Skip to main content

Ralsina.Me — Roberto Alsina's website

Trying out CloudFlare

It's not that I need a CDN in any way, since the traf­fic for this site is lit­tle and the way the site is built is light, but hey, it's free, easy to set­up and easy to leave when I feel like it. And I ex­pect to have sig­nif­i­cant­ly high­er traf­fic even­tu­al­ly af­ter I fin­ish some not-­so-se­cret project­s.

What's Cloud­Flare's ser­vice? They take over your DNS, then put a re­verse proxy be­tween your site and the clients. That re­verse proxy then us­es a CDN to serve you the pages from a con­ve­nient­ly lo­cat­ed server, and can re­write the HTM­L/JS/C­SS in some ways to make it faster/safer­/nicer.

It al­so sup­pos­ed­ly will pro­tect my site from dif­fer­ent kinds of at­tack (the on­ly one that could pos­si­bly af­fect me was DOS at­tack, but thanks any­way ;-)

Al­so, they of­fer a plat­form so apps can pro­vide ser­vices for me, like in­trud­er de­tec­tion, an­a­lyt­ic­s, and oth­er­s, which is a very cool idea.

So, I cre­at­ed an ac­count at cloud­flare.­com and con­fig­ured it so that //ralsi­na.me (which is this ex­act same site ex­cept for wrong com­ment counts) is served via cloud­flare, and ralsi­na.me is served di­rect­ly.

What I've seen so far:

  • Set­up is very sim­­ple

  • It work­s, even set­t­ing up ex­per­i­­men­­tal fea­­tures

  • It does seem very slight­­ly faster, but that's not a sur­prise since the tiny serv­er the site runs on has good conec­­tiv­i­­ty and am­­ple un­used re­­sources.

  • It does do a good job of au­­to­­mat­i­­cal­­ly op­ti­miz­ing some things in ways that are gen­er­al­­ly ac­­cep­t­ed as a good idea (in oth­­er word­s, my ping­­dom and YS­low num­bers moved up)

So: no pain, maybe some gain. I will prob­a­bly move all sites in­to it tonight.

Sometimes More is More

We all hear all the time that less is more. That sim­ple is bet­ter, that com­plex is worse, that op­tions are evil, that de­faults are what mat­ter.

And yes, that is about 90% true. Ex­cept when it is false, which I know be­cause I bought a coat a few weeks ago.

This is a rather nice coat, and if you saw it with­out much care you would miss one of its best fea­tures: it has two pock­ets on each side.

Let's think about why we want pock­ets in the sides of coat­s:

  1. To put our hands when it's cold. Since this is a cold weath­­er coat, that's im­­por­­tan­t. In mod­­er­ate cli­­mates like this one, gloves are more trou­ble than they are worth, and just stick­­ing hands in pock­­ets is enough.

  2. To put stuff that is not hands in them: keys, phones, mon­ey, can­dy, etc.

For the first use case, we want the pock­ets to be shal­low an­gled, so that the hand goes in nat­u­ral­ly, al­most hor­i­zon­tal­ly. Al­so, we want the ac­cess to be un­ob­struct­ed, so no zip­per­s, which al­so scratch the wrist­s.

For the sec­ond use case, we want things not to fall of­f. So we want ei­ther a ver­ti­cal pock­et (per­haps with a flap) or a zip­per. Zip­pers suck be­cause you can for­get to zip them, and things fall of­f. Ver­ti­cal pock­ets are aw­ful to put your hands in.

So, my jack­et has two pock­ets on each side, one with a zip­per, one with­out. One for hand­s, one for things. Since it's a thick coat you don't see it un­less you know what you are look­ing for, and it's triv­ial to use: ev­ery­thing goes in the zipped one, ex­cept my hand. I can even check the con­tents of the zipped pock­et with­out get­ting my hands out of their pock­et­s.

This is one case where more is more, com­plex is bet­ter, op­tions are awe­some, and de­faults don't mat­ter. Now, if you find a place in soft­ware where that's the case, that's an op­por­tu­ni­ty.

