Weekly notes 7

Easter and couple of days of free time is good for taking a break from the routines or finally have some time to develop your personal pet projects. At least my Highkara news reader for iOS needs some UI tests for screenshots and maybe I get to finish my imgur app for tvOS. But before that here’s the weekly notes.

This week we get overview to OWASP projects, see how Stack Overflow is built, learn to design for the Apple TV and get to run WebLogic on Docker container. Finally we discover how Spotify Discover Weekly playlists work.

Issue 7, 2016-03-24


Quick developer’s guide to OWASP projects
Interesting poster-type developer’s guide to OWASP projects. Learn how to secure your web apps against common web vulnerabilities.

How it’s built

Stack Overflow: The Architecture – 2016 Edition
If you’re wondering how’s Stack Overflow built and what’s the load check this article. Interesting. Running on Windows using IIS, ASP.Net, .Net, SQL Server and supported by CentOS and Redis, Elasticsearch.

Why I Left Gulp and Grunt for npm Scripts
Cory House explains how Gulp and Grunt are unnecessary abstractions, whereas npm scripts are plenty powerful and often easier to live with. It’s easier to debug as there’s no extra layer of abstraction, there’s no dependence on plugin authors to update, original tool is better and clearer documented. (from Web Design Weekly #219)

iOS and tvOS development

An in-app debugging and exploration tool for iOS
Excellent tool for iOS developer which helps you for example to simulate 3D Touch in the Simulator. Also in Xcode 7.3 you can now simulate 3D Touch without external tools if your trackpad has Force Touch.

Designing for the Apple TV
Michael Flarup writes some tips for getting design right when working with the Apple TV. He covers all of the basics but also some interesting points like making sure you meet the expectations of a TV based platform in terms of displaying and taking advantage of video based content. (from iOS dev Weekly #239)

This is pttrns for tvOS. Not a huge amount of data in yet but what’s there is worth a look. (from iOS dev Weekly #240)

Enterprise Java

WebLogic on Docker Containers Series: Part 1, Part 2 and Part 3
If you are using WebLogic as your application server, you should have a look at Bruno Borges series about running WebLogic on Docker. First post gets you started and shows how to create a basic Docker image with WebLogic and one with a configured WebLogic domain. The second post takes a more detailed look at the creation of the images, and the third one focusses on the domain configuration. (from Java Weekly 8/16)

Something different

I Documented Two Years of Travel By Painting In My Moleskine Notebook
Lovely hand-crafted art collection created by a traveler during her visits to different places around the world. An alternative to taking thousands of photos that no one will look at afterwards anyway and a beautiful, more emotional representation of lovely places. (from WDRL 126)

How Spotify Discover Weekly playlists work? and Recommending music on Spotify with deep learning
If you’re wondering how Spotify finds the tracks to your Discover Weekly list, read these two articles.

Container orchestration with CoreOS at Devops Finland meetup

Development and Operations, DevOps, is one of the important things when going beyond agile. It’s boosting the agile way of working and can be seen as an incremental way to improve our development practices. And what couldn’t be a good place to improve than learning at meetups how others are doing things. This time DevOps Finland meetup was about container orchestration with CoreOS and it was held at Oppex’s lounge in central Helsinki. The talks gave a nice dive into CoreOS, covering both beginner and seasoned expert points of view. Here’s my short notes about the presentations.

CoreOS intro for beginners, by beginners

The first talk was practically an interactive Core OS tutorial by Antti Vähäkotamäki and Frans Ojala. Their 99 slides showed how to get started with CoreOS on Vagrant step by step and what difficulties they experienced. Nothing special.

CoreOS in production, lessons learned

The more interesting talk about CoreOS was “CoreOS in production, lessons learned” by Vlad Bondarenko from Oppex where he told about their software stack and how they’re running it. In short, they’re running on baremetal with CoreOS Nginx for reverse proxy, Node.js for UI and API and RethinkDB and SolrCloud clusters. Deployment is made with Ansible and makefiles and Ship.it is used for Node.js. Service discovery is DNS based with docker-etcd-registrator component and they’ve also written their own DNS server. For Node.js config management with etcd they’ve made etcd-simple-config component. With Docker they use standard images with volumes and inject own data to the container.

CoreOS seemed to work quite well for them with easy cluster management, running multiple versions of 3rd party and own software and having zero downtime updates or rollbacks. But there were some cons also like maturity (bugs) and scripting systemd.

Kontena, CoreOS war stories

The last talk was about CoreOS war stories in Kontena by Jari Kolehmainen. The slides tell the story of how they use CoreOS on Kontena and what are the pain points. In story short it comes to configuration management and issues related to etcd.

For bootstrapping they use CloudInit which is de-facto way to initialize cloud instances and Integrated to CoreOS. The hard parts with etcd are discovery, security (tls certificates), using central services vs. workers and maintenance (you don’t do it). Now they run etcd inside a container, bind it only to localhost and overlay network (Weave Net) and master coordinates etcd discovery. With automatic updates they use the best-effort strategy: If etcd is running, locksmith coordinates the reboots; Otherwise just reboot when update is available.

