Elsewhere

InternetDevels: Drupal website security: the main things to know

Planet Drupal - Tue, 12/07/2016 - 15:24

After the blog posts about Drupal’s benefits for
university websites and ecommerce websites,
we would like to discuss Drupal security. Let’s start!

Read more
Categories: Elsewhere

ThinkShout: The Hidden Power of Documentation

Planet Drupal - Tue, 12/07/2016 - 14:00

Anyone who works on team-based projects knows how handy good project documentation is, and how frustrating it can be when that documentation is out of date, incomplete, or just not there. But there are other benefits to good documentation aside from convenience, and a solid system for writing and maintaining documentation is the key.

Defining Documentation

Before we begin, we should be clear about what we mean when we say ‘Project Documentation’ (Docs for short). We’re referring to the information for team members (developers, designers, project managers, and engineers) who join a project at some point after initial development has begun, or even long after a project is complete, such as a maintenance team. This is different than User/Tech docs (how things work on a site), and Code docs (Comments, README files, etc.).

Good docs allow these team members to get up to speed on a project with a minimum of questions for existing or previous team members. In an ideal world, docs alone would suffice in getting someone set up and working on new features, bugfixes, or other project tasks.

Additional Benefits

The convenience of good docs is apparent to anyone who joins a project after it has begun, but consider some of the other benefits:

  • Junior developers will be able to reference docs, instilling confidence.
  • A team member leaving your company will not cause as much of a ‘knowledge drain’.
  • Consistent docs allow any team member to quickly jump in and out of projects as needed, providing project managers with additional flexibility in resource allocation.
  • Long-dormant projects can be resurrected quickly, even if none of the original team members are available.
  • Figuring out where a project’s code is, how to install it locally, how to make/commit changes to production, and tracking down the original wireframes, designs, and planning docs can take days if the original team members are not available. Good docs can cut this time to under an hour, or even minutes in some cases.
  • Docs that accompany open-source projects are especially useful in saving the end-user AND the maintainer’s time.
Location, Location, Location

Having your docs in one place, or in the same place on every project is the first step in making them easy to find - after all, what good are the docs if nobody can find them? ThinkShout uses GitHub for all of its projects, so we take advantage of the fact that every project on GitHub has a free Wiki. A link in the README.md to the wiki means everyone can find the docs in seconds.

A Solid Foundation

The keys to good docs are consistency, accuracy, and completeness:

Consistency

For our Wiki, we have a template we use for every project’s docs, so we don’t have to search for the information among 40 different documentation styles. Your project’s needs may differ, but this should be a good starting point (this is in Markdown):

## Current Status (Site Type / Status. Drupal, WordPress, under development, maintenance, etc...) ## Site Build Info * [Wireframes](URL) * [Budget](URL) * [Implementation overview](URL) * [Migration Spreadsheet](URL) * [Style Guide](URL) ## Build Team * Name (Team Lead) * Name (Back-end) * Name (Front-end) * Name (PM) * Name (Design/UX) ## Hosting * [Dev](URL) * [Test](URL) * [Live](URL) ## Issue Tracking [Redbooth Tasks](URL) ## Deploying Code Note: it is a good practice to run backups before deploying. `cd ~/projects/PROJECTAME;git pull;./scripts/deploy.sh` ## Installation Notes Clone into `projects` folder, install to `~/Sites/`: cd ~/projects git clone git@github.com:thinkshout/PROJECTNAME.git cd PROJECTNAME composer update ./scripts/build.sh ~/Sites/PROJECTNAME root root PROJECTNAME Download db and files from [production](production backup URL) Install the db by opening Sequel Pro, deleting the PROJECTNAME db, adding a new PROJECTNAME db, and importing the live db, then truncating all of the cache_* tables. Install the files by unzipping the file download and copying them to `~/Sites/PROJECTNAME/sites/default/files`, then run: chmod -R 777 ~/Sites/PROJECTNAME/sites/default/files drush cc all drush fra -y Log in: drush uli Disable cache and JS/CSS file aggregation at http://PROJECTNAME.dev/admin/config/development/performance ## Front-end Setup Theme directory is at: `~/Sites/PROJECTNAME/profiles/PROJECTNAME/themes/custom/PROJECTNAME` To get Sass running, `cd` to that directory and run `bundle` Thereafter, you only need to run `rake serve` from the theme directory. Accuracy

The nice thing about having your docs in a wiki is that everyone in your organization can edit them if they discover they are out of date. When a new team member is added to a project, encourage them to work from the docs and see how far they can get without asking for clarification or dealing with an unexpected error. And make sure they update the docs to reflect their experience - the only time docs are ‘done’ is when anyone can use them reliably every time. If you have to ask what something means, it’s likely that the next person will need to know that too - so update the docs!

