Agrégateur de flux

Nathan Handler: Ohio Linux Fest

Planet Debian - dim, 09/10/2016 - 02:00

This weekend, I traveled to Columbus, Ohio to attend Ohio Linux Fest. I departed San Francisco early on Thursday. It was interesting getting to experience the luxurious side of flying as I enjoyed a mimosa in the American Express Centurion lounge for the first time. I even happend to cross paths with Corey Quinn, who was on his way to [DevOpsDays Boise].

While connecting in Houston, I met up with the always awesome José Antonio Rey, who was to be my travel companion for this trip. The long day of travel took its toll on us, so we had a lazy Friday morning before checking in for the conference around lunch time. I was not that interested in the afternoon sessions, so I spent the majority of the first day helping out at the Ubuntu booth and catching up with friends and colleagues. The day ended with a nice Happy Hour sponsored by Oracle.

Saturday was the main day for the conference. Ethan Galstad, Founder and CEO of Nagios, started the day with a Keynote about Becoming the Next Tech Entrepreneur. Next up was Elizabeth K. Joseph with A Tour of OpenStack Deployment Scenarios. While I’ve read plenty about OpenStack, I’ve never actually used it before. As a result, this demo and introduction was great to watch. It was entertaining to watch her login to CirrOS with the default password of cubswin:), as the Chicago Cubs are currently playing the San Francisco Giants in the National League Divisional Series (and winning). Unfortunately, I was not able to win a copy of her new Common OpenStack Deployments book, but it was great getting to watch her signing copies for other attendees after all of the hard work that went into writing the book.

For lunch, José, Elizabeth, and Svetlana Belkin all gathered together for an informal Ubuntu lunch.

Finally, it was time for me to give my talk. This was the same talk I gave at FOSSCON, but this time, I had a significantly larger audience. Practice definitely makes perfect, as my delivery was a lot better the second time giving this talk. Afterwards, I had a number of people come up to me to let me know that they really enjoyed the presentation. Pro Tip: If you ever attend a talk, the speaker will really appreciate any feedback you send their way. Even if it is a simple, “Thank You”, it really means a lot. One of the people who came up to me after the talk was Unit193. We have known each other through Ubuntu for years, but there has never been an opportunity to meet in person. I am proud to be able to say with 99% confidence that he is not a robot, and is in fact a real person.

Next up was a lesson about the /proc filesystem. While I’ve explored it a bit on my own before, I still learned a few tips and tricks about information that can be gained from the files in this magical directory.

Following this was a talk about Leading When You’re Not the Boss. It was even partially taught by a dummy (the speaker was a ventriloquist). The last regular talk of the day was one of the more interesting ones I attended. It was a talk by Patrick Shuff from Facebook about how they have built a load balancer than can handle a billion users. The slide deck was well-made with very clear diagrams. The speaker was also very knowledgeable and dealt with the plethora of questions he received.

Prior to the closing keynote was a series of lightning talks. These served as a great means to get people laughing after a long day of talks. The closing keynote was given by father and daughter Joe and Lilly Born about The Democratization of Invention. Both of them had very interesting stories, and Lily was quite impressive given her age.

We skipped the Nagios After Party in favor of a more casual pizza dinner.

Overall, it was a great conference, and I am very glad to have had the opportunity to attend. A big thanks to Canonical and the Ubuntu Community for fudning my travel through the Ubuntu Community Fund and to the Ohio Linux Fest staff for allowing me the opportunity to speak at such a great conference.

Catégories: Elsewhere

Norbert Tretkowski: Gajim plugins packaged for Debian

Planet Debian - dim, 09/10/2016 - 00:00

Wolfgang Borgert started to package some of the available Gajim plugins for Debian. At the time of writing, the OMEMO, HTTP Upload and URL Image Preview plugins are available in testing and unstable.

More plugins will follow.

Catégories: Elsewhere

Joachim Breitner: T430s → T460s

Planet Debian - sam, 08/10/2016 - 23:22

Earlier this week, I finally got my new machine that came with my new position at the University of Pennsylvania: A shiny Thinkpad T460s that now replaces my T430s. (Yes, there is a pattern. It continues with T400 and T41p.) I decided to re-install my Debian system from scratch and copy over only the home directory – a bit of purification does not hurt. This blog post contains some random notes that might be useful to someone or alternative where I hope someone can tell me how to fix and improve things.


The installation (using debian-installer from a USB drive) went mostly smooth, including LVM on an encrypted partition. Unfortunately, it did not set up grub correctly for the UEFI system to boot, so I had to jump through some hoops (using the grub on the USB drive to manually boot into the installed system, and installing grub-efi from there) until the system actually came up.

High-resolution display

This laptop has a 2560×1440 high resolution display. Modern desktop environments like GNOME supposedly handle that quite nicely, but for reasons explained in an earlier post, I do not use a desktop envrionment but have a minimalistic setup based on Xmonad. I managed to get a decent setup now, by turning lots of manual knobs:

  • For the linux console, setting

    FONTFACE="Terminus" FONTSIZE="12x24"

    in /etc/default/console-setup yielded good results.

  • For the few GTK-2 applications that I am still running, I set

    gtk-font-name="Sans 16"

    in ~/.gtkrc-2.0. Similarly, for GTK-3 I have

    [Settings] gtk-font-name = Sans 16

    in ~/.config/gtk-3.0/settings.ini.

  • Programs like gnome-terminal, Evolution and hexchat refer to the “System default document font” and “System default monospace font”. I remember that it was possible to configure these in the GNOME control center, but I could not find any way of configuring these using command line tools, so I resorted to manually setting the font for these. With the help from Alexandre Franke I figured out that the magic incarnation here is:

    gsettings set org.gnome.desktop.interface monospace-font-name 'Monospace 16' gsettings set org.gnome.desktop.interface document-font-name 'Serif 16' gsettings set org.gnome.desktop.interface font-name 'Sans 16'
  • Firefox seemed to have picked up these settings for the UI, so that was good. To make web pages readable, I set layout.css.devPixelsPerPx to 1.5 in about:config.

  • GVim has set guifont=Monospace\ 16 in ~/.vimrc. The toolbar is tiny, but I hardly use it anyways.

  • Setting the font of Xmonad prompts requires the sytax

    , font = "xft:Sans:size=16"

    Speaking about Xmonad prompts: Check out the XMonad.Prompt.Unicode module that I have been using for years and recently submitted upstream.

  • I launch Chromium (or rather the desktop applications that I use that happen to be Chrome apps) with the parameter --force-device-scale-factor=1.5.

  • Libreoffice seems to be best configured by running xrandr --dpi 194 before hand. This seems also to be read by Firefox, doubling the effect of the font size in the gtk settings, which is annoying. Luckily I do not work with Libreoffice often, so for now I’ll just set that manually when needed.

I am not quite satisfied. I have the impression that the 16 point size font, e.g. in Evolution, is not really pretty, so I am happy to take suggestions here.

I found the ArchWiki page on HiDPI very useful here.

Trackpoint and Touchpad

One reason for me to sticking with Thinkpads is their trackpoint, which I use exclusively. In previous models, I disabled the touchpad in the BIOS, but this did not seem to have an effect here, so I added the following section to /etc/X11/xorg.conf.d/30-touchpad.conf

Section "InputClass" Identifier "SynPS/2 Synaptics TouchPad" MatchProduct "SynPS/2 Synaptics TouchPad" Option "ignore" "on" EndSection

At one point I left out the MatchProduct line, disabling all input in the X server. Had to boot into recovery mode to fix that.

Unfortunately, there is something wrong with the trackpoint and the buttons: When I am moving the trackpoint (and maybe if there is actual load on the machine), mouse button press and release events sometimes get lost. This is quite annoying – I try to open a folder in Evolution and accidentially move it.

I installed the latest Kernel from Debian experimental (4.8.0-rc8), but it did not help.

I filed a bug report against libinput although I am not fully sure that that’s the culprit.

Update: According to Benjamin Tissoires it is a known firmware bug and the appropriate people are working on a work-around. Until then I am advised to keep my palm of the touchpad.

Also, I found the trackpoint too slow. I am not sure if it is simply because of the large resolution of the screen, or because some movement events are also swallowed. For now, I simply changed the speed by writing

SUBSYSTEM=="serio", DRIVERS=="psmouse", ATTRS{speed}="120"

to /etc/udev/rules.d/10-trackpoint.rules.