Presentation’s summary was that the “OS” part is currently best option for containers and etcd is a must, but a little hard to handle. For the orchestrator they suggest that pick one which hides all the complexities. And automate all the things.

Problems with installing Oracle DB 12c EE, ORA-12547: TNS: lost contact

For development purposes I wanted to install Oracle Database 12c Enterprise Edition to Vagrant box so that I could play with it. It should’ve gone quite straight forwardly but in my case things got complicated although I had Oracle Linux and the pre-requirements fulfilled. Everything went fine until it was time to run the DBCA and create the database.

The DBCA gave “ORA-12547: TNS: lost contact” error which is quite common. Google gave me couple of resources to debug the issue. Oracle DBA Blog explained common issues which cause ORA-12547 and solutions to fix it.

One of the suggested solutions was to check to ensure that the following two files are not 0 bytes:

ls -lt $ORACLE_HOME/bin/oracle
ls -lt $ORACLE_HOME/rdbms/lib/config.o

And true, my oracle binary was 0 bytes

-rwsr-s--x 1 oracle oinstall 0 Jul  7  2014 /u01/app/oracle/product/12.1.0/dbhome_1/bin/oracle

To fix the binary you need to relink it and to do that rename the following file:

$ cd $ORACLE_HOME/rdbms/lib
$ mv config.o config.o.bad

Then, shutdown the database and listener and then “relink all”

$ relink all

If just things were that easy. Unfortunately relinking ended on error:

[oracle@oradb12c lib]$ relink all
/u01/app/oracle/product/12.1.0/dbhome_1/bin/relink: line 168: 13794 Segmentation fault      $ORACLE_HOME/perl/bin/perl $ORACLE_HOME/install/modmakedeps.pl $ORACLE_HOME $ORACLE_HOME/inventory/make/makeorder.xml > $CURR_MAKEORDER
writing relink log to: /u01/app/oracle/product/12.1.0/dbhome_1/install/relink.log

After googling some more I found similar problem and solution: Relink the executables by running make install.

cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk install
cd $ORACLE_HOME/network/lib
make -f ins_net_server.mk install
If needed you can also relink other executables:
<pre lang="shell">
make -kf ins_sqlplus.mk install (in $ORACLE_HOME/sqlplus/lib)
make -kf ins_reports60w.mk install (on CCMgr server)
make -kf ins_forms60w.install (on Forms/Web server)

But of course it didn’t work out of the box and failed to error:

/bin/ld: cannot find -ljavavm12
collect2: error: ld returned 1 exit status
make: *** [/u01/app/oracle/product/12.1.0/dbhome_1/rdbms/lib/oracle] Error 1

The solution is to copy the libjavavm12.a to under $ORACLE_HOME lib as explained:

cp $ORACLE_HOME/javavm/jdk/jdk6/lib/libjavavm12.a $ORACLE_HOME/lib/

Run the make install commands from above again and you should’ve working oracle binary:

-rwsr-s--x 1 oracle oinstall 323649826 Feb 17 16:27 /u01/app/oracle/product/12.1.0/dbhome_1/bin/oracle

After this I ran the relink again which worked and also the install of the database worked fine.

relink all

Start the listener:

lsnrctl start LISTENER

Create the database:

dbca -silent -responseFile $ORACLE_BASE/installation/dbca.rsp

The problems I encountered while installing Oracle Database 12c Enterprise Edition to Oracle Linux 7 although in Vagrant and with Ansible were surprising as you would think that on certified platform it should just work. If I would’ve been using CentOS or Ubuntu it would’ve been totally different issue.

You can see the Ansible tasks I did to get Oracle DB 12c EE installed on Oracle Linux 7 in my vagrant-experiments GitHub repo.

Oracle DB 12c EE Ansible Tasks
Oracle DB 12c EE Ansible Tasks

Using Let’s Encrypt SSL certificates on Centos 6

Let's Encrypt all the things

Let’s Encrypt is now in public beta, meaning, you can get valid, trusted SSL certificates for your domains for free. Free SSL certificates for everyone! As Let’s Encrypt is relatively easy to setup, there’s now no reason not to use HTTPS for your sites. The needed steps are described in the documentation and here’s short guide how to setup Let’s Encrypt in CentOS 6.x and automate the SSL certificate renewal.

Let’s Encrypt installation

The Let’s Encrypt Client is a fully-featured, extensible client for the Let’s Encrypt CA that can automate the tasks of obtaining certificates and configuring web servers to use them. The installation is simple but in my case on CentOS 6.x I first needed to update to Python 2.7 as Let’s Encrypt supports Python 2.7+ only.