Completeness

Every project has its quirks and exceptions to the standard procedures - usually for good reason. Good docs will not only note exceptions to standard procedures, but also explain why. In addition, sometimes a ‘Phase 2’ project will require additional information. Make note of these major updates with details such as planning info, principals, dates, and an overview of what was accomplished.

Sometimes a developer will run across coding environment issues that hold them up - this is quite common for the complex front-end setups needed to compile SASS into CSS. Front-end developers sometimes take these setups for granted, but documenting that install process can mean that your back-end developer can handle small CSS changes without assistance:

To get Sass running, `cd` to that directory and run `bundle` Thereafter, you only need to run `rake serve` from the theme directory. NOTE: If you get a 'not found' error after running `bundle`, run `gem install bundler`, then `bundle install`. Part of Your Process

Finally, it’s not enough to have all of these wonderful docs in place and forgotten - they have to be a part of your project setup and launch checklist, and it needs to a part of every project, big or small.

Consistent, accurate, and complete project documentation will save time, make your code easier to maintain, improve team confidence, and do a great service to every developer who comes to your project after it’s finished. Docs Rocks!

Categories: Elsewhere

TimOnWeb.com: Happy birthday to me and Devel form debug module to you all

Planet Drupal - Tue, 12/07/2016 - 10:36
I’m turning 32 today. People love birthdays, to me it’s just another line number in a messed stack trace output (philosophy mode enabled).   Two years ago I released a drupal module called Get form id (deprecated from now on) that does one small task - it tells you any form's id ...

Read now

Categories: Elsewhere

Norbert Preining: Michael Köhlmeier: Zwei Herren am Strand

Planet Debian - Tue, 12/07/2016 - 04:30

This recent book of the Austrian author Michael Köhlmeier, Zwei Herren am Strand (Hanser Verlag), spins a story about an imaginative friendship between Charlie Chaplin and Winston Churchill. While there might not as be more different people than these two, in the book they are connected by a common fight – the fight against their own depression, explicitly as well as implicitly by fighting Nazi Germany.

Michael Köhlmeier’s recently released book Zwei Herren am Strand tells the fictive story of Charlie Chaplin and Winston Churchill meeting and becoming friends, helping each other fighting depression and suicide thoughts. Based on a bunch of (fictive) letters of a (fictive) private secretary of Churchill, as well as (fictive) book on Chaplin, the first person narrator dives into the interesting time of the mid-20ies to about the Second World War.

Chaplin is having a hard time after the divorce from his wife Rita, paired with the difficulties at the production of The Circus, and is contemplating suicide. He is conveying this fact to Churchill during a walk on the beach. Churchill is reminded of his own depressions he suffers from early age on. The two of them agree to make a pact fighting the “Black Dog” inside.

Later Churchill asks Chaplin about his method to overcome the phases of depression, and Chaplin explains him the “Method of the Clown”: Put a huge page of paper on the floor, lie yourself facing down onto the paper and start writing a letter to yourself while rotating clockwise and creating a spiral inward.

According to Chaplin, he took this method from Buster Keaton and Harold Lloyd (hard to verify), and it works by making oneself ridiculous, so that one part of oneself can laugh about the other part.

The story continues into the early stages of the world war, with both sides fighting Hitler, one politically, one by comedy. The story finishes somewhere in the middle when the two meet while Chaplin is in a deep depression during cutting his movie
The great dictator, and together to manage once more to overcome the “black dog”.

The book is pure fiction, and Köhlmeier dives into a debaucherous story telling, jumping back and forth between several strands of narration lines. An entertaining and very enjoyable book if you are the type of reader that enjoys story telling. For me this book is in best tradition of Michael Köhlmeier, whom I consider an excellent story teller. I loved his (unfinished trilogy of) books on Greek mythology (Telemach and Calypso), but found that after these books he got lost too much in radio programs of story telling. While in itself good, I preferred his novels. Thus, I have to admit that I have forgotten about Köhlmeier for some years, until recently I found this little book, which reminded me of him and his excellent stories.