Brightness control

The system would not automatically react to pressing Fn-F5 and Fn-F6, which are the keys to adjust the brightness. I am unsure about how and by what software component it “should” be handled, but the solution that I found was to set

Section "Device" Identifier "card0" Driver "intel" Option "Backlight" "intel_backlight" BusID "PCI:0:2:0" EndSection

so that the command line tool xbacklight would work, and then use Xmonad keybinds to perform the action, just as I already do for sound control:

, ((0, xF86XK_Sleep), spawn "dbus-send --system --print-reply --dest=org.freedesktop.UPower /org/freedesktop/UPower org.freedesktop.UPower.Suspend") , ((0, xF86XK_AudioMute), spawn "ponymix toggle") , ((0, 0x1008ffb2 {- xF86XK_AudioMicMute -}), spawn "ponymix --source toggle") , ((0, xF86XK_AudioRaiseVolume), spawn "ponymix increase 5") , ((0, xF86XK_AudioLowerVolume), spawn "ponymix decrease 5") , ((shiftMask, xF86XK_AudioRaiseVolume), spawn "ponymix increase 5 --max-volume 200") , ((shiftMask, xF86XK_AudioLowerVolume), spawn "ponymix decrease 5") , ((0, xF86XK_MonBrightnessUp), spawn "xbacklight +10") , ((0, xF86XK_MonBrightnessDown), spawn "xbacklight -10")

The T460s does not actually have a sleep button, that line is a reminiscence from my T430s. I suspend the machine by pressing the power button now, thanks to HandlePowerKey=suspend in /etc/systemd/logind.conf.

Profile Weirdness

Something strange happend to my environment variables after the move. It is clearly not hardware related, but I simply cannot explain what has changed: All relevant files in /etc look similar enough.

I use ~/.profile to extend the PATH and set some other variables. Previously, these settings were in effect in my whole X session, which is started by lightdm with auto-login, followed by xmonad-session. I could find no better way to fix that than stating . ~/.profile early in my ~/.xmonad/xmonad-session-rc. Very strange.

Catégories: Elsewhere

Rob Bayliss: A Scalable Pattern for Displaying Simple Remote Data in Drupal 8

Planet Drupal - sam, 08/10/2016 - 22:19

Let's imagine a scenario where you need to display some data from a remote service to the user. Instagram, for example. You want to grab the 6 most recent posts, pass them through some theming, then output them into a block. How would you go about doing that? In Drupal 7, one possible approach might look like this.

Catégories: Elsewhere

Charles Plessy: I just finished to read the Imperial Radch trilogy.

Planet Debian - sam, 08/10/2016 - 17:29

I liked it a lot. There are already many comments on Internet (thanks Russ for making me discover these novels), so I will not go into details. And it is hard to summarise without spoiling. In brief:

The first tome, Ancillary Justice, makes us visit various worlds and cultures, and give us an impression of what it feels to be a demigod. The main culture does not make a difference between the two sexes, and the grammar of its language does not have genders. This gives an original taste to the story, for instance when the hero speaks a foreign language, he has difficulties to correctly address people without risking to frown them. Unfortunately the English language itself does not use gender very much, so the literary effect is a bit weakened. Perhaps the French translation (which I have not read) could be more interesting in that respect?

The second tome, Ancillary Sword, shows us how one can communicate things in a surveillance society without privacy, by subtle variations on how to serve tea. Gallons of tea are drunk in this tome, of which the main interest is the relation between the characters and heir conversations.

In the third tome, Ancillary Mercy, asks the question of what makes us human. Among the most interesting characters, there is a kind of synthetic human, who acts as ambassador for an alien race. At first, he indeed behaves completely alien, but in the end, he is not very different from a newborn who would happen by miracle to know how to speak: in the beginning the World makes no sense, but step by step and by experimenting, he deduces how it works. This is how this character ends up understanding that what is called "war" is a complex phenomenon where one of the consequences is a shortage of fish sauce.

I was a bit surprised that no book lead us at the heart of the Radch empire, but I just see on Wikipedia that one more novel is in preparation... One can speculate that central Radch resembles to a future dystopian West, in which surveillance of everybody is total and constant, but where people think they are happy, and peace and well-being inside are kept possible thanks to military operations outside, mostly performed by killer robots controlled by artificial intelligences. A not so distant future ?

It is a matter of course that there does not seem to by any Free software in the Radch empire. That reminds me that I did not contribute much to Debian while I was reading...

Catégories: Elsewhere

Norbert Preining: Debian/TeX update October 2016: all of TeX Live and Biber 2.6

Planet Debian - sam, 08/10/2016 - 06:45

Finally a new update of many TeX related packages: all the texlive-* including the binary packages, and biber have been updated to the latest release. This upload was delayed by my travels around the world, as well as the necessity to package a new Perl module (libdatetime-calendar-julian-perl) as required by new Biber. Also, my new job leaves me only the weekends for packaging. Anyway, the packages are now uploaded and should appear soon on your friendly local server.

There are several highlights: The binaries have been patched with several upstream fixes (tex4ht and XeTeX compatibility, as well as various Japanese TeX engine fixes), updated biber and biblatex, and as usual loads of new and updated packages.

Last but not least I want to thank one particular author: His package was removed from TeX Live due to the addition of a rather unusual clause in the license. Instead of simply uploading new packages to Debian with the rather important removed, I contacted the author and asked for clarification. And to my great pleasure he immediately answered with an update of the package with fixed license.

All of us user of these many packages should be grateful to the authors of the packages who invest loads of their free time into supporting our community. Thanks!

Enough now, here as usual the list of new and updated packages with links to their respective CTAN pages. Enjoy.

New packages

addfont, apalike-german, autoaligne, baekmuk, beamerswitch, beamertheme-cuerna, beuron, biblatex-claves, biolett-bst, cooking-units, cstypo, emf, eulerpx, filecontentsdef, frederika2016, grant, latexgit, listofitems, overlays, phonenumbers, pst-arrow, quicktype, revquantum, richtext, semantic-markup, spalign, texproposal, tikz-page, unfonts-core, unfonts-extra, uspace.

Updated packages

achemso, acmart, acro, adobemapping, alegreya, allrunes, animate, arabluatex, archaeologie, asymptote, attachfile, babel-greek, bangorcsthesis, beebe, biblatex, biblatex-anonymous, biblatex-apa, biblatex-bookinother, biblatex-chem, biblatex-fiwi, biblatex-gost, biblatex-ieee, biblatex-manuscripts-philology, biblatex-morenames, biblatex-nature, biblatex-opcit-booktitle, biblatex-phys, biblatex-realauthor, biblatex-science, biblatex-true-citepages-omit, bibleref, bidi, chemformula, circuitikz, cochineal, colorspace, comment, covington, cquthesis, ctex, drawmatrix, ejpecp, erewhon, etoc, exsheets, fancyhdr, fei, fithesis, footnotehyper, fvextra, geschichtsfrkl, gnuplottex, gost, gregoriotex, hausarbeit-jura, ijsra, ipaex, jfontmaps, jsclasses, jslectureplanner, latexdiff, leadsheets, libertinust1math, luatexja, markdown, mcf2graph, minutes, multirow, mynsfc, nameauth, newpx, newtxsf, notespages, optidef, pas-cours, platex, prftree, pst-bezier, pst-circ, pst-eucl, pst-optic, pstricks, pstricks-add, refenums, reledmac, rsc, shdoc, siunitx, stackengine, tabstackengine, tagpair, tetex, texlive-es, texlive-scripts, ticket, translation-biblatex-de, tudscr, turabian-formatting, updmap-map, uplatex, xebaposter, xecjk, xepersian, xpinyin.


Catégories: Elsewhere

Phponwebsites: Disable future dates in date popup - Drupal 7

Planet Drupal - ven, 07/10/2016 - 20:15
     This blog describes how to disable future dates in the Drupal 7. One of the features in the date  module is displayed the date in the pop-up.

The use case is if you want to display only past & current date rather than all the dates in the pop-up, then how to do it in Drupal 7. Actually, the date module provides API called hook_date_popup_process_alter to alter the date_popup widget elements.

Example for disabling future dates in Drupal 7:
   For instance, I am going to disable future dates in the article content type. Please consider the following code snippet.

 * Implement hook_date_popup_process_alter().
function phponwebsites_date_popup_process_alter(&$element, &$form_state, &$context) {

  if ($form_state['complete form']['#form_id'] == 'article_node_form' && $element['#field']['field_name'] == 'field_date') {
    $max = 0;

  if (isset($element['#datepicker_options']['maxDate'])) {
    $max = $element['#datepicker_options']['maxDate'];

  if (isset($max)) {
    $element['#datepicker_options'] = array(
      'maxDate' => "+$max D",
  $element['date'] = date_popup_process_date_part($element);
   I've disabled the dates only if the form is article & the field name is field_date. After added the above code to your module, you could see disabled future dates in the date pop up. It looks like the below image:

   Now I've hope you know how to disable the future dates at the date module in Drupal 7.