Installing Python 2.7 in Centos 6.x

# Install Epel Repository
yum install epel-release
# Install IUS Repository
rpm -ivh https://rhel6.iuscommunity.org/ius-release.rpm
# Install Python 2.7 and Git
yum --enablerepo=ius install python27 python27-devel python27-pip python27-setuptools python27-virtualenv -y

Setting up Lets encrypt

Install Git if you don’t have it yet.

yum install git

If letsencrypt is packaged for your operating system, you can install it from there, and the other solution is to use the letsencrypt-auto wrapper script, which obtains some dependencies from your operating system and puts others in a python virtual environment:

# Get letsencrypt
git clone https://github.com/letsencrypt/letsencrypt
# See help
./letsencrypt/letsencrypt-auto --help

Running the client

You can either just run letsencrypt-auto or letsencrypt, and the client will guide you through the process of obtaining and installing certs interactively or you you can tell it exactly what you want it to do from the command line.

For example obtain a cert for your domain using the Apache plugin to both obtain and install the certs, you could do this:

./letsencrypt-auto --apache -d thing.com -d www.thing.com -d otherthing.net

(The first time you run the command, it will make an account, and ask for an email and agreement to the Let’s Encrypt Subscriber Agreement; you can automate those with –email and –agree-tos)

Although you can use the Apache plugin to obtain and install the certs it didn’t work for me. I got an error: “The apache plugin is not working; there may be problems with your existing configuration.” This seems to be an issue with Apache 2.2 and until it’s fixed you can use the webroot authentication method as explained in documentation.

./letsencrypt-auto certonly --webroot -w /var/www/example/ -d example.com

The webroot plugin works by creating a temporary file for each of your requested domains in ${webroot-path}/.well-known/acme-challenge. Then the Let’s Encrypt validation server makes HTTP requests to validate that the DNS for each requested domain resolves to the server running letsencrypt. Note that to use the webroot plugin, your server must be configured to serve files from hidden directories.

Now your certificate and chain have been saved at Let’s Encrypt configuration directory at “/etc/letsencrypt” and “/etc/letsencrypt/live/ contains symlinks to the latest certificates. Making regular backups of this folder is ideal.

All we have to do now is set it up in Apache.

Configure Apache to use Let’s Encrypt certs

In Let’s Encrypt configuration directory at “/etc/letsencrypt/live/ the .pem files are as follows (from the Letsencrypt documentation):

  • privkey.pem: Private key for the certificate.
    • This must be kept secret at all times! Never share it with anyone, including Let’s Encrypt developers. You cannot put it into a safe, however – your server still needs to access this file in order for SSL/TLS to work.
    • This is what Apache needs for SSLCertificateKeyFile
  • cert.pem: Server certificate only.
    • This is what Apache needs for SSLCertificateFile.
  • chain.pem: All certificates that need to be served by the browser excluding server certificate, i.e. root and intermediate certificates only.
    • This is what Apache needs for SSLCertificateChainFile.
  • fullchain.pem: All certificates, including server certificate. This is concatenation of chain.pem and cert.pem.

Now that we know which file is which we can configure our VirtualHost to use SSL with our new certs. Change the following lines in your Apache’s virtualhost’s SSL configuration:

SSLCertificateFile /etc/letsencrypt/live/<your-domain>/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/<your-domain>/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/<your-domain>/chain.pem

Finally, restart apache

You can test that your SSL is working with SSL Labs.

Automate updating Let’s Encrypt certs

As you surely noticed Let’s Encrypt CA issues short lived certificates (90 days) and you have to renew the certificates at least once in 3 months. Nice way to force sysadmins to automate the process.

To obtain a new version of the certificate you can simply run Let’s Encrypt again but doing that manually is not feasible. Let’s Encrypt is working hard on automating the renewal process but until that we have to do it by ourselves.

Fortunately we don’t need to invent our own scripts as there’s excellent article about automating Let’s Encrypt and script for crontab.

Get the autole.sh -script from GitHub that automates tasks like:

  • Check the expire date of the certificate and renew when the remaining days are below a value
  • Check that the directory for the challenge is well mapped
  • Alert the admin if it’s not possible to renew the certificate

Now you can renew certain domain’s certificates with

./autole.sh www.mydomain.com

And to renew all your certificates use

./autole.sh --renew-all

Now you can add this to the crontab, run weekly, and your certificates will be ready and renew automatically. This cron job will execute the command every Monday at 08:30.

30 8 * * 1 /usr/local/sbin/autole.sh <your-domain> >> /var/log/autole.log

Now before I switch my WordPress over to HTTPS I have to do some find & replace in the database and fix the URL’s of the images to be protocol relative.

Weekly notes 6

This year has started slowly and weekly notes has frozen to monthly notes. This time they tell us i.a. how to put Spring Boot in Docker, useful features of Java EE 7, ponder what all there’s to do to launch your mobile app, read tips how to get better with Node.js and how smaller is better. And finally we have Yoga routine to keep our body in shape.

Issue 6, 2016-01-27

Java is strong with this one

Java EE 7 At A Glance and Top 10 Java EE 7 Backend Features
A rundown of some of the most useful Java EE features – most of which look quite handy.

New year’s Spring Boot tricks in a container
Read how you can combine Spring Boot’s hot restarting and running application in a Docker container. Of course you could just run Spring Boot from the IDE and expose the MongoDB container port for the application.

Nashorn: Run JavaScript on the JVM
Nashorn is a high-performance JavaScript runtime written in Java for the JVM. It allows developers to embed JavaScript code inside their Java applications and even use Java classes and methods from their JavaScript code. But why would you want to do that?