A book that is – if you are versed in German – well worth enjoying, especially if one likes funny and a bit queer stories.

Categories: Elsewhere

Dirk Eddelbuettel: RProtoBuf 0.4.4, and new JSS paper

Planet Debian - Tue, 12/07/2016 - 03:43

A new release 0.4.4 of RProtoBuf is now on CRAN, and corresponds to the source archive for the Journal of Statistical Software paper about RProtoBuf as JSS vol71 issue 02. The paper is also included as a pre-print in the updated package.

RProtoBuf provides R bindings for the Google Protocol Buffers ("Protobuf") data encoding library used and released by Google, and deployed as a language and operating-system agnostic protocol by numerous projects.

This release brings small cleanups as well as build-system updates for the updated R 3.3.0 infrastructure based on g++ 4.9.*.

Changes in RProtoBuf version 0.4.4 (2016-07-10)
  • New vignette based on our brand-new JSS publication (v71 i02)

  • Some documentation enhancements were made, as well as other minor cleanups to file modes and operations

  • Unit-test vignette no longer writes to /tmp per CRAN request

  • The new Windows toolchain (based on g++ 4.9.*) is supported

CRANberries also provides a diff to the previous release. The RProtoBuf page has an older package vignette, a 'quick' overview vignette, a unit test summary vignette, and the pre-print for the JSS paper. Questions, comments etc should go to the GitHub issue tracker off the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Categories: Elsewhere

Mateus Bellomo: Get presence from buddy’s

Planet Debian - Tue, 12/07/2016 - 03:19

 

Now it’s also implemented the functionality that allows a user to see his contacts presence. At first week I’ve implemented only the Telepathy part of this methods and back then I didn’t comprehend that this information would come in the form of a NOTIFY SIP message. I also needed to use the SUBSCRIPTION mechanism properly so the presence server could send me the NOTIFY message.

To be able to create those messages was necessary a better understanding of resip/stack, resip/recon and resip/dum API’s.  Not that I master this libraries now, but at least I’m not totally lost anymore =)

Looking into this libraries I could see how much work was done by all of resiprocate contributors (and I imagine I don’t even saw the tip of the iceberg). There is so many features ready for use that now I think twice before start implementing something.

Since I didn’t find any reference explicitly showing the contact’s status in RFC3863 [1], I got this information by changing a contact presence (in a different machine logged in Jitsi [2]) and looking into the NOTIFY message received at resiprocate.

Follow some images about contact’s presence at Empathy:

 

Online status

 

 

Offline status Busy – DND status Away status In a meeting status Unknow status

[1] https://tools.ietf.org/html/rfc3863

[2] https://jitsi.org/


Categories: Elsewhere

Matt Glaman: Explore Drupal Commerce 2 with Commerce Demo!

Planet Drupal - Tue, 12/07/2016 - 02:08

When we talk about , the biggest we questions we get are not about features, but when you can start building with it. Well, the answer is and has been now! Drupal Commerce 2 has been in alpha . What does this mean? In alpha we might have some schema changes, requiring a reinstall of your site. Luckily Drupal 8 has that fancy new configuration management system to export your site, right?

But what about products! That's data you lose on each reinstall. Luckily, we have in core and has been kicked off for Drupal 8. Generally speaking, most e-commerce sites have some sort of CSV or other file format containing product information. You can use Migrate to import that data and begin building your Drupal Commerce 2 site.

Imperceivable?! Nay! See the . This provides a T-Shirt product type with some and color attributes. It also imports sample products from a CSV. The CSV mimics the flat format you might receive from am ERP, you hopefully you can re-use it!

Here's how you can add it to your Drupal site using composer.

"repositories": [ { "type": "vcs", "url": "https://github.com/mglaman/commerce_demo" } ],

Otherwise, download it from GitHub: https://github.com/mglaman/commerce_demo/archive/master.zip

What's next? This module will showcase the new flexibility and control you have over your Drupal Commerce site, with best practices in mind.

Categories: Elsewhere

Joey Hess: twenty years of free software -- part 13 past and future

Planet Debian - Tue, 12/07/2016 - 02:07

This series has focused on new projects. I could have said more about significant work that didn't involve starting new projects. A big example was when I added dh to debhelper, which led to changes in a large percentage of debian/rules files. And I've contributed to many other free software projects.

