News aggregator

Alan Pope: Awesome Community is Awesome

Planet HantsLUG - Mon, 09/03/2015 - 07:00

While flash sales, conferences and trade shows happen, the Community Core Apps project rolls forward landing updates and fixes to Ubuntu Phone applications. Some are default apps on the devices bq customers will soon receive, others are easily installable from the click store. All are maintained by a community of Free Software developers. I’m incredibly proud of the work these people are doing and wanted to highlight some recent updates.

As with all the applications below, if you’d like to get involved in design, documentation, testing, translation or just plain writing code either get in contact with me, or with any of the developers listed below. They’re all very nice people.

Weather Reboot

Andrew Hayzen, Victor Thompson and Nekhelesh Ramananthan got together to help Martin Borho reboot the Weather App with new designs created in collaboration with the Canonical Design Team. With a cleaner look, easier to use user interface, and fewer poke-your-eyes-out colour gradients, the new Weather app is coming along nicely!

Doc Viewer

Stefano Verzegnassi has been working hard on the usability and performance in the Doc Viewer. It now directly pulls documents from ~/Documents on the device and can receive files via Content-Hub such as those downloaded in the browser. Rendering performance has been improved, using multi-core page rendering to make use of the grunt in powerful phones. It’s also now possible to manage documents directly in the app, so you can delete files from ~/Documents with a long-press and some taps, no file manager required. There’s also a Table of Contents revealed from a bottom edge swipe, and a new document grid view.

While not currently a default app in devices, it’s in the store and works really well on all Ubuntu devices. Upcoming is a refinement of the full screen reading experience to remove the header and some improvements to document zooming. Longer term we’re also investigating and prototyping support for common office file formats.


Filippo Scognamiglio recently updated the Terminal app to support configurable keyboard overlays. The overlay is a strip above the default OSK (on screen keyboard) which can be populated with keyboard shortcuts or full commands. These are designed to supplement the OSK and allow fast access to complex keyboard combinations or frequently typed commands. The Terminal app ships with a small number of sample keyboard overlays, but it’s easily user-expandable. Filippo blogged about it, read more there. If you create a cool overlay, do share it, and we may include it in a future update as a default. This update is in the store, available to install on Ubuntu devices.

Upcoming is a user interface change to easily switch on and off the keyboard overlays. So you may have 20 installed, but rarely use some, so can easily switch them off so they don’t clutter the main UI. In addition Filippo is working on breaking up the terminal app into a re-usable component to make it easy to ship click packages containing a command line tool and terminal together. So for example a developer could bundle mutt+terminal in a click package in the store. Clearly not a typical use case for many phone users, but it’ll certainly be useful for our early adopter hacker types


Kunal Parmar has updated the Calendar app with some nice UI and performance improvements. If you sync events with the Calendar then they should show up quicker in the app than previously. He also implemented the ability to move events around the calendar with a long press and drag. More recently we’ve noticed a couple of crashers which we’re trying to get to the bottom of. Renato has a patch for EDS which seems promising! The latest Calendar update is in the store and available for testing as always.

Calculator Reboot

Riccardo Padovani and Bartosz Kosiorek have been completing work on the Calculator ‘reboot’. We received a new design a while back which has been almost completed. We have some more design changes to make, but we plan to release this version to the store shortly as the default Calculator. You can currently test it by installing “Calculator Reboot” from the click store on your Ubuntu device. Feedback (and bugs) welcome as always.


Michael Zanetti and Riccardo Padovani have been really active with the Reminders app the last few weeks. Many bugs fixed, and a new offline mode for those that don’t want to connect to Evernote. There’s so many improvements which will require some additional QA before we upload to the store which should happen next week. This is a major update which has been a long time coming, and I’ll talk more about that in detail when it’s closer to landing.

Update: This update has landed in the store now!