Nikola: Filters & Bundles

Two up­com­ing fea­tures for the next re­lease of Niko­la, my stat­ic site gen­er­a­tor, due some­time in Au­gust.

Filters

Fil­ters let you post­pro­cess your out­put. Think of it like in­sta­gram for web­sites, but use­ful. You can con­fig­ure per file ex­ten­sion a se­ries of python func­tions or shell com­mand­s, which will be ap­plied in place to the out­put file.

For ex­am­ple, sup­pose you want to ap­ply yui-­com­pres­sor to your CSS and JS files:

FILTERS = {
    ".css": [filters.yui_compressor],
    ".js": [filters.yui_compressor],
}

There, filters.yui_compressor is a simple wrapper around the command so that it applies in-place to the output files.

If you use strings there (untest­ed), they are tak­en as com­mand­s. The "%s" will be re­placed by the file­name, the usu­al crazy shell quot­ing rules ap­ply:

FILTERS = {
    ".jpg": ["jpegoptim '%s'"],
    ".png": ["pngoptim '%s'"],
}

Keep in mind that the fil­ters mod­i­fy the out­put of Niko­la, not the in­put, so your im­ages, CSS, and JS files will not be touched in any way. And of course chang­ing the fil­ters ap­plied to a file will force a re­build, so you can ex­per­i­ment freely.

Bundles

Hav­ing many sep­a­rate CSS or JS files is usu­al­ly a nono for per­for­mance rea­sons be­cause each one may in­volve a sep­a­rate HTTP trans­ac­tion. The so­lu­tion is to "bundle" those files in a sin­gle, larg­er file.

The rea­son not to do that is that usu­al­ly it means hav­ing a huge, un­com­fort­able thing to han­dle. So Niko­la tries to give you the best of both world­s, by let­ting you have sep­a­rate files, and bundling them (or not) on build.

There is a new option, USE_BUNDLES that defaults to False, and there are some changes in the theme templates so that it uses the bundled version when needed.

This was on­ly pos­si­ble thanks to We­bas­sets. How­ev­er, if you don't have We­bas­sets in­stalled, or you don't en­able USE_BUNDLES, this should cause no changes in the out­put.

Conclusion

These new fea­tures will al­low Niko­la users to im­prove their site's per­for­mance with min­i­mal tweak­ing, which is al­ways a good thing.

The Minimal Server

I was a sysad­min for a long time. I did that for mon­ey, so I nev­er re­al­ly want­ed to spend time do­ing the same thing in my own time, which lead to a se­vere case of cob­bler's chil­dren walk­ing bare­foot in my pri­vate serv­er.

So, to­day at lunch, I de­cid­ed to clean up my garbage. So this is what I end­ed up with, which is the min­i­mal serv­er that is good enough to be gen­er­al­ly use­ful for me.

Hosting

This is a cheap VPS pro­vid­ed by the nice folks at burst.net who are not giv­ing me any­thing to speak nice things about their ser­vice. How­ev­er, I will do it any­way:

  • Crazy cheap ($5.50 but I have a 20% dis­­­count for life)

  • Good amount of mon­th­­ly band­width

  • Lots of disk space

  • Good up­­­time

  • Fast net­­work

  • Very cheap

  • De­­cent per­­for­­mance

Distribution

I had Cen­tOS 5 in­stalled, and it stays. If burst ev­er starts of­fer­ing Ubun­tu Pre­cise, I may switch. Or, since this work­s, I may not.

What's good about Cen­tOS? It's sta­ble and bor­ing.

What's bad about Cen­tOS? It's too bor­ing. Lots of cool stuff just is­n't pack­aged.

Web Server

I need to serve a bunch of do­main­s, but I have a pe­cu­liar­i­ty: they are all stat­ic sites. I wan­t:

  • Low re­­source us­age

  • De­­cent per­­for­­mance (that most­­ly in­­­volves sup­­port­ing ranges and con­­tent ne­­go­ti­a­­tion)

  • Sta­ble

  • Sup­­port di­rec­­to­ry in­­dex­es

  • Easy con­­fig­u­ra­­tion

  • Vir­­tu­al do­­mains by name

Al­most any serv­er works well for this. Even Apache, ex­cept for the easy con­fig­u­ra­tion bit. I end­ed up with gatling be­cause it fits those cri­te­ria fair­ly well.