I guess I've focused on new projects becuase it's easier to remember things I've started myself. And because a new project is more wide open, with more scope for interesting ideas, especially when it's free software being created just because I want to, with no expectations of success.

But starting lots of your own projects also makes you responsible for maintaining a lot of stuff. Ten years ago I had dozens of projects that I'd started and was still maintaining. Over time I started pulling away from Debian, with active projects increasingly not connected with it. By the end, I'd left and stopped working on the old projects. Nearly everything from my first decade in free software was passed on to new maintainers. It's good to get out from under old projects and concentrate on new things.

I saved propellor for last in this series, because I think it may point toward the future of my software. While git-annex was the project that taught me Haskell, propellor's design is much more deeply influenced by the Haskell viewpoint.

Absorbing that viewpoint has itself been a big undertaking for me this decade. It's like I was coasting along feeling at the top of my game and wham got hit by the type theory bus. And now I see that I was stuck in a rut before, and begin to get a feeling of many new possibilities.

That's a good feeling to have, twenty years in.

Categories: Elsewhere

DrupalCon News: Get involved in the DrupalCon Photography Team

Planet Drupal - Mon, 11/07/2016 - 23:04

DrupalCon has a lot going on at all times — sessions, BoFs, summits, hallway track conversations, social events, exhibitor fun, and more.  We're putting together a photography team to help capture these awesome moments, and want YOU to help us out!  

Categories: Elsewhere

Drupal @ Penn State: Drupal + xAPI + H5P to track user feedback

Planet Drupal - Mon, 11/07/2016 - 22:26

I got a question in from twitter asking if we had a video showing what we were doing with Drupal, xAPI and H5P. I said sure! And I hurried off across youtube and my many blogs to find it. Just… gotta… find… that… post.. I mean, I know I did it I HAVE TO HAVE DONE IT ITS SO DAMN COOL.

Categories: Elsewhere

Drupal @ Penn State: The low-down on DrupalcampPA July 30/31 in Pittsburgh!

Planet Drupal - Mon, 11/07/2016 - 22:26

DrupalcampPA is July 30 and 31st in Pittsburgh PA and Yinz-all should come! We just announced our full schedule with keynotes, giveaways, and more. Some quick highlights of why you should come! Submissions this year tried to take the stance of “getting off the island” by having more and more presentations about topics that plug into or are affiliated with Drupal without just being about Drupal.

Categories: Elsewhere

Niels Thykier: mips64el added to Debian testing

Planet Debian - Mon, 11/07/2016 - 21:09

Today, we have completed our first Britney run with mips64el enabled in testing. 

At the current time, the set of packages in mips64el are not very connected (and you probably cannot even install build-essential yet[1]). Hopefully this will change over the next few days. For now, Britney does not enforce installability of packages on mips64el in general, so do not expect the architecture to be stable at the moment.

Cheat sheet for package maintainers:

  • Issues with builds (only) on mips64el are not blockers for testing migration (nor RC yet).
    • Such bugs should be filed as “important” for now (unless they also affect a release architecture, in which case you should still make it an RC bug)
  • Your package be an older version on mips64el compared to other architectures.
  • Britney may decide to break your package on mips64el if it means something else can migrate on a release architecture.

We will slowly remove these special cases for mips64el as it matures in testing.

 

[1]  Update on this: mips64el currently does not have a libc library yet, so build-essential is definitely not installable at the moment.  It will hopefully migrate very soon.


Filed under: Debian, Release-Team
Categories: Elsewhere

Jonathan Dowland: iPod

Planet Debian - Mon, 11/07/2016 - 18:26

iPod with rockbox

open iPod with iFlash

It's been four years since I last wrote about music players. In the meantime ⅔ of my Sansa Fuzes broke, and the third does not have great rockbox support. I've also been using a Sansa Clip+ (a leaving present from my last job, thanks again!) and a Sansa Clip Zip. Unfortunately Sandisk's newer Sansa devices (Sport, Jam - the only ones still in production) are not supported by Rockbox.

The Clips have been very reliable and sturdy players, but I have missed the larger display of the Fuze. Since I've been exploring HD audio I've also been interested in something with an A/D converter that can handle it. I also still wish to carry my entire music library around with me, which limits my options.

I decided to try an iPod. The older iPods had a Wolfson-manufacturered ADC which had a good reputation and supported (in headline terms at least) 24/48. The iPod colour (aka "4th gen") and subsequent models have a large colour display. The click-wheel interface is also very nice. Apple have now discontinued the "classic" iPod and their second hand value has greatly increased, but I managed to get an older 5th generation model ("video", with a base capacity of 30G) whilst trading in some unwanted DVDs. The case was scratched to heck but a replacement was readily and cheaply available from auction sites.

Rockbox support in these iPods is pretty good, and you can mod the hardware to support CF or SD cards with kits such as the iFlash kits by Tarkan Akdam, which I picked up, along with a new 128G SD card.

Unfortunately I have found writing to the iPod to be very poor with Rockbox, but it's fine for playback, and booting the iPod in OF or DFU mode is very easy and works reliably.

Whilst Rockbox on the iPod works pretty well, installing it is far harder than on the Sandisk Sansa devices. The difficulty in my case is because rockbox requires a PC-formatted iPod to install, and I had a Mac-formatted one. I couldn't find a way to convert the iPod to PC format using a Mac. I tried doing so on a PC but for some reason the PC wasn't playing ball so I gave up after a few hours. In the end I assembled the filesystem by hand using dd(1) and dumps of partition tables from other people's iPods, via a Linux machine. This was enough to convince iTunes on Mac to restore it's hidden partition and boot software without reverting back to a Mac disklabel format.

Categories: Elsewhere

Daniel Pocock: Let's Encrypt torpedoes cost and maintenance issues for Free RTC

Planet Drupal - Mon, 11/07/2016 - 15:34

Many people have now heard of the EFF-backed free certificate authority Let's Encrypt. Not only is it free of charge, it has also introduced a fully automated mechanism for certificate renewals, eliminating a tedious chore that has imposed upon busy sysadmins everywhere for many years.

These two benefits - elimination of cost and elimination of annual maintenance effort - imply that server operators can now deploy certificates for far more services than they would have previously.

The TLS chapter of the RTC Quick Start Guide has been updated with details about Let's Encrypt so anybody installing SIP or XMPP can use Let's Encrypt from the outset.

For example, somebody hosting basic Drupal or Wordpress sites for family, friends and small community organizations can now offer them all full HTTPS encryption, WebRTC, SIP and XMPP without having to explain annual renewal fees or worry about losing time in their evenings and weekends renewing certificates manually.

Even people who were willing to pay for a single certificate for their main web site may have snubbed their nose at the expense and ongoing effort of having certificates for their SMTP mail server, IMAP server, VPN gateway, SIP proxy, XMPP server, WebSocket and TURN servers too. Now they can all have certificates.

Early efforts at SIP were doomed without encryption

In the early days, SIP messages would be transported across the public Internet in UDP datagrams without any encryption. SIP itself wasn't originally designed for NAT and a variety of home routers were created with "NAT helper" algorithms that would detect and modify SIP packets to try and work through NAT. Sadly, in many cases these attempts to help actually clash with each other and lead to further instability. Conversely, many rogue ISPs could easily detect and punish VoIP users by blocking their calls or even cutting their DSL line. Operating SIP over TLS, usually on the HTTPS port (TCP port 443) has been an effective way to quash all of these different issues.

While the example of SIP is one of the most extreme, it helps demonstrate the benefits of making encryption universal to ensure stability and cut out the "man-in-the-middle", regardless of whether he is trying to help or hinder the end user.

Is one certificate enough?

Modern SIP, XMPP and WebRTC require additional services, TURN servers and WebSocket servers. If they are all operated on port 443 then it is necessary to use different hostnames for each of them (e.g. turn.example.org and ws.example.org. Each different hostname requires a certificate. Let's Encrypt can provide those additional certificates too, without additional cost or effort.

The future with Let's Encrypt

The initial version of the Let's Encrypt client, certbot, fully automates the workflow for people using popular web servers such as Apache and nginx. The manual or certonly modes can be used for other services but hopefully certbot will evolve to integrate with many other popular applications too.

Currently, Let's Encrypt only issues certificates to servers running on TCP port 443. This is considered to be a privileged port whereas any port over 1023, including the default ports used by applications such as SIP (5061), XMPP (5222, 5269) and TURN (5349), are not privileged ports. As long as Let's Encrypt maintains this policy, it is necessary to either run a web server for the domain associated with each certificate or run the services themselves on port 443. Running the services themselves on port 443 turns out to be a good idea anyway as it ensures that RTC services can be reached through HTTP proxy servers who fail to let the HTTP CONNECT method access any other ports.

Many configuration tasks are already scripted during the installation of packages on a GNU/Linux distribution (such as Debian or Fedora) or when setting up services using cloud images (for example, in Docker or OpenStack). Due to the heavily standardized nature of Let's Encrypt and the widespread availability of the tools, many of these package installation scripts can be easily adapted to find or create Let's Encrypt certificates on the target system, ensuring every service is running with TLS protection from the minute it goes live.

If you have questions about Let's Encrypt for RTC or want to share your experiences, please come and discuss it on the Free-RTC mailing list.

Categories: Elsewhere

Daniel Pocock: Let's Encrypt torpedoes cost and maintenance issues for Free RTC

Planet Debian - Mon, 11/07/2016 - 15:34

Many people have now heard of the EFF-backed free certificate authority Let's Encrypt. Not only is it free of charge, it has also introduced a fully automated mechanism for certificate renewals, eliminating a tedious chore that has imposed upon busy sysadmins everywhere for many years.

These two benefits - elimination of cost and elimination of annual maintenance effort - imply that server operators can now deploy certificates for far more services than they would have previously.

The TLS chapter of the RTC Quick Start Guide has been updated with details about Let's Encrypt so anybody installing SIP or XMPP can use Let's Encrypt from the outset.

For example, somebody hosting basic Drupal or Wordpress sites for family, friends and small community organizations can now offer them all full HTTPS encryption, WebRTC, SIP and XMPP without having to explain annual renewal fees or worry about losing time in their evenings and weekends renewing certificates manually.

Even people who were willing to pay for a single certificate for their main web site may have snubbed their nose at the expense and ongoing effort of having certificates for their SMTP mail server, IMAP server, VPN gateway, SIP proxy, XMPP server, WebSocket and TURN servers too. Now they can all have certificates.

Early efforts at SIP were doomed without encryption

In the early days, SIP messages would be transported across the public Internet in UDP datagrams without any encryption. SIP itself wasn't originally designed for NAT and a variety of home routers were created with "NAT helper" algorithms that would detect and modify SIP packets to try and work through NAT. Sadly, in many cases these attempts to help actually clash with each other and lead to further instability. Conversely, many rogue ISPs could easily detect and punish VoIP users by blocking their calls or even cutting their DSL line. Operating SIP over TLS, usually on the HTTPS port (TCP port 443) has been an effective way to quash all of these different issues.

While the example of SIP is one of the most extreme, it helps demonstrate the benefits of making encryption universal to ensure stability and cut out the "man-in-the-middle", regardless of whether he is trying to help or hinder the end user.

Is one certificate enough?

Modern SIP, XMPP and WebRTC require additional services, TURN servers and WebSocket servers. If they are all operated on port 443 then it is necessary to use different hostnames for each of them (e.g. turn.example.org and ws.example.org. Each different hostname requires a certificate. Let's Encrypt can provide those additional certificates too, without additional cost or effort.

The future with Let's Encrypt

The initial version of the Let's Encrypt client, certbot, fully automates the workflow for people using popular web servers such as Apache and nginx. The manual or certonly modes can be used for other services but hopefully certbot will evolve to integrate with many other popular applications too.

Currently, Let's Encrypt only issues certificates to servers running on TCP port 443. This is considered to be a privileged port whereas any port over 1023, including the default ports used by applications such as SIP (5061), XMPP (5222, 5269) and TURN (5349), are not privileged ports. As long as Let's Encrypt maintains this policy, it is necessary to either run a web server for the domain associated with each certificate or run the services themselves on port 443. Running the services themselves on port 443 turns out to be a good idea anyway as it ensures that RTC services can be reached through HTTP proxy servers who fail to let the HTTP CONNECT method access any other ports.

Many configuration tasks are already scripted during the installation of packages on a GNU/Linux distribution (such as Debian or Fedora) or when setting up services using cloud images (for example, in Docker or OpenStack). Due to the heavily standardized nature of Let's Encrypt and the widespread availability of the tools, many of these package installation scripts can be easily adapted to find or create Let's Encrypt certificates on the target system, ensuring every service is running with TLS protection from the minute it goes live.

If you have questions about Let's Encrypt for RTC or want to share your experiences, please come and discuss it on the Free-RTC mailing list.

Categories: Elsewhere

DrupalEasy: Best Practices = Effective Government

Planet Drupal - Mon, 11/07/2016 - 14:52

When it comes to serving their constituents with effective online access, the Iowa Public Employee Retirement System keeps getting it right.