Mobile app development is fun?

Everything you need to launch your app
Good checklist to go through during app development and when you’re going to launch your app. Launching an app isn’t as straightforward as you would think. (from Indie iOS Focus Weekly 48)

Everything you need to know about app screenshots
And with everything it really means that. Making screenshots of your app isn’t as easy as you would think. (from Indie iOS Focus Weekly 46)

Creating perfect App Store Screenshots of your iOS App
More about app screenshots. This time doing it “the right way” for all device types and languages. Isn’t easy this time either but it’s automated. You just need to use snapshot, frameit and to use UI Tests.

Why you shouldn’t bother creating a mobile app
Post-mortem of Birdly, a receipt management app in the business to business market. Gives insight and lessons to learn about the App Store. Even though the app had good use case the users didn’t really need it. (from Indie iOS Focus Weekly 48)


Find & fix known vulnerabilities in Node.js dependencies
Snyk looks to be quite crafty tool to find & fix known vulnerabilities in Node.js dependencies. Integrate Snyk into your CI and monitoring your applications for newly disclosed vulnerabilities.

TL;DR; Simplified man pages
Simplified man pages for when you just need to get shit done. Finally! You can use different clients for it and install if from e.g. npm install -g tldr.

pre-commit hooks
Some out-of-the-box hooks for pre-commit. See also: pre-commit.

Getting better is good?

Reduce Your bundle.js File Size By Doing This One Thing
Simple! Use relative file paths. The article looks at two examples to show the difference.

The Website Obesity Crisis
Keynote from Web Directions 2015: The Website Obesity Crisis. Beautiful websites come in all sizes and page weights but mostly-text sites are growing bigger with every passing year when there’s no reason for that. There’s also video.

How to Become a Better Node.js Developer in 2016
Tips and best practices not just for development but how to operate Node.js infrastructures, how you should do your day-to-day development and other useful pieces of advice. (from Twitter)
TL;DR; Use ES2015, follow callback conventions and async patterns, take care with error handling, use JavaScript standard style, follow the Twelve-Factor application rules, monitor your applications, use build system, update dependencies weekly and keep up.

Something different

15-minute yoga routine to enhance balance and agility
See how yoga can help you to enhance your balance and agility, including a 15-minute video that demonstrates these principles. This is targeted more for mountainbike riders than developers but better agility and balance doesn’t hurt anyone :)

The 100 best photographs ever taken without photoshop
Nature and humankind are both great artists, and when they join forces, amazing masterpieces can be produced.

Starting with WeeChat

I’ve been using IRC for some time and although Irssi has served me well, it’s time to try something different. WeeChat is a modular chat client with support for IRC and the interesting part is that it’s possible to use other interfaces like glowing-bear web frontend. WeeChat is similar to Irssi so switching over shouldn’t be an issue. But to get the configuration right and what you had on Irssi needs some effort. Here are my notes about starting with WeeChat and how I like my chat client to look.

Compiling Weechat on CentOS 6

I have my shell on CentOS and although you can find WeeChat from the repositories, it’s quite old (0.4.3 when 1.4. is the newest). So you might want to compile WeeChat by yourself. Compiling WeeChat is explained on the User Guide. You need to install some libraries before you can try using make.

yum install gettext make libgcrypt-devel libcurl-devel python-devel v8-devel gnutls-devel ruby cppunit perl-ExtUtils-Embed

After you’ve installed the needed packages download WeeChat sources and extract the weechat-1.4.tar.gz package to directory you want.

Go to the directory you extracted WeeChat and run the following commands:

$ mkdir build
$ cd build
$ cmake .. -DCMAKE_INSTALL_PREFIX=/path/to/directory
$ make
$ make install

Configuring WeeChat

Quick Start guide helps you to get started so I don’t duplicate that here. If you’re familiar with Irssi you should feel more or less at home. As I didn’t use much scripts in Irssi the most difficult part for me was to create as good theme as I had with Irssi. Otherwise the switch went better than expected.

Start WeeChat with weechat so we can start configuration.

When I started with WeeChat of course I googled how others had configured it and thus my configuration is based on this and some other snippets.

Scripts to improve functionality

/script install buffer_autoclose.py iset.pl colorize_nicks.py urlbuf.py screen_away.py
  • buffer_autoclose.py: Automatically close inactive private message buffers.
  • iset.pl: Interactive Set for configuration options
  • colorize_nicks.py: Use the weechat nick colors in the chat area and command line.
  • urlbuf.py: Common buffer for received URLs.
  • irssi_awaylog.py: Log highlights/private messages when you are away.
  • screen_away.py: Set away status when detaching and attaching from screen or tmux.

To see and set the options for the plugins you can use /set with wildcard “*”

/set *urlbuf*
/set *away*

You can install scripts also by typing “script search iset” and a selection of available plugins will appear. To leave it type “q” then press enter, if you want to install the script type “i” then press enter.

Adjust layout and colors

Make the title bar and the status bar using dark colors.

