Bierviltje: Verlaging btw op energie?

An article, posted 2 months ago filed in energie, ukraine & Gas.

Uitgangskosten

Van PureEnergie, kon ik nog wat historische kosten van terugvinden omdat dat mijn leverancier is:

Type € Per Energiebelasting 0,42176 m3 Opslag DEK 0,10297 m3 Vaste leveringskosten 0,19890 dag Net beheer 0,56084 dag m3 prijs 2021 0,26509 m3 m3 prijs 2021 Nov 1,19 m3 m3 prijs 2022 Maart 2,51 m3 m3 prijs 2022 verlaagd btw 2,26107438016529 m3

Gasverbruik volgens energievergelijker.nl:

  • Slecht geïsoleerd flatje 50-100m2: 776m3
  • Redelijk geïsoleerde 2-1 kap, 100-150m2: 1647m3
  • Redelijk geïsoleerde 200-250m2+ villa: 1647m3

Vergelijkin…

Continue reading...

Block troublemakers using fail2ban

An article, posted 4 months ago filed in how i do it, debian, unix, configuration, server & devops.

I don't mind running my own virtual servers. Fail2ban is a tool I've had running on my servers for years. It helps fencing of requests from ip-addresses that repeatedly misbehave when connecting to SSH and postfix. I never got to creating my own rules. I thought I had to write it in some arcane scripting language, but recently I learned it is pretty easy.

In this case I wanted to block 500 (internal server error) and 422 (Unprocessable Entity) errors. A server error once in a while is expected, but repeated server errors are suspicious. Common source of these errors are scripts that scan for things like SQL injections.

Examples given are for Debian.

/etc/fail2ban/filter.d/nginx-errors.conf

[Definition]

failregex = ^ -.*"(GET|POST|HEAD).*HTTP.*" (500|422)
port = http,https
ignoreregex =
backend = auto
logpath = /var/log/nginx/access.log
bantime = 600
maxretry = 10

And appending to /etc/fail2ban/jail.local

Continue reading...

Headings in sections

An article, posted 4 months ago filed in html, semantics, semantic, aria, accessibility, basics & xhtml.

Some observations on headings in sections elements in HTML.

Below demonstrates that the h1-element adjusts it's appearance level based on the section element. This is conform the standard. It is behaving like the h-element as I remember it being proposed with XHTML2. When inspecting the attributes in Firefox's accessibility inspector, however, the level attribute is still equal to the element's number. Also, this increase in appeared header-level doesn't change for h2-elements and up.

Example

h1 in div-element h2 in div-element h3 in div-element

h1 in section-element Not all h1 are equal h2 in section-element Notice how the h2 is like the h1 within the section h3 in section-element

Code pen of this example

So what?

  • Why isn't the level as reported in the accessibility increased to match the appearance?
  • Why aren't the other heading elements affected?
  • Why did HTML5 not defin…

Continue reading...

QR-codes zijn niet schadelijk

An article, posted 6 months ago filed in qr-code, qr, scan, coronacheck & app.

QR codes zijn niet schadelijk. Een QR code is net zoals een barcode die op alle producten zitten gewoon een manier om informatie over te brengen.

Er kunnen URLs in zitten, contactgegevens, of een code die bijna alleen voor je bank- of coronacheck-app begrijpbaar is.

Mocht je je druk maken over QR-codes, maak je liever druk over:

  • het klimaat;
  • teloorgang van de biodiversiteit;
  • groeiende ongelijkheid;
  • gebrekkige staat van het onderwijs.

Dank.

Continue reading...

Omniauth::Strategies::CentralLogin

An article, posted 6 months ago filed in devise, gem, authentication, openid, oauth, CentralLogin & login.

I just pushed omniauth-central_login to rubygems.org, to make it easy to integrate CentralLogin with other ruby apps. It is a companion gem to CentralLogin, a batteries included open source OAuth2 Provider based on Rails, Doorkeeper & Devise, with simple user managment tools.

