Rails app redirects to wrong port?

Ran into a situation in which a rails application was redirecting to /login to force a user to log in, but the Location header said “http://site.com:8085/login”, because nginx was listening on port 8085 on that server. At first I looked to see if there was something in the application code that was doing this, or maybe some setting I could change to fix it, but came up blank. After some Googling I found the answer right in the Nginx docs (below is my slightly-modified solution that handles https urls as well):

   proxy_redirect ~^(http(s?)://[^:]+):\d+(/.+)$ $1$3;

That simply removes the port number from the Location: header, so whatever kind of proxy magic you’re doing will “just work.”

Setting user Postgres passwords via MD5

Say you want to create a Postgres account for a user but you don’t want them to have to reset it after logging in, and you don’t want to do the “come type in a password on my computer” routine. Well, here’s one way around this.

  1. Have the user generate an MD5 of their password on their local computer. Postgres uses the username as the salt for the hash, so the command to generate the md5 on a Mac would be (assuming a username of ‘ehoffman’ and a password of ‘abcdefg’):
    [evan@Evans-MacBook-Pro ~] $ echo -n abcdefgehoffman | md5
    95eebfcce27162773a3828689df9d79e

    The “-n” is important – without it, the newline gets included in the hash. After they generate their MD5, have them send it to you (along with their username).

  2. Create the user’s account in the database (or ALTER ROLE if it already exists):
    CREATE ROLE ehoffman LOGIN INHERIT ENCRYPTED PASSWORD 'md595eebfcce27162773a3828689df9d79e';

    Syntax for an existing account:

    ALTER ROLE ehoffman ENCRYPTED PASSWORD 'md595eebfcce27162773a3828689df9d79e';

That’s it. This has the added benefit of the password never being logged in the DB logs or the .psql_history. The main downside is the possibility of user error.

New York City commuter winter survival kit

Since I started working in Manhattan again a couple years ago I’ve learned a couple of things about surviving the winters on the LIRR platform. This winter in particular has been pretty lousy, temperatures below 20ºF and gusty most of the mornings for the past couple of weeks when I’m waiting for the train. Here are some of the things that have made it bearable. This is kind of a hodge-podge as a result of complete trial & error, but when fully geared I’m totally comfortable in the biting wind and snow even as others visibly shiver.

Land’s End Commuter Coat (Tall)

I have this one (apparently discontinued), but in black.

Land's End Commuter Coat

When my wife got this for me in 2012 I groaned. I was concerned that it made me look like an idiot. Well, the next time it snowed I instantly got over any reservations I might have had because this coat was heavenly. It has lots of pockets, it’s waterproof and windproof, and it’s long enough to cover my butt – actually the first coat I’ve owned that was long enough for me. The only real negative is its bulk – on the train it’s hard to squeeze in a seat wearing this thing, but I often put it in the overhead rack if it’s crowded. Also it’s REALLY warm – you can’t wear it for very long indoors.

LL Bean Fitness Fleece (Tall)


I’ve owned a lot of fleeces, and while I like the Old Navy ones, the LL Bean Fitness Fleece is my favorite. It’s warm enough to be a great layer between the commuter coat and a T-shirt but not so warm that it makes you sweat. I also like the way it looks.
LL Bean Fitness Fleece

Land’s End Men’s Squall Gloves

I’ve tried many different gloves and these are pretty good. They’re best on really cold, windy days – when you’re scraping the ice and snow off your windshield at 6 AM in the dark, these are the gloves you want. They’re comfortable (even for my XL hands), pretty much waterproof and windproof, and they have a little zipper pocket where you can insert those hand-warmer packets. And they were pretty cheap – I think $10 on sale.
Land's End Squall Gloves

Columbia Men’s Bugaboot Plus

I ended up with these boots after my previous pair of boots sprung a leak and I complained on Twitter. These are amazingly warm – definitely can’t wear them indoors for more than about 30 minutes without getting swamp feet, but they’re perfect for shoveling snow or those 8º windy days. I usually wear them with some thick Hanes crew socks for ultimate comfort. On days I wear them into the city I bring some regular sneakers along for normal wear, otherwise it’s really uncomfortable.
Columbia Bugaboot Plus XTM.
I have to add that while these boots are great, having worn them fewer than 20 times, one of the leather lace-holes ripped off completely. I could contact their CS about this but don’t want to deal with the hassle. The boots still “work” but this was a defect in a product that wasn’t used that heavily.

Chaos – CTR Chinook Micro Fleece Balaclava

My latest addition. I was pretty warm most days except for my face, which was freezing. I tried a few hats and a scarf but the scarf was too unwieldy and itchy. I realized what I really needed was a crazy ski mask. Again I was worried that this would look stupid but practicality quickly won. My main worry in buying a balaclava was finding one to fit my massive head. I took a chance and fortunately this one worked out. It’s just barely big enough – if I put it on too quickly I can hear it tearing – but it’s been wonderful. On cold windy days, now my only exposed piece of skin is around my eyes. I end up with icicles on my eyelashes but that’s a small price to pay for warmth.

Chaos -CTR Chinook Micro Fleece Balaclava

Conclusion

I don’t really know why I wrote this, maybe just as a shout out to the brands that have made this awful winter bearable. But hopefully the info contained herein is helpful to someone. Anyway, thanks for reading.

Home Theater Sound on the Cheap

In 2009 I got my first HDTV, a Digital Lifestyles 42″ from NewEgg. The reviews were mixed but the common theme was that this screen had a great picture and terrible sound. I decided to take a chance, and if the sound was really that bad I’d figure something out.

Well, turned out the sound was, in fact, terrible. Not merely tinny, the speakers crackled and popped, and were essentially unusable. To my relief, the TV had a headphone jack on the side, so I got a set of Logitech X-230 computer speakers, plugged them into the headphone jack and the problem was solved – for a mere $35. The sound was really impressive for such a cheap setup and best of all the volume could still be controlled via the TV remote.

Fast forward to 2013. On Black Friday I took a trip to the local PC Richard and picked up a Digital-Analog converter. It’s powered by USB and converts the optical signal to standard headphone output. For the power, I plug the USB cable directly into the TV, which is handy because then it gets powered on and off with the TV. Unfortunately with this setup the volume can’t be controlled via the TV remote any longer. I plan to get a 2.1 soundbar with wireless subwoofer eventually, but for now this mostly works. So if you’re looking to get pretty good sound your HDTV for relatively little cost, this might work for you.

Super quick wordpress exploit stopper

I got an email yesterday from my host (DigitalOcean) that I was running a phishing website. So, I’m not, but I quickly guessed what happened: my WordPress got hacked. This is just one of the risks of running silly little PHP apps. I logged in, deleted the themes directories, reinstalled clean ones, and ensured this doesn’t happen again by doing the following:

  • useradd apache_ro
  • chown -R apache_ro:apache_ro $WP/wp-content/themes

Now apache can’t write to those directories. This means you can’t update WordPress via the web UI, but I’m ok with that.