Mat Trudel

Smart Keywords are Smart

2011-08-07T00:00:00-07:00

Smart Keywords are Smart

Safari is a great browser, but has always had one feature missing that's present in every other modern browser: Smart Keywords. Previously I've used tools such as Sogudi or Keywurl to provide that functionality within Safari, but they were both implemented via a fragile (if awesome) hack, and as a consequence I always pointed fingers at them whenever Safari started losing its shit in the past. Happily, with the arrival of Safari 5.1, Apple has added the requisite event hooks to the extension API to enable Smart Keyword functionality as a first class extension citizen.

Smart Keywords is my implementation of Smart Keywords for Safari, using these new APIs. It's super simple (28 lines of Javascript, the majority of which is code to read & write configuration data), easily configurable, and – owing to its simplicity – should be crashproof.

To install Smart Keywords, download the extension and double click on it to install. Configuration is straightforward, and is done in the extension tab of Safari's preferences. Due to the way in which extension configurations are defined, you can define a maximum of ten keywords (this is a soft limit. If you want more, either ask me, or else fork the project and add them yourself).

To customize a keyword, enter in the keyword you want to match (say, for example 'wiki' to match searches of the form 'wiki bananarama'). When you enter this keyword in the address bar, it will be replaced with the contents of the matching URL instead, with the remainder of your query being substituted in for %s in the URL. As an example, if you have the keyword 'foo' defined with a URL of http://example.com/search?query=%s, then entering 'foo bananarama' will take you to the URL http://example.com/search?query=bananarama. Note that spaces in your entered URL are automatically URL escaped to %20, which is usually what you want.

Comments / feedback are welcome. If you find any bugs or missing features, please let me know!

This is how we do it

2011-02-05T00:00:00-08:00

This is how we do it

As promised, a howto on setting up SSH agent forwarding, and the proper use of proxy commands to punch through bastion (aka gateway) hosts.

Agent Forwarding

The theory is described here, but here's a distilled version of how to get SSH Agent forwarding working:

If you don't already have one, create your SSH key pair via:
```
 ssh-keygen -t rsa
```
Ensure that you put a passphrase on this (it can be as strong as you want, since you'll only ever have to type it in once).
Push the public key component to the remote server you want to connect to:
```
 cat ~/.ssh/id_rsa.pub | ssh user@remote "cat >> .ssh/authorized_keys"
```
Many OS's (not OS X, sadly) include an ssh-copy-id user@remote command that automates this.
Connect to the remote machine using your new key:
```
ssh user@remote
```
If you're on OS X or a reasonably friendly Linux box, you should get a native OS dialog asking you for the passphrase you just put on your private key. Enter it, and you should be golden. If you're on another OS that doesn't provide an automated agent, you probably want to look at this for more info.
Note that you can now make onward connections from the remote machine without being prompted to authenticate again. Magic!

Proxying connections through a bastion host

This is crazy useful for maintaining a cluster of machines without having to expose their SSH servers to the internet. All you need to keep open is ssh on your bastion host and you have access to anything on the internal machines nearly automatically. Here goes:

Let's say you have an internal network of machines in a .internal domain (maebe.internal, gob.internal, etc). Assuming you already have SSH access to these machines as detailed in the previous section, you can simply add something like this to your ~/.ssh/config file:

Host *.internal
ProxyCommand ssh <bastion_host> nc %h %p

and you'll magically be able to run ssh commands like the following:

ssh maebe.internal

What??? How does my machine know to resolve maebe.internal from anywhere on the internet, you ask? What's happening here is that SSH is applying the config for *.internal to your connection request, and running the request through ProxyCommand. As such, your destination hostname actually gets looked up in the DNS context of the bastion host, which (presumably) knows how to resolve maebe.internal. Once again, Magic!

One of these things is not like the other

2011-01-07T00:00:00-08:00

One of these things is not like the other

As a follow-on to Gruber today, there's at least one program out there whose outside-the-walled-garden version has features which the App Store version does not. Quoted from Optimal Layout's product page:

Optimal Layout fully supports Spaces: you can easily see which Space a windows is in. In the version purchased from this site you can also move groups of windows between Spaces with a keyboard command, note that this feature is not available in the version of Optimal Layout available on Apple's Mac App Store.

As an iOS App Store developer I wish I could say I was more excited about the Mac App Store, but balkanization such as this can't possibly bode well for the platform's health outside the walled garden.

