Rails autoload and eager load paths

Jan 28, 2015 2 min.

How rails finds and loads classes when using autoload_paths and eager_load_paths can be pretty confusing. This post is the best that I’ve read on the topic, but there are a few things that I think are worth explaining more. autoload_paths This helps rails locate where an unknown constant is defined. So if it encounters the constant Foo::Bar::Baz, it knows to look for it in foo/bar/baz.rb That is why you only need to add lib/, instead of lib/**/*, to the paths.

Keeping my brews up-to-date

Jan 19, 2015 1 min.

Here’s how I ensure my homebrew packages are the latest and greatest! First I setup a crontab for my user: ~ $ crontab -e I then add this line to update the brew database every hour: 0 * * * * /usr/local/bin/brew update > /dev/null 2>&1 and add the following line to my .bash_profile to display outdated packages when I open a new terminal: brew outdated Boom. Now I’ll know to brew upgrade whenever a new hotness is released.

Organizing My Day

Jan 18, 2015 2 min.

I started a new job in August and am using the following method to get things done. Each day I create a new text file on my computer with the following template: 1 Jan 2014 ========== Goals ----- * None Completed Tasks --------------- * None Todo ---- * None Websites -------- * None Every morning I copy yesterday’s todo items to today’s goals. Throughout the day I update the completed section and add tasks to the todo section.

Securing ruby SSL connections

Nov 18, 2014 1 min.

By default, ruby uses OpenSSL settings that leave you open to insecure cipher combinations when making HTTPS requests. I wrote the following gist to document my attempt to secure HTTP requests from a rails application following the poodle vulnerability.

nginx self signed cert

Oct 5, 2014 1 min.

Create your self-signed certificate: openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3650 -nodes Configure your nginx: server { listen 443 ssl; listen [::]:443 ssl ipv6only=on; # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits ssl_dhparam /etc/nginx/ssl/dhparam.pem; # enables server-side protection from BEAST attacks # http://blog.ivanristic.com/2013/09/is-beast-still-a-threat.html ssl_prefer_server_ciphers on; # disable SSLv3(enabled by default since nginx 0.8.19) since it's less secure then TLS http://en.wikipedia.org/wiki/Secure_Sockets_Layer#SSL_3.0 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # ciphers chosen for forward secrecy and compatibility # http://blog.

Heartbleeding an OpenVPN server

Apr 21, 2014 2 min.

Everyone has been atwitter lately over the heartbleed bug which motivated me to look into what lesser known implementations of OpenSSL might be vulnerable. My ddwrt home router seemed like a good choice because releasing and installing updates isn’t as ubiquitous for firmware as it is for desktop software. I started by looking into the HTTP admin interface. httpd I identified the web server by browsing the source code and found that SSL was most likely performed by MatrixSSL.