Coding How-To ruby ruby on rails WebApps

Upgrade Your Rails Facebook App to SSL

On October 1st of this year, Facebook will be requiring that all apps on Facebook must support HTTPS (SSL).

I’ve provided a guide below which I’ve used for apps I’ve worked on that are Rails based.

This guide shows you how to change your Rails Facebook App into an app that supports SSL using Passenger and Apache2.

Step 1: Get an SSL cert or roll your own. made it very easy to add an SSL cert for just $15.00 / year.

I tried out my app out using a locally signed certificate which seemed to work just fine:

openssl genrsa -des3 -out server.key 2048
openssl req -new -key server.key -out server.csr
cp server.key
openssl rsa -in -out server.key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 2: Install and compile Apache 2

Get the latest version of Apache:

Configure and compile Apache:
./configure –prefix=/usr/local/apache2 –enable-rewrite –enable-so –enable-ssl
make && make install

Step 3: Configure your Rails app

gem install passenger

Step 4: Edit your Apache 2 config files:

Edit httpd.conf. For example:

LoadModule fcgid_module modules/
LoadModule passenger_module /Users/jimbarcelona/.rvm/gems/ruby-1.9.2-p290/gems/passenger-3.0.8/ext/apache2/
PassengerRoot /Users/jimbarcelona/.rvm/gems/ruby-1.9.2-p290/gems/passenger-3.0.8
PassengerRuby /Users/jimbarcelona/.rvm/wrappers/ruby-1.9.2-p290/ruby

    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all

Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf

IPCCommTimeout 40
IPCConnectTimeout 10

# TODO: change this to production if you are on production
DefaultInitEnv RAILS_ENV development
SocketPath /tmp/fcgidsock

Edit extra/httpd-vhosts.conf:

  DocumentRoot /Users/jimbarcelona/rails_apps/github/
  ErrorLog /usr/local/apache2/logs/rails_error_log
  RewriteEngine On
    AllowOverride All
    Options -MultiViews
  RailsEnv development

Edit extra/httpd-ssl.conf:

#   General setup for the virtual host
DocumentRoot "/Users/jimbarcelona/rails_apps/github/"
ErrorLog "/usr/local/apache2/logs/error_log"
TransferLog "/usr/local/apache2/logs/access_log"

# needed for rails
Options Indexes ExecCGI FollowSymLinks
RewriteEngine On
RailsEnv development

AddHandler fcgid-script .fcgi

    AllowOverride All
    Options -MultiViews

Be sure to add your SSL certs in the httpd-ssl.conf too!

Step 5: Start Apache

# check syntax
apachectl configtest
# start apache
apachectl start

Step 6: Go to facebook and use https for canvas URLs

Career Coding TechBiz

Low Status and High Status Technologists

There are many technology companies where the coders are low status. A good example of one is Yahoo. Paul Graham points out that Yahoo tried to spin itself as a media company where flashy sales guys and executives in suits tricked the company out of the importance of technology.

Coders as low status is the rule in most US companies except for maybe the Silicon Valley.

What do I mean by low status? Don’t coders make better than average wages? I am not talking about raw capital here. I am talking about social and “track record” capital which are both zero sum games.

I am talking about who gets invited to social events reserved for elites in a city like Los Angeles and who doesn’t. Very few techies in SoCal are part of that social register. In San Francisco, it’s very different. You can be a techie like Marissa Mayer, and on the red carpet and have people comment on your awesome date or outfit.

On one side you have a company run by technologists and on the other you have a company run by everyone else.

Manipulating computers is “easy.” They simply are not as smart as we are. Manipulating people is hard, and actually the best manipulators are the ones who don’t show themselves to be that. When a product is technology, you have to wonder about the folks doing the “hardstuff,” the manipulating of people. Is it really contributing to the product or are they using their gift to create an inequitable, and in the case of Yahoo, profit ruining situation?

My personal bias is that technologists should rule a company. I’m completely in line with Mark Suster when he writes that the startup that’s most worth funding is all technologists. My reasons for this build upon Mark Suster’s in that you don’t have to “translate things into English.” It’s kind of insulting when I hear the phrase “translate things into English.” It puts the blame on the person on the team most equipped to solve the problem. The person, who wants “things translated into English,” is the problem, not the coder.