/set weechat.bar.status.color_bg 0
/set weechat.bar.title.color_bg 0
/set buffers.color.current_bg 0
/set weechat.color.chat_nick_colors 1,2,3,4,5,6
/set buffers.color.hotlist_message_fg yellow

Place a list of all buffers at the top of the screen

/set weechat.bar.buffers.position top

Merge the server buffers in to one to take up less of our precious screen space (you can switch between them with ctrl-x).

/set buffers.look.hide_merged_buffers server

Hide any channels from the buffer list that haven’t had activity in 10 minutes or less to keep the clutter down.

/set buffers.look.detach 600

Hide joins and parts don’t count as ‘activity’ on a channel.
some filter tweaks to make IRC less annoying.

/set weechat.look.buffer_notify_default message

Hide joins/parts from users that haven’t spoken recently (default is 5 minutes). You can toggle this with ctrl-=.

/set irc.look.smart_filter on
/filter add irc_smart * irc_smart_filter *

When joining a channel, a lot of information is spit out, most of which is redundant. Hide all this with the following command.

/filter add irc_join_names * irc_366,irc_332,irc_333,irc_329,irc_324 *

Some visual bits to make Weechat a bit nicer. Like replace the nickname for a message with a little arrow if the previous message in your buffer was from the same user.

/set weechat.look.prefix_same_nick "⤷"
/set weechat.look.prefix_error "⚠"
/set weechat.look.prefix_network "ℹ "
/set weechat.look.prefix_action "⚡"
/set weechat.look.bar_more_down "▼▼"
/set weechat.look.bar_more_left "◀◀"
/set weechat.look.bar_more_right "▶▶"
/set weechat.look.bar_more_up "▲▲"
/set weechat.look.prefix_suffix "|"
/set weechat.look.separator_horizontal "—"

Prettier timeformat

/set weechat.look.buffer_time_format "${color:252}%H${color:245}:%M${color:240}:%S"

Restrict the length of nicks in the sidebar to 15 characters

/set weechat.look.prefix_align_max 15

Bind alt-n to toggle the nicklist.

/key bind meta-n /bar toggle nicklist

More colors

/set weechat.color.chat_delimiters 29
/set weechat.color.chat_host 24
/set weechat.color.chat_prefix_suffix 24
/set weechat.color.nicklist_away 244
/set weechat.color.separator 60
/set weechat.color.chat_highlight_bg 058
/set irc.color.reason_quit  244
/set irc.color.topic_new  36
/set irc.color.topic_old 244

Get rid of the title bar and just add the buffer name to the input bar

/bar hide title
/bar set input items [time]+ buffer_name+ [input_prompt]+(away),[input_search],[input_paste],input_text

Adjust the input bar

/bar set input items [input_prompt]+(away)::,[input_search],[input_paste],input_text

Save your configuration with


Save layout and buffer order

/layout store

My WeeChat theme is like this

Simple WeeChat setup
Simple WeeChat setup


You can use WeeChat also with other interfaces than ncurses like web frontends which make using IRC easier on mobile devices.

Add a relay server using the weechat protocol, using port 40900 and setting a password.

/relay add weechat 40900
/set relay.network.password YOURPASSWORD

Now you can connect to your WeeChat with web frontend by using the server where your WeeChat is running and providing the port and password.

Note: Connections with weechat are not encrypted. So it’s better to e.g. setting up WeeChat relay behind nginx.

Clicking on long URLs

By default, WeeChat displays time and prefix for each line and optional bars around chat area which makes clicking long URLs impossible.

To make easier URL click, you have to options as explained in FAQ:

1. Enable option “eat_newline_glitch”, so that new line char is not added at the end of each line displayed (it will not break URL selection):

/set weechat.look.eat_newline_glitch on

2. Move nicklist to top and remove alignment on nick:

/set weechat.bar.nicklist.position top
/set weechat.look.prefix_align none
/set weechat.look.align_end_of_lines time

I found the first option to be better as it lets you to have the prefix after nick and before text. It’s not as good as Irssi has it but it works. I hope they’ll merge this pull request which should make it better.

You can also use the bare display (default key: Alt+l).

Other notes

Joining channels with channel names on different character set, like ISO8859-1 and umlauts. You need to input the octal code for the letter, for example latin small letter a and o with diaeresis:

/eval /join #${\0344}${\0344}kk${\0366}set

Search text in buffer

The default key is Ctrl+r (command is: /input search_text_here). And jump to highlights: Alt+p / Alt+n.

Log all messages on IRC buffers but not join/part/quit messages:

  • All IRC buffers: /set logger.level.irc 3
  • Server and its channels: /set logger.level.irc.freenode 3
  • Specific channel: /set logger.level.irc.freenode.#weechat 3

Configuration with iset

Now you should have basic setup quite right and to continue configurations it’s nice to use iset plugin. Just type /iset to enter the iset screen. You will now see a list of all the parameters which can be modified. If you type something in the input bar, it will look for the pattern in the list of variables. If you want to search through the values, put an = before the pattern.

To change the value, press Alt + Enter then enter the new value (it is possible to navigate through values depending on variable type by pressing the Tab key).


