Talking JavaScript in Berlin

Last Thursday we met the rest of berlin.js (JavaScript Berlin User Group) at co.up in Berlin Kreuzberg. After a quick news round by the organizers about unconf (did you know the cool people at hood.ie are giving away a couple of tickets?), froscon and rejectjs, we dove right into four great JavaScript-related talks. To summarize the evening…

Node Deployment

Bodo Kaiser likes to get a bit of both worlds when hosting his node apps. Which worlds? Well, that of a PaaS environment and the virtual machine. Going with Arch Linux – where one does not ‘have to bother with a lot of configuration’ – and nginx to have multiple subdomains on one server, Bodo deployed his classic Hello World app live.


The happy lady bottom left is Sara. She very much enjoyed the meetup.

Bodo has got it all written down for you. He threw in a little extra for the Berlin.js crowd talking about git clone --bare LINK and how to execute different hook scripts. (more…)

How-to use the anynines Swift service with Carrierwave

Web apps often produce files such as images, videos or documents. For a long time it was standard to put those files into the filesystem – but as we mentioned in a recent post – today that is considered a bad practice. Instead we recommend using OpenStack Swift, a highly scalable solution that can serve up to hundreds of petabytes. What’s more is that Swift is redundant, allowing the service to survive the outage of one or multiple servers.

In the post I mentioned earlier, we looked at the Paperclip gem, and combined it with Swift to produce files. In this post we’ll look at Carrierwave. The Carrierwave gem provides a simple and extremely flexible way to upload files from Ruby applications. It works well with Rack based web applications, such as Ruby on Rails.

Carrierwave + Swift demo application

We wrote a small application that demonstrates how Rails 3.2.13, Carrierwave, a9s Swift Service and PostgreSQL work together. You can find the example app on GitHub. This application is an adaptation of n0ne’s Rails-Carrierwave-jQuery-File-Upload application. You can use this application to do a test run on anyines.com. (more…)

Heartbleed; our recommendation for anynines users

Update: Wednesday April 9 at 16:55 CET we created new certificates for a9s.eu and a9sapp.eu, anynines’ gateways.

April 7th the OpenSSL team released a new version of OpenSSL to address a serious security issue that might leak sensitive data to anyone who is able to connect to your SSL services (if you are running OpenSSL version 1.0.1). CVE-2014-0160 is the official reference to this bug. The website heartbleed.com hosts a writeup of the consequences this bug might have.

StackOverflow related forums were literally overflowing with questions the last couple of days and rightly so. This serious vulnerability affects a substantial number of applications running on the internet, including anynines. We advise all anynines users to update their passwords as a precautionary measure.

If you are currently running SSL, you should re-key and reissue your certificate and update it, as it may have been exposed.

OpenSSL upgrade

All our servers, including all host machines of anynines and SSL gateways, are running automatic upgrades, started every 10 minutes by Chef. These upgrades have installed successfully at April 8, 6:36 AM CET and our webservers are now using the most recent OpenSSL dynamic library.

anynines certificates

The issue was fixed in all our systems directly after the new libopenssl version was available. We have checked all our hosts with open ports and SSL for any leaks and we are ‘all green’ on our side.

However, we cannot know for certain if any private SSL key is stolen. Therefor we advise you to re-key and reissue your certificates.

In case you have any questions, please send us an email at support@anynines.com.