TIL

2010-12-13T00:00:00-08:00

TIL

Until this moment, it had never occurred to me that Donkey Kong was indeed Donkey Kong. I'd honestly never actually seen the word donkey there, instead always assuming it was just a random jibberish name given to the bad guy.

Oops.

You may find yourself in another part of the world

2010-11-22T00:00:00-08:00

You may find yourself in another part of the world

On a dare from Dylan, I wrote this up last night as a quick and dirty way of keeping track of where I left off in a given terminal window. When you're walking away from a task, simply run

whereami <note to self>

and it will start being reflected in your terminal prompt. When you sit down to work again, run

whereami

with no arguments to clean out the note to yourself. Because it works using environment variables, you can use this on any number of terminal windows without interference.

Code here:

This has also been added to my dotfile project.

Hello filewall

2010-07-13T00:00:00-07:00

Hello filewall

I'm sick of firewalls. I'm sick of how arcane and arbitrary their config systems are. I'm sick of the fact that they're never really reproducible, and that only one guy in most organizations understands their network (mostly because that guy was usually me).

On the other hand, I've always liked shorewall. Its config language has always seemed very flexible and easy to grok, it has great documentation, and since it's just iptables under the covers, there's no magic to it. Thinking about things further, I realized that most of my pain points were really more about how people go about setting up firewalls than about firewalls themselves. Such a central and yet seldom-touched piece of infrastructure is exactly the kind of place you want repeatability and process, and exactly the wrong place for ad-hoc hacks. Hence, filewall was born.

In one line, git + capistrano + shorewall = filewall

Filewall is a mix of capistrano and shorewall that lets you keep your firewall configuration in SCM, and lets you deploy it to your routers in a simple, sane and structured way. It takes a great firewall and marries it to a great deployment system to make a great deployable firewall. Wicked.

Changes made with filewall are safely deployable; deployments incorporate a dead-man switch, wherein the rule changes are temporarily turned up for a timeout duration, and actually made permanent only if you subsequently affirm that they do what you intended them to. If you accidentally fry your config, filewall will restore your old configuration as soon as the timeout expires. You'll never be locked out again.

Committed configurations are immediately wired into the filesystem, so your firewall works predictably across reboots. And since it's capistrano based, you have access to all the rollback awesomeness that capistrano provides.

If you're responsible for a more complex network, you can easily store all of your configurations as branches and keep all of your sensitive network config in one place, keeping all of your routers locked up with one public key. And don't forget that software routers are fast, so you probably won't be outgrowing filewall anytime soon (and even if you do, filewall is hardware agnostic. As long as it runs Debian, it runs filewall).

So say hi to filewall. It's what you want.

75Ω

2010-06-04T00:00:00-07:00

75Ω

Ryan Tomayko's post about Unicorn is one of my favourite pieces of the past year. He's spot on the money that despite all of the change in the past several decades of systems development, idiomatic use of the Posix APIs will still carry the day. And it got me to thinking about the differences between the (majority of) the Ruby / Python community and how it contrasts to the PHP / Java community in terms of embracing idioms and striking a balance between tools doing too much and too little. I'm christening this concept tooling impedance.

What we do as developers today isn't any different than how developers worked twenty years ago. We still create text files that get parsed and transmogrified by a compiler (or an interpreter, but that's immaterial to my point). We still write code and work with relation to a filesystem. While we've graduated from linear style to a nearly universal embrace of objects, the way we actualize these concepts is still file-and-compilation-unit-centric.

Despite the seemingly immutable nature of our code, there has been an explosion of IDEs over the past decade or so. As a consequence, the complexity of tooling relative to code has risen far above what it once was. I'm not suggesting that we all need to go back to using ed to get things done, but I think it's certainly worth taking a step back from the tooling landscape before we suffocate underneath IDEs.

I remember Reg Braithwaite's excellent talk at RubyFringe a number of years ago, and one of the quotes he offered up therein:

"All problems can be solved by adding another layer of abstraction, except the problem of having too many layers of abstraction."

I defy anyone out here to try and extend Eclipse without writing any code. As an IDE, it presents so much abstraction between the screen and the filesystem that it's often not always even clear which file you're operating on. An IDE that 'helps you' by abstracting away the fundamental metaphor of development is doing you a tremendous disservice, all the more so if it's coddling you into believing that those metaphors are dead. Introducing this kind of impedance mismatch into the development cycle may help you as long as you're inside the walls of the IDE, but find yourself outside those walls, and you end up having to recreate those abstractions on your own.

Fuck that noise.