Related articles:
Remove speical characters from URL alias using pathauto module in Drupal 7
Add new menu item into already created menu in Drupal 7
Add class into menu item in Drupal 7
Create menu tab programmatically in Drupal 7
Add custom fields to search api index in Drupal 7
Clear views cache when insert, update and delete a node in Drupal 7
Create a page without header and footer in Drupal 7
Login using both email and username in Drupal 7
Catégories: Elsewhere

FFW Agency: The ABC's of Drupal: Article, Base Theme, Content

Planet Drupal - ven, 07/10/2016 - 19:51
The ABC's of Drupal: Article, Base Theme, Content Ray Saltini Fri, 10/07/2016 - 17:51

For anyone who's ever looked up a definition of a Drupal term and been left wondering what it all means, here are some practical real world explanations you can use to navigate the Drupalverse. Watch this space and use comments to send us your feedback and requests.

Article: While newspapers and magazines have articles, the term 'Article' in Drupal denotes something more specific. An Article is one of two content types that have come preconfigured with Drupal since Drupal 7. As a content type, an Article is made up of Title, Body, Image, and Tag fields.

All content types are part of Drupal’s core fields system and can be customized with different fields. The output of an Article is usually configured to appear either as a teaser or a full version, which is sometimes referred to as the default or as a node. Unless your home page has been customized, article teasers will appear on your home page as a river of news with older items sinking to the bottom. This makes it easy to begin building a site with time sensitive content such as a blog. Most home pages are even customized so that selecting the ‘promote to front page’ toggle has no visible effect. If this happens to you, don't worry! Your site is not broken. It's just Articles at work.

Base Theme and Themes: A theme in Drupal is a collection of CSS, template files, and javascript that helps determine the look and feel of a Drupal website or application.

A theme typically defines different regions in code which can then be used to place various elements via configuration in a user interface. Base Themes are a common way of standardizing and optimizing Drupal front end development. They enable developers to focus on CSS styling and javascript without having to manipulate Drupal internals. A variety of different methods can be used to essentially copy and customize the styling of a base theme.

Among the advantages of using a base theme are less risk from custom coding and updates often provided by base theme maintainers that enable greater functionality or enhanced security. Some base themes make it easier to build a theme based on a popular published library, such as Twitter Bootstrap. Organizations often develop their own themes and use them internally as a base theme for different projects.

As a note: base themes typically only work with a given Drupal major version. For example, Drupal 7 theme will not work with a Drupal 6 or 8 theme. Major changes have taken place in theme development between Drupal 7 and the current version Drupal 8. But don't worry! Drupal 8 includes a new templating engine called Twig. Twig is a Symfony framework component that eliminates the necessity to write preprocess functions and other code. Generally, that's often not part of a front-end developers skill set, so Twig makes it easier than ever for front-end developers to create responsive and other advanced designs.

Content: The word "Content" can mean different things to different people, especially when Drupal is involved. When speaking to a Drupalist who’s been around for many versions, it may mean only something created by Drupal’s core node module or anything that has been created via a content type form by clicking on an ‘add content’ link. Others will use it to represent anything presented on a webpage.

Depending on who you are talking to and what their role is, this can lead to confusing discussions or debates about whether something is Content or something else. The best way to deal with this on a project is to understand the other definitions and always ask the speaker to please define what Content means to them. 

For example, Content can be structured or unstructured. (The preferred best practice in Drupal is always structured content validated at the field level.) Comments, images, and file attachments may also be considered Content. Images and file attachments are often referred to as assets because they are stored in a file system. In Drupal 8 you are more likely to hear this kind of Content referred to as an Entity, which thankfully simplifies the conversation.

Tagged with Comments
Catégories: Elsewhere

Acquia Developer Center Blog: How Indigo Herbs runs its whole business on Drupal!

Planet Drupal - ven, 07/10/2016 - 19:15

In December 2015, I sat down with Michael Hanby-Director-and Tawney Bartlett-Website Coordinator-from Indigo Herbs in Glastonbury, England and dug into their history with Drupal and just how much of their business they run with it. Tawney is really inspiring: she learned Drupal and its component and supporting technologies--Git, Javascript, PHP, and much more--on the job at Indigo. She says she's fallen in love with Drupal. I say she's become a Drupalist to reckon with and should be a role model for others. Open source, #ftw!

This interview, particularly the last third, is full of some great "Why Drupal?" soundbites from a sensible business perspective. Well worth listening to! A full transcript follows below as well.

"If you are a small business and you want to develop a tech competency, I don’t know why you’ll do anything but Drupal because apart from the fact that it’s free, you’ve got this huge community that’s not just willing to give you the answers but wants to help you. What I think is one of the most awesome things about open source is that by asking a question, you are contributing to the project. It’s so cool. Just by asking the question that no one’s asked, you are contributing to the documentation that’s going to help someone else, it’s such a virtuous cycle." - Michael Hanby, Indigo Herbs

In Drupal "everyone is so accepting and everyone’s so willing to teach people and help people grow within the community. It stands out from the crowd, it’s just a fascinating thing that everyone loves technology and everyone does it because they want to make this amazing thing and if something goes wrong, no one judges them for it. Everyone tries to help to get it working and to me that just sounds absolutely amazing, it’s missing from the world I think. The community of Drupal, if that was applied to everything, then it would be such a better place." - Tawny Bartlett, Indigo Herbs

Mentioned during the conversation
  • Indigo Herbs, according to Michael "Indigo Herbs is a manufacturer of natural health products. We make beautiful things that will make your life better. Come and check out and discover the natural lifestyle that we offer."
  • Drupal Somerset
  • Paragraphs module
  • Heath Robinson, according to Wikipedia, "William Heath Robinson (31 May 1872 – 13 September 1944) was an English cartoonist and illustrator best known for drawings of ridiculously complicated machines for achieving simple objectives."
Conversation video

In the Indigo Herbs Common Room ... full transcription starts here.

jam: We established that everybody – that the whole couch is fair game, right?

Tawny Bartlett: Yes.

Michael Hanby: Yes, it does seem to be.

jam: It feels like a lovely Saturday morning and this place really, really feels like a university common room to me. It really – nice cinder block walls, a comfy couch and a warm cup of the brown stuff. It is really, really comfortable. So, please introduce yourself.

Tawny Bartlett: To the camera?

jam: Hello, camera.

Tawny Bartlett: Hello, camera. My name is Tawny Bartlett. I am the Website Coordinator at Indigo Herbs. I do a lot of coding. I do HTML, CSS, PHP, Git, LESS and various other things. I have a growing love of technology and in all honesty I want to be a super hero in technology one day, that is my goal. I want to be an amazing Drupal developer, that is why I’ve made the decision for my life is that I want to be an amazing Drupal developer and I want to – I just want to be an expert and I want to help everyone else. I want to help people that used to be me three years ago to the Drupal.

jam: My impression, having met you before, is that you’re already well down the road to being a Drupal super hero, so thank you.

Tawny Bartlett: Got to be better.

Michael Hanby: I am Michael Hanby and I’m a director at Indigo Herbs, and tech is one of responsibilities. I’ve loved Drupal work long before Indigo Herbs and I’m very lucky because Tawny is on my team.

jam: So I am in Somerset in the southwest of the U.K. and had the wonderful opportunity to reconnect with a bunch of Drupal friends this week for the Drupal Somerset Christmas Meet-Up. I think we ...

Michael Hanby: It was our Christmas do, really.

jam: Right. We had a lovely pub meal and everything and I got to talking with Michael and Tawny about what they do. We met for the first time I guess at Drupal Camp Bristol 2015.

Michael Hanby: That’s right.

How Michael got his start with Drupal

jam: You caught my attention because how you run your business and how your business came about really fascinated me, and there’s this – in your case especially, there’s this chicken-and-egg situation about Drupal and business, right? You were already interested in Drupal before this business came around.

Michael Hanby: Before this business, yes.

jam: So how did you discover Drupal?

Michael Hanby: I discovered Drupal after I’ve been away travelling. I did the corporate thing for a bit, I went away travelling. When I came back we wanted to do – a friend and I wanted to do a website for an idea that we’ve been playing with whilst we were travelling. We have this thing Antiquarian Society, we’ve been looking – we’re into archeo-astronomy, looking for ancient alignments and watching the sun come up and set and all that sort of stuff.

jam: Can I just point out here that you’re from Glastonbury?