Dan Chapman and Boren Zhang have been implementing designs provided by the Canonical design team in their Dekko Email app. The changes are coming thick and fast, and if you’d like to test some of the new features, then install the “Dekko (beta)” app from the click store.


Nekhelesh Ramananthan pushed a small but important update to the Clock app recently which makes translatable the cities which are listed in the app. Once that landed we asked the Ubuntu translators if they could kindly translate the 200+ strings. Over night ~30 languages were done with more coming in over the weekend. It never ceases to amaze me how fast and attentive the Ubuntu translation communities are!

A massive thank you to all the developers, designers, testers and translators who have helped improve all of these apps. As always, get in touch if you’d like to get involved!

Categories: LUG Community Blogs

Steve Kemp: Free hosting, and key-signing

Planet HantsLUG - Fri, 06/03/2015 - 01:00

Over the past week I've mailed many of the people who had signed my previous GPG key and who had checked my ID as part of that process. My intention was to ask "Hey you trusted me before, would you sign my new key?".

So far no replies. I may have to be more dedicated and do the local-thing with people.

In other news Bytemark, who have previously donated a blade server, sponsored Debconf, and done other similar things, have now started offering free hosting to Debian-developers.

There is a list of such offers here:

I think that concludes this months blog-posting quota. Although who knows? I turn 39 in a couple of days, and that might allow me to make a new one.

Categories: LUG Community Blogs

Meeting at "The Oddfellows"

Wolverhampton LUG News - Mon, 02/03/2015 - 17:17
Event-Date: Wednesday, 4 March, 2015 - 19:30 to 23:00Body: Giving a new venue a try. Wed 04 Mar 2015/19:30 - 23:00 Compton Wolverhampton West Midlands WV6 8AA Eat, Drink and talk Linux
Categories: LUG Community Blogs

MJ Ray: Rebooting democracy? The case for a citizens constitutional convention.

Planet ALUG - Fri, 20/02/2015 - 05:03

I’m getting increasingly cynical about our largest organisations and their voting-centred approach to democracy. You vote once, for people rather than programmes, then you’re meant to leave them to it for up to three years until they stand for reelection and in most systems, their actions aren’t compared with what they said they’d do in any way.

I have this concern about Cooperatives UK too, but then its CEO publishes and I think there may be hope for it yet. Well worth a read if you want to organise better groups.

Categories: LUG Community Blogs

Meeting at "The Moon Under Water"

Wolverhampton LUG News - Mon, 16/02/2015 - 09:56
Event-Date: Wednesday, 18 February, 2015 - 19:30 to 23:00Body: 53-55 Lichfield St Wolverhampton West Midlands WV1 1EQ Eat, Drink and talk Linux
Categories: LUG Community Blogs

London Linux/podcaster meet up – Thursday Feb 26th at the Mulberry Bush pub near Waterloo station from 6pm

Greater London LUG News - Wed, 11/02/2015 - 21:58
In celebration of Scott’s visit to the UK, we have decided to organise a meet up. Confirmed attendees so far are Scott Newlon (mintCast), me (mintCast/Linux Luddites), jesse (Linux Luddites) and Matthew Copperwaite (The Dick Turpin Road Show).

The plan is to have a relaxed and informal evening of drinks and conversation. We’ve reserved a booth with a table that should be perfect in a really nice pub on the South Bank, a few minutes from Waterloo Station. Everyone is welcome so please spread the word!

Directions to the Mulberry Bush:

Leave Waterloo via the original main entrance in order to head towards the South Bank. The main entrance is found by turning left after coming through any of the ticket barriers, and is at the far end of the concourse beyond platform 18, on the right next to the lost luggage. Head through the glass doors and down the stone steps, if you find yourself on a bridge you’ve gone the wrong way, come back and look on your left for the glass doors.

Once down the steps head to your left, cross some zebra crossings and generally follow what is likely to be the main crowd towards the traffic lights to cross York Road. The aim is to stroll along Sutton Walk, the pedestrian walkway under the blue lattice bridge, towards the South Bank. Once under the bridge continue straight towards the Royal Festival Hall and you will shortly reach a T-junction with Belvedere road before you actually get to the hall.

