cfWheels Plugin Survey

Use cfWheels? Help us get an idea of what plugins you guys use, and which you think might qualify for some core team support! The survey will only take a minute – please do fill it in if you use any plugins in cfWheels..

https://www.surveymonkey.com/s/9P7PJCV

Setting up HTTPS on Elastic Beanstalk

Edit: AWS now have a certificate service which may be more useful to you, depending on your setup.

The fundamental difference in setting up https on Elastic Beanstalk is that your certificate is installed on the load balancer/environment itself, *not* the individual instances. This actually makes life a lot easier: you don’t need to worry about doing anything to the instances themselves as the SSL terminates at the load balancer. This assumes you’re using multiple availability zones, not a single zoned instance.

Also, remember this won’t ever work on myenvironment.beanstalk.com, only on a CNAME entry for yourdomain.com which you’ve aliased to the beanstalk environment URL, as obviously, AWS don’t hand out certs for beanstalk.com 🙂

Step 1:
Get your certificates and ensure they’re in the right format.

I used sslmate.com, which I found very easy to use for a simple DV (Domain validated) certificate – you don’t actually need *more* than DV unless you want to do things like have “yourcompany” in the URL bar alongside the padlock sign. Wildcards are only really cost effective if you want more than 8-9 subdomains certified.

So once sslmate is installed locally, do:

$ sslmate buy www.example.com

and follow the prompts. Note, I didn’t add any of the ‘optional’ fields as I remember that can cause problems (unfortunately I can’t remember exactly *where* I read that).

Once you’ve successfully made the purchase, you should now have a bunch of files in the directory you ran the command. The good part is these certificates are in the correct format, and also are signed. The PEM format (as opposed to DER) is actually not necessarily to do with the file extension: i.e, .crt can be in PEM format, so don’t feel you need to convert these certificates just because they haven’t got a .pem extension. I only mention formats as this is the ‘other’ format which AWS uses for S3 key pair URL signing, so if you’re only exposure to that sort of thing is S3, this is the other one.

You should have:

mydomain.com.key
mydomain.com.crt
mydomain.com.chain.crt
mydomain.com.chained.crt

Step 2:

Make sure you’ve got AWS command line tools installed. This isn’t the Elastic Beanstalk CLI tools – this is in addition to those. You can get them here: http://aws.amazon.com/cli/ – although as I had pip installed from installed the EB CLI, I just did

$ pip install awscli

After which, setup using:

$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-1
Default output format [None]: json

Step 3:

Time to upload our certs to a AWS IAM profile:

$ aws iam upload-server-certificate --server-certificate-name certificate_object_name --certificate-body file://public_key_certificate_file --private-key file://privatekey.pem --certificate-chain file://certificate_chain_file

So this should equate to something like:

$ aws iam upload-server-certificate --server-certificate-name myDomainSSL --certificate-body file://mydomain.com.crt --private-key file://mydomain.com.key --certificate-chain file://mydomain.com.chain.crt

The Chain file is important for browser acceptance.

If successful, you should get something like:

arn:aws:iam::123456789012:server-certificate/cert

returned at the prompt.

Step 4:

Attach cert to the load balancer:

Login to the web GUI at aws.amazon.com, select Elastic Beanstalk and click on the configuration section for the environment you want to apply the certificate to. Under Network Tier > Load Balancing, click on the cog to configure.

You should be able to see “myDomainSSL” as a dropdown under SSL Certificate ID – if you don’t, the certificate isn’t in IAM or something so you need to go back a few steps and check.

So at this point, you need to do something like:

Listener Port: 80
Protocol: HTTP
Secure Listener Port: 443
Protocol: HTTPS

and ensure your certificate is selected.

Saving will restart your instance, and all going well, https://www.mydomain.com should work. Except if you’re using VPC, you need to do one last step, which is open up 443 on the security group; (Go to EC -> Security Groups, select Load Balancer Security Group, add an inbound rule for HTTPS/TCP/443 on 0.0.0.0/0)

Step 5:

Read something like This for some nice pointers/reminders about running an app over https.