Installation

Add this line to your application's Gemfile:

ruby gem 'omniauth-central_login'

And then execute:

$ bundle install

Or install it yourself as:

$ gem install omniauth-central_login

Usage

Configuring Omniauth:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :central_login, ENV['CENTRAL_LOGIN_CLIENT_ID'], ENV['CENTRAL_LOGIN_CLIENT_SECRET'], {
    scope: "openid email profile",
    client_options: {
      site: ENV['CENTRAL_LOGIN_URL']
    }
  }
end

Configuration for Devise (using omniauthable):

co...

Continue reading...

Tag descriptor

CentralLogin

An article, posted 6 months ago filed in ruby, CentralLogin, gem, rubygem, murb, authorization, authentication, roles, groups, resources, open source, mit, openid & oauth.

A simple OAuth provider. See below for more information, or check out the source of CentralLogin on GitLab. To integrate it with your ruby-apps, use the omniauth-central_login gem.

Continue reading...

Introducing CentralLogin, an OpenID Connect Provider

An article, posted 6 months ago filed in ruby, CentralLogin, gem, rubygem, murb, authorization, authentication, roles, groups, resources, open source, mit & oauth.

This app builds on the foundations of the Doorkeeper, Doorkeeper::OpenidConnect and Devise to provide a central login system.

While Doorkeeper supports other OAuth flows, CentralLogin focusses on OpenID Connect as it is a more complete, and hence useful standard, for most use cases where you want to support authentication & authorization.

This project builds on years of juggling with different authentication providers and implementations. It may cut corners to be a pragmatic and less flexible solution which you can host on your own. You don't have to tie your users to a closed authentication system such as Auth0, Azure Directory, Cognito (the horror, really, stay away from it) or something else. In the past I've been a happy user of Keycloak, which is definitely way more advanced than this project, but it in the end it is a Java application and hence harder for me to maintain and not focussed on what I think are the core requirements :)

So, are you in the market for:

  • a…

Continue reading...

Tag descriptor

Capistrano

An article, posted 6 months ago filed in capistrano, deployment, automation, ruby & docker.

Capistrano doesn't evolve as quickly anymore but it still delivers and is still being maintained. It dates from before docker & autoscaling kubernetes were in wide use. I still prefer the simplicity of the tool: Capistrano I can understand, it is just a nice layer on running scripts on a remote server. Below some posts I did on Capistrano.

Continue reading...

Installing ruby with Capistrano & rbenv

An article, posted 6 months ago filed in capistrano, rbenv, deployment, script, automation & ruby.

While we're supposed to create docker(y) images and deploy these to the cloud, I'm still comfortable deploying and maintaining quite a range of applications using Capistrano (this builds on the battle tested server management process that I outlined more than 7 years ago). But Capistrano and its plugins are typically aimed at performing application level tasks, and not so much about configuring the environment.

I typically install ruby using rbenv. To deploy ruby apps using rbenv a Capistrano plugin exist (capistrano/rbenv) but it is missing the commands to install and/or update the ruby installation.

This snippet presented here adds a few commands:

  • cap rbenv:install ## installs rbenv
  • cap rbenv:update ## updates rbenv & install…

Continue reading...

Tag descriptor

BrandingRepo

An article, posted 7 months ago filed in BrandingRepo.

A small gem with some rails tasks I created to help me catering the same product to multiple clients with some custom branding.

Continue reading...

Introducing BrandingRepo (for Rails)

An article, posted 7 months ago filed in BrandingRepo, ruby, rails, gem, mit, open source, Git, design & clients.

Ever had the problem that you reuse the same project for a managemable number of clients? Too few to store branding materials in a database, but more than one making it hard to keep separate branches in sync?

Introducing BrandingRepo (for Rails)

The idea is simple: create a configuration file with those files that are specific to different brands/customers and store their mods in a different repository. Repository is quite a big word here: we simply create a config/brands folder in your current branch where you can push and pull your brand specific adjustments from. All managed in the same git repository.

What it is not:

  • it is not git within git.
  • it is not a design system, nor has it anything to do with it (I think perhaps with a few additional hacks it can be made to work with centrally managed gems/node-modules; like here: https://twitter.com/hopsoft/status/1451358882161332225?s=10)
  • it is not adding brand icons to your project

Installation

Add this …

Continue reading...