Turn right and walk along that road – this is the home straight, except it’s the longest section of the trip! I’m afraid this part isn’t much to look at, you’ll pass the National Theatre, IBM and ITV and just when you think you’ve gone wrong, the Mulberry Bush will appear on your right hand side.

To find the booth that we have reserved, walk to the end of the bar and look to your left.

Hopefully see you there!
Categories: LUG News

Wylug resumes

West Yorkshire LUG News - Fri, 06/02/2015 - 16:08

There will be a meeting of the resumed Wylug in The Lord Darcy on Harrogate Road on 23 rd of Februay 2015 at around 7pm.

The meeting will discuss the future course of wylug and its  organisation.

Feel free to bring laptops, tablets etc. to get help on things you do badly or to display things you do well.

The Lord Darcy is on the 36 bus route between Leeds  and Harrogate and there are other bus routes that serve that streach of Harrogate Road.

Adam Trickett: DKIM

Planet HantsLUG - Mon, 02/02/2015 - 21:55

Recently a friend asked me about SPF and DKIM. I was vaguely aware of them and their generally perceived uselessness. I've never bothered with them but thought I'd look into them for him. SPF was trivial to set up using my Bytemark DNS, and easy to testing using of many on-line email tools.

The challenge is DKIM, I found several sites that explained what to do - they were all variation around a theme and seemed easy enough. Generate a key pair (check), put the public half into your DNS (check), tweak Exim4 (ARGH!!!).

As far as I tell I followed what the web site said and reloaded the Exim config and it looks like it's all loaded into place, the key is readable by Exim, the path is correct but no matter what I do Exim wont add the DKIM signature to my outgoing emails...!

Tags: spf dkim

Categories: LUG Community Blogs

Meeting at "The Moon Under Water"

Wolverhampton LUG News - Mon, 02/02/2015 - 11:55
Event-Date: Wednesday, 4 February, 2015 - 19:30 to 23:00Body: 53-55 Lichfield St Wolverhampton West Midlands WV1 1EQ Eat, Drink and talk Linux
Categories: LUG Community Blogs

Chris Lamb: Calculating the ETA to zero in shell

Planet ALUG - Fri, 30/01/2015 - 21:49
< Faux> I have a command which emits a number. This number is heading towards zero. I want to know when it will arrive at zero, and how close to zero it has got.

Damn right you can.

eta2zero () { A=$(eval ${@}) while [ ${A} -gt 0 ] do B=$(eval ${@}) printf %$((${A} - ${B}))s A=${B} sleep 1 done | pv -s ${A} >/dev/null }

In action:

$ rm -rf /big/path & [1] 4895 $ eta2zero find /big/path \| wc -l 10 B 0:00:14 [ 0 B/s] [================================> ] 90% ETA 0:00:10

(Sincere apologies for the lack of strace...)

Categories: LUG Community Blogs

Philip Stubbs: Arduino and NRF24L01 for Quad-copter build

Planet HantsLUG - Thu, 29/01/2015 - 17:28
As part of my Quadcopter build, I am using a couple of Arduino's along with some cheap NRF24L01 from Banggood for the radio transmitter and reciever. The idea came from watching the YouTube channel iforce2d.

When I started developing (copying) the code for the NRF modules, I did a quick search for the required library. For no good reason, I opted for the RadioHead version. Part of my thinking was by using a different library from iforce2d, I would have to poke around in the code a bit more and lean something.

All went well with the initial trials. I managed to get the two modules talking to each other, and even had a simple processing script show the stick outputs by reading from the serial port of the receiver.

Things did not look so good when I plugged the flight controller in. For that I am using an Afro Mini32. With that connected to the computer and Baseflight running, the receiver tab showed a lot of fluctuations on the control signals.

