Marty McGuire

Archive for November 2016

Wed Nov 30

HWC Baltimore 11/30 Wrap-Up


Baltimore's third Homebrew Website Club meet up happened at the Digital Harbor Foundation Tech Center on 11/30/2016. We had a nice quiet writing hour followed by some quick introductions, lots of progress on projects, and some new attendees!

Notes from the "broadcast" portion of the meetup:

Marty McGuire (co-organizer) - Been working on displaying reply contexts and manually POSSE-ing, sending webmentions. Also set up a self-hosted copy of Woodwind to keep following other IndieWeb sites. 2017 commitment to improve handling of images so posting to my site doesn't take forever and each page load doesn't include huge full sizes image by default.

Jonathan ProzziΒ (co-organizer) - finished setting up site on DigitalOcean, powered by Hugo. Has front page h-card working and logged in to IndieWeb wiki to RSVP to this event. Created a 2017 commitments post tonight.

Brian Young - Captured a ton of ideas for what to do next as Google Tasks. Started with IndieWeb Wordpress plugins and getting the feel for them at brianey.com. Using it as a test site for playing with indieweb features. Also started a new site imnotwrong.com, a humor site featuring a bad/fake/satirical advice column. Also has POSSE working on uncannycreativity.com to Tumblr and Medium.

Adam Bouhmad -Β Started working on a site for collecting malware samples and other interesting code specimens for security research.

Derek (no site, yet) - Teaching front-end web development to folks recently released from prison. Is pretty new to web development himself, so picking up new skills to stay ahead. Been working on converting a video tutorial about HTML+CSS menu bars into a workshop for students. Digging into gridview for the next class topic.

Here's the customary HWC group selfie:

Left-to-right, front-to-back: Derek, Brian, Jonathan, Adam, Marty

We had a great discussion and were all grateful for the dedicated time to working on our sites.

We hope you'll join us for our next HWC Baltimore on 12/14!

Group photo for HWC Baltimore 2016-11-30

Wed Nov 2

πŸ—“οΈ Homebrew Website Club Baltimore Meetup 11/30/2016

Digital Harbor Foundation Tech Center 1045 Light St. Baltimore MD 21230
πŸ“† Add to Calendar: iCal | Google Calendar

Create or update your personal web site!

  • Finish that blog post you’ve been working on
  • Demos of recent IndieWeb breakthroughs
  • Share what you’ve gotten working
  • Ask the experts questions

Join a community with like-minded interests. Bring friends that want a personal site!

Any questions? Ask in chat: http://chat.indieweb.org/today#bottom

Optional quiet writing hour starts at 6:30pm. Meetup begins at 7:30pm.

More information: http://indieweb.org/events/2016-11-30-homebrew-website-club

Facebook event: https://www.facebook.com/events/1680719428905267/

Wed Nov 30

This evening! Join us @DHFBaltimore at 6:30pm for quiet writing hour, 7:30pm for Homebrew Website Club meetup! Own what you publish online!

https://martymcgui.re/2016/11/02/215844/

post from
Digital Harbor Foundation Tech Center 1045 Light St. Baltimore MD 21230
Homebrew Website Club Baltimore Meetup 11/30/2016
Create or update your personal web site!

Configuring Woodwind with imageproxy

A couple of days ago I wrote up a set of instructions for setting up a self-hosted copy of Woodwind with nginx and upstart. Since then I noticed that many images were broken on the feeds I was looking at - a common problem when a site that is served with HTTPS is displaying images and other content from another site that is served with HTTP.

Broken images are so 90s. But, like, sad 90s.

I noticed that the main site woodwind.xyz was serving images through special URLs like:

https://woodwind.xyz/imageproxy/?url=https%3A%2F%2Fmartymcgui.re%2Fimages%2Flogo.jpg&op=noop&sig=...

Looking in the source code, I found that Woodwind has support for image proxies, which are neat little services that can help serve remote HTTP content over HTTPS, resize images on the fly, and more.

I'd been meaning to set up one of these services for my own site, so this seemed like a good time to jump in!

