Getting chef running on your Raspberry Pi board (Debian Squeeze)

I received my new Raspberry Pi Model B board yesterday, and immediately started messing around with it (as you might expect).

Now I know that I might need to sometimes have to rebuild my installation on new SD cards, so I think it’d be good practice to store this in configuration format so it can be applied again to new builds.

Chef solo is good for doing server-less configuration management, as you can define all your apt package installations and configuration in one place, commit it to github and clone from it again when you need to set up your Raspberry Pi board again.

The steps I’ve taken to do this are:

First I resized my SD-card root partition to fill the entire flash space, and enabled the openssh-server so it can be connected to remotely. I found a good guide explaining these at:

Next I took an existing knife bootstrap for Ubunutu 10.4. Knife is a tool for managing cookbooks and installing Chef Client and Chef Solo to a remote host. A knife bootstrap is a script that is pushed to the remote host which performs the latter.

I found an issue with this bootstrap, as it turned out the SSH call it was performing wasn’t running login profiles, so wasn’t adding the sbin directories to the PATH environmental variable. It was an easy fix to do, as the “bash -c” at the start of the bootstrap file just needed changing to “bash -l -c”

With the modifications, it was (for me) just:

knife bootstrap -d debian6-gems -x pi --sudo <ip address of R-PI>

This will SSH into the specified IP address as the pi user, and run the bootstrap under sudo for root permissions.

Given that there is additional knife configuration files needed to work out the path that debian6-gems is located in, this could alternatively written with the exact location of the bootstrap file:

knife bootstrap -t /path/to/debian6-gems.erb -x pi --sudo <ip address of R-PI>

I’ve added that knife bootstrap to a github configuration repository, so you can run it yourself by doing the following on your PC (assuming you have ruby and rubygems set up already):

gem install chef # for the knife command
knife bootstrap -t debian6-gems.erb -x pi --sudo <ip address of R-PI>

Daemonising a PHP cli script on a posix system

I’ve been researching how to best write a long running PHP script executed on the command-line, and whilst there are Linux commands you can use to daemonise a command, these can also be written into a php script as well.

The easiest way to daemonise a command on a posix system is to run:

nohup command < /dev/null > /dev/null 2>&1 &

Continue reading Daemonising a PHP cli script on a posix system

The Travelling Elephpant challenge, my two solutions

Ibuildings, a PHP development company with offices in the Netherlands, UK and Italy, have been running a series of challenges, with prizes such as iPads and tickets to the Dutch PHP Conference (DPC, of which they host). The latest completed challenge, the Elephpant challenge, was in the form of a code contest to write the fastest, shortest and least complex algorithm in PHP to solve a Travelling Salesman problem.

I’m happy to say that I was one of the winners for this task, getting 30 points (10 in each scoring method), which was the maximum points possible, for the medium category (people with 2 to 4 years experience), and winning a ticket to the DPC.

Here I will describe the two solutions I researched and completed. I only submitted the one which I thought would give me the biggest chance of winning, but each had their own specialities.

Continue reading The Travelling Elephpant challenge, my two solutions

OData, a RESTful contender for your API

OData is a new API protocol that has recently been released by Microsoft, along with the launch of their new site on the 16th March 2010. It is a RESTful standard, which adds a lot of its own goods to the table.

As a RESTful standard, it exposes a web service in the form of resources accessible via discrete HTTP urls, representing actions via the HTTP methods. It fills in the gaps that the REST style of architecture leaves open, giving a full specification, from the request to the response (although omitting authentication and authorisation). OData surprisingly also allows RPC-style operations as well.

Continue reading OData, a RESTful contender for your API

Techniques for creating a secure shared web server

Here are several techniques for creating a secure shared web server.

Update 2010-03-14 – Revised opinion about APC and eAccellerator, which possibly do use memory-mapped files, also added detail about mpm_worker not working with mod_apparmor.

Continue reading Techniques for creating a secure shared web server

Minimous – Posterous’ minimalist look in WordPress

If you’ve ever searched for a WordPress theme on, you’ve probably found that none of them are suitable for your personal blog. Most tend to be complex designs that you’re sure someone created with a specific look in mind, but they don’t suit you.

A friend from work mentioned something similar almost 6 months ago, so when she tweeted a suggestion to design something like the Posterous look (it’s a very nice simple but popular look), I offered to help, figuring it would take no time at all to create something similar in WordPress.

Continue reading Minimous – Posterous’ minimalist look in WordPress

Justifying your choice in web service infrastructure

First up, there is no silver bullet in building a web service infrastructure. There are two prevailant types, however, that you should ideally be choosing from:

  • RPC (remote procedure call) – e.g. SOAP, XML-RPC
  • REST (Representational state transfer) – e.g. umm? REST?

What I strongly suggest is using one of these, and not designing your own protocol, or proprietry XML straight-up. As for which you should choose…

Continue reading Justifying your choice in web service infrastructure

Recovering a broken Subversion working copy

There are times when a Subversion working copy can mess up. This is usually due to human error, for example due to permissions problems or moving files or folders incorrectly

These can usually be easily recoverable, although at times it can seem there’s no solution. Here are a few examples and their solutions.

Continue reading Recovering a broken Subversion working copy

Get an “A” in YSlow with Webtatic Optimizer

The performance of a website is an important issue. Even fast responding dynamic pages can be hit with problems with sub-optimal static content such as high overhead on many HTTP requests and large javascript/css files. Tools like YSlow, and Google Page Speed help identify these problem areas.

Webtatic Optimizer is a tool that can be used to improve these areas, and can help get an almost perfect score.

Continue reading Get an “A” in YSlow with Webtatic Optimizer

PHP public key cryptography using OpenSSL

Recently I have been handling the security of some sensitive data. I had originally been encrypting/decrypting data with a symmetric-key system using mcrypt for PHP. This was due to the web frontend and the backend existing on the same server. However for security purposes I am now separating the frontend and backend onto different servers, so that there is no way the web accessible frontend, whether compromised or not, can get at the data it inserts into the database.

In order to do this, a asymmetric-key system is needed, such as public-key cryptography. Googling for examples of this in PHP, there doesn’t seem to be any results of this other than the php OpenSSL extension documentation, and systems that try to reinvent the wheel with their own implementations.

Using the PHP OpenSSL extension it is fairly easy to sort out a secure system for encrypting data with one key that only can be decrypted with another.

Continue reading PHP public key cryptography using OpenSSL