Lots of poking , thinking, and even taking it into work to connect to an oscilloscope, it looked like the radio was mucking up with the timing of the PWM signal for the flight controller. Finally, I decided to give an alternative NRF library a try, and from the Arduino playground site, I selected this one. As per iforce2d, I think.

Well that fixed it. Although, at the same time I cleaned up my code and pulled lots debugging stuff out and changed one if loop to a while loop, so there is a chance that changing the Library was not the answer. Anyhow, it works well now. Just need some more bits to turn up and I can start on the actual copter!
Categories: LUG Community Blogs

Daniel Silverstone (Kinnison): Caius -- A heirarchical delegable password safe

Planet ALUG - Thu, 29/01/2015 - 14:08

A long while ago I, Rob Kendrick, Clive Jones (and possibly others) sat down and tried to come up with a way to store passwords a-la Password Safe. However, being us, we wanted to ensure a number of properties which password safes commonly don't have. We wanted to allow the delegation of access to some subset of the passwords. We also wanted for it to be reasonable to deny that there is content which has not been decrypted.

I was reminded of this work when I was discussing the concept of deniable storage of secrets with a colleague (An idea I'll expand upon in another blog post at another time). I am therefore presenting, with little change other than formatting the design from years ago. I would be very interested if anyone knows of software which meets the properties of the Caius system since I would like to have one but simply don't trust myself (see another future posting) to write it right now.


The following concepts are assumed to be understood:

The 'Caius' system is a password-safe type system sporting hierarchical delegable access to the data it stores. The 'Caius Fob' is the data-store for the system.

The 'Caius Fob' is a file which consists of a header and then three sections. The header identifies it as such a file, the first section lists a number of 'External IDs' which can be used to access portions of the file. The second section lists ACL entries as defined below. The third section of the file is the encrypted data looked after by this file. It is not intended that the holder of a CaiusFob be able to deny it is a CaiusFob, but it is expected that it be possible to deny an ability to decrypt (perhaps by lacking a password) any ACL entries. Given that the structure of the file is known, it is necessary that there be external IDs for which the password or GPG key is not valid or cannot decrypt an ACL entry, and ACL entries which even if decrypted may not be valid, and ACL entries which even if decrypted and valid may not be used to encode any data blocks.

An External ID External ID ::= LENGTH TYPE DATA

Where TYPE is one of: * 0: Unused (ID slot placeholder) * 1: GPG key, where DATA is the keyid of the gpg key * 2: Password, where DATA is some hash of a password which can be used to derive a key for decrypting an ACL entry.

The list of external ids forms a numbered sequence where the index (0-based) into the sequence is the External ID number. (EIDnr)


The EIDnr is the number of the External ID as explained above. The LENGTH is the length of the DATA section which is a key-pair as explained below, encrypted to the external id. The HMAC uses the authentication key in the key-pair in the DATA section, and authenticates the EIDnr, LENGTH, DATA tuple.

One possibility for increasing deniability is to remove the EIDnr from this part of the file, and assume that for every external ID you try to decrypt all ACLs you've not succeeded in decrypting thus-far. This has the benefit of being able to deny that an ACL entry ought to be decryptable with the credentials you hold, but also an increased inability to know if you have successfully unlocked everything appropriate to being able to fully manipulate a CaiusFob. This tradeoff is currently set in favour of better understanding of the content, but a future design feature might suggest EIDnr should always be -1 to indicate "unknown, try every EID".


The ENCRYPTIONKEY is used to initialise the stream cipher for the data section. The AUTHENTICATIONKEY is used to compute HMACs for the appropriate ACL entries or data blocks (as defined below)

The data section

First consider a set of stream ciphers. There exists always one cipher which we will call the NULL cipher. It is defined such that Cipher(Byte, Offset) == Byte and is always available. Then there is a cipher initialised for each key pair we can successfully extract from the ACL entry section of the file.