After short use WeeChat works as well as Irssi and vice versa. It will be seen if I stuck with it or get back to Irssi. I’m not quite satisfied with the configuration but it works well enough.

2015 retrospective

A year has again come to its end and it’s time to look back what I’ve managed to write about and do some planning for the new year of 2016. This year my writing schedule was as leisurely as usual and I managed to put together of 19 articles. Which five of them are about my new post series, weekly notes. On average I managed to kept my pace of at least one post per month. Yay. Things have gone quite well overall. I’ve learned new things and got things done :)

Mobile development on the rise

I started mobile development couple of years back with Jolla and Sailfish OS and this year I continued with iOS. Starting iOS development with Swift and Xcode for Apple iPhone and iPad devices has been quite a different experience than using Qt, QML and JavaScript for Sailfish OS. Learning new concepts with Swift and how the App Store works has been great but not always as fun as they say. Especially using the Xcode’s Interface Builder for creating user interface is a task I’m not comfortable with compared to using plain code as with QML. But I got my first iOS application published for iPhone and iPad: Highkara news reader for High.fi news portal. It’s available on App Store.

Highkara news reader
Highkara news reader

Things on Sailfish OS and Jolla front has been quiet but I did a new game: Falldown. Or actually ported it from Ubuntu Touch. It was a fun experience as I needed to build Bacon2D library for Sailfish OS and package it correctly so it can be accepted on Jolla Store.

It will be interesting to see how my iOS applications attract users and will they beat my Sailfish OS user base :) At least it will be easier to get statistics from your apps from iTunes Connnect than Jolla Harbour. Over a year I have collected data manually and plotted how my five apps have users on Jolla.

Jolla Store statistics
Jolla Store statistics
Active install graph
Active install graph

Keeping up with Weekly notes

For some time I have read or in practice collected several software development related newsletters on my inbox. I like to follow what happens on the field and reading Twitter, Reddit and Hacker News is nicely complemented with some newsletters. But that’s not all there is to it. I’ve found it’s useful to make summaries what I’ve read and thus started my Weekly notes blog post series. Although next year I probably will post weekly notes bi-weekly. That’s fortnightly, once in two weeks.

Learning from others at meetups

One way of learning new things is to hear how others do things and get do ideas how to make things better. I’ve found that attending meetups and conferences are nice way to both freshen your thinking and get to know people working on the same field. This year I went to OWASP Helsinki Chapter meeting 27 and got to hear Troy Hunt’s talks of “50 Shades of AppSec” and “Hack yourself first”. It was great event, met old friends from school and the views from the sauna were magnificent.

Or is it?
Or is it?

Agile methodologies are know widely used and accepted but what’s beyond agile? That was the theme what Tampere goes Agile asked this year. It was my first time visiting the event and it was nice experience. The topics provided something to think about and not just the same agile thinking. You could clearly see the theme “Inspired beyond agile” working through different presentations and the emphasis was about changing our mindsets. In short: Agile is mindset. Culture eats agile. no management, no projects. Think small. Focus on benefit. Test & automate. Pair. Liberate.

Continuous flow of waterfall
Continuous flow of waterfall

The meetup scene in Helsinki seems to be warming up and there’s lots of events to go. I didn’t write posts from all meetups I attended like Finland AWS Meetup with Sovelto but wrote about DevOps Finlands’ meetup about ApiOps and test automation. Nice events and good talks later on.

I will certainly keep notes on interesting meetups also next year.

Books on the shelf

I like reading books but usually not the kinds which are technical and you could learn something from. But still I got my hands on “Iron-Clad Java: Building secure Web applications” book which was highly informative and you can’t read it without learning important things about security. In good and bad the book gives somewhat opinionated answers what technics and tools you can use to address security issues but overall the advice is solid and un-biased and more or less framework agnostic.

The other software related book I found myself reading was “Real World Java EE Night Hacks”. It walks through best practices and patterns used to create a Java EE 6 application and covers several important topics from architecture to performance and monitoring to testing. The book has 167 pages with source code so the topics are more about getting the idea than explaining them thoroughly.

In 2016 I will make myself study for the Java Programmer Certificate and read the OCA/OCP Java SE 7 Programmer I & II Study Guide. That’s about 1000 pages to go through with lights on.

Software development as usual

I work as a software developer and it entails all kinds of interesting aspects of doing things. Virtualization isn’t a new thing but with tools like Vagrant you can easily automate the creation of your development environment. And for that you need a base box which you can get from 3rd party or what’s better, you can create your own Vagrant base box with veewee. This way you know what’s in the box and get to customize it for your needs. I used Vagrant for WordPress theme development and later for creating legacy Java EE 5 development environment for OC4J, Oracle 11g XE and Java 1.5 on OS X.

Installing CentOS to Vagrant Box with Veewee
Installing CentOS to Vagrant Box with Veewee

Getting to play with Vagrant and provisioning it with Ansible was maybe the most useful thing this year what comes to development environments. Also switching from Eclipse to highly praised IntelliJ IDEA was great move. Although it took some time to get familiar with IDEA’s keyboard shortcuts. IDEA is nice upgrade form Eclipse especially for JavaScript development but Eclipse has it’s perks with Java and Maven.

