YARB

Jonathan Vaught is the new maintainer of the backup_fu plugin that makes Amazon S3 backups “redonkulous” (I crack myself up sometimes).

You can checkout its new home over on GitHub at:

http://github.com/gravelpup/backup_fu

thanks, Jonathan!

Nothing’s ever safe and stable on the ‘net. You can have the most expensive servers money can buy, the best broadband service on the ‘net, and the most high-end computer in the market but your system is still prone to crashes. That’s why a good knowledge on making backups is a must.

Just a tip, because I’ve finally bumped into an issue with this on one of my servers.

Backup_fu first dumps files to RAILS_ROOT/tmp/backup. This is nice and all to have a local copy of the backup … but it never does any cleaning out.

If you are looking for a solution that handles cleaning up old backups, I believe you can Google around and there are some out there like that.

What I will probably do going forward is create a reminder for myself via Backpack or iCal each month to A) check on the backups in Amazon S3, and B) clean out tmp/backup in the rails apps, especially ones where the backups push 1, 2, 3 gigs a pop.

First grab the source:

wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz

Unarchive it:

tar xvzf ImageMagick.tar.gz

The old ./configure / make / sudo make install ritual:

cd ImageMagick-6.3.8
# Or whichever the current version is, of course.
./configure
make
sudo make install

You should be good to go. Lately I’ve been having luck with MiniMagick (all I need to do is crop/resize for this particular project).

Type this to make sure you can use ImageMagick from the command line at least:

convert -version

I love that ruby (and many scripting languages) make it so easily to “shell out” to scripts (as minimagick does). It really makes ruby performance alarmists look bad when shelling out to time-tested, battle-hardened C-based scripts is so easy, and works so well. (I’ve had success shelling out to the following in many apps: curl, imagemagick, wget, etc)

How to Use MiniMagick in your Rails App

Grab the gem:

sudo gem install mini_magick

Drop this in your config/environment.rb:

require 'rubygems'
gem 'mini_magick'
require 'mini_magick'

Example usage:

class Pic < ActiveRecord::Base

  # Where size is a string like '90x90', '300x200', etc
  def create_perfect_thumbnail(size)

    image = MiniMagick::Image.from_file(self.pic_path)
    height, width = image['height'].to_f, image['width'].to_f

    # FIRST SHAVE off some of the image to make it square
    if width < height
      shave = ((height - width)/2).round
      image.shave("0x#{shave}")
    else
      shave = ((width - height)/2).round
      image.shave("#{shave}x0")
    end

    image.resize(size)
    image.write(self.pic_path(size))

    # I had issues on my linux box with the pic not being readable by the web server,
    #   following the resize.  Set permissions o+r to fix this.    
    if RAILS_ENV == 'production' # Set permissions to o+r
      `chmod o+r #{self.pic_path(size)}`
    end

  end

  def pic_path(size)
    # Just an example -- I normally group pics by user_id under a public static dir.
    File.join(RAILS_ROOT, 'public', 'static', "#{size}_#{self.original_filename}") 
  end

end

That will shave off some of the pic, making a munged square from the original, before proceeding to make square thumbnails from that.

You just deployed your snazzy new Web 2.0 + friendship bracelets site, with social networking, tagging and an Open API all rolled into one.

Within a few short days, webform spammers have already written custom scripts for your site and begun gumming up your new friendship bracelet machinery with agloco spam.

For signing up new users, you might use something like Simple Captcha to ensure a human is driving the wheel.

But user-generated friendship bracelet submissions, obtained from the general public, is the bread and butter of your app. You decide to leave it Captcha-free, as adding a captcha to this process proved to reduce valid submissions by 30%.

Hitting Spammers Back with the Goatse-bomb

Install the DNSBL_check plugin:

ruby script/plugin install http://www.spacebabies.nl/svn/dnsbl_check

Add the before_filter to the controller/action pairs you want to protect:

class SubmitController
  before_filter :dnsbl_check, :only => [:new, :create]
  ...
end

Open up vendor/plugins/dnsbl_check/lib/dnsbl_check.rb and find this line:

render :text => 'Access denied', :status => 403

Replace it with this one:

redirect_to 'http://goatse.cz/'

Checkin, deploy to production …

... And just imagine the look on the faces of your beloved spammers:

Note: the above exercise was for educational and entertainment purposes. Obviously most spammers use bots and might never see our lovely goatse redirect, but just in case they pop in to see why their spam isn’t getting through. :)

If you ever had to give a user a random password (reset, etc), it probably looked like:

sdf35’kfl235jfl

With the Sexy Temp Passwords plugin, now it’s trivial to give users a password like:

rebecca1539, alphabet2067, lazarus1412, etc

It combines a dictionary of common english names/words with 4 random digits between 1 and 9. (probability space of ~6,769,323 unique passwords)

Installation

ruby script/plugin install \
http://sexy-temp-passwords.googlecode.com/svn/sexy_temp_passwords/

Example Usage

class User < ActiveRecord::Base
  include SexyTempPasswords

  def reset_password
    # Not that you'd ever store the plaintext password, but for demonstration purposes:
    self.password = User.sexy_temp_password
    save!
  end

end

u = User.find(:first)
u.reset_password
u.reload.password # 'allison1437' or whatever random password was generated

See more at Agile Web Development and the plugin page at google code.