This one is generated from the list of classifiers you provide to PyPI.
If no Python version classifiers exist, it defaults to Python 2.7. This is because really, Python 3 is not widely used in production or supported by libraries.
I think this one is really cool. Chances are you’re unlikely to get more than two supported implementations, like CPython and PyPy or CPython and Stackless.
The shield uses the Python implementation classifiers to generate this shield. It supports all classifiers that PyPI supports (CPython, Jython, Iron Python, PyPy and Stackless) and defaults to CPython is none are set.
This change is simply because of the upgrade of the shields library. This allows us to use the default rounded badges like below.
But also allow you to use a much nicer, cleaner, flat styling like the ones used on this …
With haproxy 1.5 finally being released we are lucky enough to get a basic interface around OCSP stapling.
Sadly this interface really is quite basic and it’s not the simplest thing to figure out without some trial and error.
According to the official documentation, you should be able to pipe your OCSP response to haproxy via it’s stats socket. Sadly I could not get this to work properly at all, so I decided to swap the piping for a file and reload solution.
You’ll need to get a copy of your certification authorities root certificate to proceed with this.
Looking for your OCSPURI
If you don’t know the URI you need to do an OCSP lookup against, you can find it in your certificate data.
Inside the output, look for the following section.
This proposal describes a build system for generating “wheel” archives and is very, very informal. This plan was drawn up after a random discussion with Jannis Liedel on Twitter and IRC.
Wheel files can be platform and Python-version dependent, a way of generating these files automatically needs to be created and linked to the Packaging Index (PyPI.)
After discussions with Jannis, I believe the simplest solution would likely be the best solution for this problem. As such, I feel that using a custom-built, lightweight solution makes more sense than using something like buildbot.
I feel the platform should leverage existing Python packages that are tried, tested and well used in the community. Therefore I feel we should use a combination of the following;
Due to the volumn of requests, I only keep 90 days of logs from nginx and no logs from Varnish, pypipin or the local version of buckler. nginx sits in front of Varnish so, even if Varnish responds with a cached version of the shield, a log line is still written to say it was requested.
By default haproxy enables stateless SSL session resumption, but you can enable stateful session resumption in accordance with RFC 5077. This functionality, like the SSL handling it relies on is only available from haproxy 1.5.
The option to enable stateful SSL session resumption is as below
You will need to add it in to your bind line, like below
I am a firm believer in using SSL as much as possible, for me that is pretty much everywhere and, thanks to the wonderful guys at GlobalSign, most of my SSL certificates are free becauses my projects are all open source.
I used a blog post by Hynek Schlawack as a base for my SSL setup, he is keeping this article up-to-date as much as possible so it should be a great source for any security conscious people that would like to know more and get good explanations about each part.
Let’s take a brief look at how this website achieves it’s A* rating.
I have previously written an article on using SPDY with haproxy but have been spending some time recently being annoyed that the SPDY check tool said I didn’t advertise a fall back to HTTP over SSL in the NPN protocol list.
After some digging I discovered it was actually quite simple to advertise multiple protocols using npn and haproxy.
Previously my article called for using the following section of configuration at the end of the bind line.
To advertise HTTP protocols as well as SPDY you simply need to add them to the npn list, using commas as a delimiter.
If you’re an Python developer that uses Ubuntu or even Debian, you have probably heard of Felix Krull’s deadsnakesPPA.
I find myself using it a lot and since I tend to destroy my environments quite frequently, I thought I’d save myself some time and write a simple shell script to install the PPA, the versions of Python I frequently use and, after messing up a machine — ignore the existing version of python.
Some time back in April 2013 I was bored and looking for a new project to keep my attention, if only for a short period of time.
My colleague @codeinthehole had an idea but no time to implement it, this idea was to have shields like those of travis-ci (shown below) but displaying package download counts.
From the very start I decided to use Tornado framework, although this may change in the future.
The original plan was to generate the images using Pillow (PIL) and then simply cache them to disk. I decided it would make far more sense to do this using Varnish and not have to worry about it working as expected.
Manually generating the images
The images were originally generated from a base template using Pillow, but sadly Python’s image manipulation is not very good, especially it’s text manipulation and the shields could …
Goodybye Google Analytics & hello Open Web Analytics
I’ve been planning on doing it from a while because I do not like Google Analytics, I don’t like being tracked and I actively stopped trying to use Google services for my own reasons.
The company I work for uses Piwik for some of our clients, I am not a fan of Piwik or how it works and does things. I did some research and found some service providers but their free options were limited or I felt they weren’t a good fit, eventually I stumbled upon Open Web Analytics and decided that it not only suited my purposes, but it meant servers I control would hold the analytical data, rather than some third party.