As a long term fan and occasional user of the Tor network
I’ve decided to run a Tor middle relay. It’s some kind of a way of payback to Tor community.
Another way how to help Tor network is running exit node or a bridge.
The requirements are: a server running on a relatively secure operating system
(*BSD or GNU/Linux would be my choice. No offense.) and bandwidth at least 20KiB/s up & down.
An installation is quite easy, just install tor package from repositories. Or compile Tor
Now edit your torrc file (located here /etc/tor/torrc or /etc/torrc).
By default Tor is configured as a Exit relay, which can be risky (depending on your country’s law).
If you don’t want to deal with abuse issues (when someone is doing some illegal shit via
your relay) then change your ExitPolicy line; comment out this line:
ExitPolicy reject *:*
Now you’ll be acting as a “middleman”. If you want to run an Exit relay be sure to read
tutorials and many tips about Exit relays.
Next, change speed limit for relay traffic. Change lines RelayBandwidthRate and
RelayBandwidthBurst as you need.
You can choose a name for your relay on a Nickname line.
Finally, open a port (the default 9001 is OK) in your firewall (ORPort line).
Now you can start Tor daemon.
Check out your Tor logs. After a while you’ll can see a line
Now checking whether ORPort <your-ip>:<your-port> is reachable...
and after that (if you configured Tor correctly) will appear:
Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
Programmers use many 3rd party libraries in their projects. Problems may occur
if programmers are developing a project and they don’t have same libraries
or same versions of libraries. Dependency managers solve this problem in an elegant way.
If you don’t know about them, I’m sure you’ll love them.
Introduction to Composer
Composer is a multi-platform and easy to use dependency manager for PHP.
It’s working on Windows, GNU/Linux, BSD, OS X, whatever. You need PHP 5.3.2+.
Installation is pretty easy, here’s the official howto.
First, go to the project’s root directory and define project dependencies in
composer.json file (right, it’s a file written in JSON :) ).
Here’s a real-world example from Gitlist project (licensed under New BSD license):
The file defines which dependencies the project requires (in require object),
dependencies for development environment are listed in require-dev object.
Now we can run composer install. When the task finishes all
dependencies are installed in vendor directory and we can use them in the project.
Same versions everywhere
The installing process created composer.lock file. There’s saved a list of
installed dependencies along with their versions. This is necessary for keeping
same versions of dependencies across all computers where the project has been
deployed. If you’re interested in how the file looks like, check this out.
For example, there are two programmers (Programmer#1 and Programmer#2).
Both of them have installed dependencies from composer.json above. Then,
Programmer#1 wants to upgrade twig from 1.12 to to 1.13 because of new features he desperately needs.
So he updates composer, after that runs composer update so dependencies get updated
and commits changes to VCS
they use (Git, SVN, …). What he actually commits? Only composer.json and composer.lock.
In that files is everything what others may need to keep their systems up-to-date. (Actually, just the lock
file is needed. Programmer#1 knows Programmer#2 will may want to change dependencies in future, so
he commits composer.json.)
Never commit vendor directory.
Next day Programmer#2 pulls changes from VCS and he can see composer files were changed.
So he fires up composer update and after few seconds he has exactly same version of dependencies
as Programmer#1. It was so easy, just one command.
Summary of what we know so far
First, create a composer.json file in the root directory of a project.
Define project dependencies.
Run composer install.
Commit changes to VCS of your choice. Don’t forget you never commit vendor directory.
If you later change dependencies, edit and save the json file, run composer update and commit
json and lock files.
Maybe you’re asking What’s the difference between install and update commands? It’s simple.
The update command uses composer.json file, installs dependencies defined in it
and in the and it creates/rewrites the lock file.
The install command installs dependencies from a lock file. If no lock file exists it
behaves like the update command.
In the second part of this article I’ll explain dependency versioning and reveal how the installed
dependencies are integrated into projects.
This article was also published on my school blog.
Semantic web is getting more and more important. It’s not just another buzzword. Semantic web allows data to be
shared and reused across application, enterprise, and community boundaries . One of benefits is that web pages
with a clear semantic structure are more understandable for search engines.
If a website should be semantic then its source code (HTML) has to be semantic. HTML5 semantic elements
aren’t good enough because they are too general. So let’s extend HTML5. We have a few choices here –
RDFa and some microformats.
One of microformats is Microdata. Microdata is actually a set of HTML
attributes and elements used to describe meaning of web page content.
I’ll illustrate how simply it can be used.
Why I chose Microdata? I think it has simpler syntax than RDFa and because of schema.org (I’ll explain later in the article).