From the time IPERS was first deciding to shed their Dreamweaver framework a few years ago for something more robust, to ensuring that they have well-trained internal Drupal talent; the IPERS Application Programming Services and Communication teams rocked the process and aced the outcome by sticking with best practices.  

The IPERS APS and Communication teams chose Drupal through an extremely efficient process, focused on what other agencies had already put in place, how the transition went, and how the new framework was working out. The solution would of course have to be cost effective, ensure that the needs of the agency and their 700 daily users were met, be implemented in a timely way, and utilize the ability of their internal team to deliver and maintain high levels of service for years to come.

Carla Stoner

Carla Stoner, who has been with IPERS for 19 years, is the APS team member directly responsible for the technical function of the web site and coordination with the Office of the Chief Information Officer. APS and the Communication teams streamlined their selection process, using the experiences and examples of other Iowa agencies that had already upgraded their web sites. Once they narrowed down the field of potential frameworks, a final demo of DotNetNuke by a fellow state agency made Drupal the clear choice. They contracted and worked closely with an outside consulting company to develop the new IPERS site, which went live in the summer of 2015.

While the new build was going on, Carla was made aware of DrupalEasy’s Drupal Career Online program. “My supervisor was the one who found the DrupalEasy training course for me,” she explains, “He wanted a type of training that would have substance and not something that would last only a week and be crammed with spoon-fed work exercises.”

The DCO is long-form training with integrated instruction, an actively-engaged expert teacher (MIke Anello; ultimike on Drupal.org) focused on student learning, a built-in learning community, and comprehensive learning and resource materials. The program emphasizes Drupal best practices and community participation.

“My supervisor and I were both impressed with the length of the course, knowing that there would be a lot of material covered. We also liked the idea of all the ‘hands on’ experience…” she recalls. With this in mind, they decided to wait on formal training for Carla until her schedule allowed her to really engage. After the transition to the new site, she was encouraged to devote the 11+ hours per week to the 12-week session of the DCO that began that September.

“I had zero background in Drupal, but had used Dreamweaver, which gave me exposure to HTML and CSS,” she said. She continued, “...All of the topics covered in the DCO are very relevant to my work.  Even though our test and production environments are setup a bit differently from the norm (Drush and Git aren’t used as prevalently), learning these basic tools of Drupal have increased my skills for when I do get to use them.”

She added, “The DrupalEasy course is laid out in such a way that it keeps building on each segment. You don’t just learn it once and forget it.  Michael has you continually utilizing what you learned and then reapplying it... I also enjoyed the “community” we developed amongst ourselves, the classmates.  We helped each other.  Michael fostered an atmosphere that made learning fun... It helped build camaraderie.  I still feel that same camaraderie to this day.”

Carla’s learning also continues. “My DrupalEasy class ended last November (2015) and even now as I come across a request to change our website, I remember back to when Michael taught us how to accomplish that.  And if I don’t remember, I can always review the very handy screencasts he has done.”  She is also among the DCO alumni who take advantage of Mike’s open office hours every Thursday afternoon.“We all try to help each other. Even though I am by no means an expert...there are times that I feel I’m making a helpful suggestion or can see as I’m watching Michael demonstrate how to solve a person’s issue…,” she concludes.

IPERS transition to their Drupal site, starting with the selection of the framework, into the site development and continuing on with internal staff development demonstrates the effectiveness of using tried and true best practices.   They looked at their needs, found the most cost-effective solutions, and committed the time and effort to ensure the best possible outcomes. That’s effective government.

If you would like to learn more about Drupal Career Online, you can attend one of two Taste of Drupal informational workshops coming up in August and September. 

Categories: Elsewhere

Appnovation Technologies: Selling the Drupal Community to Those Here for the Code

Planet Drupal - Mon, 11/07/2016 - 14:15

Throughout the software development world there are many “evangelist” roles who sell the code to the community, but maybe we need the other side? Maybe we need to sell the community to the those who are just there for the code.

Categories: Elsewhere

Mediacurrent: Brain Food for Your Post-DrupalCon Slump

Planet Drupal - Mon, 11/07/2016 - 14:10

DrupalCon always provides many opportunities to discover new methods and tools, and this year’s conference in New Orleans was no different.

Categories: Elsewhere

Pages

Subscribe to jfhovinne aggregator - Elsewhere