A company where coders do not have to translate into English and just can talk about solving technology problems in order to get the highest ROI possible is the most efficient. Be sure to maintain a good reputation online to attract potential clients. A company specializing in online reputation management for individuals can help in this regard.

Maybe with such a dynamic it’s no wonder most of the prestigious families in the US still think a career in tech sucks.
So if you are looking for work as a coder, how do you tell if your work will be considered low status or high status work?

  • Does the CEO have a technical background? If she does, you’re in for some fun and get to call many of the shots in the same way coders at Facebook can.
  • Does the software process *not* rely on rock stars? If one person is the key to fixing many issues, it is a sign of a software process gone awry. This is how Facebook ships code, and it’s worth a critical read.
  • Is there talk of outsourcing?

Unfortunately, only 1 of the 3 things listed above can be found out during the interview process. If you’re at a company where coding is considered low status, what can you do? Stay tuned for my next blog post.

Career Coding Questions Recruiting scalability hacking Social Media TechBiz

Coders Who Don’t Job Interview: Zed Shaw

I wrote a piece about the current state of job recruiting from a coder looking for work. I wondered:

What would it be like if you didn’t have to do a job interview?

(The non-tl;dr summary is below.)

By “job interview,” I just mean the normal process where I job candidate replies to an ad, contacts an employer directly, or works with a recruiter, and gets a job through that process. High-profile experts are courted, or work out a mutually beneficial deal where it doesn’t feel like an interview.

I asked around for folks that didn’t have to interview. One name that consistently came to the top was Zed Shaw.

Zed is the creator of the Mongrel Web Server, and a really great framework that is powered by Mongrel, Tir. Personally, I first heard of him from a video Leah Culver linked to on a talk that Zed gave, “The ACL is dead.” A careful viewing of that talk is always rewarded, especially if you are a coder freelancing for a corporation.

Here’s my interview with him (conducted over email). Thanks Zed!

Barce: What’s your own process for choosing the projects you want to work on?

Zed: Within my profession I try to just work on whatever is needed to get the
project or job done. Sometimes that ends up being a lot of crap work so
other people can do more important stuff. Professionally I don’t mind
this kind of work as it’s low investment and removes the pressure off
other folks who would rather do interesting things. I think I also tend
to pick off the lower level work because most of my original ideas are
usually too weird for a professional setting.

Personally, I tend to work on projects that match ideas I might have,
and usually they have a secondary motive that’s outside of programming.
Many times these ideas come from combining a couple of concepts, or
they’re based on a problem I’ve noticed, or they are just a kind of
funny joke or cool hack I thought up.

I think the most important thing is I don’t try to plan my inspiration
in my personal projects, but instead go with it when it comes. I don’t
have a “process”, and in fact I think “process” kills creativity.
Proess definitely helps make creative ideas a reality, but it doesn’t
create the initial concepts very well.

Professionally though, inspiration is for amateurs and I just do my

Barce: What advice can you give someone who feels trapped by their job or surrounded by recruiters?

Zed: Well, if you’re trapped by your job then I’d say start working on
getting a new one. Nobody is every really *trapped*, but maybe you
can’t just quit right away. Instead, work on projects at home,
constantly look for new work, and move to where the work is. Even if
it’s temporary, moving to say San Francisco during the boom times could
be a major boost to your career.

I’d also say that going back to school is a good way to update your life
and change your profession. I’m a firm believer in getting government
student loans and using them to go to school. They’re cheap, low
interest, and the US government is usually very nice about letting you
pay them back. I’m not so sure about other places around the world

Barcee: What’s the most disruptive technology you know about right now?

Zed: If I were to be honest, I’d have to say Facebook, even though I
absolutely hate it. It’s probably the one technology in recent history,
maybe after HTTP and the Browser, that is changing the way governments,
societies, and regular people work. It’s also sort of irritating that
the most important thing to hit most people’s lives is also one of the
most privacy invading companies in the world.

After that I’d have to say the rise of automated operations and
virtualized machines. Things like Xen, kvm, and even llvm as compiler
infrastructure are changing how systems are managed and deployed, which
then leads to bigger automation for large hetergenous networks. I’m
sort of waiting for operating systems to catch up and realize that their
configuration systems are getting in the way of real automation.