Since my server already has Go I choseΒ Will Norris' imageproxy, which has a similar deployment setup to how I am already running Woodwind: Upstart manages a standalone process and nginx acts as a proxy to pass along requests.

Installation was fairly simple, once I had my GOPATH set up correctly:

go get https://github.com/willnorris/imageproxy

For running a persistent service, Will has an example Upstart configuration, which I modified a bit and placed in /etc/init/imageproxy.conf:

description "Image Proxy server"
start on (net-device-up)
stop on runlevel [!2345]

respawn
exec start-stop-daemon --start -c www-data --exec /home/imageproxy_user/go/bin/imageproxy -- \
    -addr localhost:4593 \
    -log_dir /var/log/imageproxy \
    -cache /var/cache/imageproxy \
    -signatureKey @/etc/imageproxy.key

Before starting up the service, there were a few extra steps:

Create /var/log/imageproxy and /var/cache/imageproxy and make sure they are owned by the www-data user.

Create the "signature key" in /etc/imageproxy.key. This is used to authorize each image request so that random folks can't proxy random stuff through your imageproxy. I used the command line openssl tool for this, with an extra pass through awk to remove the newline character that openssl spits out.

$ sudo openssl rand -base64 42 | awk 'BEGIN{ORS="";} {print} > /etc/imageproxy.key

I also made sure that /etc/imageproxy.key was owned and readable by www-data and no other user.

I could then start up the server with:

sudo start imageproxy

Next it was time to configure nginx to send proxied image requests along to imageproxy. I opened up the nginx woodwind.conf file that I had created and added a new location block:

location ~ ^/imageproxy/ {
# pattern match to capture the original URL to prevent URL
# canonicalization, which would strip double slashes
if ($request_uri ~ "/imageproxy/(.+)") {
set $path $1;
rewrite .* /$path break;
}
proxy_pass http://localhost:4593;
}

After restarting nginx, requests to https://woodwind.yourdomain.com/imageproxy/... would be forwarded to the imageproxy server.

Finally, it was time to configure Woodwind to use the proxy. I opened up woodwind.cfg and added two lines:

IMAGEPROXY_URL = '/imageproxy'
IMAGEPROXY_KEY = '...' # the contents of /etc/imageproxy.key

A quick restart of the Woodwind service, a browser refresh and I have images aplenty!

Thanks for reading! I hope this little HOWTO was useful. I look forward to more fun with imageproxy in my IndieWeb adventures. How might you be able to put imageproxy to use?

Tue Nov 29
πŸ” Reposted http://werd.io/2016/this-givingtuesday-consideraclu-donate-acluplanned-parenthood-sitedonation2df_id1291312913donationform1s_srcevergreen_c3_ppnondirected_banner_ga116509625512606621931480439568splc-sslpageaspxpid463

Pile of index cards from running my first ever D&D campaign last night.

Thanks to our guest Maggie Phenicie for making thi-… Wait, Maggie is the host, right, of course. Thanks to our guest Marty McGuire for making this episode more informationally secure.

Wait, what?

https://wehavetoask.com/episodes/2016-11-29/

post from What's In Your Kitchen Cabinet? β€’ Ep 34 - Alphonse Gauge
Jonathan and Maggie talk finance and computers with Alphonse Gauge, an incoming cabinet member for Baltimore's Mayor-Elect.
Mon Nov 28

Self-Hosting kylewm's Woodwind Indie Reader

One of my favorite aspects of the IndieWeb community is that when you get things "right" with your website, you often get a bunch of fun interoperability with other IndieWeb-compatible websites "for free". For example, the Micropub standard lets you use lots of different clients to post to your own site, and the Webmention standard lets sites notify one another of things like comments, event RSVPs, etc.

Fundamental to having these technologies work well together is microformats2 (mf2), a lightweight way of marking up "structural information" in HTML so that a machine can make (some) sense of the information, such as the name, url, and photo of the author, hints on the important pieces of content in a page, etc.

Getting these things "right" on my own website led me to look for a "Reader" that would make use of the mf2 data and attempt to display it in a meaningful way.

