A somewhat secure Debian server with nginx, Passenger, rbenv for hosting Ruby on Rails with mail support and deployment with Capistrano

Basically this is a technical note to myself, in case I need to setup another server for running yet another personal Ruby on Rails project. And don't worry, I'm not going to replicate all nice guides out there, just filling in the gaps.

So let's start with the list of bookmarks I follow as a start. Note that in these tutorials mostly a user is used named 'deploy'. Typically I create a user per project and name databases etc. accordingly.

  1. Get security right first: My first 5 minutes on a server or essential security for Linux servers
  2. Then I get Rails up and running with this how to install Ruby on Rails with rbenv on Debian
  3. (in case you want to use the server as your remote git repo too) [Git setting up a remote repository and doing an inital push](http://the…

Continue reading...

How to do it: Using screen

An article, posted almost 5 years ago filed in , , , , , , , , & .

A technical note to myself: One way of doing multiple things simultanenously on a server can be by setting up multiple connections via SSH, that's how I used to do things before. An alternative is to use a single connection and use the command screen on the remote server. Another good reason to use screen is if you have a long running process that you don't want to break just because your SSH connection flips on and off with your computer going in and out of stand-by.

This is for absolute beginners. If you don't know about screen, this is for you. If you are already familiar with screen, I probably won't be able to educate you :o

So what is Screen?

GNU Screen is a kind of window managment system for the terminal (you're ought to say terminal multiplexer) and has several advantages over using multiple SSH connections. Most importantly: the processes keep running when SSH d…

Continue reading...

No signing in

An article, posted about 6 years ago filed in , , , , , , , & .

IMPORTANT: the assumption made here is incorrect. I suggested using a hashing function, but one should make a special message authentication code function such as HMAC

A thing I've been rediscovering as of late is the bookmarklet. Not that I use many, but in contrast to many of the browser extensions, bookmarklets are really minimalistic and hence very simple to use (although installing them on mobile devices is not) pieces of software. Currently I use the Tumblr, Instapaper and Pinterest bookmarklets, but they all share a common problem: they require you to authenticate before you can actually use them.

Not satisfied with the third parties, not satisfied with hot they work…

The three step bookmark proces typical among bookmarklets that post something

I'm using the Tumblr blogging service simply because it makes posting, via its bookmarklet, easier than posting s…

Continue reading...

murb blog