Each of these ciphers is initialised and made ready such that the data section can be xored with the bytes as they come out of the stream ciphers in an attempt to decrypt the blocks. Essentially this is equivalent to decrypting the entire data section with each cipher in turn to produce N proposed cleartexts which can then be examined to find decrypted blocks.

Whenever a cipher, combined with the data stream in the file, manages to produce a sequence of eight bytes of value zero, we have reached a synchronisation point and what follows is a data block enciphered with which ever cipher managed to reveal the synchronisation sequence.

Since it is vanishingly unlikely that you will find eight zeros in a row when playing about with arbitrary cipher initialisation, we consider this to be an acceptable synchronisation sequence.

Once we have found a sync sequence, we can know the length of this block and thus we do not look for sync markers again until after the block we have just found.


Such that each field is the obvious, DATA is DATALENGTH bytes of data, the texture of which is defined by TYPE and PAD is PADLENGTH arbitrary bytes which pad this block. HMAC is keyed using the authentication key associated with the stream cipher managing to decrypt this and is over the DATALENGTH, PADLENGTH, TYPE, DATA, PAD tuple.

If TYPE is zero then this is a ''free-space'' block and will typically contain zero bytes of DATA and some number of padding. This is however arbitrary and not enforced, the free space can be DATA if the implementer prefers and implementations are encouraged if possible to randomise the distribution of the consumed space between the DATA and PAD sections.

A node block TYPE == 1 (Node) DATA ::= MY_ID PARENT_ID NAME NOTES

MY_ID is a unique ID for this node. (generally a random number, probably 64 bits long, perhaps a UUID). PARENT_ID if not all NULLs is the ID for the parent node. If all NULLs then this is the root of a heirarchy. NAME is a NULL terminated byte string of one or more characters which is the name of this node. It may consist only of any characters other than NULL and the forward-slash character. NOTES is a byte string of zero or more characters, NULL terminated. Note that the DATALENGTH of the data block clearly delimits this field but the NULL is present to aid parsing.


PARENT_ID is the node to which this block belongs. It is required that any system blocks you succeed in decrypting can be placed within a node you succeed in decrypting. If the library encounters a system block which belongs to a node it cannot find then this is considered to be a corrupt system block and will be treated as though it could not be decrypted.

USERNAME is a byte string of one or more characters terminated by a NULL, ditto for PASSWORD and as for a node block, the NOTES are NULL terminated also.

EXPIRYDATE is a byte string of characters in RFC-822 date format.

Implementation notes

It is expected that any implementation of Caius will adhere to the following guidelines in order to enhance the security of content over time.

  1. Any time a block is invalidated (such as by the changing of a password, the obsoleting of an entry, the changing of notes, names, or reparenting a node) anywhere from one to all of the bits in the block can be changed. Trivially, this includes the synchronisation sequence preceeding the block as if the synchronisation sequence isn't present then the block does not exist.

  2. Every time a CaiusFob is altered in any way, some amount of known intra-block padding must be altered in a random way. Ideally this will be done so that it looks like number 1 has happened somewhere else in the file as well. Anywhere from zero to all of the padding can be thusly altered in any given change.

  3. No attempt will be made to write to any part of the file which cannot be positively identified as padding unless the user has explicitly stated that they will accept damage to data they cannot currently decrypt.

  4. No indication will be given to the user if any part of the file was unable to be decrypted or failed an HMAC check. Such data is simply incorrectly decrypted and thus ignored.

  5. Intrablock padding can be positively identified if you have two consecutive blocks in a CaiusFob such that the number of bytes between them could not possibly hold the simplest of free space blocks.

  6. When appending a block to a CaiusFob it is encouraged to place up to 50% of the size of the intrablock spacing before it as random padding, and up to 50% afterwards also. Naturally anywhere between zero and the full amount is acceptable, ideally the implementation would choose at random each time.

Categories: LUG Community Blogs

Daniel Silverstone (Kinnison): I promise that I...

