Upgrade to Ruby 2.6 on Linux

February 26, 2019

To be ready for Rails 6 upgrade we needed to install Ruby 2.5 or above, so we went for ruby 2.6.1 Up till now we had been running Rails 5.2.2 on Ruby 2.4.1. So here are the steps we took:- 1) update ruby version in /.ruby-version file 2) Intall Ruby 2.6 $ sudo apt-get update $ rvm get stable --autolibs=enable gpg: Signature made Sun 30 Dec 2018 10:44:46 GMT using RSA key ID 39499BDB gpg: Can't check signature: No public key Warning, RVM 1. ... Read more

Fixing a Memory-bottlenecked Rails App

July 2, 2018

On Jun 29 Nate Berkopec (@nateberkopec) tweeted this: “Observation: when scaling on AWS/AWS-based VPS services, newer, lower-volume Rails applications tend to be memory-bottlenecked, older, high-volume Rails applications tend to be cpu-bottlenecked.” This is really useful to know. We recently saw our tiny new Rails app running on an AWS t2.micro server getting into a “WARN” state after running a sucker punch job. It was using over 90% of its RAM, and stayed that way until we restarted the server. ... Read more

Rails Security

June 6, 2018

Here are two quick wins for security that will help you sleep better at night: If you are running Rails 5.2 or higher, chances are you are already using the new Content-Security-Policy feature for Cross-Site-Scripting (XSS) protection, it just needs configuring. The Rack-attack gem for throttling spammy clients, and preventing brute-force login attacks. Both of these are quick to get started with, but will benefit from monitoring and fine tuning. ... Read more

Minimal Email Receiving

May 1, 2018

How we receive email for our domain using email forwarding on Amazon SES, with minimum effort. Our web-app sends emails no problem, but we also want to receive emails into the same accounts. For example our web-app sends an automatic email from info@mySite.com, but if it receives an email sent to info@mySite.com, we want to handle that too. The simplest way is to implement email forwarding. (The hard way would be to build an email client inside our web-app, then decide how and when to notify whoever needs to handle it). ... Read more

Simple GDPR Compliance

April 4, 2018

How we aim to meet the requirements for GDPR compliance on a website with minimal use of personal data, using minimum effort. *Disclaimer - we are not lawyers, so don’t take any of this as legal advice! What is GDPR?: GDPR is the EU “General Data Protection Regulation”. It is more detailed and specific than the UK Data Protection Act 1998. It will be enforced from 25 May 2018. ... Read more

Rails 5.2: encrypted secrets

March 22, 2018

How we started to use Rails 5.2 Encrypted Secrets for securing Amazon S3 key pairs for use with Active Storage. Here is a useful starting point: Rails Encrypted Credentials on Rails 5.2 Our development and production envionment is Linux, and we precompile our assets before deployment. Part 1: Encrypt your secrets With Rails 5.2 a sort of ‘password safe’ is introduced, whereby you commit your encrypted secret credentials to source control, but not your master password. ... Read more

Rails Active Storage: Uploading files to Amazon S3

March 20, 2018

How we used Rails Active Storage and got it working with Amazon S3. If you are new to Active Storage, here are a couple of useful links: A great video introduction to Active Storage: File uploading with ActiveStorage in Rails 5.2 A useful overview on creating your bucket on Amazon S3: Tutorial: How to use Amazon S3 and CloudFront CDN to serve images fast and cheap For our use case we are uploading PDF documents direct to the cloud. ... Read more

Sending Emails

January 7, 2018

When action mailer fails to deliver to Hotmail/Outlook email accounts… A short note on sending mail from a Rails application ( action_mailer ) to a Microsoft Hotmail account, but the email never arrives in Hotmail/Outlook. After investigation, it looks like Hotmail probably only likes one email address per origin / server IP address. If you send an email from the same server but change the email address, then hotmail will silently block it. ... Read more

Let’s Encrypt automatic SSL certificate renewal on a single AWS instance

August 14, 2017

How we configured Elastic Beanstalk to play nicely with automatic certificate renewal by Let’s Encrypt. Everyone it seems is going with Let’s Encrypt to generate their free SSL/TLS ceritficate. Running it once is easy, but getting it configured to work with Elastic Beanstalk and EC2’s lifecycle can send you round in circles. This post is an update of the original January 2017 post with our improved configuration. The configuration needs to cater for ALL of these scenarios: ... Read more

Hugo website SEO

August 9, 2017

You want to be found on the web. Search Engines want to help… Hugo or your Hugo theme might provide some SEO components out of the box, but consider adding what it doesn’t, then tell google; bing and other search engines about your site. Part 1: Add SEO elements to your website See also about SEO elements -> https://developers.google.com/search/docs/guides 1. Configuration: By default Hugo or your Hugo theme will give you: ... Read more

© 2019 Keith P | Follow on Twitter | Git