Category: General

Capistrano (formerly switchtower) is the ‘ruby on rails’ way to deploy your code out onto your fleet of production/test servers. I’ve previously written my own ‘deploy’ script which had similar goals to capistrano, but I’ve only recently tried capistrano itself.

Having now used it, I think it makes a poor design decision. Capistrano runs a “svn co” operation on the deploy host itself. I think it’d be much better to grab a clean set of sources on your local development box, and then rsync/scp that to each deploy host.

The capistrano way is poor for the following reasons. Firstly, since I access my svn respository over ssh I need to have my private key on my deploy host. This is non-optimal for security reasons. I want to keep close tabs on my private keys, and I don’t want it living on a (potentially) compromisable public-facing host. Why not do all the svn stuff locally and keep your private key local?

But it gets worse. Your deployed rails app ends up (by default) being a ‘live’ checked out copy, complete with .svn directories. Additionally, the default rails setup unfortunately exposes the very top level .svn directory in your deployment. This leaks some information: nothing critical, but in security terms any leakage is bad. To find examples, look no further than the list of apps on the RoR site. Examples include 37signals [fixed] and penny arcade and strongspace and iconbuffer [fixed] etc.

Like I say, the information leaked in this way is not too critical. But, if you were into social engineering, knowing the hostname of their internal svn server in addition to login names for several developers could be just the info you need.

What’s the moral to this story? It’s the old lesson of minimal privileges. There’s no real need for the deployment hosts to have ssh access to the svn repository. Nor is there any need to have your deployment version be a ‘live’ checked out version of your source code. I think I will be sticking to a deployment method where I check out locally and rsync to the production hosts …

Update: This method also reveals the contents of some .htaccess files … append .svn/text-base/.htaccess.svn-base to your favourite rails app URL.

Trusting your future self:

– You don’t need to solve all your problems right now by yourself.
– There’s another copy of you – tomorrow’s you – waiting in the future to help.
– Actually, in this week alone, there’s another six “future you”s all waiting to help out.
– They’re going to know everything you do, plus more.
– “Tomorrow’s you” has a whole extra day to sort stuff out in.

So, “today’s you” can relax a bit. Instead of taking the whole world on your shoulders today, trust your future self.

(Okay, I haven’t turned into a self-help guru overnight. But this mind-hack has been really useful to me. I’ve told a few other people about it and got positive feedback, so I decided to write it down. Normal planning-to-take-over-the-world stuff will resume shortly).

It’s been a week since the Bongo Club gig. It was great – the venue was lovely, there were loads of people there (140 or so) and I had lots of fun.

Photos: PROXY by James, TINY MONKEY (mostly) by DomC, and 8MWTD by various.

There was lots of fun onstage. Thomas got his headstock tangled up in the mic stand whilst engaging ROCK MODE during the intro to slasherflick. I didn’t notice. I thought he’d just decided to mix things up a bit and improv a new line because, despite having a mic stand attached to his guitar, he didn’t miss a note. Keef’s straight-from-the-heart “I just wanted to say: that was one of the most awesome things I’ve ever done” was brilliant. And I was pretty pleased that we managed to pull off the “introduce the band” thing considering I only told the other guys about it a few minutes before we went on. 🙂

Our set: Only wrote, Mort, Roll over funky bluez thing, Welcome to Paradise, Days like these, Fox, Sardines, Slasherflick, Tigershaped,

Firstly, PROXY are playing the Bongo Club this Thursday (23rd) from 8pm, along with EIGHT MILLION WAYS TO DIE and TINY MONKEY. Rar, hope to see lots of you people there. (Bongo Club has moved to Holyrood Rd, btw)

Secondly, it’s soon going to be Science Festival time of year again. It’s one of the things that make me happy to live in Edinburgh. I went to lots of events last year, and was informed, amused and irritated in equal measure. I even managed to refrain from posting a full-on rant here about how clueless various panel-members and audience-members were. Any event which can get me that wound up has to be doing something right.

I’ve told many people about this sculpture over the last few years. It’s in the MIT museum in Boston (or at least, it was there six or so years ago!). At the left, a motor turns the first cog fairly quickly, maybe once a second. The next cog is connected to the first as a step-down gear so that it rotates more slowly, maybe once every thirty seconds. This continues on for a few more cogs, gradually getting slower until you reach the punchline: the final cog is embedded in a concrete block attached to the base.

It’s awesome to watch. There’s no tricks at work. There’s no need for slack in the system or anything like that. You can set up the gear ratios such that the final cog moves maybe 0.1mm over the next 100 years. Whilst concrete doesn’t stretch as much as an elastic band does (when a given force is applied), it can certainly still stretch a little bit. The cogs are still all turning, all the way down.

The sculpture is a visual poem about scale, a physics lesson and a funny joke all rolled into one. Genius.