Whether or not vi / emacs / TextMate is forever isn't at all important. What is important is that they all treat code as text, and not some heavyweight abstraction. Whichever one you choose (and just to be clear, it doesn't matter), they're all superior to IDE's because they don't try to punch above their weight. There's zero impedance mismatch between your editor as a tool, and your code as text. Understanding comes from clarity, and you can't have that if you can't see what it is you're doing.

I'm sure people will point out that this is regressive, that this is the ranting of a crotchety old man averse to change. Horseshit -- I've delivered actual, real products in both Eclipse and XCode bigger than anything you've done this year, and I've spent enough time with both of them to know that they're both trying to do too much. They're both trying to keep coders away from code, which is so patently wrong I don't know where to begin (in fairness, Eclipse is much more guilty of this than XCode).

In the end, I think Ryan's original post is dead on. In 30 years, smart people will still be solving hard problems using fork(2) and exec(2). I'm just pushing that statement out further, and saying that if Posix calls are still around, then text will still be king. And if text is still king, then the humble editor will still be around, long after your vaunted IDEs and code fashions de jour have passed into antiquity.

my brain hurts

2010-05-13T00:00:00-07:00

Brilliant

Lessons

2010-04-19T00:00:00-07:00

Lessons

For those of us who may like to pretend that the buildings of the past are best buried in the name of progress, may I present a memory burned into my brain forever:

I never realized that the building housing the Tate Modern came as close as it did to being lost. I think I speak for everyone who has ever stood in awed and humble reverence of the Turbine Hall when I say that I'm glad the axe never fell.

stencilrific

2010-04-07T00:00:00-07:00

stencilrific

Short and sweet: I just made and published a quick little OmniGraffle stencil for use in drawing git branching models. It's based on the figure styles in Scott Chacon's excellent Pro Git book, and published on Graffletopia.

Get It

Today's terminal timesaver

2010-03-28T00:00:00-07:00

Today's terminal timesaver

Via Allan Odgaard, a simple and super useful terminal tweak. The cd command looks for a CDPATH environment variable, which specifies directories cd will always look at when trying to change directories. Essentially, what PATH is to executing programs, CDPATH is to changing directories.

The upshot of this is you can always change to commonly used directories no matter where you are in the filesystem. For example, I use the following setting:

export CDPATH=::~:~/Work:~/Desktop:~/Code

and now no matter where I am in the filesystem, I can always change to any subdirectory of my home directory (or ~/Work, ~/Desktop or ~/Code). So, entering cd Downloads will bring me to ~/Downloads no matter where I am.

cue the Dylan

2010-03-15T00:00:00-07:00

Once in a blue moon, something will come along that just screams out to you a truth you've long known, the tangible metaphor making it all the more real.

I've just spent the past six months working on bant (thank you, I'm quite proud of it). Now that we're in the process of adding in our secondary localizations for 1.0.1, our designer just sent us this:

and it hit me; I'm writing software for the entire world. Barely fifty years ago, 'no ticky, no laundry' was considered to be a benign and appropriate form of humour (though some people apparently have yet to get the memo). Today my work isn't complete unless I take into account a country I've never even been to.

The times really are a changin'. What a wonderful time to be alive.

on backwards dinosaurs

2010-03-09T00:00:00-08:00

I've said it before, but github's pages feature is a great application of one of git's most unsung features. to wit:

git repos are cheap. at their minimum, they're just a single top-level subdirectory with some easily parseable files tied to a real, working copy of your repo's contents. One command away, in place on top of an existing working copy. they're so cheap, in fact, that some of the lightest sharing systems out there are based on git.

Those of us unfortunate enough to remember a life under subversion may or may not remember the steps involved in setting up a repository (as the tooling guy for a team of five developers, I had to go back to the manual every time I had to set one up). That was bad enough. Those of us who also remember having to clean up after someone checked a subversion repo into your subversion repo probably realized it a bit more acutely; a feeling someone, somewhere, was laughing their ass off at your expense.

In a world where repos are cheap & easy to create, they start making sense as a generic representation of 'chunks of data' being moved around. Why bother using a blog service with some clunky web-based posting interface? Why risk using a flavour of the month silo of a cloud store? Why bother trusting just anyone to be the sole steward of your digital life?

A way forward here seems really easy and obvious given the fact that owning, copying, and generally marshalling sets of data around in the most efficient way possible is exactly what git does. In this far-off futureland, you publish to your blog by pushing to a remote git repo, you copy files between computers by syncing repos, and you share your address book with your email provider as a bunch of open format files inside a repository. In all these cases, you yourself own a first-class version of the data in question, locally and under your control. Where's the data? It's everywhere it needs to be, including in your safe hands for as long as your care to care for it.

Imagine that. Cloud computing where 'my own personal cloud, please stay the hell out unless I invite you in' is a subset. Cool.

I know people ride my ass about being so hot and bothered about a piece of fucking software. And I am. But I'm excited because I feel like git is the first tool to really nail this sort of interaction, and I see it being the jumping off point for a million great tools. It feels like the future, but one that's untamed and wild enough to help shape. It feels like new.

this post ought to have begun with a link

2010-02-15T00:00:00-08:00

This post ought to have begun with a link, and it obviously doesn't.

It doesn't because the thing I want to reply to, the opinion I want to tender for discussion, is on Facebook. Thus there's no universal way to refer to anything ever said there.

That fucking sucks, and it's exactly what's wrong with social networking sites today.

I want to begin a discussion on something my buddy Bryan said that will stand the test of time. I want to nurture a dialogue in a way that will (in my own little narcissistic way) give my and Bryan's ideas the memory of the ages. I want this to become a discussion that lives on beyond today; to possibly become an anecdote that one of us may recount in thirty years when recalling how we got to know each other, maybe the material of a footnote to one of our biographies. Or maybe it will come to nothing, forgotten away in in the internet's basement.

Either way, if it's worth talking about, it's probably also worth archiving, and I can't do that if you're talking to me from inside the social networking silo of the day.

is this valid academia?

2010-02-15T00:00:00-08:00

Is it?

neato

2010-01-27T00:00:00-08:00

Check this out

This sounds like a wonderful example of art meets learning. Not sure about its appropriateness in a university setting, but this is exactly what high school should be like in my mind.

What the Hell is in the water in Redmond? Bleach?

2009-10-25T00:00:00-07:00

From here:

'All computers in the store come with support and Microsoft Signature; a free service that removes all the "free" antivirus and other PC manufacturer software that crufts up a new PC, and gives customers a pristine installation of Windows 7.'

I'm sorry but, uh, are you fucking kidding me??? Who approves product briefs up there? Bozos.

Today's dterm trick

2009-10-14T00:00:00-07:00

From any application with context tied to the filesystem, open DTerm and run open . to get a Finder window focused on that content. Easy peasy 50/50 shell / GUI magic. Who needs quicksilver with a context aware terminal lying around?

Sammy Davis Junior Jr.

2009-01-15T00:00:00-08:00

Short and sweet; Architeeeeecccttttts iiiiinnn sppppppaaaaacccee

RSI's Analog Hole

2008-10-28T00:00:00-07:00

A thought: Conventional wisdom (somewhat incorrectly, according to the literature) dictates that RSI and carpal tunnel syndrome can be prevented by, among other things, frequent breaks while typing. Most guides suggest breaks of at least 1 minute every 20-60 minutes.

An observation: LP records are - on average - about 25 minutes per side.

A conclusion: Developers should have turntables at their desks.

A footnote: Other benefits include listening to better music, an opportunity to socialize, swap tunes, analog gear to tinker with, etc.

Oops

2008-08-29T00:00:00-07:00

Via John Gruber:

27 year old Frisian developer Eric Wijngaard won $275,000 in Google’s Android Developer Challenge for his ‘PicSay’ application.

In an interview with a Dutch website he says he likes Google’s SDK but “What I really wanted to do was develop an iPhone app. The iPhone SDK wasn’t out yet, though.”

Asked what he would do with the cash, his response was “I guess I could invest it in my software company, but first I want to port PicSay to the iPhone.”

You mean it's a bad idea to inject ten million no-strings-attached dollars into the independent mobile development scene just as your main competitor's absolute money-factory, game-changing platform is enticing developers all over the map to quit their day jobs and cash in, if only they could afford to eat for the intervening 4 months? Whodathunkit?

Hemming The Fringe

2008-07-23T00:00:00-07:00

Spent this past weekend at RubyFringe, and got my head blown in a few ways. Specifically, there's some stuff that the guys are doing at the low end, some stuff guys are doing at the high end, and some just plain awesome shit (giles' presentation was especially awesome. 300+ slides in 30 minutes. Any punk album would be proud). What they all had in common, though, was a driving freight train of a developer who was possessed of a few common qualities:

all misfits, at least from an employment point of view
all smart as shit
all had a great understanding of context, as well as content

Now, it may well be that those points are inter-related, but my focus today is on the last of them. I've met far too many people that are wonderfully talented at content, but not context (in other words, they may have horrendous communication skills or have no understanding the world 'out there', but can code like Barbarella can..., uh, you know.... hey! look! movies!). Those people are dangerous because they'll go down the rabbit hole every time with no hesitation. On the other hand, I've also had too many run-ins with people that have context but no content (in a previous world, they were known as used car salesmen. Now I think we know them as consultants). They're dangerous because they have a disturbing tendency of selling you up the river. Both should be considered dangerous, and are to be avoided.