Example of turning non-semantic HTML into semantic HTML
I’ve always wanted a sexy terminal prompt (aka $PS1, dear power users).
Finally I managed to find it. It’s called
powerline-shell. Except nice
look it offers git/svn/hg integration as you can see on the screenshot below.
It’s compatible with Bash, Zsh and Fish shells. Installation instructions are on
the Github project page.
I’m a content Chromium user. One of the most used functions I use every day is
searching from address bar (aka omnibox). You know, start writing site’s name,
press tab and type search query. How to make this working on your site? Just two things.
So, we have secure remote incremental backup solution
here. What about data
saved on our backup media (server)? I use dm-crypt – the standard device-mapper
encryption functionality provided by the Linux kernel. I’ve encrypted my backup
partition with an image from my gallery located on my work machine
(passphrases could be weak). Learn more about encrypting partitions with a key
What I need to do before every backup process is to open the encrypted
partition. Obviously, after the backup process I close it.
Create encrypted partition
First modprobe kernel module: modprobe dm_mod.
We need to create encrypted partition for our sensitive data. Assuming we
already have a spare partition you can simply run the command:
copy the secret key file to user’s home directory. I prefer well-known images
which you can find easily on the Internet. If you lose your key file, you
won’t be able to decrypt your encrypted partition.
run script over SSH (using an pubkey for verification)
assuming the remote user is properly configured in sudoers file to run
cryptsetup; open an encrypted device
/dev/<path-to-encrypted-partition> (for example /dev/sda9) and call it
for example “no_more_secrets” (name-of-open-partition). Use copied keyfile as a key.
right after opening the encrypted device be sure
to remove the secret keyfile (shred command).
if opening the partition for the first time, you need to format it. Of course, you can choose
mount “no_more_secrets” device. This step require adding a similar line to
/dev/mapper/<name-of-open-partition> /mnt/somewhere ext4 rw,relatime,data=ordered,barrier=0,user,exec,suid,dev,noauto 0 0
All right, now we can access the encrypted partition, read & write data,
To sum up, there are two different paths to the encrypted devices. First, e.g.
/dev/sda9 (path-to-encrypted-partition) is used only for “luksOpen” operation.
Opened device is located in /dev/mapper/ directory. This path is in the
script above used for mount, umount and mkfs.
Connect to Jabber. With XMPP4R, a library for
Ruby, it is possible, but not as easy as you could think.
One could ask “Why don’t you use
xmpp4r-simple?”. My answer: “I’m not a
There are many little bastards you should know before fetching client’s
roster with contacts’ vcard (nickname, full name, avatar, …), status (online,
away, …) or status message. This is how I do this task. It works flawlessly.
This is simplified code I use in my chat application. Reading comments might be
# Enable to see requests and responses between your machine and your jabber # server (easy to read XML). Recommended.Jabber::debug=true# first, sign in to your jabber account with your Jabber ID and passwordclient=Jabber::Client.new("email@example.com")client.connect()client.auth("my password")# now we are authenticated, let's fetch roster with all information we want# initialize rosterroster=Jabber::Roster::Helper.new(client)# request roster from jabber server, wait for responseroster.get_roster()roster.wait_for_roster()# now we know your friends' Jabber Idsroster.items.eachdo|jid,contact|puts"In roster I have: "+jidend# we don't know their status and status message, let's do it# First, add presence callback. If anyone in roster change his/her state # (e.g. come online), you will know it.roster.add_presence_callbackdo|roster_item,old_presence,new_presence|puts"Somebody changed his/her state to "+new_presence.status.to_s# new_presence also offers status message and other stuffend# To start receiving presence messages from your jabber server, you have to # send your presence first. It's really important to send your presence # AFTER roster.add_presence_callback, because the callback will not catch # every presence message which your jabber server sent to you.client.send(Jabber::Presence.new.set_type(:available))# Now you know who is online in your roster. If somebody from your # roster won't be caught in roster.add_presence_callback block, then # it just means he/she is offline.# get vcardroster.items.eachdo|jid,contact|# According to documentation, fetching vcard can take longer time.# Use threads if you think it is a good idea.Thread.newdovcard=Jabber::Vcard::Helper.get(client,jid)nickname=vcard&&vcard["FN"]||''#get avatar or other information hereendend
What I’ve learned from using XMPP4R library in my project – callbacks are good
thing and use them.
The default Rails logger is really messy. Write somewhere logger.debug
some_object.inspect and then for an hour search where the goddamn message is
in a log file. Fortunately we can format and colorize logger output.
Create config/initializers/log_formatting.rb file and paste this code: