FLOSS Project Planets

Palantir: Palantir.net's Guide to Digital Governance

Planet Drupal - Fri, 2017-01-13 16:04
Palantir.net's Guide to Digital Governance Palantir.net's Guide to Digital Governance brandt Fri, 01/13/2017 - 15:04 Scott DiPerna Jan 16, 2017

This comprehensive guide is intended to help get you started when developing a governance plan for your institution’s digital communications.

In this guide we will cover...
  • What digital governance is
  • Why digital governance is important
  • What topics you need to think about when building out a digital governance plan

We want to make your project a success.

Let's Chat.


Download the guide here.

Stay connected with the latest news on web strategy, design, and development.

Sign up for our newsletter.
Categories: FLOSS Project Planets

NumFOCUS: NumFOCUS End-of-Year Drive- we reached our goal!

Planet Python - Fri, 2017-01-13 15:21
The numbers are in and we are happy to announce that the NumFOCUS End-of-Year Fundraising Drive has raised $9,278.50, exceeding our original goal of $5,000! On behalf of NumFOCUS and all of the projects, we would like to extend our sincerest THANK YOU to everyone who donated this year.

These funds will go directly towards our mission to promote sustainable high-level programming languages, open code development, and reproducible scientific research. We will continue our efforts to support open source projects, grow programs such as Diversity in Scientific Computing, and increase sustainability and collaboration within the data science community.

Thank you again for making 2016 one of the best years yet. We look forward to another amazing year at NumFOCUS!

Posted by Savannah Mercado

Categories: FLOSS Project Planets

Drupalize.Me: Experimental Module Changes Coming in Drupal 8.3

Planet Drupal - Fri, 2017-01-13 15:10

Drupal 8.3 is still a few months away, coming April 5, 2017, but there are already some changes we can look at, most notably in the experimental modules. In December, 2 new experimental modules were added to core, and BigPipe was officially changed from a beta module to stable. The 2 new modules you'll find in 8.3 are Workflows and Layout. Let's take a peek at what these are all about.

Categories: FLOSS Project Planets

Palantir: New Years Resolution: Get Organized

Planet Drupal - Fri, 2017-01-13 14:24
New Years Resolution: Get Organized brandt Fri, 01/13/2017 - 13:24 Allison Manley Jan 16, 2017

In this five-part series, every Monday in January we’ll explore a New Year’s resolution and how it can apply to your web project.

We want to make your project a success.

Let's Chat.

Unless you’re Marie Kondo of the KonMari Method and make your living organizing, you likely have a few messes somewhere. Photo albums? That pile of books? Year-end taxes and receipts? (‘Tis almost the season for that too.)

When it comes to your online space, here are a few tips we can offer on how to get organized for 2017:

Lastly, if you want a comprehensive look at how to get your internal governance in order, check out our detailed guide on digital governance (37 page PDF). The ownership, management, and sustainability plan for an organization’s various digital communications platforms seems simple at a distance, but the devil is in the details.

Next week’s resolution: stay fit and healthy.

Let Palantir help you get organized.

We'd love to help you keep your 2017 resolution.

Let's chat.
Categories: FLOSS Project Planets

DrupalCon News: Come to DrupalCon and _________ a Session About ___________

Planet Drupal - Fri, 2017-01-13 13:56

When I was a kid, my siblings and I used to play with Mad Libs. If you aren’t familiar with them, Mad Libs are basically one-page stories or vignettes, with various words missing. Where those words should be are blanks, and each blank is labeled “noun” or “verb” or whatever type of word should be filled in.

Categories: FLOSS Project Planets

Jeff Geerling's Blog: Testing redirections using Behat and the Behat Drupal Extension

Planet Drupal - Fri, 2017-01-13 13:33

One project I'm working on needed a Behat test added to test whether a particular redirection works properly. Basically, I wanted to test for the following:

  1. An anonymous user accesses a file at a URL like http://www.example.com/pictures/test.jpg
  2. The anonymous user is redirected to the path http://www.example.com/sites/default/files/pictures/test.jpg

Since the site uses Apache, I added the actual redirect to the site's .htaccess file in the docroot, using the following Rewrite configuration:

<IfModule mod_rewrite.c>
  RewriteEngine on

  # Rewrite requests for /profile_images to public files directory location.
  RewriteRule ^ pictures/(.*)$ /sites/default/files/pictures/$1 [L,NC,R=301]

Testing with curl --head, I could see that the proper headers were set—Location was set to the correct redirected URL, and the response gave a 301. So now I had to add the Behat test.

Categories: FLOSS Project Planets

Christoph Zwerschke: Ending the Epic Battle for Overlay Icons

Planet Python - Fri, 2017-01-13 13:31

An epic battle is going on deep inside in the registry of my Windows PC. The combatants: Dropbox, Google Drive, OneDrive and the allied forces of TortoiseGit, TortoiseHg and TortoiseSVN. The weapons: blank spaces.

Let me explain: As so often, wars start when there are certain scarce or indivisible resources that are in demand by multiple contenders. In this, case, the resources are so called “overlay icons”. These are the tiny additions displayed at the lower left corner of the symbols for files and folders in the Windows explorer, like the small arrow that indicates a shortcut. Some third-party tools like TortoiseGit or Dropbox make also good use of them to show the state of the files in the registry or the cloud, like whether the file has been changed, is not yet synchronized and so on.

The problem is: Windows has only 15 slots available for such overlay icons. Yes, even in the latest Windows 10, you still only have 15 slots. While it didn’t matter much in former times, when they were rarely used, it has become a real problem today. Several different cloud services are now fighting for these few slots, and if you’re a developer, you will probably like TortoiseGit and other clients for source repositories which also use the overlay icons to display the state of the files in the registry in the Windows explorer, which is a tremendously helpful. While all the Tortoise clients share the same icons, these are already 9 of the available slots.

This means that in the end, not all overlay icons will be displayed. Windows simply sorts the registered overlay icons alphabetically in the registry and uses only the first 15 of them. Soon, software vendors found that there is a simple trick to get their icons into the top 10 of the overlay icons in front of all the others, just by prepending the icon names with a blank. This of course spurred an absurd arms race of vendors prepending names with more and more blanks in order to overtrump others already using this trick.

The Tortoise clients finally gave up adding blanks, with the annoying consequence that whenever there was an update of one of the cloud clients, and they re-registered their icon handlers with a nasty amount of blanks, my so useful overlay icons for the Tortoise clients disappeared.

Being tired of renaming the icon handlers in the registry by hand, I wrote the following Python script to finally end that epic battle. It simply removes all the prepended blanks from the icon names and adds only one blank to those icons I really want to use:

#/usr/bin/python3 import os import winreg as reg # names of all overlay icons that shall be boosted: boost = """ Tortoise1Normal Tortoise2Modified Tortoise3Conflict Tortoise4Locked Tortoise5ReadOnly Tortoise6Deleted Tortoise7Added Tortoise8Ignored Tortoise9Unversioned DropboxExt01 DropboxExt02 DropboxExt03 DropboxExt04 DropboxExt05 DropboxExt06 """ boost = set(boost.split()) with reg.OpenKey(reg.HKEY_LOCAL_MACHINE, r'SOFTWARE\Microsoft\Windows\CurrentVersion' r'\Explorer\ShellIconOverlayIdentifiers') as base: names = set() renames = [] i = 0 while True: try: name = reg.EnumKey(base, i) except OSError: break core = name.strip() if core in names: print('Delete', repr(core)) reg.DeleteKey(base, name) else: names.add(core) if core in boost: core = ' ' + core if core != name: renames.append((name, core)) i += 1 if renames: for old_name, new_name in renames: print('Rename', repr(old_name), 'to', repr(new_name)) value = reg.QueryValue(base, old_name) reg.CreateKey(base, new_name) reg.SetValue(base, new_name, reg.REG_SZ, value) reg.DeleteKey(base, old_name) else: print('Nothing to rename')

This script also demonstrates how you can modify the Windows registry using only Python and the batteries included in the standard library.

Note that this script needs to run with elevated privileges so that it can change the registry. One way to achieve this: Create a symlink to the Python executable on the desktop, open the properties dialog, add the full path to the above script as argument to its target and select “run as administrator” under the advanced options.

Unfortunately, you still need to decide which icons are most useful - you cannot have them all. You also need to run this script every time the icons get screwed up, and you need to reboot Windows in order to make the changes effective. After all, you’re running a Windows computer.

Categories: FLOSS Project Planets

Kdenlive 16.12.1 released with Windows version

Planet KDE - Fri, 2017-01-13 12:31

We are proud to announce the first maintenance release for the 16.12 cycle. Besides the usual bugfixes and usability improvements this release also marks the official release of the Windows port.

Windows port

Last summer, thanks to a Google Summer of Code slot, Joseph Joshua started to work on a Windows port of Kdenlive. Vincent Pinon then continued to work on it and we are excited to offer today the much expected first version of Kdenlive for Windows. This is a first testing version, zipped in a folder that does not require an install. You must however separately install FFmpeg, following the simple instructions provided on the download page.


Packaging effort is also going on the Linux side, with an up to date Appimage and *Ubuntu PPA containing the latest release, so you have no excuse not to try Kdenlive.

You can go straight to our download page to get the instructions to install Kdenlive 16.12.1

About Kdenlive

Kdenlive is an open source video editing software, based on the MLT framework and FFmpeg libraries. We are a small team and are always welcoming new contributors.

We hold a monthly IRC Kdenlive café where users and developers meet, and you can also exchange on our forum or on our mailing list. Some great tutorials are also available from the toolbox section of our website.

We are part of the KDE community, which provides, among other, all the infrastructure for Kdenlive.
Donations are always welcome: https://www.kde.org/community/donations/?app=kdenlive

Fixes and improvements in this version

More than 25 bugs were fixed in this release, as well as a few usability improvements.
See full changelog.

Fixes and improvements in this version


  • Middle-click + move now pans title and monitor scene. Commit. See bug #358178
  • Re-introduce transparency slider in titler background color. Commit.
  • Disable delete tmp folder button if no folder exists. Commit.


  • Fix rendering when forcing resize or fps change. Commit. Fixes bug #374739
  • Fix issues with slideshow proxy. Commit. Fixes bug #374469
  • Fix editing title or slideshow duration not updating project bin. Commit. Fixes bug #370902
  • Correctly label missing playlists on document opening. Commit.
  • Fix various titler bugs (pasting breaks color & font, incorrect selection). Commit. Fixes bug #374614
  • Fix creation of project profile with messy fps. Commit. Fixes bug #374613
  • Fix another possible corruption when relocating project folder. Commit.
  • Fix possible corruption on document saving (slash prepended to filename). Commit. See bug #374624
  • Fix slideshow animation lost on non english language. Commit. Fixes bug #374612
  • Cleanup mini timeline and keyframes in rotoscoping widget. Commit.
  • Rotoscoping: fix color, icons and control point activation. Commit.
  • Fix possible issue when opening moved project. Commit.
  • Fix possible corruption when opening doc with slowmotion clip. Commit.
  • Fix path & lookup for pattern in slideshow. Commit.
  • Fix size slider not updating in animated parameter. Commit.
  • When possible, enforce breeze or fusion style on Windows (fixes color issues). Commit.
  • Fix standard DV profile not selectable unless clicking on interlace. Commit.
  • Switch to frei0r.alphagrad for effect compare (faster & available on Windows). Commit.
  • Warn before deleting used clips. Commit.
  • Change minimum timeline height from 200 to 100. Commit. Fixes bug #374449
  • Fix timeline zone on new projects. Commit. Fixes bug #374373
  • Fix warning about QOffscreenSurface thread. Commit. Fixes bug #374095
  • Use AppDataLocation instead of deprecated DataLocation, remove useless Windows hack. Commit.
  • Fix translation of wizard warning. Commit.
  • Check FFmpeg’s executable in same folder as MLT first. Commit. See bug #373889
  • Fix dbus communication broken by recent move of KDBusService. Commit. Fixes bug #367875
  • Move DBus and force icon theme above KAboutData. Commit. See bug #373531
  • Fix “go to previous keyframe” not going to clip start if no keyframe at start. Commit.
  • Fix image / color clips if defaut duration is set to 1 frame. Commit.
  • Fix bin closing on fps change. Commit. Fixes bug #373534
  • Fix detection of MLT in current directory (Windows). Commit.
  • Fix timeline guide uneditable when over clip. Commit. Fixes bug #373463
  • Fix title clip multiple selection. Commit. Fixes bug #358178
  • Load KIconTheme after DBus start (fix Windows icons). Commit.
  • Fix timeline cursor offset after changing track height. Commit. Fixes bug #373468
  • Do not reset keyframe type when editing effect with only one keyframe. Commit.
  • Disable trim window shortcut since feature is unstable. Commit.
Categories: FLOSS Project Planets

Modules Unraveled: New FREE Series! Drupal 8: Composer and Configuration Management

Planet Drupal - Fri, 2017-01-13 11:34

I'm releasing a new series today!!!!!

Over the last year, I've given a talk at DrupalCon, DrupalCorn Camp, and Drupal Camp Colorado all about using Composer and Configuration Management in Drupal 8. Those sessions were around 45 minutes, which is much too short to go in depth, and explain everything thoroughly.

This series is the answer to that issue.

There is just over 1hr 15min of content in 26 videos that fall pretty well into seven parts. Here's the outline:

Part 1: Intro
  • Intro
Part 2: Installing Drupal 8 Locally
  • Creating a New Drupal 8 Project Using the Composer Template
  • Setting Up MAMP to Serve Your Site Locally
  • Using xip.io for Local Device Testing
  • Creating a Drush Alias
  • Installing Drupal with Console
  • Configuring settings.php and settings.local.php
  • Committing Your Project to Git
Part 3: Using Composer
  • Installing and Uninstalling Modules with Composer
  • Installing the Dev Version of Modules
  • Updating and Downgrading Modules
  • Skipping Specific Module Versions
  • Specifying Acceptable Version Ranges
  • Enabling Modules with Drush and Deciding What Version Pattern to Use
Part 4: Configuration Management
  • Setting the Config Directory in settings.php
  • Exporting Config Locally
  • Using the Configuration Installer Install Profile
Part 5: Installing Drupal 8 on a Remote Server
  • Installing the Site on a Production Server with Composer
Part 6: Overriding Settings in Code with settings.local.php
  • Setting up settings.local.php
  • Changing the Site Name and Disabling CSS Aggregation in settings.local.php
  • How to Enable Theme Debugging on Development Sites
  • Overriding Module Configuration (Like Google Analytics) in settings.local.php
Part 7: Putting it all Together
  • Configuring a Local Site and Exporting it's Configuration with Git
  • Pulling Changes to a Remote Site (And some gotchas)
  • Using Drush Shell Aliases to Make Development Easier
  • Verifying the Changes Made on Local and Reflected on Live

I'm pretty excited to finally have this series out, and hope you enjoy it! Oh... did I mention that it's ABSOLUTELY FREE?!?! Well, it is! So, check it out now, and let me know what you think.

Tags: Drupal 8ComposerConfiguration ManagementLocal DevelopmentDrushGitShell-Aliasesplanet-drupal
Categories: FLOSS Project Planets

PyTennessee: PyTN Profiles: Jacques Woodcock and Lasso

Planet Python - Fri, 2017-01-13 09:32

Speaker Profile: Jacques Woodcock (@jacqueswoodcock)

Jacques started out as a graphic designer, turned, interactive programmer turned programmer who has 14+ years of experience in web technologies including PHP, JS, Python, ActionScript, Coldfusion and more.

Jacques will be presenting “Let’s Build a Hash Table, In C” at 2:00PM Saturday (2/4) in Room 300. One of the core data structures, especially for higher-level languages, though typically under the hood, let’s look at what a hash table is, why and when we may use. Then let’s build one.

Sponsor Profile: Lasso (@LassoWorkforce)

LASSO’s event workforce management and crew scheduling software enables companies in the Event Service industry to find, schedule, communicate with and manage their complex and mobile workforce.

Categories: FLOSS Project Planets

DataCamp: DataCamp's 2017 Conference Guide

Planet Python - Fri, 2017-01-13 09:17

2017 is bound to be an exciting year in Data Science. Here's DataCamp's list of conferences that we're most excited about in the new year. Whether you're an R user, a Python hacker, or just a general data science fan - you're sure to find a great conference to attend next year on this list!

Open Data Science Conference (multiple dates/locations)

The Open Data Science Conference (ODSC) is a fantastic option for aspiring data scientists and analytics teams looking to learn the latest and greatest techniques. ODSC conferences are hosted throughout the year in multiple locations across the world, which gives you a lot of flexibility in choosing a time and place that works for your team.

ODSC brings together the best and brightest in the Data Science community to discuss topics like deep learning, data wrangling, and predictive analytics. You'll gain exposure to new programming languages and data science tools like R, Python, NoSQL, Julia, Apache Spark, Hadoop, Neo4J, R-Shiny and much, much more!  If you decide to register, you'll be in good company as teams from the most influential tech companies (Facebook, Google, Netflix, Uber, etc.) are known to attend. 

Tableau Conference 2017  (Las Vegas, NV: October 9-13, 2017)

Tableau Conference is returning to Las Vegas, October 9-13, 2017. Tableau Conference provides hundreds of hands-on training sessions and networking opportunities giving you countless ways to learn. You'll be joined by thousands of data professionals in an energetic, informative environment. You can even take advantage of their Data Night Out party to network with some of the best in the industry. 

Strata + Hadoop World Conferences (multiple dates/locations)

Presented by O'Reilly and Cloudera, the Strata + Hadoop World Conferences let attendees experience the intersection of cutting-edge data science topics and business fundamentals. Like ODSC, Strata + Hadoop World Conferences are scheduled at various times and locations throughout 2017 including San Jose (March 13-16, 2017), London (May 22-25, 2017), New York (September 25-28, 2017), and Singapore (Dec 4-7, 2017).

Strata + Hadoop World attracts all sorts of analytics professionals including data analysts, data scientists, developers, CIOs, CTOs, VPs and more! Whether you're looking to hire new analytics talent or how to leverage and scale data science in your own business - the Strata + Hadoop World Conferences are a fantastic place to start! 

Teradata Partners Conference (Anaheim, CA: October 22-26, 2017)

Teredata Partners Conference, hosted by Teradata, is a customer-led global data science conference. This unique format means that a panel of customers select 80% of the session content which is then brought to life by industry practitioners and experts in the chosen topic. Attendees can choose between different tracks, including a "business" track and a "technical" track - meaning anyone from your organization can find value and learn something new. 

rstudio::conf (Kissimmee, FL: January 11-14, 2017)

Any R users in your organization? Then this conference is certainly worth your attention. rstudio::conf, by RStudio, provides an opportunity for R programmers to boost their knowledge and meet with members from the R community. Here's just a couple of things RStudio say's you'll learn: how to write better shiny applications, understand the new capabilities of the R Markdown authoring framework, apply R to big data and Spark, explore the “tidyverse” of tools for data science, discover best practices and tips for coding with RStudio, investigate enterprise scale development and deployment practices and tools – including the new RStudio Connect. 

AnacondaCON 2017 (Austin, TX: February 7-9, 2017)

AnacondaCON 2017 is a must for any Python for data science professionals. AnacondaCON is the place to fast track your current knowledge of Open Data Science, through engagement with visionaries who have established modern Open Data Science technology and are pioneering its evolution. You’ll learn best practices and how other thought leaders are leveraging Anaconda to accelerate the value from their data.

This 3-day conference will feature speakers like Blake Borgeson from Recursion Pharmaceuticals and Hilary Mason of Fast Forward Labs. DataCamp's own Jonathan Cornelissen will also be speaking at the event, so don't miss out!

useR! 2017 (Brussels, Belgium: July 4-7, 2017)

Another important conference for R users to mark on their calendar is useR! 2017. The annual useR! conference is the main meeting of the international R user and developer community. Its program consists of both invited and user-contributed presentations.The invited keynote lectures cover a broad spectrum of topics ranging from technical and R-related computing issues to general statistical topics of current interest. This year these topics include R in Business and Industry, Bioinformatics, Economics, Finance and Insurance, Machine Learning and predictive models, and much more!

PyData (multiple dates/locations)

Python users should also take note of upcoming PyData conferences including PyData London 2017 hosted by Bloomberg. PyData brings together the data analysis community to share ideas and learn from each other. The goals are to provide data science enthusiasts, across various domains, a place to discuss how best to apply languages and tools to the challenges of data management, processing, analytics, and visualization with Python. 

SciPy (multiple dates/locations)

The annual SciPy Conferences allows participants from academic, commercial, and governmental organizations to showcase their latest Scientific Python projects, learn from skilled users and developers, and collaborate on code development. The conferences generally consists of multiple days of tutorials followed by two-three days of presentations, and concludes with 1-2 days developer sprints on projects of interest to the attendees.

Deep Learning in Healthcare Summit (Boston, MA: May 25-26, 2017)

Re·Work's Deep Leaning in Healthcare Summit (co-located with the Deep Learning Summit) is a fantastic opportunity for those in the healthcare/bioinformatics community to learn ways deep learning tools can revolutionize their industry. The speaker list includes representatives from Phillips Research, Vertex Pharmaceuticals, GenomeDx Biosciences, Inc., Harvard Medical School and more!  

This summit will feature topics such as personalized medicine, diagnostics, natural language processing, medtech, and a variety of other important topics in the field. With a list of past attendees including names like Procter & Gamble, GlaxoSmithKline, Roche, Johnson & Johnson, and more - you definitely won't want to miss out. 

Insurance Nexus USA 2017 (Chicago, IL: March 14-15, 2017)

For those in the insurance industry, the Insurance Nexus USA 2017 conference should definitely be on your radar. This event brings together 300+ attendees and 40+ industry speakers to discuss innovative data strategies in the field. 70% of the attendees are from the insurance industry so this is an ideal conference for attendees focusing on this niche. 

MIT Sloan Sports Analytics Conference (Boston, MA: March 3-4, 2017)

The MIT Sloan Sports Analytics Conference is an opportunity for anyone interested in sports to see how analytics is impacting the industry. The conference features a variety of speakers and panels including owners and managers of large sports organizations, publications, and tech companies. The conference also hosts some exciting events like a Hackathon co-sponsored by ESPN and Ticketmaster as well as case competitions and career development workshops. If you are interested in the intersection of sports and analytics - this is the place to be!

What conferences are you interested in attending in 2017? Let us know below!

Feeling inspired by your latest conference? 

DataCamp for Business is the most scalable, cost efficient way for managers to train and educate their analytics and data science teams. It allows managers to set assignments based on specific learning goals, monitor progress, and evaluate performance - all in one simple dashboard. Business accounts get access to over 160 hours of engaging content covering every step of the data science workflow. This is 5x more R and Python focused data science content than other sites like Lynda.com at a fraction of the cost of live instructors and in-person training. Our interactive courses see completion rates that are 6x higher than traditional online classes meaning your team will be engaged and motivated to complete their training. 

Categories: FLOSS Project Planets

DataCamp: New Course: pandas Foundations

Planet Python - Fri, 2017-01-13 08:29

We just launched pandas Foundations taught by Dhavide Aruliah, Director of Training at Continuum Analytics! In this course, you'll learn how to use the industry-standard pandas library to import, build, and manipulate DataFrames. With pandas, you'll always be able to convert your data into a form that permits you to analyze it easily. You'll also learn more about NumPy, how it stores data, and its relation to the pandas DataFrame. Ready to get started?

Start For Free

pandas Foundations features 63 interactive exercises that combine high-quality video, in-browser coding, and gamification for an engaging learning experience that will get you on your way to becoming pandas master!

What you'll learn

In the first chapter, you will become acquainted with the powertool of pandas - the DataFrame. You will learn how to use pandas to import and then inspect a variety of datasets, ranging from population data obtained from The World Bank to monthly stock data obtained via Yahoo! Finance. You will practice building DataFrames from scratch and become familiar with pandas' data visualization capabilities [Start First Chapter For Free] The next chapter focuses on Exploratory Data Analysis with pandas. Next, you will learn how to manipulate and visualize time series data using pandas. You will become familiar with concepts such as upsampling, downsampling, and interpolation. You will practice using pandas' method chaining to efficiently filter your data and perform time series analyses. Lastly, you will bring together and apply all of the skills you have acquired in this course with a case study. 

Start For Free
Categories: FLOSS Project Planets

Elena 'valhalla' Grandi: Modern XMPP Server

Planet Debian - Fri, 2017-01-13 07:59
Modern XMPP Server

I've published a new HOWTO on my website 'http://www.trueelena.org/computers/howto/modern_xmpp_server.html':

http://www.enricozini.org/blog/2017/debian/modern-and-secure-instant-messaging/ already wrote about the Why (and the What, Who and When), so I'll just quote his conclusion and move on to the How.

I now have an XMPP setup which has all the features of the recent fancy chat systems, and on top of that it runs, client and server, on Free Software, which can be audited, it is federated and I can self-host my own server in my own VPS if I want to, with packages supported in Debian.


I've decided to install https://prosody.im/, mostly because it was recommended by the RTC QuickStart Guide http://rtcquickstart.org/; I've heard that similar results can be reached with https://www.ejabberd.im/ and other servers.

I'm also targeting https://www.debian.org/ stable (+ backports); as I write this is jessie; if there are significant differences I will update this article when I will upgrade my server to stretch. Right now, this means that I'm using prosody 0.9 (and that's probably also the version that will be available in stretch).

Installation and prerequisites

You will need to enable the https://backports.debian.org/ repository and then install the packages prosody and prosody-modules.

You also need to setup some TLS certificates (I used Let's Encrypt https://letsencrypt.org/); and make them readable by the prosody user; you can see Chapter 12 of the RTC QuickStart Guide http://rtcquickstart.org/guide/multi/xmpp-server-prosody.html for more details.

On your firewall, you'll need to open the following TCP ports:

  • 5222 (client2server)

  • 5269 (server2server)

  • 5280 (default http port for prosody)

  • 5281 (default https port for prosody)

The latter two are needed to enable some services provided via http(s), including rich media transfers.

With just a handful of users, I didn't bother to configure LDAP or anything else, but just created users manually via:

prosodyctl adduser alice@example.org

In-band registration is disabled by default (and I've left it that way, to prevent my server from being used to send spim https://en.wikipedia.org/wiki/Messaging_spam).

prosody configuration

You can then start configuring prosody by editing /etc/prosody/prosody.cfg.lua and changing a few values from the distribution defaults.

First of all, enforce the use of encryption and certificate checking both for client2server and server2server communications with:

c2s_require_encryption = true
s2s_secure_auth = true

and then, sadly, add to the whitelist any server that you want to talk to and doesn't support the above:

s2s_insecure_domains = { "gmail.com" }


For each virtualhost you want to configure, create a file /etc/prosody/conf.avail/chat.example.org.cfg.lua with contents like the following:

VirtualHost "chat.example.org"
enabled = true
ssl = {
key = "/etc/ssl/private/example.org-key.pem";
certificate = "/etc/ssl/public/example.org.pem";

For the domains where you also want to enable MUCs, add the follwing lines:

Component "conference.chat.example.org" "muc"
restrict_room_creation = "local"

the "local" configures prosody so that only local users are allowed to create new rooms (but then everybody can join them, if the room administrator allows it): this may help reduce unwanted usages of your server by random people.

You can also add the following line to enable rich media transfers via http uploads (XEP-0363):

Component "upload.chat.trueelena.org" "http_upload"

The defaults are pretty sane, but see https://modules.prosody.im/mod_http_upload.html for details on what knobs you can configure for this module

Don't forget to enable the virtualhost by linking the file inside /etc/prosody/conf.d/.

additional modules

Most of the other interesting XEPs are enabled by loading additional modules inside /etc/prosody/prosody.cfg.lua (under modules_enabled); to enable mod_something just add a line like:


Most of these come from the prosody-modules package (and thus from https://modules.prosody.im/ ) and some may require changing when prosody 0.10 will be available; when this is the case it is mentioned below.

  • mod_carbons (XEP-0280)
    To keep conversations syncronized while using multiple devices at the same time.

    This will be included by default in prosody 0.10.

  • mod_privacy + mod_blocking (XEP-0191)
    To allow user-controlled blocking of users, including as an anti-spim measure.

    In prosody 0.10 these two modules will be replaced by mod_privacy.

  • mod_smacks (XEP-0198)
    Allow clients to resume a disconnected session before a customizable timeout and prevent message loss.

  • mod_mam (XEP-0313)
    Archive messages on the server for a limited period of time (default 1 week) and allow clients to retrieve them; this is required to syncronize message history between multiple clients.

    With prosody 0.9 only an in-memory storage backend is available, which may make this module problematic on servers with many users. prosody 0.10 will fix this by adding support for an SQL backed storage with archiving capabilities.

  • mod_throttle_presence + mod_filter_chatstates (XEP-0352)
    Filter out presence updates and chat states when the client announces (via Client State Indication) that the user isn't looking. This is useful to reduce power and bandwidth usage for "useless" traffic.

@Gruppo Linux Como @LIFO
Categories: FLOSS Project Planets

James Oakley: How to secure a Drupal website

Planet Drupal - Fri, 2017-01-13 05:45

OK - I'll hold my hands up. The title of this post is misleading. I'm not going to give you an ABC on how to secure a Drupal site (maybe another day). I'm responding to a post on the Reseller Club blog entitled How to Secure Your Client's Drupal Website.

There is some good advice in that article, but it's mixed in with some bad advice, and in other parts it's just plain confused. In the hope that it helps people, I'm going to try and untangle things.

Blog Category: Drupal Planet
Categories: FLOSS Project Planets

ADCI Solutions: Drupal 7 Performance Tips

Planet Drupal - Fri, 2017-01-13 05:34

Drupal 8 has been released more than one year ago, but Drupal 7 is still widely used: it's totally stable, feature-rich, actively maintained and has tons of available modules for functionality extension. In this article I would love to draw your attention to Drupal 7 performance only. You can find a lot of information on Drupal 7 performance over the Internet since Drupal 7 is available for a long time, but anyway things change and new options appear. Website performance is very important because it can lead to higher conversion rates, higher search ranking and hosting costs reduction. I'll focus on Drupal 7 performance on the server side, but there are other areas where website performance can and should be improved including front-end, database, etc. These options are highlighted here.


Categories: FLOSS Project Planets

Nikola: Nikola v7.8.3 is out (emergency bugfix release)

Planet Python - Fri, 2017-01-13 04:20

On behalf of the Nikola team, I am pleased to announce the immediate availability of Nikola v7.8.3. This is an emergency bugfix release, which fixes a bug that prevented nikola new_page from working. There has also been a minor change to post sorting order (won’t affect most sites). The wheel packages have also been fixed (they now exist for Python 2 and 3, with correct doit versioning).

What is Nikola?

Nikola is a static site and blog generator, written in Python. It can use Mako and Jinja2 templates, and input in many popular markup formats, such as reStructuredText and Markdown — and can even turn Jupyter (IPython) Notebooks into blog posts! It also supports image galleries, and is multilingual. Nikola is flexible, and page builds are extremely fast, courtesy of doit (which is rebuilding only what has been changed).

Find out more at the website: https://getnikola.com/


Install using pip install Nikola or download tarballs on GitHub and PyPI.

Changes Features
  • Sort posts chronologically with one unified function (easier to change). (Issue #2627)
  • Sort posts in the following order (most important last): source path (A-Z), title (A-Z), date (reverse chronological order), priority meta number (descending). (Issue #2627)
  • Fix a bug that prevents nikola new_page from working (Issue #2631)
Categories: FLOSS Project Planets

Pronovix: Graph databases in Drupal: a Neo4j module that integrates with Rules

Planet Drupal - Fri, 2017-01-13 03:20

SQL databases are really fast when you need all the information stored together in a record row, but they are a bad fit when you need to search for relationship patterns that are not already stored together in your database. A significant performance penalty is incurred for every additional table that needs to be joined for a query. That is why SQL databases are notoriously bad at deducting relationships from datasets. Graph databases however are really good at this task.

Categories: FLOSS Project Planets

Dougal Matthews: Static Websites with Flask

Planet Python - Fri, 2017-01-13 02:40

I was investigating static site generators last week, I have used a couple of them before; this website is generated by Pelican, I am one of the maintainers of MkDocs, I use Sphinx regularly and I have written my own before1.

However, this time I wanted something a little bit different. I wanted to generate a website based on some very specific logic. I was looking for something like a "static site generator framework". Most static site generators take a set of Markdown or reStructuredText files and merge them with a template (and generate the navigation etc.). For my needs, I needed to generate the site based on a specific data source. Only a small number of the pages would be truly static, the others I would just generate on a semi-regular basis.

Possible approaches

I considered writing a pre-processor that would generate a website Pelican could build - but that felt a little inflexible. I also thought about writing a plugin for Pelican, and I was just about to start when Rachid Belaid recommended Frozen-Flask. The chance to re-use my existing Flask experience and the Flask ecosystem was hard to turn down.

Getting stated

Spoiler: It couldn't be any easier. I am impressed.

This is the example in the documentation, and in many cases I'm sure it is all you need (after a pip install). I didn't do anything extra.

from flask_frozen import Freezer from myapplication import app freezer = Freezer(app) if __name__ == '__main__': freezer.freeze()

It is easy to see how Frozen-Flask would find and generate URLs without parameters. However, I have some pages that are generated with code similar to the following. Will this work? How can it determine the possible values for page?

@pages.route('/<page>/') def page(page): contents = store.get_page(page) return flask.render_template("page.html", contents=contents, name=page)

I was amazed that Frozen-Flask picked up all of these - from the documentation it sounds like they have found a way to hook into the url_for in Flask (the method that creates URL's for each of your endpoints). They then follow each of these links and essentially crawl the website. So if your pages are linked internally or don't require any parameters they will be generated automatically2. Very neat.

At some point I will have to look and see how this works.

Moving Beyond Static

I only thought of this advantage after the fact, but it occurs to me, that if I ever want to make this website dynamic, it would be very easy - I just need to remove Frozen-Flask and host it like any other site, the transition would be seamless.

  1. It was the cool thing to do a few years ago. Yeah, I regretted it. The amusing part is that I said "I wont do this again". It was only a while after I started working on MkDocs that I realised it was just another static site generator. With a different goal of course, so I think it works well. It is interesting how we can sometimes group these things differently when they are largely the same. 

  2. Any endpoints that are not called with display a warning, so you don't need to worry about pages being missed. Of course, if you don't link to every possible input, some will be. You can provide a URL generator to be safe. 

Categories: FLOSS Project Planets

Kris Vanderwater: Hedron: Or my dissatisfaction with local development.

Planet Drupal - Thu, 2017-01-12 21:22
Hedron: Or my dissatisfaction with local development. Kris Vanderwater 12 January 2017

I like things that work. I think most technicians do, but as a web developer I have a very serious problem. My most effective environment for doing web development is the one that exists on my own personal box. It can also be a rather impractical place to develop because most of my customers (current and historic) are on rather customized server stacks. Typically, the host has customized the environment to their own specifications. It's not uncommon to find additional services like solr or maybe a memcache server in the mix.

Categories: FLOSS Project Planets
Syndicate content