Tadek’s Blog

Being frustrated with soooo many security vulnerabilities of my current blogging engine, I decided to find a replacement. Here’s a list of requirements I came up with:

1. Not written in PHP
2. No known security vulnerabilities.
3. Supports customization – I would like to have a Tadek’s theme on it.
4. Can import my current blog content.
5. Supports markdown (or a similar syntax. The only thing I hate more than writing html, are bad UIs for generating it).

Since I already have a server, I didn’t want to go for a hosted solution (though I may change my mind on this one, as I did with my e-mail). I quickly discovered that excluding PHP, there’s little out there. Also, I didn’t want to jump to a full-bodied CMS for my puny website.

The more I thought about it, the more I realized I wanted have something very much like WordPress (willing to compromise on some bells and whistles like WYSIWYG editor I personally hate) that is not-Wordpress. Knowing what I to look for, I quickly came across Zine, which is exactly what I was looking for:

1. It’s written in Python. Yay!
2. It’s seems pretty nicely written and haven’t seen any mentions of security vulnerabilities (given, it’s a niche product).
3. It’s really nice – I ported Tadek’s theme in no time. I also really liked the templating language.
4. I managed to import my blog content in 2 min (I spent another 100 trying to identify two records-of-death).
5. It has a markdown plugin. Yay!

While playing with Zine, I realized that PHP, with all its drawbacks and issues, has one big advantage: most programs are simple drag-n-drop and modules are very well supported on Debian I run. Having gone through a mixture of obsolete Python modules and easy_install, I started to appreciate simplicity. Ah, did I mention that my swigged psql module would crash apache workers with SEGV at random times?

It sounded like a challenge and, after two evenings, I actually do have a running Zine-powered WordPress replica in Python (I even started implementing some missing functions like adding counts to post categories and search function). The admin UI is awesome and I really like it. With a few days of evening hacking, I would have a really awesome blog in Python. It was only that when I realized that… the Zine and Python are slow. Not just slow, but it’s excruciatingly slow. My server is not the most powerful machine and having to wait almost 10s for the initial page load was way more than I could handle (to give justice, you can enable mamcache/file based caching). This is when I decided to grind my teeth, upgrade the WordPress blog one more time and give another try.

As of now, I am still not writing Zine off, but WordPress is to stay for now (well, at least till I get really annoyed).

T.

PS. I still cannot comprehend why getting WordPress behind SSL (under a different path) is sooooo hard. There used to be a plugin that did this but it since stopped working. But then WordPress’s security track record shows that maybe there’s more to worry about than somebody sniffing your password – just don’t reuse it

PPS. WordPress Android app is awesome and just works. I can share photos I took with just a few clicks.

Go Annie. Go!

Second from the top “Diagonal” (6a) at Ueschenen – an awesome climb with SAC!

One of the highlights of summer in Zurich is the Orange cinema by the lake. The cinema plays one movie a night mid-Jul till mid-Aug and, as with many good things in Zurich, most tickets sell out on the first day.

PS: I took this photo with my Nexus One and uploaded it using an Android app. Cool.

It’s been… almost two years since I blogged anything, so I think it’s time to do something about it, either declare blogging dead for me or… start posting again?

With a plethora of ways of expressing yourself on the web, including tweeting, status updates, buzzing, broadcasting yourself, not to mention blogging (which seems so passé by now) there’s little excuse and maybe the reason for silence is the most dreaded obvious… maybe don’t have that much to share?

To prove wrong, I am making a resolution to resume short and more regular blogging.

T.

We recently visited our friends who started their own start-up. No, not in the Silicon Valley, but here in Kilchberg. And not in IT, but in pâtisserie.

http://cake-plus.ch/

We heard the chocolate cake is to die for. We are so getting it for Christmas, topped with Christmas decorations. Sweet

I recently wanted to test TLS with SMTP. I followed instructions on http://qmail.jms1.net/test-auth.shtml and got it to work in less than 30s

In short:

perl -MMIME::Base64 -e 'print encode_base64("\000user\000password")'
openssl s_client -starttls smtp -crlf -connect <ip>:<port>
auth <auth_command>
mail from:<tadek@pietraszek.org>
rcpt to:<tadek@pietraszek.org>
data
...
.

Interestingly, when I tried typing RCPT s_client would interpret it as “renegotiate”, which confused me a bit, but you can inhibit it with --quiet or type it in lowercase like I did

T.

I recently started getting nagmails about running out of quota on my home directory. Being a very messy user, I had no idea where the space went. I tried playing with du manually, but it’s much easier with xdu:

sudo apt-get install xdu
du > /tmp/blah
xdu -n /tmp/blah