Icebergist

Setting up Paperclip to use Amazon’s S3 is as simple as setting :storage => :s3 and providing right credentials to Paperclip by setting :s3_credentials option. Best way to provide S3 credentials is to use an YML file (usually config/s3.yml) which allows you to set different credentials for each environment. For example:

# config/s3.yml
development:
  access_key_id: XYZXYZXYZ
  secret_access_key: XYZXYZXYZ
  bucket: mygreatapp-development
production:
  access_key_id: XYZXYZXYZ
  secret_access_key: XYZXYZXYZ
  bucket: mygreatapp-production

Of course you want to treat s3.yml same as database.yml – i.e. you don’t want to track it with git and you want for each person/server to have it’s own.

However, consider this: you are working on Open Source app in a public git repository and you are deploying it on Heroku. Heroku doesn’t allow you to create files (unless they are in git repository) and you can’t commit s3.yml with your credentials to public repository.

One solution is to define different :s3_credentials hash in one of the environment files or to load different YML file for each environment and generate hash from it. Downside is that you need to have a separate YML file for each environment and/or you need to convert YML to hash. Other solution could be to have separate local branch from which you will push to Heroku. Problem with this is that you have to have a local branch for deploying. This means if there are multiple developers who deploy to production each should have separate local branch.

Much simpler way to deploy Paperclip with different S3 credentials for each environment (with one of the environment being deployed on Heroku; and repository being public) is to create s3.yml file as usual (and don’t commit it to git), but define values only for local environment.

For production deployment on Heroku you can write initializer which will set :s3_credentials from ENV variables.

# initializers/s3.rb
if Rails.env == "production"
  # set credentials from ENV hash
  S3_CREDENTIALS = { :access_key_id => ENV['S3_KEY'], :secret_access_key => ENV['S3_SECRET'], :bucket => "sharedearth-production"}
else
  # get credentials from YML file
  S3_CREDENTIALS = Rails.root.join("config/s3.yml")
end

# in your model
has_attached_file :photo, :storage => :s3, :s3_credentials => S3_CREDENTIALS

and you can easily set persistant ENV vars on Heroku with:

$ heroku config:add S3_KEY=XYZXYZ S3_SECRET=XYZXYZ

(according to Heroku docs)

I’ve been planning to catchup with all the new Rails 3 stuff. To get me started I’ve compiled a small Rails 3 related reading list.

1. Ruby on Rails 3.0 Release Notes
2. Active Record Query Interface 3.0
3. The Skinny on Scopes (Formerly named_scope)
4. Rails 3 Beautiful Code
5. Railscasts – rails-3.0 episodes
6. jQuery with Rails 3
7. The Rails Module (in Rails 3)

Once I’m done with it I plan to get even more from:

• Rails 3 Resources
• Rails 3.0 Beta: 36 Links and Resources To Get You Going

I have been working on extending Rails’ I18n Simple backend to make it work with Serbian grammar (post on that will follow soon), but I kept getting an error:

Expected ./lib/serbian_simple.rb to define SerbianSimple (LoadError)

I’ve just spent an hour trying to figure out why this keeps happening and I found that there’s a lot of people with similar problem.

It seems that the problem appears when Rails tries to autoload files. In my case there was a simple solution – I just added require ‘serbian_simple.rb’ in environment.rb to manually load the file.

Last week I’ve taken a break from Ruby/Rails development and I’ve worked on a site that uses PHP with CodeIgniter framework.

Despite the fact that CodeIgniter has a very nice documentation I found it very difficult to find a way to do some simple things, that are more or less obvious, but which can be a problem for someone who hasn’t worked with CodeIgniter before. (for example, I found myself more than once looking at CI code to figure out how it works, so I can use it)

I had to make a simple password protected administration section. One admin user, one password, no user registrations, no roles – simple as possible. As I was using CI framework I decided to find a plugin/library that does this. Unfortunately most CI authorization plugins/libraries are very bloated and too complicated for this simple task. I tried to find some examples how to handle this simple use case, but nothing came up.

Finally I’ve found a small authorization plugin: Erkanaauth.

First you need a user table (must be named ‘users’) which only needs to have an id field and all other fields are optional because you will manually specify what other columns will be used. I opted for simple id, username, password:

CREATE TABLE IF NOT EXISTS `users` (
  `id` int(11) NOT NULL auto_increment,
  `username` varchar(255) NOT NULL,
  `password` varchar(255) NOT NULL,
  PRIMARY KEY  (`id`)
);

We will need to “install” ErkanaAuth library. You should download it and unzip it.

Next we should create an Admin controller which will handle all administration tasks (remember I’m making simple admin here, so I don’t need to protect multiple controllers).

<?php
class Admin extends Controller {
  function Admin()
  {
    parent::Controller();
    $this->load->database();
    $this->load->helper(array('url', 'form', 'date'));
    $this->load->library(array('form_validation', 'upload', 'Erkanaauth', 'session'));
  }
}
?>

Constructor just connects to database and loads some standard helpers and libraries (including Erkanaauth) that are usually used.

Next step is to add a function which we can call to verify if user is logged in:

  private
  function authorize()
  {
	  if($this->erkanaauth->try_session_login())
	      return true;

	  redirect('admin/login');
  }

Function uses Erkanaauth’s try_session_login which checks if user is already logged in (checks session for user id). If user isn’t logged in we’ll redirect him to our login page:

  function login()
  {
    $username = $this->input->post('username', true);
    $password = $this->input->post('password', true);
    if($username || $password)
    {
      if($this->erkanaauth->try_login(array('username' => $username, 'password' => $password)))
        redirect('admin');
    }

    $this->load->view('admin_login');
  }

  function logout()
  {
    $this->erkanaauth->logout();
    redirect('admin');
  }

Key command here is try_login in login function which tries to find an entry in users table that fulfills given conditions. If you have different users table than the one I made this is the place where you should enter your column names.

Logout function is has just a simple call to Erkana’s logout function. Nothing special there.

Of course we also need a login page template which should contain a simple user/pass form. It’s pretty basic and you can see it if you get the complete code (see at the end).

Finally we have everything needed to protect any page in Admin controller. In order to protect a page all you need to do is to add a call to authorize function to any function you want to protect. Like this:

  function index()
  {
    $this->authorize();
    echo "Do something useful... For now just display logout link: ";
    echo anchor('admin/logout', "Logout");
  }

That’s it. Now you have fully functional administration section which requires username and password authorization.

You can get the complete sample application from Github repository. Feel free to expand on it or use it any way you like.

Recently I had a problem on my Torrent box (an old PC that I use as dedicated torrent client) that runs Ubuntu. For some reason my root partition was being mounted as read-only. Everything else seemed to work (all other partitions were mounted properly), but I couldn’t change any of my config or do anything on root partition.

I did the usual stuff:

• Run fsck checks and it said that everything is fine
• Used Ubuntu’s live CD to boot, which got me read-write access to root partition. I changed some things in fstab, tried to get it to be rw permanently. No matter what I did as soon as I rebooted the root partition was once again read-only.
• I tried booting from some repair disks I have, but all checks passed and no problem was detected.

Finally, I read somewhere that a similar problem was caused by faulty superblock on hard drive. Fortunately Ubuntu stores superblock backups in different places around disk, so I decided to try to restore it from one of those backups.

It turned out that all I needed was a single command (this Ubuntu forum post helped) to restore superblock:

e2fsck -b 32768 /dev/hdc1

After that my root partition was back to read-write mode.

Before you do stuff like that to your computer I suggest that you read man pages for mke2fs and e2fsck. It will prevent you from doing something foolish like deleting your whole hard drive.