Developing legacy applications and using enterprise Java EE environments were still on my daily list and I got to deal with annoyances like disabling Derby in Oracle WebLogic 12c and patching Richfaces 3.3.3. for IE 11. Fortunately it looks that next year I get to leave those behind and concentrate on modern environments.

One thing I didn’t have time to write this year was about starting JavaScript development. As a full-stack developer I’ve found myself writing more JavaScript this year than Java. Mostly Backbone.js and later got my hands dirty with Angular.js. To manage our build process and JavaScript libraries I wrote about setting up bower and gulp in Windows although you could ditch Bower and go just with npm. So many new tools to use that I think next year there won’t be shortage on topics to write :)

New year, interesting things ahead

Past year was good and I got to do fun projects like my first iOS application and in overall all things went as usual. Work, training, personal projects and stuff like that. Nothing spectacular.

New year of 2016 will be interesting as I just started in new job at awesome company, Gofore. I’m looking forward to new projects and getting things done with great coworkers. I’m certain that there will be interesting articles to be written next year so stay tuned by subscribing to the RSS feed or follow me on Twitter. Check also my other blog in Finnish.

Happy new year!

“This is a new year. A new beginning. And things will change.”

Weekly notes 5

Christmas holidays is soon here but before that it’s time to see what I’ve read this week. I’ve been playing with legacy Java EE 5 development and came across System Integrity Protection in OS X which prevents you of installing JDK 5. And on top of that I just wish I could run OC4J with JDK 5 on Docker as you can do for WebLogic 12.2.1. In security point of view there was startling announcement as Juniper Networks had found backdoor in their firewalls code. We also learn the basics of web accessibility and if you’re not using dotfiles and you’re on Linux or OS X, now is a good time to start.

Until next week, Happy Holidays!

Issue 5, 2015-12-23


Survey of essential tools/frameworks for the modern Java developer
Opinionated choices for modern Java developer.

Java EE Kick-off app
Java EE kickoff app is an app skeleton that demonstrates a couple of technologies:
JSF 2.1 views, CDI backing beans, JASPIC authentication, EJB services, Bean Validation, JPA models, Java EE 6 and H2 database.

What is the “System Integrity Protection” feature in El Capitan?
I was developing legacy Java EE 5 application and came across problems with installing JDK5 for OS X El Capitan. Turns out that even with root you can’t modify certain directories. It’s for your own protection. Annoying.

The Serverless Start-Up – Down With Servers
Do you need servers? Using AWS Lambda to build a startup that has no servers per se. (from Weekend reading)

The web accessibility basics
List of absolute web accessibility basics every web developer should know about and which are extremely easy to implement but matter a lot. Next time you build something, consider incorporating those few things. (from WDRL 117)


3 Disasters Which I Solved With JProfiler
Interesting article of using JProfile to solve problems caused by using JPA and Hibernate.

WebLogic 12.2.1 on Docker
Interesting article with examples of how to run WebLogic 12.2.1 on Docker as I just played with Vagrant and Ansible for creating legacy Java EE 5 development environment with OC4J. Maybe in the future legacy environments are easier to manage as you can virtualize them more easily.

Unofficial guide to dotfiles on GitHub
Good source for dotfiles with different environments and tools. I’ve found that Mathias Bynens’ OS X defaultsscript is legendary. (from Hacker News)

To think about

One Googler’s take on managing your time
If you don’t have time to read this… read it twice. The maker’s day is most effective in half-day or full-day blocks. Commit to protecting Make Time on your calendar including the time and place where you’ll be making, and ideally detail on what you’ll be making. That way, you know, it’ll actually happen.


Detect and disconnect WiFi cameras in that AirBnB you’re staying in
There have been a few too many stories lately of AirBnB hosts caught spying on their guests with WiFi cameras, using DropCam cameras in particular. Here’s a quick script that will detect two popular brands of WiFi cameras during your stay and disconnect them in turn.

Researchers Solve Juniper Backdoor Mystery; Signs Point to NSA
Internal code review pays off for Juniper. This week Juniper Networks revealed in a startling announcement that it had found “unauthorized” code embedded in an operating system running on some of its firewalls, ScreenOS. As the terrific summary of the Juniper backdoor explains, it allowed attackers to take complete control of Juniper NetScreen firewalls. This is a very good showcase for why backdoors are really something governments should not have in these types of devices because at some point it will backfire when other hackers will piggyback on top of existing backdoor to build their own backdoor.

Instagram’s Million Dollar Bug
tl;dr; Security researcher finds remote code execution vulnerability in Instagram which pivots to getting all kinds of data from AWS S3 but Facebook CSO plays it down to trivial and a thing which violates the poorly worded whitehat program rules. The point of this story is that Facebook fails on their bug bounty program as their actions show that it would be better just to “sell million dollar bugs on the black market for a million dollars” and not get threaten with legal actions for just being a good guy.