Planet ALUG - Tue, 27/01/2015 - 23:27

A friend and ex-colleague Francis Irving (@frabcus on Twitter) has recently been on a bit of an anti C/C++ kick, including tweeting about the problems which happen in software written in so called "insecure" languages, and culminating in his promise website which boldly calls for people to promise to not use C/C++ for new projects.

Recently I've not been programming enough. I'm still a member of the NetSurf browser project, and I'm still (slowly) working on Gitano from time to time. I am still (in theory) an upstream on the Cherokee Webserver project (and I really do need to sit down and fix some bugs in logging) and any number of smaller projects as well. I am still part of Debian and would like to start making positive contributions beyond voting and egging others on, but I have been somewhat burned out by everything going on in my life, including both home and work. While I am hardly in any kind of mental trouble, I've simply not had any tuits of late.

I find it very hard to make public promises which I know I am going to break. Francis suggested that the promise can be broken which while it might not devalue it for him (or you) it does for me. I do however think that public promises are a good thing, especially when they foster useful discussion in the communities I am part of, so from that point of view I very much support Francis in his efforts.

Even given all of the above, I'd like to make a promise statement of my own. I'd like to make it in public and hopefully that'll help me to keep it. I know I could easily fail to live up to this promise, but I'm hoping I'll do well and to some extent I'm relying on all you out there to help me keep it. Given we're almost at the end of the month, I am making the promise now and I want it to take effect starting on the 1st of February 2015.

I hereby promise that I will do better at contributing to all the projects I am nominally part of, making at least one useful material contribution to at least one project every week. I also promise to be more mindful of the choices I make when choosing how to implement solutions to problems, selecting appropriate languages and giving full consideration to how my solution might be attacked if appropriate.

I can't and won't promise not to use C/C++ but if you honestly feel you can make that promise, then I'm certain Francis would love for you to head over to his promise website and pledge. Also regardless of your opinions, please do join in the conversation, particularly regarding being mindful of attack vectors whenever you write something.

Categories: LUG Community Blogs

Steve Kemp: Recording gym-visits on Linux.

Planet HantsLUG - Tue, 27/01/2015 - 01:00

I go to the gym every couple of days. I lift things up, then put them down, and sometimes I repeat this process another 30 times. When I'm done I write down what I've done, how many times I did the lifty-droppy thing, and so on.

I want to see pretty graphs. I want to have records of different things. I guess I just need some simple text-boxes:

deadlift 3 x 7 @ 210lbs.

etc. Sometimes I use machines so I'd say instead:

converging seated-row 3 x 8 @ 150lbs

Anyway that's it. I want a simple GUI, a bit like a spreadsheet where I can easily add rows of each session. (A session might have 10-15 exercises in it, so not many.) I imagine some kind of SQLite database for the back-end. Or CSV. Either works.

Writing GUI software is hard. I guess I should look at GtK or Qt over the next few days and see if it is going to be easier to do it online via a jQuery + CGI system instead. To be honest I expect doing it "online" is liable to be more popular, but I think a desktop toy-application is just as useful.

Categories: LUG Community Blogs

Chris Lamb: Recent Redis hacking

Planet ALUG - Sun, 25/01/2015 - 21:52

I've done a bunch of hacking on the Redis key/value database server recently:

  • Lua-based maxmemory eviction scripts. (#2319)

    (This changeset was sponsored by an anonymous client.)

    Redis typically stores the entire data set in memory, using the operating system's virtual memory facilities if required. However, one can use Redis more like a cache or ring buffer by enabling a "maxmemory policy" where a RAM limit is set and then data is evicted when required based on a predefined algorithm.

    This change enables entirely custom control over exactly what data to remove from RAM when this maxmemory limit is reached. This is an advantage over the existing policies of, say, removing entire keys based on the existing TTL, Least Recently Used (LRU) or random eviction strategies as it permits bespoke behaviours based on application-specific requirements, crucially without maintaining a private fork of Redis.