Upgrading JRE for Railo on Centos

This is really a set of notes for me so I don’t forget all this in the future, but hopefully might help others.

If you look at the Railo wiki on github about this, it gives you great instructions about 6, but I found my experience slightly different for 7.

These are the steps to install JRE from Oracle on Centos 64bit; (for the purposes of this post, this is Version 7u25)

  1. Go to http://www.oracle.com/technetwork/java/javase/downloads/index.html
  2. Look for the JRE Download Link
  3. Save the jre-7u25-linux-x64.rpm to your local machine
  4. Upload it to your root or home folder on the server
  5. Assuming you’re logged in via SSH, run:
    rpm -i jre-7u25-linux-x64.rpm
  6. Shut down railo:
    /opt/railo/railo_ctl stop
  7. Backup / rename the old JRE:
    cp -R /opt/railo/jdk/ /opt/railo/jdk.bak 
    rm -f /opt/railo/jdk 
  8. Find the newly installed .rpm  – hint, probably:
    /usr/java/jre-7u25/
  9. Rename to:
    /usr/java/jdk
  10. Now, you can symlink this version to the Railo install:
    ln -s /usr/java /opt/railo/jdk
  11. Restart Railo:
    /opt/railo/railo_ctl start
  12. Login to Railo Server Admin and double check the JRE version running on the front page.
  13. Beer.

Thanks to  Scott at Viviotech for the hint about the .rpm and symlinking!

VPS Hosting revisited

So two years ago I started up a linode – yep, I’m still with them for my LAMP stack stuff. I really have no complaints, whatsoever. Since being with them they’ve bumped up my storage to 48GB from 40GB (for free), I’ve had one network problem (which affected everyone in my datacentre) about 18 months ago, but apart from that – nada. zip. Not had to contact support, performance from the VPS itself has been excellent. Awesome.

So now it’s time for me to re-evaluate my other box which is running Railo (and everything else under the sun). This one, running Centos5 is feeling fairly long in the tooth. One of the reasons I’m looking round for a new VPS provider for Railo is that for some reason, Railo has decided to start being slow – like, instead of the usual 500ms response time average, that average has slipped to 2-3 seconds. However, as a) it’s an unmanaged VPS and b) even if I contacted my VPS support they wouldn’t really have a clue about JVM tuning, I’m a little out of luck, bar reinstalling Railo/Java and hoping for the best.

As hosting Java is a smidge more complex than your average PHP hosting, (well, different anyway) ‘Googling’ it doesn’t alway help much.

So, I’ve decided to try Viviotech. Several things have lead me here: 1) very, very good reports from the CF community generally 2) my pre-sales questions were answered so stupidly comprehensively by Jordan Michaels, including appropriate linux distros and future plans for load balancing 3) the price is about right – not worryingly cheap, but not stupidly expensive either and 4) Jordan actually wrote the Railo installer, plus he’s actually answered my questions in the past on the Railo Google Group, which gives me some faith in the support structure.

I ordered it at 9am UK time: within 10 minutes I got a call from Viviotech (from the US, to my UK mobile!) checking/confirming the order. It must have been 1am their time (!). Once all confirmed, off they went. It did take them a day to setup, but I wasn’t in much of a rush, so no problem there. Once all the details arrived, it was just a matter of logging in.

Some nice things they do out the box – move SSH to a non-standard port, add an anti-brute force hack script, setup backups, configure some basic firewall stuff and install vsftp (which personally I don’t use, as sftp should be a minimum). I  asked for Railo to be installed as I was feeling lazy: the only thing which caught me by surprise was Railo running as root – on querying this, they do it for usability, and pointed me to a simple script to change the user Railo runs as. All the Tomcat/Apache connectors were setup and working too.

So so far all very good – there’s something nice in not being *completely* on your own like with fully unmanaged solutions such as Linode. The only thing I miss is those lovely graphs you get in the Linode dashboard (oh and that iPhone app which is amazing) – still I guess there’s always Munin.