Barce: Thanks again, Zed, for the interview. The take aways that I hope readers get from this are:

  • Zed has open source projects that free him from the normal interviewing process. Building your own open source project is one way to free yourself.
  • “Professionally though, inspiration is for amateurs and I just do my work.”
  • “[W]ork on projects at home,
    constantly look for new work, and move to where the work is.”
  • Facebook is the most disruptive technology that’s changing governments… Virtualization / Cloud technologies are a 2nd.
Coding Django

Django Follows the Law of Least Googling

What web framework should someone new to web development learn?

Any framework that follows what I call “The Law of Least Googling.” This law states that a tutorial will not let a learner have to Google anything for as long as possible and for as little as possible.

I’ve followed the Django Tutorial all the way to the end. I did not use Google once, which means Django follows The Law of Least Googling.

Because of this, I am now recommending that any person new to web development use Django.

I used to think Rails was the way to go but because of the dependency mess with having to use Rake 0.8.7 to get RSpec working correctly, I am less inclined. Rails is a pain to install on Windows. You also have to google how to get the MySQL gem installed. This is not ideal when SQLite can’t get installed for some reason.

But once you get Rails running it’s great, but as a newbie, I wouldn’t be surprised if lots of folks already gave up.

Rails isn’t that bad. It hits these 3 snags:

  • Issues with SQLite3 or MySQL gem install
  • Creating sessions not working correctly with Rake 0.9.2. But There’s a patch.
  • It’s a pain to install on Windows, but I’m not really a Win Fanboy.

Now if we’re talking LAMP, then forget it. It’s easy to get going with something like MAMP, or WAMP, but the frameworks simply don’t have that install and learn to code feel that Rails or Django has. You really cannot use a PHP framework without having to resort to Google very early. For example with CodeIgniter I have to figure out how to point my doc root correctly via Googling.

My main take away is that if you want to learn to code on the web do it on Django. Python is the language that powers Django. There’s also a great Python tutorial to get you started.

Coding ruby ruby on rails

Upgrading To Rails 3

Here’s how I upgraded to Rails 3.

1. Go into your site’s Rails directory and install rails_upgrade:

script/plugin install git://

Run the following commands and follow the instructions:

rake rails:upgrade:check
rake rails:upgrade:backup
rake rails:upgrade:routes
rake rails:upgrade:gems
rake rails:upgrade:configuration

2. Make sure that your version of Ruby 1.9+ has iconv working.

Mine didn’t, so I went through this process:

rvm package install readline
rvm package install iconv
rvm remove 1.9.2
rvm install –trace 1.9.2 -C –with-iconv-dir=$HOME/.rvm/usr

to test:
require ‘iconv’ # should return true

3. Upgrade to Rails 3: gem install rails

4. Start migrating to Rails 3: I branched my site using git and went into my Rails root directory and typed:

rails `pwd`

Use your best judgment on what can and cannot be over-written. Here’s my list:

* let rails overwrite?
* overwrite rake file
* overwrite application_controller.rb? yes but copy
* application_helper.rb ? yes
* routes.rb ? yes but copy
* environment.rb ?
* make new initializer for contants
* config.gem? copy and put into a Gemfile
* application.js ? only if confident in js
* scripts? overwrite all

5. See if stuff works:

rails server

Twitter-auth broke for me, so I had to update it to work on Rails 3 using this guide:…rails_3

How’s your upgrade to Rails 3 go? Let me know in the comments below.

Update (14 January 2011):

Chris Laco wrote up this great guide to upgrading Rails 3 on Dreamhost. It solves path problem issues with gems.


4 Cool Things That Happened at Super Happy Dev House LA

On Saturday, November 6th, a little less than a score of coders gathered to geek out at Collecta.

Here are 4 cool things that happened:

  1. The Gowalla guys stopped by. I learned this from @dthompson.
  2. Somebody made a really addicting game based off of Wikipedia called The WikiGame, and shared it with us.
  3. Node.js is really cool and @twonds has a cool project called Noylitics but he’s focused on Erlang now. I had a fun time hacking on it.
  4. Pizza with the bagel crust was great. It was from Abbot’s Pizza.

I’m hoping there are more events like this in the future. Were you there? What did you like about Super Happy Dev House LA? Any suggestions fora future event?