Michael Hanby: Well, I wasn’t born in Glastonbury but I do now live in Glastonbury and that’s alright.

jam: This is a very Glastonbury conversation we’re having.

Michael Hanby: This is normal in Glastonbury. It’s probably a bit strange in other parts of the Internet but...

jam: I had to say it ...

Michael Hanby: It’s a slightly niche subject which the Internet’s brilliant for of course, and we wanted a website anyway. I’d done a bit of HTML and I’d got into graphic design, and the guy that I was mucking about with this idea with was like, “Oh, what about Drupal? I’ve heard that Drupal’s quite cool.” This is back in the days of Drupal 5, so we have some web hosting and we have one of those one-click installs for various different packages, and I one-clicked Drupal and started playing with it. That was Drupal 5 and it was quite cool, it was relatively intuitive. I could change the way it looked by playing with the CSS and I could build what I wanted to build with it, and it was great.

jam: I hear that from very few people that, “Oh! Open up Drupal, it’s totally intuitive and I just got straight to work.” What was your background?

Michael Hanby: Well, I had come from a pretty tech background. I was never a developer but I’d been a business analyst and I’d managed tech teams. I was familiar with tech and tech processes, how data works and stuff like that so I guess it was easier – I think if you were a complete newbie, that would be the case more so then than now but back then it was really like, “Oh, there’s a really steep learning curve with Drupal.” I don’t know, I hacked it I guess. It was fine. Also, the other thing that was really cool about it was that it’s really easy to find out. If you don’t know the answer, it’s really easy to find out the answer. Someone’s probably asked the question somewhere and that was the case back in the days of Drupal 5 and now, it’s still the case but it’s way, way more advanced.

jam: Right. So community documentation is pretty good simply because there’s a very large mass of us doing this. Back in Drupal 5 days, there were thousands of our friends that you could ask easily for the answer and now, frankly, there are tens of thousands of people.

Michael Hanby: Exactly.

jam: So why did you stick with Drupal? You must be using for eight, nine years at this point.

Michael Hanby: Well, at some point after that I started working with Indigo Herbs and it was just Steve in his shed in the garden, and it was that kind of business at the time. Almost straight away - because I'd built a community type thing already on Drupal - almost straight away I was thinking I could see how this business could use that community-type platform to create a community, to generate brand awareness and all sorts of different things, and provide a useful function to be totally honest with you. I could see potential applications and we weren't on Drupal and I was itching to move something on to Drupal and start to use Drupal to do some of that stuff, and that’s what happened eventually.

jam: So you were just hooked. There was no question that there was going to be anything else?

Michael Hanby: I did play with WordPress for a bit and our first blog was actually a WordPress, and that was cool because I actually learned – some of my first bits of PHP actually are on WordPress and that gave me enough to get going on some Drupal.

jam: So in a bit, I want to get back to this business and the tie-in between doing good, ethics, community and all of these things that I think are a really good fit between Drupal and what you do. How did you find out about Drupal?

Tawny met Drupal on the job

Tawny Bartlett: Well, I found out Drupal through Indigo Herbs and the weird thing about me working in Indigo Herbs is I actually applied for a dispatch position.

jam: Which would be?

Tawny Bartlett: Just sending orders out.

jam: Taping up boxes?

Tawny Bartlett: Taping up packages and sending them out to customers and I actually said in my interview, “Oh, well if you ever want help for your website, I’d be interested in learning.”

jam: You knew some ... ?

Tawny Bartlett: HTML.

jam: Already.

Tawny Bartlett: So when I was little, I used to make little HTML websites and stuff just for some fun. Back when you had font tags. So that was quite fun. So then yes, I basically said that I could help with the website so when I first started we had a wholesale website on Drupal, so that’s our main distributing to shops and stuff, that’s our wholesale site. My first job was just basically data entry. And basically as it grew, I used to ... We use Git to version control Drupal and I used to have to ask Michael to put modules on Drupal for me because I didn’t know Git. So basically, over time I had to learn more and more because Michael wouldn’t be in some days. I’d be putting a module on Drupal so I just learned Git. I learned Drupal, I learned modules. And like Michael said, the community is just amazing. If you get stuck, there's pretty much an answer for it already and if there isn’t an answer for it, you can just ask a question and someone will answer already. So yes, I just fell in love with Drupal, it’s the best CMS in my opinion. It’s so flexible.

jam: Your leaning strategy was completely pragmatic, whatever you need to do to get your job done as soon as you hit a block then you learn a new thing and you learn new thing.

Tawny Bartlett: Yes, that’s basically what happened. Basically, that’s happened really extremely in Indigo. Firstly it’s Drupal front end stuff, moving blocks around the themes and stuff, then obviously I went to Git – I had to learn Git because we did version control, so I have to do that without Michael. Then CSS, I learned CSS.

jam: Right, and all the site builder stuff.

Tawny Bartlett: All the site – yes, all the site builder stuff but I find it quite easy ...

jam: Well, we’ve put years of effort into trying to make the user interface useful so ...

Tawny Bartlett: Yes, exactly. Views and stuff are just phenomenal, in comparison to any other CMS it’s just so easy to use and literally you can do anything on the front end but as our needs kept getting bigger and bigger, I learned View templates, I learned node templates, I learned – I had to learn PHP to start doing templates. So yes, it’s CSS, PHP then we went and did a custom framework so I learned LESS. So basically over the three years I’ve worked at Indigo, I’ve just learned so many different languages, obviously started to learn Javascript and stuff ... But yes, that is the case, we hit a wall and then we got over it. I’ve actually written a few modules in Drupal as well for Indigo.

jam: Right. When we first met, my strong impression of you was that you’re pretty hardcore tech now.

Tawny Bartlett: Yes, well, I’d like to think so anyway.

jam: What’s your job title, if that matters?

Tawny Bartlett: I’m actually Website Coordinator.

jam: Website Coordinator, which could be almost anything but that’s ...

Michael Hanby: It could be almost anything.

jam: Right. Fantastic. What’s your favorite thing about Drupal?

Tawny Bartlett: I think it’s the fact that literally you can say, “Can I do this to Drupal?” and the answer is pretty much always going to be yes. You can do anything in Drupal, there are no walls, you can just do anything you want and the fact that it’s just so flexible and - to me it’s just so easy, there’s no restrictions. You can just do whatever you want and if I can say two things, the community is amazing.

What how is Drupal community for newbies?

jam: So talk about showing up with relatively little experience and having a lot of questions. How was that experience, going out to events and meeting Drupal people?

Tawny Bartlett: It’s been fantastic, just in terms of the forums and stuff. Obviously, if a module is not working the way want it to be, you’ll find someone’s patched it already and they’re not going to commit it to the newest version but you can just patch it. Then, I’ve asked questions and people have provided patches to me and stuff, so people have been super helpful and they fixed things where I’ve been pulling my hair out and people just fixed it. Just out of the goodness of their hearts, and everyone’s just doing it for the passion of Drupal. Then, when I went to Drupal events, my first time at Drupal Somerset, Stefan helped us with the – we couldn’t get maps we’re working on Drupal, we just couldn’t figure out how to do it and he just instantly showed us how to do it and ever since then we’ve been using maps. The last Drupal Somerset that we had, Chris showed us how to use Paragraphs ...

jam: Which is amazing.

Tawny Bartlett: ...which is absolutely fantastic.

Michael Hanby: We’ve implemented that almost straight away. Partly by luck, we happened to have something on that just fitted perfectly.

jam: You had a use case ready for that.

Michael Hanby: Yes. The case is ready, she just took it away from the little meet-up and...

jam: The day after the meet-up.

Tawny Bartlett: Right.

Michael Hanby: Exactly that.

jam: I love that Drupal community’s completely opene arms approach to new people and to anyone who’s willing to ask respectfully and listen - mentoring, teaching, endless hours of volunteering. There’s a lot of enlightened self-interest in it in that, “Well, hey if I patch something that’s broken for you well then it’s not broken for me either anymore.” But somehow, there’s an incredibly positive energy around this that I find to some degree in the broader PHP communities, but not to the extent somehow. It’s a very happy place.

About Indigo Herbs

jam: We’re at Indigo Herbs in Glastonbury, just so that people not from around here know, pretty much the center of all “hippiedom” in Europe, frankly ...

Michael Hanby: Well, Glastonbury has been a center of pilgrimage probably before history. There’s an abbey here, the monks were really big here. They’ve got that ecclesiastic in the sort of ...

jam: It’s in the part of the country where there’s Stonehenge and there’s the lay lines, and there’s this special hill with the magic path to walk around in Salisbury. It’s not too far away so ...