You can find out more about Viviotech here

Railo and Amazon S3

I don’t usually get the time to play around with Amazon’s cloud offerings, but I’ve started a project recently which has a need for CloudFront, Amazon’s Flash Media Server streaming solution.

I remembered that Railo 3.x and upwards has S3 support (which CloudFront uses as it’s storage) – I wasn’t really prepared for quite *how* easy this was to implement. As a test, all I wanted to do was build a list of files on a S3 bucket, and then construct some URLs for an MP3 playlist in flowplayer.

Firstly, you need to get your Amazon access keys (which I’ll assume you know how to do) via the AWS console.

Next, add this to your onApplicationStart() method (or on cfWheels, your events/onApplicationStart.cfm):

<cfscript>
application.s3.accessKeyId = "MYACCESSKEY";
application.s3.awsSecretKey = "MYSECRETKEY";
application.s3.host="s3.amazonaws.com";
</cfscript>

To get all the files in my S3 bucket, I can then simply do this:

<cfscript>
S3Key=application.s3.accessKeyID;
S3Sec=application.s3.awsSecretKey;
</cfscript>

<cfdirectory action="list"
directory="s3://#S3Key#:#S3Sec#@s3.amazonaws.com/BUCKETNAME/FOLDERNAME" name="s3Directory"
recurse="yes" type="file">

Then, for flowplayer, I needed that data to be looped out into a JS friendly format for the playlist (RTMP streaming uses the mp3: prefix, and I also need to strip out the secret/access key from the returned directory path)

<cfloop query="s3Directory">
<cfoutput>
{url: "mp3:#replace(directory, "s3://#S3Key#:#S3Sec#@/BUCKETNAME/", "", "all")#/#replace(name, '.mp3', '', 'all')#"}<cfif s3Directory.recordcount NEQ currentrow>,</cfif>
</cfoutput>
</cfloop>
</cfsavecontent>

Then in my flowplayer config, I can just add:

playlist: [#playlist#]

… as an option.

Nice and simple, and made v easy by Railo – thanks guys!

Railo 3 Beginners Guide Review

The Railo 3 Beginner’s Guide is a book released late last year which I’ve just managed to get my hands on thanks to Packt publishing. The core authors include some Railo team members – Mark Drew, Gert Franz and ardent Railo community members Paul Klinkenberg & Jordan Michaels – so there’s no better source here – straight from the horse’s mouth!

Whilst this one is a ‘beginner’s’ guide, it does cover a fairly wide range of topics for developers – they are unarguably ‘Railo-centric’ – but that’s sort of the point.

Chapter 1: Introducing Railo Server
Chapter 2: Installing Railo Server
Chapter 3: CFML Language
Chapter 4: Railo Server Administration
Chapter 5: Developing Applications with Railo Server
Chapter 6: Advanced CFML Functionality
Chapter 7: Multimedia and AJAX
Chapter 8: Resources and Mappings
Chapter 9: Extending Railo Server
Chapter 10: Creating a Video-sharing Application

Generally speaking, I find that books like this have a challenging scope: do you try and fit in everything you know for CFML development? Where do you start/stop? It’s a tricky balance – I found that there were some quite big leaps from absolute basics, like looping & outputting, through to storing information in the ram cache, using ORM and Amazon S3. Don’t get me wrong, these topics are important, but a fair leap away if you’re assuming the user can’t output a loop.

All that said, the examples given are clear and well explained, and certainly give a taste of a Railo outlook on CFML development. Hopefully there will be an advanced series too, which delves down into JVM tuning and garbage collection in details amongst other things.

As far a Railo resource, it’s undoubtedly useful – in fact I would say it’s ideal with a CF developer with ‘some’ experience, who wishes to use Railo-tastic features, and is moving from ACF. However, it’s not something I’d recommend to those who are picking up CF for the first time, as you just can’t fit the entire CFML programming fundamentals into a single book – in my opinion anyway!

Discovering CFWheels

I’ve spent the past week or so with my head down, coding, and completely loving it.