    As an example behaviour of what is possible with this change, to remove the lowest ranked member of an arbitrary sorted set, you could load the following eviction policy script:

    local bestkey = nil local bestval = 0 for s = 1, 5 do local key ="RANDOMKEY") local type_ ="TYPE", key) if type_.ok == "zset" then local tail ="ZRANGE", key, "0", "0", "WITHSCORES") local val = tonumber(tail[2]) if not bestkey or val < bestval then bestkey = key bestval = val end end end if not bestkey then -- We couldn't find anything to remove, so return an error return false end"ZREMRANGEBYRANK", bestkey, "0", "0") return true
  • TCP_FASTOPEN support. (#2307)

    The aim of TCP_FASTOPEN is to eliminate one roundtrip from a TCP conversation by allowing data to be included as part of the SYN segment that initiates the connection. (More info.)

  • Support infinitely repeating commands in redis-cli. (#2297)

  • Add --failfast option to testsuite runner. (#2290)

  • Add a -q (quiet) argument to redis-cli. (#2305)

  • Making some Redis Sentinel defaults a little saner. (#2292)

I also made the following changes to the Debian packaging:

  • Add run-parts(8) directories to be executed at various points in the daemon's lifecycle. (e427f8)

    This is especially useful for loading Lua scripts as they are not persisted across restarts.

  • Split out Redis Sentinel into its own package. (#775414, 39f642)

    This makes it possible to run Sentinel sanely on Debian systems without bespoke scripts, etc.

  • Ensure /etc/init.d/redis-server start idempotency with --oknodo (60b7dd)

    Idempotency in initscripts is especially important given the rise of configuration managment systems.

  • Uploaded 3.0.0 RC2 to Debian experimental. (37ac55)

  • Re-enabled the testsuite. (7b9ed1)

Categories: LUG Community Blogs

Adam Trickett: Picasa Web: 2015-01-24

Planet HantsLUG - Sun, 25/01/2015 - 00:22
Date: 24 Jan 2015
Number of Photos in Album: 1

View Album

Categories: LUG Community Blogs

Chris Lamb: Slack integration for Django

Planet ALUG - Fri, 23/01/2015 - 23:46

I recently started using the Slack group chat tool in a few teams. Wishing to add some vanity notifications such as sales and user growth milestones from some Django-based projects, I put together an easy-to-use integration between the two called django-slack.

Whilst you can use any generic Python-based method of sending messages to Slack, using a Django-specific integration has some advantages:

  • It can use the Django templating system, rather than constructing messages "by hand" in and which violates abstraction layers and often requires unwieldy and ugly string manipulation routines that would be trivial inside a regular template.
  • It can easily enabled and disabled in certain environments, preventing DRY violations by centralising logic to avoid sending messages in development, staging environments, etc.
  • It can use other Django idioms such as a pluggable backend system for greater control over exactly how messages are transmitted to the Slack API (eg. sent asynchronously using your queuing system, avoiding slowing down clients).

Here is an example of how to send a message from a Django view:

from django_slack import slack_message @login_required def view(request, item_id): item = get_object_or_404(Item, pk=item_id) slack_message('items/viewed.slack', { 'item': item, 'user': request.user, }) return render(request, 'items/view.html', { 'item': item, })

Where items/viewed.slack (in your templates directory) might contain:

{% extends django_slack %} {% block text %} {{ user.get_full_name }} just viewed {{ item.title }} ({{ item.content|urlize }}). {% endblock %}

.slack files are regular Django templates — text is automatically escaped as appropriate and that you can use the regular template filters and tags such as urlize, loops, etc.

By default, django-slack posts to the #general channel, but it can be overridden on a per-message basis by specifying a channel block:

{% block channel %} #mychannel {% endblock %}

You can also set the icon, URL and emoji in a similar fashion. You can set global defaults for all of these attributes to avoid DRY violations within .slack templates as well.