Michael Hanby: It’s not so far away, no.

jam: Anyway, so it’s a really appropriate place to have herbs, natural remedies nutrition kind of a business.

Michael Hanby: It is. I like to think that the monks were doing it hundreds and hundreds of years ago, exactly the same thing. We’re a bit like that.

jam: I like to think that all the beers that they brewed was also medicinal.

Michael Hanby: Of course.

jam: So I’m holding this package of Ashwagandha powder and I happen to know that – not this very package, but this hundred grams of this stuff is pretty much why we’re sitting here today. How did Indigo Herbs get started?

Michael Hanby: Well, this is an interesting part of – this is I suppose to seed of Indigo herb. So the story is that many years ago, Steve wanted some Ashwagandha powder and he went to find some on the Internet and he couldn’t buy a hundred grams, he could only buy five kilos.

jam: So Steve just wanted a little bit.

Michael Hanby: He wants a bit for himself and he could only buy a lot more than that, so he bought a lot more than that, took what he wanted, and put the rest on eBay.

jam: He packed that up in small packages?

Michael Hanby: I guess, yes. I think that was his lightbulb moment of, "Ooh! Hold on, this is a big one."

jam: There’s a value-add here in delivering manageable quantities. When was that and when did you become part of this?

Michael Hanby: That was about 12 years ago. Nobody did anything like this on the Internet really back then, and then I became part of it probably about two or three years in – Steve needed some graphic design work done and I got involved doing the graphic design work and did a bit more, did a lot of web work, we had to move a lot of stuff around on the website and I thought, “This looks like quite an interesting business.” I’ve got a background – before I left and went travelling, I did an MBA and I’ve got a background in business so I was like, “This is interesting, there’s a nice business idea here and I could see how we could develop this.” It grew from that.

jam: You don’t have a storefront. Has it always been an online business?

Michael Hanby: It’s always been an online business.

jam: What sort of technologies were you using to – I guess you do B2B and B2C ...

Michael Hanby: Well, it’s mainly B2C.

jam: What sort of – how are you online?

Michael Hanby: Back in those days, we used a piece of software called Actinic which is basically a Microsoft Access database with a Windows front end you create your pages and what have you, and then you press a button and it FTP’s it all up server as static HTML with a bit of Perl to do the shopping cart, basically.

jam: Which frankly, in 2015, you’re coming full circle and that doesn’t sound super different to Sculpin or Jekyl, right?

Michael Hanby: Right.

jam: Which are the hip, cool static site generators are great now. So static site generators - totally cool, except that you cannot ...

Michael Hanby: Well, that you can’t really have a lot of rich functionality. Forget user-generated content.

jam: So was that like, “Oh, I want this stuff. Here’s the place where you have to fax your order,” sort of ... ?

Michael Hanby: Well now, it did have a Perl ... It wasn’t quite as bad as that. There was a shopping cart function which was written in Perl and you could download the orders every day, so there was a bit of functionality but it wasn’t very dynamic, it wasn’t very rich.

Tawny Bartlett: Main downfall was that we had to use it for one computer.

Michael Hanby: That’s right. It sat on one computer.

jam: Oh, because that was where the database was.

Michael Hanby: So you couldn’t have somebody over there processing the orders and somebody else over here writing content. This was impossible.

jam: Wow. Okay. So content 10 to 12, orders 12 to 2 ...

Indigo goes Drupal

Michael Hanby: Something like that, yes. It was obviously not going to happen. And I'd used Drupal for really interesting community-base things, and a lot of people that are into Indigo Herbs are practitioners of some sort of natural healing profession and I could see the potential for a community.

jam: Community-minded people anyway, people interested in making a difference, making the world a better place, spreading the message about whatever they do, right?

Michael Hanby: Yes. Actually, it’s a bit more prosaic in that in the final analysis with Indigo because we provide lots of fantastic natural health products. What we don’t provide is advice or medical diagnosis or anything like that. We sell herbs, super foods and great products but we’re not health carers and a lot of customers would come to us saying, “Look, I’ve got this problem. Can you help what shall I do?” We just can’t help.

jam: You probably also don’t want that liability.

Michael Hanby: Well, exactly. We’re not qualified to do it quite frankly, but plenty of people are so that was the idea behind our practitioners’ directory. We’ve got and Internet presence. Lots of people come to it looking for help that we can’t give but there are a load of people who can give it so it seems obvious to create a place where they can create a profile, put themselves on our website and then they can then provide a service that our customers might come to us to look for but which we can’t provide.

jam: So was that the seed of the community site idea and that was the gateway drug to Drupal?

Michael Hanby: It wasn’t actually, no, because prior to that we knew that we wanted to move it a bit more into wholesale and not just do B2C. So we built a Drupal eCommerce site, that was the first bit of Drupal really. We built a Drupal eCommerce site and migrated our blog from WordPress onto Drupal, it seemed obvious not to have too many platforms running at the same time.

jam: You’d think it’s obvious, right? We run into so many--we being all of us who with any clients of any size--run into shops that use five or 20 or 30 different technologies.

Michael Hanby: Well, from the business perspective, the driver for doing is that often the quickest way to get what you want in the moment is just to stick the other bit on, but the danger is you end up with this Heath Robinson of a system and it doesn’t always hold together. There are other benefits of having everything on one platform because you will think--this is my experience--you will think of ideas for doing things that you won’t think of now but you’ll think of them down the road. It’s easier to implement if everything’s all in one place and that’s one of the other great things about Drupal because you can do so much with it, you can make everything in one place and there’s so much benefit to that.

jam: I was telling you the other night that he speaks in perfect sound bites. You’ve just proven me right again. Thank you, thank you. I just have to wind him up and let him go.

Michael Hanby: You do!

jam: So how long have you been with Indigo now?

Tawny Bartlett: Three years in March.

jam: Was the company already on Drupal 7 at that point?

Tawny Bartlett: Yes.

Michael Hanby: Yes, it probably was.

Tawny Bartlett: Our original wholesale site was on Drupal 7. So we have the wholesale site and then we created the practitioners’ directory, which was the map thing. We’ve created maps so they can put their practitioner locations on the map. Then brought the blog over from WordPress, basically we’ve got massive natural health guides being on our Drupal site – Drupal is the content side of our site. We do actually have a multiplatform site. As I mentioned before we got a Magento-Drupal website and so we got two platforms and they ...

jam: That’s a common integration though. Magento does a lot of eCommerce stuff really, really well clearly and it’s PHP ...

Using Drupal for everything

Tawny Bartlett: Basically, over time we just literally started using Drupal for everything, anything you think of a business that we can use Drupal for, we’ll use it. Drupal is actually producing the packaging but not all of it, that’s a lot but basically Drupal produces the content so all of that content on that label is out of Drupal.

jam: So is it a web-to-print setup or is this a content type?

Michael Hanby: Well, we print the labels so that bags are pre-printed. We print the labels.

jam: Oh, I see. Okay. Right.

Tawny Bartlett: Basically, our stock system, our production staff produce jobs to print out labels of products and produce products, and it speaks to Drupal and these are content types which have fields for the title, the Latin name, the bullet points, the organic, the class...

jam: Oh, fantastic. So you really have the platonic ideal of a canonical central content repository for all of your content and anything that changes in one place, it will – if there’s a different regulatory need here, if there’s a whatever, you change it one place and it’s got on your labels, it’s on your site, it’s on your - everywhere in the same thing.

Michael Hanby: Yes, it’s all in Drupal.

Tawny Bartlett: The most exciting thing is – the part of thing I’m most proud of really is that nutritional data tables that should come out of Drupal as well and so with the label data as well, basically at the moment we got nutritional tables on our website. That comes out of Drupal that goes put into Magento, so we then decided to manipulate those tables to work on our labels. So those tables are manipulated from Drupal to working on labels so that people can exclude certain rows from these so that will fit, so the highs and lows you put them in the right place. So basically, that’s one center for all of our nutritional data and it gets put everywhere.

jam: This list is actually a View ... sorted?

Tawny Bartlett: It’s actually the - I think it’s a Table Field module but there’s extra columns to help sort out which bits are bold, help sort out – you’ve got schema on the website as well.

jam: Fantastic. RDFa,

Tawny Bartlett:, yes. So we’ve got a really good nutritional data schema coming out of our website as well.

jam: Fantastic. You get all of this power to be just as searchable, findable, useable as anyone in the world and you can download it for free.

Michael Hanby: That’s right.