One of the popular readers I saw talked about in the #IndieWeb chat was Woodwind. It was easy to get started by logging in with my own website and then subscribing to my own site to get all my h-feeds, h-entrys, h-cards, etc. in a row. Recently, the hosted version of Woodwind at https://woodwind.xyz/ was down for a few days, so I set out to host my own.

Initial Setup

Thankfully, Woodwind is on GitHub and the Installation instructions are pretty good for getting started. Since I already had a server with the expected dependencies (Python3, PostgreSQL, and Redis), I was able to get a test site up and running in a few steps:

  1. clone the git repo
    git clone https://github.com/kylewm/woodwind.git
    cd woodwind
  2. create Python3 virtualenv and activate it
    virtualenv --python=/usr/bin/python3 venv
    source venv/bin/activate
  3. install the required Python libraries with pip
    sudo apt-get install python3-dev
    pip install -r requirements.txt
  4. as the postgres user, create the woodwind database and the database user that would access it

    $ sudo -u postgres createdb woodwind
    $ sudo -u postgres psql woodwind
    woodwind=# create user woodwind_user with password '...'
  5. copy woodwind.cfg.template to woodwind.cfg and edit it up

    SECRET_KEY = '...' SERVER_NAME = 'woodwind.yourdomain.com' SQLALCHEMY_DATABASE_URI = 'postgres://woodwind_user:DB_PASSWORD@localhost/woodwind'

  6. run the init_db.py script
    python init_db.py
    • at this point I discovered a typo in woodwind/views.py that was throwing errors - a missing parenthesis. once fixed, this ran fine.
    • I've created a pull request for this, so kylewm can merge it back in eventually.
  7. finally, use uwsgi to run the demo version
    uwsgi woodwind-dev.ini
  8. visit localhost:3000 in my browser and I could see that woodwind was running!

This had me off to a very good start, but I wanted to be able to visit my copy of Woodwind from anywhere using a public domain name, protect my activity from eavesdroppers on the network with HTTPS, and have Woodwind up and running reliably across server crashes, reboots, etc.

Setting up Woodwind with uwsgi, Upstart, and nginx

Woodwind is an application written in Python. uwsgi is an application server that can run that code on demand, efficiently. It is possible to run uwsgi by hand as we did above, but I wanted the service to be started and managed automatically by the operating system.

I run an Ubuntu server with the upstart process manager. So, I created an upstart configuration for Woodwind at /etc/init/woodwind.conf:

description "woodwind uwsgi instance"
start on runlevel []
stop on runlevel []
respawn
setuid woodwind_user
setgid woodwind_user
chdir /home/woodwind_user/woodwind
env LC_ALL=C.UTF-8
export LC_ALL
env LANG=C.UTF-8
export LANG
script
. venv/bin/activate
uwsgi --ini woodwind.ini
end script

With this, the uwsgi server should start up on boot to serve Woodwind, and I can now manage woodwind from the command line. For example:

$ sudo start woodwind woodwind start/running, process 14104 $ status woodwind woodwind start/running, process 14104 $ sudo restart woodwind woodwind start/running, process 14246 $ sudo stop woodwind woodwind stop/waiting

Since I wanted to use HTTPS to protect my activity on Woodwind from network eavesdropping, I used Let's Encrypt and their certbot tool to create an SSL certificate for my domain. The steps are:

  1. Create a DNS entry for woodwind.yourdomain.com to point to the public IP address of my server. This may take some time to propagate and certbot won't work until it has taken effect.
  2. Install certbot
  3. Stop nginx from running, temporarily.
  4. Use certbot to issue a
    ./certbot-auto certonly --standalone \
      --standalone-supported-challenges http-01 \
      -d woodwind.yourdomain.com

This resulted in an SSL certificate and key pair that I could use to encrypt traffic to this domain.