  • It us­es about 1.4MB of RAM , which is al­ways nice in a VPS

  • It's pret­­ty fast

  • Has not crashed in 2 hours?

  • Sup­­ports in­­dex­es

  • Here's the con­­fig­u­ra­­tion: "-c /s­rv/www -P 2M -d -v -p 80 -F -S" (yes, there is no con­­fig file at al­l)

  • Vir­­tu­al do­­mains are just fold­ers and sym­links in­­­side /s­rv/www which is the eas­i­est pos­sil­ble way to do it.

  • It sup­­ports re­­verse prox­­y­ing for when I want to try a python web app I am work­ing on.

Mail Server

No, I don't want a mail serv­er. I have gmail and/or a re­al mail serv­er for that. I want to get the mails from cron. For this, I used ssmtp and an ex­tra gmail ac­coun­t. It work­s, and here's the whole con­fig:

root=roberto.alsina@gmail.com
mailhub=smtp.gmail.com:587
UseTLS=YES
UseSTARTTLS=YES
AuthMethod=LOGIN
AuthUser=roberto.alsina.3@gmail.com
AuthPass=notputtingthetrueoneheredude

The best I can say about this con­fig­u­ra­tion is that it work­s, and does­n't in­volve run­ning a dae­mon.

Misc

For when I need to be in two places at the same time: Open­VPN rules, and there is no ar­gu­men­t. I have a squid run­ning oc­ca­sion­al­ly, and there is a Quas­sel core for IRC stuff. I in­stalled mosh to make ssh less painful, rsync han­dles file de­ploy­ment and back­up stor­age, cron sched­ules stuff, and that's it.

Status

Plen­ty of free RAM and CPU (yes, that's the full process list):

[root@burst1 ~]# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.1   2156   664 ?        Ss   22:01   0:00 init [3]
root      1135  0.0  0.1   2260   576 ?        S<s  22:01   0:00 /sbin/udevd -d
root      1518  0.0  0.1   1812   572 ?        Ss   22:01   0:00 syslogd -m 0
root      1594  0.0  0.1   7240  1032 ?        Ss   22:01   0:00 /usr/sbin/sshd
root      1602  0.0  0.2   4492  1112 ?        Ss   22:01   0:00 crond
root      1630  0.0  0.1   5684   716 ?        Ss   22:01   0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2
root      1631  0.0  0.0   5684   444 ?        S    22:01   0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2
root      1636  0.0  0.2   3852  1372 ?        S    22:01   0:01 /opt/diet/bin/gatling -c /srv/www -P 2M -d -v -p 80 -F -S
root      1677  0.0  0.2   4284  1232 ?        Ss   22:02   0:00 SCREEN /root/quasselcore-static-0.7.1
root      1678  0.0  2.1  36688 11148 pts/0    Ssl+ 22:02   0:03 /root/quasselcore-static-0.7.1
root      3228  1.0  0.7  12916  4196 ?        Ss   23:28   0:13 mosh-server new -s -c 8
root      3229  0.0  0.3   3848  1588 pts/2    Ss   23:28   0:00 -bash
root      3275  0.0  0.1   2532   908 pts/2    R+   23:48   0:00 ps aux
[root@burst1 ~]# w
 23:49:03 up  1:47,  1 user,  load average: 0.00, 0.01, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/2    186.153.52.253   23:28    0.00s  0.01s  0.00s w
[root@burst1 ~]# free
             total       used       free     shared    buffers     cached
Mem:        524800      49100     475700          0          0          0
-/+ buffers/cache:      49100     475700
Swap:            0          0          0

All things con­sid­ered, fair­ly hap­py with the re­sult.

Wild Cards (Wild Cards, #1)

Review:

I liked this book enough, but the idea of it be­ing part of a 20+ book se­ries is daunt­ing enough that I may not con­tin­ue it.


Contents © 2000-2020 Roberto Alsina