The real all-stars are those that live on the edges in most other ways (skill, dedication, smarts, etc), but who live in the middle of this particular dichotomy. It's strange sometimes, how the edge rewards people in some cases, yet punishes in others.

Ezra's Law

2008-07-13T00:00:00-07:00

Up on the plate today: the importance of thinking, problem reduction, and generalisation, as illustrated through tactical examples. Case in point: it really bugs me when people that oughta know better write stuff that looks like

if (a == true)
  if (b == true)
    return false
  else if (b == false)
    return true
  end
else if (a == false)
  if (b == true)
    return true
  else if (b == false)
    return false
  end
end

Up front, don't laugh. I see crap like this all the time.

For those that may not see it, this is exactly equivalent to "a XOR b", and so could be equally expressed as

return a ^ b

Or, if your language of choice doesn't have XOR:

return a != b

I'm gonna go out on a limb and suggest that that code should never have been written. Any developer worth their salt should have seen that reduction right off the bat.

To paraphrase the always insightful Ezra Zygmuntowicz, "No code is better than no code". I'm hereby christening this phrase as "Ezra's Law", and will publicly state that anyone I find not following it in our committed code will be flogged, or at least made to buy me a beer.

(Note: feel free to substitute [ 'faster' | 'more correct' | 'more maintainable' | 'clearer' ] for 'better' )

proacively value adding bullshit remover

2008-07-09T00:00:00-07:00

Wherein I lay out a manifesto I've been working on for a few months.

A Developer's Articles of Faith

The computer is never wrong. If something is amiss, it's because you caused it to be so. Seek understanding through iterative simplification, and rigorous delineation of scope. DO ONLY WHAT YOU CAN UNDERSTAND IN ONE SITTING, IN ONE SITTING
When in doubt, your computer is better at a given, well defined, repeatable task than you are. Embrace repeatability, consistency, and automation in your tooling and testing. CLEANLINESS IS NEXT TO GODLINESS
The marginal cost of CPU cycles is zero. The marginal cost of a developer's time and sanity is quite a bit more. Err on the side of making your life easier at the expense of the computer's. UNDERSTAND COMPUTERS, BUT DESIGN FOR PEOPLE (corollary: PREMATURE OPTIMIZATION IS THE ROOT OF ALL EVIL)
If you know what you're doing, you will probably never understand what you're doing right now better than you do right now. The cognitive context lost when you come back to a task at a later date is large, and can easily turn into your deepest effort drain. Where possible, leave your work at a natural conclusion, with as many low level ends tied up as possible. Where loose ends exist, track them mercilessly. LOOSE ENDS, LEFT UNADDRESSED, WILL SINK YOU
The counter-case: if you don't know what you're doing right now, give yourself time (or seek out help) to let the context sink in; nobody fires on all cylinders all the time. An important decision made early and wrongly is usually vastly more expensive than one made late but correctly (within reason, of course). IT'S OK (HEALTHY, EVEN) TO BE BEATEN, BUT ONLY IF YOU ADMIT IT

Organizational Maxims (an addendum)

Give developers the tools and environment they need. If anything; IT, HR, your office layout etc, aren't helping, then they're a liability. Full stop. A GREAT WORK ENVIRONMENT MAY NOT LEAD TO TEH AWESOME, BUT A SHITTY ONE WILL CERTAINLY LEAD TO FAILURE
Accept that you'll be wrong a good portion of the time, and build your processes around that. Shamelessly solicit feedback from the bottom to the top; make nobody too ashamed or scared to say anything to anyone (aside: if your people aren't willing to step up to that, you've got the wrong people). DO NOT STRATEGIZE / LEAD / DECIDE IN A BUBBLE (secondary lesson: EXPECT HINDSIGHT TO KICK YOUR ASS)
Do not tolerate the thin end of the wedge. Good developers are fickle beasts, and have an exceedingly low tolerance for anything that isn't on their terms (aside: if your people roll over and take obvious crap, then – again – you've got the wrong people). BULLSHIT IS THE KRYPTONITE OF GETTING COOL THINGS DONE