Tawny Bartlett: Yes. It’s just that, “What?!”

jam: The empowerment story of what we do is so incredible today.

Michael Hanby: It really is. In fact, here’s another sound bite for you. If you are a small business and you want to develop a tech competency, I don’t know why you’ll do anything but Drupal because apart from the fact that it’s free, you’ve got this huge community that’s not just willing to give you the answers but wants to help you. What I think is one of the most awesome things about open source is that by asking a question, you are contributing to the project. It’s so cool. Just by asking the question that no one’s asked, you are contributing to the documentation that’s going to help someone else, it’s such a virtuous cycle.

jam: Yes. I haven’t done it in a little while but one of the ways that I like to start the keynote presentations that I do sometimes, especially if they’re open source side of things: "Who’s contributed to open source?" and you get in any given conference room, you get 20-50% of hands go [up]. No! "How many of you have contributed patches or pull request to your open source project?" Those hands stay up and I say, “Okay. How many of you have filed a bug report? How many of you have answered a forum question or been on IRC to help someone?” More and more hands go up and it’s like, “Okay. How many of you have been to an open source event? You’re all in this room, put your hands up. Thank you for contributing.” Every time we exchange information, every time we do anything like this it’s become much, much more than just developers trading code snippets and I really, really like that.

Michael Hanby: That’s right. Even if you’re just contributing use cases, that’s actually valuable.

Doing well and doing good - the idealism connection

jam: So you as a business are concerned with ethics in general. I know that you’re a living wage employer obviously involved in various nutritional, organic, doing things the right way ...

Michael Hanby: Yes. A lot of our products are organic. They’re not all organic, that’s not possible in some products.

jam: I know that you’re looking into Fair Trade certification.

Michael Hanby: We’re looking into Fair Trade certification. We are sponsors of the Veganuary which is a social movement to go vegan in January which Tawny has now pledged to do.

jam: It’s so great you volunteered for that. Big step, big step.

Michael Hanby: We’re about lifestyle and thing with health and nutrition is it’s not like you take a pill now and you sorted for life. It’s about lifestyle, it’s about how you live your life, it’s a long-term something.

jam: There’s this cartoonist called Scott Adams, he does the Dilbert cartoons. I’m reading one of his books right now and he talks about the importance of thinking in systems rather than in goals. If you do as systematic approach to something, even if you’re failing along the way it’s going to get you to where you need to go. So it’s not "I need to lose five pounds," it’s "I need to eat better everyday," kind of thing.

Michael Hanby: Exactly that. Exactly. By getting into some of our products, by getting into it, it starts to shift your thinking about how you’re eating. It makes you take responsibility for what you’re doing and that’s the key because that will have a long-term effect.

jam: So you have this business that is really involved in a lot of ethical activities and a lot of idealism. How do you see the connection between Drupal and open source technologies which are also very idealistic and your day job?

Tawny Bartlett: In terms of ethical ... ?

jam: In terms of the community, in terms of helping people, in terms of making a difference.

Tawny Bartlett: I’ve spent years juggling what I’ve wanted to do. I spent years being confused about what I wanted to do, literally just so confused going back and forth. I want to do this degree, not doing this degree, but Drupal has really taken my heart. It’s slightly corny but it’s just I’ve literally settled. I’ve just love Drupal. It’s amazing how people give and take for free, it’s amazing that when I first started posting on forums I used to say, “I’m really sorry if I sound like a n00b here.” I just always apologize because I was such a newbie to Drupal and I always thought people would be like, “That’s very silly of you. You’re so new, why are you posting on here?” But everyone is so accepting and everyone’s so willing to teach people and help people grow within the community. I’m just learning more and more about how many people contribute to Drupal 8 and I remember watching a video about all the comments and stuff about how – it was just absolutely amazing that everyone does this and most people do it for the passion, for the passion in Drupal. It stands out from the crowd, it’s just a fascinating thing that everyone loves technology and everyone does it because they want to make this amazing thing and if something goes wrong, no one judges them for it. Everyone tries to help to get it working and to me that just sounds absolutely amazing, it’s missing from the world I think. The community of Drupal, if that was applied to everything, then it would be such a better place.

jam: It makes for a nice place to work I think.

Tawny Bartlett: Yes, it’s fantastic. If I get stuck, I know there’s a community out there and I have Drupal developers that are my friends and stuff, I know that they will generally help because they’re passionate and they want to help. Everyone sees the challenge in Drupal and everyone wants to fix it, no one is greedy and no one keeps the code to themselves which is really strange. In terms of other CMSs, they charge for extensions--everyone wants to give and it’s just--to me, I find it really hard to get that in my head that people will just give these great ideas for free.

jam: In that instance, we’re lucky that Drupal is licensed under the GPL because it makes a lot of classic business models really, really hard to do but it makes it really easy to share so we found other ways to use it.

And it makes business sense

jam: Listen, I want to ask you two things to wrap up. As someone concerned about ethical activity and idealism, how do you see Drupal and open source - let me ask that in a better way. How do you see Drupal and open source in terms of the ethics and ideals that you bring to your business?

Michael Hanby: Well, the thing with Drupal and open source is we get more out of our combined efforts if we share, it’s as simple as that. Things are better if we share because then we’re all contributing and we all benefit from it, and that’s really clear in Drupal. If you compare it to other platforms that don’t have such an open sharing community, there are less solutions. Things don’t work as well, there’s less documentation, it’s more difficult to get help and that’s just really. Having worked now with a couple of different platforms, that’s really clear. Like I said before, if you want to build tech competency and you’re a small business, we’ve gone from not knowing a lot to knowing quite a bit, having a quite clever, complex and effective infrastructure and having a really content rich website with all different types of content that interact with each other that we built specifically for ourselves. We could never have achieved any of that without Drupal community, we couldn’t have done it. We could have achieved some of that, we couldn’t have achieved all of it, not on our budget. We’re a small company, we’ve grown it ourselves and Drupal’s made that possible.

jam: So as a hard-nosed MBA businessperson, paying the rent for you and your employees, talk about Drupal.

Michael Hanby: I just think that none of our USP comes from the way that the PHP is written, we’re not going to sell more stuff because logging in to our back end is different to the way everyone else logs in, there’s just no point in reinventing all of that sort of stuff. We can focus on the little bits that really make the difference and everything else there is not so – it’s still really important but it’s like a hygiene factor. That’s cool, that’s already there, why reinvent it? There’s no point and that’s what Drupal offers.

jam: So terrific commodity functionality, flexibility. I think from a business perspective as well, risk mitigation.

Michael Hanby: Totally. We do have applications for other use cases that we’ve not written on Drupal and you can only get onto them if you’re on the IP whitelist because we can’t write the sort of security that you just get out the box with Drupal. It’s things like that, it’s having that framework there which means that you can just focus on the bit that’s important to you. That’s the thing, you don’t have to do all the other stuff because it’s already done.

jam: Fantastic. Last question for the day, Michael. Give us a shameless plug for Indigo Herbs.

Michael Hanby: Indigo Herbs is a manufacturer of natural health products. We make beautiful things that will make your life better. Come and check out and discover the natural lifestyle that we offer.

jam: For those of us who speak – I’m not even sure why but I would have said "www.indigo minus" but I’m not sure why that is.

Michael Hanby: Well, there is the hyphen/underscore ambiguity.

jam: Right. Okay. Anyway, great people making...

Michael Hanby: Maybe it’s a European thing.

jam: It could be. Great people making great products and also doing really, really interesting things with Drupal. If you have any questions about all the cool Drupal stuff that we’ve touched on in this podcast, I’m absolutely certain that they will be very happy to talk with you. If you want to meet a cool user group, come down the Somerset in the U.K. as well. It’s a good, good bunch of people.

Michael Hanby: Drupal Somerset. Third Thursday of the month in here, in this very room.

jam: Oh, now I know where to come, actually.

Michael Hanby: You know where to come.

jam: The last meet-up I went to was in a pub. Hey, thanks so much for taking the time to chat with me today. Alright.

Michael Hanby: You’re welcome. Thanks for having us. Thank you very much. It’s great. It’s really exciting and it’s a pleasure, an absolute pleasure.

Skill Level: BeginnerIntermediateAdvanced
Catégories: Elsewhere

Mediacurrent: Dropcast: Episode 24: Did you miss us?

Planet Drupal - ven, 07/10/2016 - 16:25

Recorded September 29th, 2016

This episode we are back from our hiatus. We don’t have a guest and we don’t have a Ryan, but we have each other and you fine listeners. We talk a lot about the news we missed while we were out and also preview the talks that Bob and Mario are giving at BADCamp in October.