For more information please see the project homepage or read the documentation. Patches and other contributions are welcome via the django-slack GitHub project.

Categories: LUG Community Blogs

MJ Ray: Outsourcing email to Google means SPF allows phishing?

Planet ALUG - Thu, 22/01/2015 - 04:57

I expect this is obvious to many people but bahumbug To Phish, or Not to Phish? just woke me up to the fact that if Google hosts your company email then its Sender Policy Framework might make other Google-sent emails look legitimate for your domain. When combined with the unsupportive support of the big free webmail hosts, is this another black mark against SPF?

Categories: LUG Community Blogs

Chris Lamb: Sprezzatura

Planet ALUG - Wed, 21/01/2015 - 11:31

Wolf Hall on Twitter et al:

He says, "Majesty, we were talking of Castiglione's book. You have found time to read it?"

"Indeed. He extrolls sprezzatura. The art of doing everything gracefully and well, without the appearance of effort. A quality princes should cultivate."

"Yes. But besides sprezzatura one must exhibit at all times a dignified public restraint..."

Categories: LUG Community Blogs

Jonathan McDowell: Moving to Jekyll

Planet ALUG - Wed, 21/01/2015 - 11:00

I’ve been meaning to move away from Movable Type for a while; they no longer provide the “Open Source” variant, I’ve had some issues with the commenting side of things (more the fault of spammers than Movable Type itself) and there are a few minor niggles that I wanted to resolve. Nothing has been particularly pressing me to move and I haven’t been blogging as much so while I’ve been keeping an eye open for a replacement I haven’t exerted a lot of energy into the process. I have a little bit of time at present so I asked around on IRC for suggestions. One was ikiwiki, which I use as part of helping maintain the SPI website (and think is fantastic for that), the other was Jekyll. Both are available as part of Debian Jessie.

Jekyll looked a bit fancier out of the box (I’m no web designer so pre-canned themes help me a lot), so I decided to spend some time investigating it a bit more. I’d found a Movable Type to ikiwiki converter which provided a starting point for exporting from the SQLite3 DB I was using for MT. Most of my posts are in markdown, the rest (mostly from my Blosxom days) are plain HTML, so there wasn’t any need to do any conversion on the actual content. A minor amount of poking convinced Jekyll to use the same URL format (permalink: /:year/:month/:title.html in the _config.yml did what I wanted) and I had to do a few bits of fix up for some images that had been uploaded into MT, but overall fairly simple stuff.

Next I had to think about comments. My initial thought was to just ignore them for the moment; they weren’t really working on the MT install that well so it’s not a huge loss. I then decided I should at least see what the options were. Google+ has the ability to embed in your site, so I had a play with that. It worked well enough but I didn’t really want to force commenters into the Google ecosystem. Next up was Disqus, which I’ve seen used in various places. It seems to allow logins via various 3rd parties, can cope with threading and deals with the despamming. It was easy enough to integrate to play with, and while I was doing so I discovered that it could cope with importing comments. So I tweaked my conversion script to generate a WXR based file of the comments. This then imported easily into Disqus (and also I double checked that the export system worked).

I’m sure the use of a third party to handle comments will put some people off, but given the ability to export I’m confident if I really feel like dealing with despamming comments again at some point I can switch to something locally hosted. I do wish it didn’t require Javascript, but again it’s a trade off I’m willing to make at present.

Anyway. Thanks to Tollef for the pointer (and others who made various suggestions). Hopefully I haven’t broken (or produced a slew of “new” posts for) any of the feed readers pointed at my site (but you should update to use feed.xml rather than any of the others - I may remove them in the future once I see usage has died down).

(On the off chance it’s useful to someone else the conversion script I ended up with is available. There’s a built in Jekyll importer that may be a better move, but I liked ending up with a git repository containing a commit for each post.)

Categories: LUG Community Blogs
Syndicate content