Something different

20+ Cheatsheets & Infographics For Photographers
Informatic cheatsheets for photographers covering various aspects of photography. Also a good resource for fresh and new ideas.

Weekly notes 4

This week there are couple of books to read which helps you to learn functional programming, realize that you don’t know JavaScript and helps you to build Kanban board with Webpack and React. Also you can read thoughts on securing OS X, get some information about Spring Boot memory performance and read about reasonable approach to React and JSX. Happy reading.

Issue 4, 2015-12-16


Spring Boot Memory Performance
Interesting article about Spring Boot memory performance (and tools to measure it). But shouldn’t we compare it to Java EE?

Hibernate Logging Guide
Logging database queries with Hibernate is relatively easy but it’s good to recall the logging options. Like use different log categories and don’t use show_sql to log SQL queries.

Here are some of the best resources to learn about PHP 7
PHP 7 is out and it might be time to learn more about it and migrate from 5.6.X to 7.0.X. For example benchmarks of WordPress using PHP 7 are showing a 2-3x speed improvement. The only question is if the plugins are ready for PHP 7? (from WDRL 116)

Airbnb React/JSX Style Guide
“A mostly reasonable approach to React and JSX” (from Weekend Reading)


Professor Frisby’s mostly adequate guide to functional programming
Book on the functional paradigm in general which uses the world’s most popular functional programming language: JavaScript. Available in ePUB, MOBI and PDF.

You Don’t Know JS (book series)
Series of books diving deep into the core mechanisms of the JavaScript language. The series is released in GitHub as drafts, free to read and you can get buy them through O’Reilly.

SurviveJS – Webpack and React
SurviveJS – Webpack and React shows you how to build a simple Kanban application based on these technologies. There’s a free online version of the book and Leanpub version with extra content.

Good to know

What the Web Can Do Today
Good list of feature sets on the web. Includes code examples.

OS X security and privacy guide
Collection of thoughts on securing a modern Apple Mac computer using OS X 10.11 “El Capitan”, as well as steps to improving online privacy. Targeted to “power users”.

Something different

Empire of Code
Empire of Code is a space game with a mix of strategy, tactics and coding.
You can play the game with or without coding skills, but knowing how to code will definitely give you an advantage. Unleash your Python and JavaScript skills.

Empire of Code

Weekly notes 3

It has been rainy week here in Finland with pre-christmas parties (again) and also our 98th independence day. Yay! This weeks articles are about JavaScript, Microservices, User experience and tutorial for ToDo app with React.js.

Issue #3, 2015-12-09


Advancing JavaScript without breaking the Web
Christian Heilmann presented earlier this year at the MunichJS meetup how the advancements in ECMAScript (aka JavaScript) are a great opportunity, but also a challenge for the web. His article with slides and video takes a look at how whilst adding new, important features we’re also running the danger of breaking backwards compatibility.

Spring Boot Microservices, Containers, and Kubernetes – How-to
Ray Tsang discusses how to create a Java-based microservice using Spring Boot, containerize it using Maven plugins, and subsequently deploy a fleet of microservices and dependent components such as Redis using Kubernetes.

Building for HTTP/2
Rebecca Murphey shares the fresh concepts of HTTP/2 and how it will affect our tool and build-chain for JavaScript applications. A few good thoughts in there that we can keep in mind to optimize the delivery of large-scale front-end applications. (from WDRL 115)

User experience

How to fix a bad user interface
Some good advice how to fix a bad user interface. tl;dr; Handle your app User Interface states. (from Hacker News)

How Apple Is Giving Design A Bad Name
“Apple is destroying design… revitalizing the old belief that design is only about making things look pretty.” And with recent iPhone Battery case Apple looks to have lost the spark. (from Userfocus Dec 2015)

Good to know

Using the HTML5 Fullscreen API for Phishing Attacks
I was wondering why browsers show the “annoying” message when you go into fullscreen mode but it’s there for a reason, to let people detect phishing attacks. (from WDRL 115)

Tools of the trade

Let’s Encrypt now in public Beta
Let’s Encrypt is a new Certificate Authority with the goal of helping everyone encrypt. It’s free, automated, and open. Now in Public Beta so you can give it a try by following this guide. (from Hacker News)

Must see JavaScript dev tools
A great walk through some of the greatest JavaScript developer tools that currently exist and why Eric uses them. (from JavaScript Weekly 261)

Linux Performance analysis in 60s
Netflix blog presents tools for doing Linux Performance Analysis in 60,000 Milliseconds. (from Hacker News)


Raspberry Pi Zero: the $5 computer
Raspberry Pi gets even smaller and cheaper with the Zero and provides almost the same processing power as the original. Unfortunately they sold out quickly and didn’t get one yet. (from Hacker News)

Getting started

How to Build a Todo App Using React, Redux, and Immutable.js.
Build a test-driven example “Todo Application” using React. So many new tools to go through. (from JavaScript Weekly 261)

An Introduction to ClojureScript tutorial
ClojureScript is a popular Clojure to JavaScript compiler. (from JavaScript Weekly 261)

Something different

MacBook case you can decorate with Lego bricks.