
            os.remove(os.path.join(TMP,'properties_%s.lock' % brandid_human))
        except:
            raise
            pass

If an exception is raised, raise an exception… It has a certain zenlike beauty to its awfulness. The use of the Diaper Pattern is bad enough, but this guarantees blowouts!

geekery, python, wtf diaper pattern, geekery, horror, python, wtf

Good news, everyone!

After a couple days of playing Twitter tag with Tarek Ziade, we finally met up for lunch at PyCon, where, in addition to having a lovely conversation, he was kind enough to give me a personal tour of his Atomisator framework for data aggregation.

Atomisator is much savvier than Yahoo Pipes at things like removing duplicates and not mangling content, so I’ve kicked Pipes to the curb and hooked up the Unified Python Planet feed to my Atomisator output.

What this means for you, lucky reader, is that everyone who subscribes to the Unified Python Planet should not only stop getting duplicates, but, more importantly, have legible code samples directly in the feed. (It’s okay if you need to take a moment to process this joyous news. It makes me pretty damn happy.)

Please let me know if you experience any flakiness with the new, improved feed.

I want to give major, major thanks to Tarek! Atomisator is really well suited to this purpose, as well as some other stuff I’m now curious to tinker with.

geekery, pycon, python atomisator, planet, pycon, python

Thought I’d be all spiffy and upgrade to the shiniest new Wordpress tonight. I did my little svn switch/bzr add/bzr merge trick to get all the new files in the right place, upgraded the database, and felt pretty awesome… Then my blog started throwing miles upon miles of “transport errors” and 500s, as did a couple others that I hadn’t even touched with upgrades. The common factor seemed to be WP instances that were nested off of subdirectories of one of my domains, rather than WP instances at the root level of the domain. That smells like some kind of configuration problem in Webfaction panel-land, but I was too impatient to open a ticket (and trying to focus on something, anything other than Mama Mia that my wife was watching), so I ended up doing a mysql dump, blew away my old blog instance, dropped a new one into place (which magically worked, thanks a lot, universe), and restored from my backup.

So… Upgrade done (good) but not how I planned it (bad).

On the plus side, I was kind of getting sick of the theme anyway.

geekery, wordpress

A coworker just showed me this little gem–a maintenance script that’s got no author attribution and isn’t in source control, so whoever has perpetrated this crime against all that’s good and holy remains anonymous and (for the moment) safe from our wrath. I’m so completely taken aback by this–I… I don’t know what to say. I just have to share.

#!/usr/bin/env python
import os,sys
C=os.chdir
S=os.system
M=os.mkdir
J=os.path.join
A=os.path.abspath
D=os.path.dirname
E=os.path.exists
W=sys.stdout.write
V=sys.argv
X=sys.exit
ERR=lambda m:W(m+"\n")
PRNT=lambda m:W(m+"\n")
assert len(V)==2,"you must provide a sandbox name"
SB=V[1]
H=A(D(__file__))
SBD=J(D(H),SB)
C(SBD)
PST=J(SBD,'bin/paster')
VAR=J(SBD,'var')
ETC=J(SBD,'etc')
S("mkdir -p "+VAR)
PRNT("restarting "+SB)
CMD=";".join(['source %s'%J(SBD,'bin/activate'),PST+" serve --daemon --pid-file=%s/sandbox.pid --log-file=%s/sandbox.log %s/sandbox.ini start"%(VAR,VAR,ETC)])
PRNT(CMD)
S(CMD)
PRNT("All done!")
X(0)

Weep for us.

geekery, python, wtf geekery, horror, python, wtf

I subscribe to both the official and unofficial Python planet feeds because they’ve each got some content that’s unique to one or the other, but the overlap and duplication has really been bugging me lately. So I suddenly remembered the joy that is Yahoo Pipes and glued both of them together with a unique-ifying filter to eliminate duplicates, and, feeling generous, I stuck a friendlier Feedburner URL around it–you can get it at http://feeds.feedburner.com/UnifiedPythonPlanet.

It makes me pretty happy so far, except that somewhere in Pipes land I seem to be losing newlines in pre elements (which appears to be a bug in Pipes itself, argh), which is a little (very) annoying when trying to read people’s code samples. I may end up replacing the Pipes side with a little bit of Python (a little Feedparser and PyRSS2Gen ought to do the trick) if I get the time later today.