A local .test domain for development with https using Puma-dev (on macOS or Linux)

An article, posted 7 months ago .

When you maintain a few projects locally developing against localhost works good enough. npm start or rails s or python manage.py runserver or php -S 127.0.0.1:8000 will boot up a server that binds to a local port and allows you to see your work locally. The advantage of using localhost is that you don't have to bother with https-traffic as browsers don't require https for their latest features, but sometimes you need different domains to test and running multiple services distinguished by nothing more than their port numbers can become hard to manage.

To address this problem not only for websites served by the puma server, puma-dev exists. It is a spiritual successor to Sam Stephenson's Pow, which solved this problem for rack-apps. puma-dev, however, can proxy other servers as well, whether these are written in Javascript, PHP, ruby or other languages; as long as these exposes a port to 127.0.0.1, your local loopback/host you can use…

Continue reading...

Een pragmatisch succesverhaal

An article, posted 7 months ago filed in pragmatic, pragmatisch, murb, werk, html, css, development, php, react, projectmanagement & keycloak.

Sorry, even wat borstklopperij, maar ben wel een beetje trots hierop. Enkele jaren geleden werd ik door een oud collega van mij geïnformeerd: hij had gehoord over een project waarvoor ze eigenlijk iemand zochten met mijn profiel (mijn naam was zelfs genoemd). Interaction design achtergrond, in staat zelfstandig een UI neer te zetten op basis van moderne standaarden. De opdracht: een oude extranet applicatie, met een historie uit begin jaren nul even een nieuwe smoel geven (en responsive maken). De opdracht werd gepubliceerd, ik reageerde, en uiteindelijk werd besloten dat ik deze mocht uitvoeren.

Het bleek te gaan om een verzameling oude stijl PHP en CGI scripts. Met een op framesets gebaseerde layout, zoals je dat rond 2000 wel vaker zag. Ik ken veel collega’s die liever wegrennen bij een dergelijke opdracht, zoveel oude code, zoveel historie, maar ik had het idee dat ik het wel kon doen. Een aanbestedingstraject voor een volledige nieuwbouw bleek jaren geleden mislukt omdat de …

Continue reading...

Should I use Ruby on Rails in 2021?

An article, posted 10 months ago filed in rails, ruby, ruby on rails, laravel, symfony, php, python, django, flask, hanami, comparison, enterprise & trust.

I'm still a big fan of Ruby on Rails. No other framework has ever made me as productive. And it is no a secret that it makes quite some other product companies very successful. Think of Shopify, Github, Basecamp, Hey, and others.

But if you'd look at at the list of most popular languages, the top 10 doesn't feature ruby anymore.

In their 2020 survey on most popular technologies, StackOverflow writes:

> Additionally, Ruby, once in the top 10 of this list as recently as 2017, has declined, being surpassed by newer, trendier technologies such as Go and Kotlin.

Also if you look at Google trends, ruby has always been negligible when compared to Python or PHP or Javascript, [the trend is downward for the ruby package manager](https://trends.google.nl/trends/explor…

Continue reading...

Copying / syncing files over a local network with rsync

An article, posted 11 months ago filed in how i do it, rsync, copy, files, unix & macos.

Just a short article to document for myself how to copy a large directory (e.g. a user-folder) over a local network. While (s)cp might work for smaller operations, rsync is my preferred tool as you can restart it when it breaks + in case you found an optimization, you can just abort and restart. Some things to take into account before I share the command:

  • Do not mount a drive, just use ssh
  • if you're sharing from macOS, make sure file sharing has access to the entire harddrive, otherwise some important folders will sync empty (e.g. Documents(!))
  • Make sure you exclude files you don't need (a home folder typically contains many cache-files that you don't want to sync to a new machine
  • Do not enable some form of compression (it waists cpu cycles when your network is fast enough)

So here is the command:

rsync -aWP --inplace --exclude-from=exclude-file.txt murb@someaddress:/Users/username/ .

Breakdown:

  • -a is the archival option, and it is typically what y…

Continue reading...

murb blog