Catégories: Elsewhere

Acquia Developer Center Blog: Add Persistent Storage to Your Docker Containers with REX-Ray and AWS EFS

Planet Drupal - ven, 07/10/2016 - 15:48

Containers are a new virtualization technology with many advantages over traditional approaches like virtual machines. At Acquia, we use containers across our different teams for a variety of purposes. Some container-related projects that have really worked out well. We'd like to share them with the rest of the world.

Tags: acquia drupal planet
Catégories: Elsewhere

Zivtech: Which CMS is More Secure: Drupal or WordPress?

Planet Drupal - ven, 07/10/2016 - 15:38
A recent report from Sucuri found that the vast majority of hacked websites are hosted on the WordPress CMS (content management system). Nearly 16,000 sites have been hacked in 2016. According to the report, “the three CMS platforms most being affected are WordPress, Joomla! and Magento.” But, the findings go on to say that these platforms are no more or less secure than Drupal, even though Drupal doesn’t even make the list.

That’s because security has more to do with humans than code. “In most instances, the compromises analyzed had little, if anything, to do with the core of the CMS application itself, but more with improper deployment, configuration, and overall maintenance by the webmasters and their hosts,” explains Sucuri.
The Password is...
The ways that people get hacked are, for the most part, straightforward. The worst offender is a bad password. The best passwords can’t be guessed and are a mix of letters, numbers and characters. But people's memory being what it is, most passwords are easy to remember, and as a result, easy to hack. Even if a user has a secure password, he might repeat it on a number of sites. As soon as one site loses its data security, hackers will gain entry all over the web with that one frequently used password.

Another common problem is passwords that are shared across an organization, but remain unchanged when an employee leaves. If the former staffer was fired, or has had a negative experience with the company, there’s a chance that the password will fall into enemy hands.

A site that stores valuable user information (such as credit cards or personal data) is especially at risk. While the employee herself may not pose a security threat, a bad actor such as a relative or neighbor could gain access to credentials and wreak havoc.

Give permissions only to trusted users, and have protocols in place for removing access for ex-employees. It’s a good idea to set up password constraints (must contain certain characters). Some companies set up automatic expiration, in which employees are required to reset their passwords every 60 days, but this is a debated idea. Many argue that forcing password changes is not a great plan since change is hard on the memory, so people tend to use easier passwords when forced to switch frequently. If a password is good, then changing it only mitigates issues but doesn’t completely eliminate them. Plugins, Modules and Hosts
The code underlying WordPress gets a lot of attention and is often fixed so vulnerabilities are more often in plugins. The Slider Revolution (AKA RevSlider) and GravityForms plugins have provided opportunities for hackers to get into a site and facilitate the installation of malware on visitors’ computers. While fixes for these gaps have been put in place, there will always be another vulnerability around the corner. It’s a game of cat and mouse.

Then there are other ways to hack into an account that have nothing to do with the CMS. Was the site’s host account hacked? Historically, it’s been too easy to call a provider’s customer service, provide the bare minimum to the customer service rep, and get into the backend of the site. That’s not technical, and there’s no need to be a skilled hacker. Fortunately, service providers are getting smarter about these schemes. Drupal vs. Wordpress?
Drupal’s security relies upon a strong, coordinated effort. In general, Drupal is more secure overall, with a dedicated security team that operates using a series of protocols and a chain of responsibility for handling issues. As a Drupal shop, Zivtech receives weekly emails with alerts about security updates. Your CMS may do the same. Be sure to check.

Drupal is built upon rigorous coding standards, with tools to ensure that strict security practices are followed. The entire system is designed to make sure that all code that accesses the database is sanitized.
Best Practices for Drupal Security
There are ways that you can audit your site to check that you are being cautious. Drupal has specific protocols, such as ensuring that the files on the file system are safe and set up properly and that an outside system can’t connect to the database.

Certain modules should never be turned on, like the PHP module. The PHP module enables an outsider to hack into your site if you’re not extremely careful. There are a number of security updates incorporated into the latest version, Drupal 8, including the removal of the PHP filter.

First, make sure you have an SSL certificate. You can get them for free at Let’s Encrypt.

Next, if you’ve already taken all the standard steps to secure your site but still want to go a little further, you can also delete all readme text files that come with your CMS. This will reduce the surface area for an attack. By default, the readme files are accessible by anyone who visits your site. This could be a problem if an issue was discovered in a specific version of Drupal or a Drupal module. You can imagine that if there was a hack against Drupal version 7.10, hackers would scan sites for the 7.10 CHANGELOG.txt file to create a list of targets. Reduce that risk by deleting those files, or make them impossible to read over the internet.

Fending off security attacks is like playing hide and seek with frequently shifting rules. The developers behind the most popular CMS platforms work tirelessly to keep up. The primary reason that WordPress sites are attacked more frequently is actually all about the numbers. It's the most popular CMS, and therefore the most vulnerable.
Catégories: Elsewhere

MD Systems blog: MD Systems actively participated at the DrupalCon Dublin 2016

Planet Drupal - ven, 07/10/2016 - 14:46
The european version of DrupalCon 2016 happened at the end of last month in Dublin and we were part of it. In this post we recap it from the MD Systems perspective. What we’ve been doing there? Which discussions and initiatives we’re most excited about? Read on and you’ll learn about that and more.
Catégories: Elsewhere

Dirk Eddelbuettel: tint 0.0.2: Tint Is Not Tufte

Planet Debian - ven, 07/10/2016 - 14:38

The tint package is now on CRAN. Its name stands for Tint Is Not Tufte and it offers a fresh take on the excellent Tufte-style html (and now also pdf) presentations.

As a little teaser, here is what the html variant looks like:

and the full underlying document is available too.

For questions or comments use the issue tracker off the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Catégories: Elsewhere

Dries Buytaert: State of Drupal presentation (September 2016)

Planet Drupal - ven, 07/10/2016 - 14:33

DrupalCon Dublin marked my 28th DrupalCon and #Driesnote presentation. You can watch a recording of my keynote (starting at 23:55) or download a copy of my slides here (185.4 MB).

The first half of the presentation I provided a technical update on Drupal 8. I showcased some of the big changes in Drupal 8.2 such as the settings tray, REST API improvements, migration tool improvements, and easier to use block placement. I also talked about how we've transformed Drupal 8 for continuous innovation. I'm super excited about our improved development process and release cycle, as it helps us ship innovative updates to Drupal 8 faster and with a much easier upgrade path.

The second half of the talk focused on "The why" of Drupal, and asked an important question for all of us to think about: what is Drupal's collective purpose? In addition to me talking about my own purpose, my team interviewed Drupal people around the world about their passion and purpose.

I featured a lot of interviews with Drupalists. If you're interested in viewing their individual videos, they're now available on my YouTube channel:

© Paul Johnson

Special thanks to Ash for the amazing design work on my slides and helping with the interviews, and Paul Johnson for the nice photo of me listening to Zsófi.

Catégories: Elsewhere

Steve Purkiss: Short screencast intro to the new Drupal Console field:info command

Planet Drupal - ven, 07/10/2016 - 11:39
Short screencast intro to the new Drupal Console field:info command Steve Purkiss Fri, 10/07/2016 - 10:39

I am a big fan of Drupal Console, the CLI built on top of Symfony Console for use with Drupal 8. As well as the ability to generate skeleton code, Drupal Console has a heap of commands for a number of uses, routing, debugging, and now with the new field:info command you can gain an overview of what fields are on a site and where they are used.

A bit of background

I wrote this last month as a result of attending the Drupal Global Sprint Weekend - London Outpost which was focusing on Drupal Console. I'd been wanting to learn how Drupal Console worked for a long time, and as it's always easier when sitting around a table with other Drupalers, I jumped at the opportunity and made my way up to the Big Smoke for the day. Big thanks due here to Robert Castelo for organising the sprint, and for keeping the Drupal lights on in London for all these years - I believe it was one of, if not the first, local Drupal User Group!

I managed to get all the info I needed to set up my machine on the Saturday in order to contribute to the project and take on an issue from the Drupal Console GitHub issue queue - one was a feature request for this command which looked like something I could achieve, so decided upon that as my task. It ended up taking a couple of weeks to write and I'm extremely happy with the results, of course I learned much on the way too so I never see it as 'contribution' but more as 'free learning' for me! A big thanks here to the DrupalConsole team who provided me with a lot of help over on the Drupal Console chat channel.