Next up, I need something to actually handle the HTTPS requests and pass them along to uwsgi. I used nginx for this because I was already using it on this server. In my nginx config directory, I created a woodwind.conf file:

upstream woodwind {
server unix:/tmp/woodwind.sock;
}
upstream woodwind_wss {
server localhost:8077;
}
server {
listen *:80;
server_name woodwind.maktro.net;
server_tokens off;
ssl on;
ssl_certificate /etc/letsencrypt/live/woodwind.yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/woodwind.yourdomain.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_dhparam /etc/ssl/certs/dhparam.pem;
root /home/woodwind_user/woodwind;
access_log /var/log/nginx/woodwind_access.log;
error_log /var/log/nginx/woodwind_error.log;
location /_updates {
uwsgi_pass woodwind_wss;
}
location / {
try_files /woodwind/static/$uri /frontend/$uri @woodwind;
}
location @woodwind {
uwsgi_pass woodwind;
include uwsgi_params;
uwsgi_buffering off;
}
}

This nginx configuration has some things worth noting:

  • In addition to running a process that answers regular HTTP requests on a unix socket at /tmp/woodwind.sock, Woodwind also runs a service that answers WebSocket traffic at localhost:8077 for nifty features like live updating the page in your browser when a feed is updated.
  • Woodwind serves some static files out of its /woodwind/static folder as well as the /frontend folder. I needed to install the dependencies in /frontend using npm:
    $ cd frontend
    $ npm install --nodev

After all this setup, I restarted nginx and was able to visit Woodwind in my browser!

I am happy with my setup so far. I am not quite sure yet if I did the WebSockets configuration correctly, but in general things seem to be working alright. I hope this information is useful to someone down the road, even if it is just future me.

Homebrew Website Club Baltimore is just two days away!

Come work on your website alongside other folks who are doing the same!

Maybe make and/or work on some #IndieWeb commitments for 2017?

https://martymcgui.re/2016/11/02/215844/

post from
Digital Harbor Foundation Tech Center 1045 Light St. Baltimore MD 21230
Homebrew Website Club Baltimore Meetup 11/30/2016
Create or update your personal web site!
Tue Nov 22

Thanks to Blue and Zizwe for giving us something to be thankful for in this week’s We Have to Ask Podcast!

https://wehavetoask.com/episodes/2016-11-22/

post from What Are You Thankful For? β€’ Ep 83 - Blue and Paul
Jonathan and Marty sit down with long-time married couple Blue and Paul to talk about how gratitude makes things work for them.
Mon Nov 21

Really excited about end-to-end encryption being available for Matrix! Now you can host your own encrypted communications network!

https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last/

Thu Nov 17

Please join me in welcoming a new episode of the Baltimore Improv Group podcast into the world!

https://soundcloud.com/bigimprov/big-podcast-john-windmueller

This episode features Michael Harris and Joel Murphy interviewing “DC/Baltimore improv giant” John Windmueller.

This episode also includes improv scenes featuring BIG performers Bridget Cavaiola, Laura Davis, Jessica Myles Henkin, David Anthony, Kelly Lloyd, Andy McIntyre, and Joel Murphy.

Give it a listen! Share it around! Laugh and love! Thanks in advance!

Thu Nov 10

πŸ—“οΈ BIG's FREE Open Mic featuring Hostel

Single Carrot Theatre 2600 N Howard St Baltimore MD 21218
πŸ“† Add to Calendar: iCal | Google Calendar

This month Baltimore Improv Group is giving you double the Wednesday Open Mic action with a bonus Nov. 16th Open Mic night at Single Carrot Theatre, hosted by yours truly.

Bring your improv, sketch, or stand-up comedy! Put your name in for a chance to play in with BIG main-stage troupe Hostel, which is always open for guests.

Sign-ups begin at 7pm, show begins at 7:30pm, and it’s free to perform and free to watch. More info can be found on the BIG website here: http://www.bigimprov.org/show/bigs-free-open-mic-featuring-hostel/

Tue Nov 15

Thanks to our guest AJ McCombs for making this episode tasteful. Wait, did I say guest? I meant host, of course. Thanks to our guest Jonathan Monroe for making this episode salty.

https://wehavetoask.com/episodes/2016-11-15/

post from Is That in Good Taste? β€’ Ep 22 - Tablespoon Packs
AJ and Marty sit down and face off with Kurt Piper, the self-styled "inventor" of Tablespoon Packs.
Thu Nov 10

πŸ—“οΈ BIG's Laughs for Veterans Saturday Show

Single Carrot Theatre 2600 N Howard St Baltimore MD 21218
πŸ“† Add to Calendar: iCal | Google Calendar

This Saturday! 8pm! Single Carrot Theatre!