CFWheels is a CFML framework based on Ruby on Rails – at least it shares a lot of the same concepts from what I can tell. My previous experience with frameworks hasn’t been too great. I got put off the ‘big player’ names like Model Glue, Fusebox et al, as when I investigated them (admittedly a few of years ago) I got instantly put off by XML configuration, and quite frankly, some concepts I just couldn’t grasp at the time. Also, loading 100’s of templates for the apps I was writing at the time was just unnecessary.

Maybe the timing’s good, but I’ve been blown away by CFWheels.

My own coding style has changed a lot in the last 12 – 36 months, and I was getting to the point where I was writing lots of custom code to do certain things – a good example would be URL rewriting – each application I’d write would have similar, if not the same requirements. I’m a big fan of logical and symantically meaningful URL paths, and where I can, I’ve been trying to gradually make all my apps follow some sort of pattern. Once you find something which works, you basically cut and paste it into every new app you make, and each application might it’s own quirks, meaning you have multiple, similar versions of the same block of code.

Basic CRUD operations too – it’s incredible how much code I’ve written over the years which is based around what I’d call a ‘CRUD switch’ – i.e  a cfswitch block with cases of ‘view,add,edit,delete’. Almost without realising it , I’d been gradually moving towards the MVC pattern of coding, it just made sense.

Enter CFWheels: I downloaded it, and started playing. Within about 2-3 hours, I’d mastered enough of the basics to port an existing (simple) site over. I even got to the point where I was using an internal Wheels function, and just *guessed* what the arguments should have been; low and behold, it worked. When you find a framework which actually ‘thinks’ like you do, it’s a pretty great feeling.

My particular highlights thus far:

  • Basic jawdropping when I realised the power of the internal ORM engine.
  • ‘Routes’ – very, very useful.
  • The separate configuration setting options for development/design/production etc
  • Caching is, well, just painless.
  • HasMany() – running out of superlatives, but to be able to say, ‘Departments hasMany People’ and then in the People model, ‘People BelongsTo Departments’, and then refer directly to the relationship without a line of SQL? cool.
  • The Form Helpers save a lot of code.
  • The CFWheels Google group guys have been really helpful, and the documentation is excellent.
  • The Global Helpers bit is very useful, previously, you’d have to cache all your Utility functions in a CFC and chuck it in the Application scope – now you just add it to one place to make it available to all your views.
  • All the internal Wheels functions – when I’d hit a point where I thought ‘there should be a function for this’, there was.
  • It’s fast. Especially on Railo (disclaimer: it just ‘feels’ fast! And no, i’ve not tried it on CF9, and no, I’ve got no figures to back this one up)

Naturally, some low points too:

  • Note to self: don’t casually, or accidently dump extremely large objects on a production server. It appears to eat up RAM very quickly.
  • Associations – amazing concept, but out of everything, took me the longest time to get my head around; then I found ‘shortcuts’ and it all made sense.
  • I did get initially confused when something which I expected to be a query turned out to be an object..(then I found you can override that behaviour!)
  • The routes system could really do with a better ‘catchall’ system – it works, but I don’t want to have to specify all my controllers routes: I want Wheels to introspect them and work it out 🙂 (I’m aware there is talk going on re: this issue)
  • I still want to see some more example applications of best practice / example apps generally.
  • It took me a while to be comfortable with *NOT* scoping everything 🙂

All in all, I’m really enjoying this one, and it’s made me reconsider my previously (slight naïve) position on frameworks.

Well worth a couple of hours of your life to try.

http://cfwheels.org/

Now Fully on Railo!

Well, I’ve finally moved everything over to my Railo  VPS, including this blog & website, and all the various sites I host. It’s been surprisingly easy – the biggest challenge has been getting the necessary Linux admin skills, and the initial install of Railo/Tomcat.