Stealing code is a Good Thing

I discovered a Drupal module which had the basic functionality I needed for this command - Field Report - which I then re-factored for use in Drupal Console and added the extras for the options. I even managed to contribute a patch back to the Field Report module to fix an issue they had, which was nice to be able to do as I'd used their code!

A quick retropective

I think the hardest part was getting the display to look nice, however as my first 'professional' programming was RPG (Report Program Generator, not Role Playing Games unfortunately!) for IBM AS/400s which originated from punch cards I was used to figuring out text-only outputs ;) Apart from that is was just a case of reading the Symfony Console documentation to understand how options and arguments work, and which one to use for particular purposes.

The field:info Screencast

And finally at last, here's the field:info screencast ~ enjoy!

Category Tutorials Tags Add new comment
Catégories: Elsewhere

Petter Reinholdtsen: Isenkram, Appstream and udev make life as a LEGO builder easier

Planet Debian - ven, 07/10/2016 - 09:50

The Isenkram system provide a practical and easy way to figure out which packages support the hardware in a given machine. The command line tool isenkram-lookup and the tasksel options provide a convenient way to list and install packages relevant for the current hardware during system installation, both user space packages and firmware packages. The GUI background daemon on the other hand provide a pop-up proposing to install packages when a new dongle is inserted while using the computer. For example, if you plug in a smart card reader, the system will ask if you want to install pcscd if that package isn't already installed, and if you plug in a USB video camera the system will ask if you want to install cheese if cheese is currently missing. This already work just fine.

But Isenkram depend on a database mapping from hardware IDs to package names. When I started no such database existed in Debian, so I made my own data set and included it with the isenkram package and made isenkram fetch the latest version of this database from git using http. This way the isenkram users would get updated package proposals as soon as I learned more about hardware related packages.

The hardware is identified using modalias strings. The modalias design is from the Linux kernel where most hardware descriptors are made available as a strings that can be matched using filename style globbing. It handle USB, PCI, DMI and a lot of other hardware related identifiers.

The downside to the Isenkram specific database is that there is no information about relevant distribution / Debian version, making isenkram propose obsolete packages too. But along came AppStream, a cross distribution mechanism to store and collect metadata about software packages. When I heard about the proposal, I contacted the people involved and suggested to add a hardware matching rule using modalias strings in the specification, to be able to use AppStream for mapping hardware to packages. This idea was accepted and AppStream is now a great way for a package to announce the hardware it support in a distribution neutral way. I wrote a recipe on how to add such meta-information in a blog post last December. If you have a hardware related package in Debian, please announce the relevant hardware IDs using AppStream.

In Debian, almost all packages that can talk to a LEGO Mindestorms RCX or NXT unit, announce this support using AppStream. The effect is that when you insert such LEGO robot controller into your Debian machine, Isenkram will propose to install the packages needed to get it working. The intention is that this should allow the local user to start programming his robot controller right away without having to guess what packages to use or which permissions to fix.

But when I sat down with my son the other day to program our NXT unit using his Debian Stretch computer, I discovered something annoying. The local console user (ie my son) did not get access to the USB device for programming the unit. This used to work, but no longer in Jessie and Stretch. After some investigation and asking around on #debian-devel, I discovered that this was because udev had changed the mechanism used to grant access to local devices. The ConsoleKit mechanism from /lib/udev/rules.d/70-udev-acl.rules no longer applied, because LDAP users no longer was added to the plugdev group during login. Michael Biebl told me that this method was obsolete and the new method used ACLs instead. This was good news, as the plugdev mechanism is a mess when using a remote user directory like LDAP. Using ACLs would make sure a user lost device access when she logged out, even if the user left behind a background process which would retain the plugdev membership with the ConsoleKit setup. Armed with this knowledge I moved on to fix the access problem for the LEGO Mindstorms related packages.

The new system uses a udev tag, 'uaccess'. It can either be applied directly for a device, or is applied in /lib/udev/rules.d/70-uaccess.rules for classes of devices. As the LEGO Mindstorms udev rules did not have a class, I decided to add the tag directly in the udev rules files included in the packages. Here is one example. For the nqc C compiler for the RCX, the /lib/udev/rules.d/60-nqc.rules file now look like this:

SUBSYSTEM=="usb", ACTION=="add", ATTR{idVendor}=="0694", ATTR{idProduct}=="0001", \ SYMLINK+="rcx-%k", TAG+="uaccess"

The key part is the 'TAG+="uaccess"' at the end. I suspect all packages using plugdev in their /lib/udev/rules.d/ files should be changed to use this tag (either directly or indirectly via 70-uaccess.rules). Perhaps a lintian check should be created to detect this?

I've been unable to find good documentation on the uaccess feature. It is unclear to me if the uaccess tag is an internal implementation detail like the udev-acl tag used by /lib/udev/rules.d/70-udev-acl.rules. If it is, I guess the indirect method is the preferred way. Michael asked for more documentation from the systemd project and I hope it will make this clearer. For now I use the generic classes when they exist and is already handled by 70-uaccess.rules, and add the tag directly if no such class exist.

To learn more about the isenkram system, please check out my blog posts tagged isenkram.

To help out making life for LEGO constructors in Debian easier, please join us on our IRC channel #debian-lego and join the Debian LEGO team in the Alioth project we created yesterday. A mailing list is not yet created, but we are working on it. :)

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Catégories: Elsewhere

Freelock : 11 Questions Businesses need to ask themselves when choosing a Drupal host: The Comprehensive Freelock Hosting Guide

Planet Drupal - ven, 07/10/2016 - 02:17

When choosing any service provider, a crucial question is, "What happens if something goes wrong?" When you're choosing a hosting provider, we like to dig a bit deeper, and ask what risks are likely to be an issue for you?

Here are some of our questions:

DrupalHostingDrupal PlanetSecurityBackupmaintenanceUpdates
Catégories: Elsewhere

Joey Hess: keysafe with local shares

Planet Debian - ven, 07/10/2016 - 00:37

If your gpg key is too valuable for you to feel comfortable with backing it up to the cloud using keysafe, here's an alternative that might appeal more.

Keysafe can now back up some shares of the key to local media, and other shares to the cloud. You can arrange things so that the key can't be restored without access to some of the local media and some of the cloud servers, as well as your password.

For example, I have 3 USB sticks, and there are 3 keysafe servers. So let's make 6 shares total of my gpg secret key and require any 4 of them to restore it.

I plug in all 3 USB sticks and look at mount to get the paths to them. Then, run keysafe, to back up the key spread amoung all 6 locations.

keysafe --backup --totalshares 6 --neededshares 4 \ --add-storage-directory /media/sdc1 \ --add-storage-directory /media/sdd1 \ --add-storage-directory /media/sde1

Once it's done, I can remove the USB sticks, and distribute them to secure places.

To restore, I need at least one of the USB sticks. (If some of the servers are down, more USB sticks will be needed.) Again I tell keysafe the paths where USB stick(s) are mounted.

keysafe --restore --totalshares 6 --neededshares 4 \ --add-storage-directory /media/sdb1

Using keysafe this way, physical access to the USB sticks is the first level of defense, and hopefully you'll know if that's breached. The keysafe password is the second level of defense, and cracking that will take a lot of work. Leaving plenty of time to revoke your key, etc, if it comes to that.

I feel this is better than the methods I've been using before to back up my most important gpg keys. With paperkey, physical access to the printout immediately exposes the key. With Shamir Secret Sharing and manual distribution of shares, the only second line of defense is the much easier to crack gpg passphrase. Using OpenPGP smartcards is still a more secure option, but you'd need 3 smartcards to reach the same level of redundancy, and it's easier to get your hands on 3 USB sticks than 3 smartcards.

There's another benefit to using keysafe this way. It means that sometimes, the data stored on the keysafe servers is not sufficient to crack a key. There's no way to tell, so an attacker risks doing a lot of futile work.

If you're not using an OpenPGP smartcard, I encourage you to back up your gpg key with keysafe as described above.

Two of the three necessary keysafe servers are now in operation, and I hope to have a full complement of servers soon.

(This was sponsored by Thomas Hochstein on Patreon.)

Catégories: Elsewhere

Cocomore: Recap DrupalCon Dublin 2016: These Were The Highlights

Planet Drupal - ven, 07/10/2016 - 00:00

After a week on the Emerald Island we are back from DrupalCon Dublin. Like every year, we have seen members of the community that we don’t get to see as much as we would like to. We have attended fantastic sessions and learned new things that we want to apply in our daily business. Read more about our favorite sessions that are now also available on video for those who could not attend the event.

Catégories: Elsewhere


Subscribe to jfhovinne agrégateur