Anyway. I figured I should share it, on the offchance it makes anyone else’s life better. (Or if such a creature already exists, let me know and I’ll gladly use that instead.)

geekery, python, rss feedburner, pipes, planet, python

He Who Rocks and Puts Away Lives to Rock Another Day

Originally uploaded by mikepirnat

The kiddo has had a pretty strong musical interest for a while now, but in the last week or so she’s gotten really excited by my Rock Band controllers, which have been hanging out in the corner of the family room, right where they’re easy for her to get at if she wanted to. I’m content (thrilled, in fact!) to have her noodling around with my original Rock Band 1 controller (of the woefully busted whammy bar), but I’d like to keep my pair of RB2 controllers in good shape for as long as possible.

So, off we went to Guitar Center to pick up a couple of guitar hooks to hang the controllers on the wall, safely out of reach from curious little hands.

I’m not sure if I’m more embarrassed by buying guitar hooks for my fake guitars, or by the fact that we’d worked up an elaborate tale of how I’d recently inherited a (fictional) ukulele collection (to explain my concerns about whether the hook would be narrow enough to hold the guitar head). Sadly, no questions were asked about my purchase, so we never got to try out the story.

So, here you go–photographic evidence that I am, in fact, pretty much a total dork. Enjoy.

children, claire, geekery, music, retail-therapy, video-games

Pretty much out of nowhere, I suddenly decided that what the world really needs is a Battlestar Galactica-themed version of the classic Battleship game. Besides the obvious cool factor of having a board full of miniature BSG ships, I think there’s a lot of depth to be added by tweaking the rules a little bit:

• The human player can choose to “jump the fleet” rather than firing a shot, allowing the player to rearrange the locations of all of their ships.
• The Cylon player can return any destroyed ship to the board per turn until the destruction of their resurrection ship, in addition to their normal “take a shot” action. If the Cylon player doesn’t have any destroyed ships, they can instead opt to repair one “hit” from a non-resurrection ship per turn in addition to firing a shot, so long as the resurrection ship is still in play.
• Both sides have a limited number of nuclear weapons which, rather than targeting a single point on the game grid, will have a several-coordinate blast radius. Nukes are only available to their respective players so long as there are battlestars or basestars in play.
• The Cylon player has a number of sleeper agents in the human fleet; the Cylon player can opt to activate a sleeper instead of firing, which will result in one hit against a human ship of the human player’s choosing.
• The human player may sacrifice a battlestar to destroy a Cylon basestar.
• After some as-yet-undertermined number of turns, the human player can produce a stealth Viper, which can be relocated on the grid every turn or which can be sacrificed to learn the location of the Cylon resurrection ship.
• After some as-yet-undetermined number of turns, the human player gets a second battlestar.
• And, if you’re not afraid of Season 4 spoilers, if the human and Cylon player get tired of endlessly killing each other, they can opt to partner up and “go find Earth,” at which point the game is over and they both lose.

Cylon raiders and heavy raiders seem like one- and two-hit vessels to me, while the Colonial Vipers and Raptors are probably single-hit ships. Basestars should be relatively large (suggesting a much larger field of play than the standard Battleship grid) and maintain a six-pronged X shape target profile. Battlestars would probably need to be three spaces wide so that the flight pods can take hits too. Obvious choices for other Colonial ships include Colonial One, Cloud 9, Demetrius, the Astral Queen, Daru Mozu (the tylium refinery ship), mining ships, Space Park (the “spinny ship”), and numerous others. Clearly, getting the balance right on both Colonial and Cylon sides would be important to proper gameplay.

The reaction from my coworkers who are also fans has been very positive, so I suspect that if the appropriate corporate behemoths could work out the licensing, they’d at least sell a few units to us. In the mean time, if you feel like giving it a whirl, go for it! The rules definitely need some fine-tuning to make sure gameplay is properly balanced, but they should be at least a good start. If you do end up trying it out, I’d love to hear how it went.

So say we all!

[Edit 7/14/2008 @ 23:19] The collective unconscious appears to have reared its ugly head–turns out I’m not the first to have this idea.

galactica, games, geekery, sci-fi, science-fiction