Come see my troupe Hostel perform along with the wonderful Minority Re’port and, all the way from NYC, Swartzlander!

Tickets available here!

Fri Nov 11

I encourage everyone to listen to @girlziplocked and join the Council for Human Decency.

https://medium.com/@girlziplocked/fuuuuuuuuuuuuuuck-2380c4420b78

Thu Nov 10

Moving on from Tuesday

Like many folks, I was surprised and disappointed by the result of Tuesday's U.S. elections. I've been in a worried daze since then, not quite knowing how to process it and not knowing what to do next.

Thankfully there are many smarter people than me that have been able to both articulate the feelings that I could not, and give me strong ideas about how I can make the world a better place moving on from this.

Here are some pieces that I am grateful for from the last couple of days:

In trying to unpack what happened, I agreed with a lot of danah boyd's Reality check: I blame the media. However, I think we all need to look deeper at the ugly insides of the forces that try to hold back social progress. I really appreciated Damon Young's piece I Will Never Underestimate White People's Need to Preserve Whiteness Again.

Comedy site Cracked.com had two good pieces. First there is Dear White Friends: Stop Saying Everything Is Going To Be Ok. More importantly, the first Cracked article I have read that has me inspired rather than laughing or rolling my eyes: Don't Panic.

Closer to home in the sense that I know the author is Molly Regan's piece on HoboTrashcan.com, Poppin' Molly - Keep climbing that hill.

And speaking of climbing the hill, there are so many things that need to be done,  but there are a couple that jump out at me as things I can and must do right now.

Support organizations that work to make the world a better place. I like Jezebel's List of Pro-Women, Pro-Immigrant, Pro-Earth, Anti-Bigotry Organizations That Need Your Support for a start.

I must also stand with and stand up for the people in my life who, simply by being who they are, are threatened by the oppressive ideals that served as the GOP's platform.

To my friends and family who are women, LGBTQ, trans, people of color, profiled because of your religion, or in other ways Beyond the Binary - I am here for you. I will be here with you. Things are scary. I want to help.

Thanks for reading.

πŸ“— Want to read Decisive: How to Make Better Choices in Life and Work by Chip Heath ISBN: 9780307956392
πŸ“— Want to read Don't Think of an Elephant! Know Your Values and Frame the Debate: The Essential Guide for Progressives by George Lakoff ISBN: 9781931498715
πŸ“— Want to read Happier at Home: Kiss More, Jump More, Abandon a Project, Read Samuel Johnson, and My Other Experiments in the Practice of Everyday Life by Gretchen Rubin ISBN: 9780449014394
πŸ“— Want to read How to Stop Worrying and Start Living by Dale Carnegie ISBN: 9780671035976
πŸ“— Want to read Learned Optimism: How to Change Your Mind and Your Life by Martin E.P. Seligman ISBN: 9781400078394
Tue Nov 8

Thanks to our guest Justin Eifert for making this week’s We Have to Ask episode structurally sound.

https://wehavetoask.com/episodes/2016-11-08/

post from Why Not Go Out On A Limb? β€’ Ep 55 - Adrian Pineman
Jonathan and Marty bring on a new collaborator to kick the Oakley 2 build into gear.

Voting complete!

Mon Nov 7

Do you build things that notify people? Meditate on a Calm Technology video today. And every day.

https://youtu.be/D5neEzKMClA

Tue Nov 1
πŸ” Reposted https://wehavetoask.com/episodes/2016-11-01/
post from How Do You Get Rid of It? β€’ Ep 123 - Shelley Forthwright
Happy Halloween, Evacuators everywhere! This week, Jonathan and Marty learn about spiritual cleansing with taxidermist and ghost removal expert Shelley Forthwright.