Things I’m loving about the move so far:

  • Being on Apache / Centos – if nothing else, this has made the whole enterprise worthwhile; my previous hosting, as good as it was, was simply far too limited in terms of space, bandwidth, and most importantly flexibility. Apache give me .htaccess & virtual hosting, whereas before, I was using ISAPI rewrite, which just doesn’t compare (at least in it’s v2, v3 is substantially better). Disk space and bandwidth on Windows servers is just more expensive per MB, most likely due to licensing costs.
  • Railo – the access to a server / web admin combo is a massive step up from standard CF shared hosting: the ability to have shared mappings (think frameworks, shared customtags, shared error handling, shared CFCs) alone has saved me hours of work
  • Slight ‘smug factor’ of running completely free open source software (and submitting bugs to the Railo queue!).

I’ve also moved this blog over Mango Blog from BlogCFC (sorry Ray!), for a couple of reasons:

  • the lack of an update feature in BlogCFC was killing me – having to redo all the theming every time there was an update was just the straw that broke the camel’s back;
  • themeing in Mango Blog is insanely simple, so simple, the theme I’m using here I decided to release to the wider Mango Blog community (it’s available in the Mango Blog admin as ‘OxAlto Capita’)
  • for speed, I really do like having a Rich Text Editor.

The less good:

  • Well, everyone hits a linux permissions issue at least once, don’t they?
  • Managing to delete the root account on my MySQL install – that was less than clever. At least now I know how to boot mySQL in safe mode and fix it.
  • trying to persuade ntp to use a certain UK server pool

OxAlto Capita – A Free Theme for Mango Blog

As I’ve been exploring some more CF open source apps, I’ve come across Mango Blog which I’m really beginning to like.

So, as an attempt to get to the know the bits under the hood, I’ve written a theme which I’ve decided to release under Creative Commons – so that’s free to use for all you Mango Blog users.

It’s based on the Blueprint CSS framework, so hopefully you should be able to take advantage on the various layout schemes incorporated into that.

The banner image remains property of The Hinksey Studio, but has been released for use in this theme.

Edit: This is now available directly via the Mango Blog Admin interface – Thanks Laura!

Railo / Apache / Tomcat / Mura CMS/ SES URL Gotcha

Another catchy title 🙂

I’ve been trying for a day or two to get SES Urls working on Tomcat/Railo/Apache/Mura;

Specifically, I’m thinking of the /index.cfm/something/ style syntax. Having installed Mura, I couldn’t get any of the actual pages past the front page to work. I got an Apache 404 error.

Sean Corfield’s Blog gave me a good starting point.

As I’d installed Railo via the Beta install script, my config was a little different to some which is what gave me the headache.

Firstly, I had to get Tomcat to receive the requests, as Apache was serving me the 404s;

In my Apache httpd.conf file, I had the following at the bottom:

JkMount /*.cfm ajp13
JkMount /*.cfc ajp13
JkMount /*.do ajp13
JkMount /*.jsp ajp13
JkMount /*.cfchart ajp13
JkMountCopy all
JkLogFile /var/log/httpd/mod_jk.log

Note, the *.cfm entry – this needs changing to:

JkMount /*.cfm* ajp13

This means apache matched the correct syntax to pass the request to Tomcat.

So at that point, I was getting 404’s served by Tomcat rather than Apache; at least they were getting to the correct place.

For me, my Tomcat install lives in /opt/railo/tomcat/, so I found the web.xml file in /opt/railo/tomcat/conf/ and changed added a servlet mapping:

CFMLServlet /index.cfm/*

And then tried again with Mura. No joy – still 404’s in Tomcat; Having re-read Sean’s entry, it turns out you have to specify if you want the pattern to match a directory;

So the servlet mapping I’d put up would match /index.cfm/*, but not, as Mura users know, the default Mura behaviour of /default/index.cfm/*

Changing to:

CFMLServlet /default/index.cfm/*

Sorts it.

I know there’s a jar file supplied by Mura to fix this – but with my seemingly different Tomcat config, I could work out how to get it working properly.

Next stage is going to have to be to get the URL rewriting working to get proper URLs like /about-us/, rather than /default/index.cfm/about-us/.