Hardening Compiler Flags for NixOS

In the past year some Mayflower colleagues have started using and contributing to NixOS, a purely functional GNU/Linux distribution that combines package and configuration management. We decided that we would give it a try in production but stumbled upon some issues that had to be resolved first. We have added new packages, services and fixed up some internal. Due to this work two colleagues have even gained commit access in the process. Weiterlesen

Do you know the difference between continuous integration, continuous delivery and continuous deployment?

Probably every common agile developer has heard these terms. But have you ever thought about the difference between them. I have really been wondering about this question and after some investigation I would like to share all information on this topic i have gathered.

To be able to understand continuous deployment it can be helpful to define its predecessors first – continuous integration and continuous delivery. Continuous integration (CI) usually refers to integrating, building and testing code within an integration environment. It assumes frequent integration of developers code into a shared repository, at least once a day. This makes sure that the local version of every individual developer doesn’t differ too much. Weiterlesen

Running a secure docker registry

Some time ago, our team decided to deploy the application which we are developing for our customer as a docker container. As docker is a promising but still very young technology, this decision naturally put us on a quest for finding a reliable, secure and maintainable setup — many things are still in flux in the community, and the resulting lack of proven best practices leaves a lot of room for experiments (sometimes frustratingly so).

In this blogpost, I want to share one result of our experiences: how to set up and maintain a secure private docker registry.

Weiterlesen

Domain-specific languages for fixture generation – a case study with Antlr4

A domain-specific language (DSL) is a programming language or descriptive file format to formulate and solve specific problems in specific domains, as opposed to generic descriptive file formats (such as XML) and general-purpose programming languages (such as Java) which can be employed in any domain.

A paradigmatic use case for a domain specific programming language is domain-specific computations, e.g. physical simulations, which can be simplified and optimized by using a language containing the required and only the required mathematical and physical expressions. At a project at Mayflower, we recently encountered a use case for employing a DSL as a descriptive file format: we designed a DSL describing document models to generate database fixtures from it. Weiterlesen

Run your tests with PHPStorm on your vagrant box

At Mayflower we usually use virtual machines managed with vagrant for our development environments. Though it was surprising to me, that I have hardly ever seen someone taking the time to investigate how to configure PHPStorm properly, so that it plays nice with the virtual machine in use. Thats why I want to show you a sample configuration via the SFTP-Deployment + Remote Interpreter capabilities of PHPStorm, where you won’t even recognize anymore that you are not working on your host system. This configuration is not only valid for a VM managed with vagrant, but with any other as well.

Weiterlesen

Secure Password Authentication

If you’re running a web service where your users have to authenticate, one of your options will probably be the classic password authentication. The user provides a term that uniquely identifies it, probably a user name or an email address, and a secret only known by the two involved parties, your service and the user. By presenting the correct secret both parties agreed upon when the user account was created, the user can prove his identity to the web service. Weiterlesen

Performant Handling of Excel Files in PHP

When you look at Excel solutions for PHP, the first thing you find is PHPExcel, digging a little bit further lets you find libXl. The prior is a pure PHP solution, the latter a native library for a couple of operating systems. There is a PHP extension that exposes this library to PHP, so you can do the same things with it that you can do with PHPExcel.

TL;DR: PHPExcel is nice, libXl with php_excel can do the same WAY faster. Use the Diagrams below to convince your customer/boss/CFO to invest in performance.

Weiterlesen

git rebase vs git merge

I am working now with git for about 1 year. The question when to use a git rebase and when to use a git merge always lead to confusion for me. To clarify this I want to show you what a git rebase really is, what advantages we can leverage from it and how to use it safely. Weiterlesen

beyond tellerrand / btconf 2014

It was the month of may – it was btconf time! Lucky me: I was able to attend this years beyond tellerrand conference in Dusseldorf again. It was for the fourth time Marc Thiele hosted this curated web conference and again, he managed to have really famous speakers on stage:

Weiterlesen

Salt and Pepper — Running native code within the browser with Google Native Client

When the web started off in 1989 at CERN, it was just a collection of static HTML documents, the first browsers were little more than document viewers, and computing still happend largely on big servers connected to many thin-client workstations. Much has changed over the last 20 years. Computing has moved from a the server-terminal model to the personal computers we know, and as web browsers are rapidly transforming from document viewers into sandboxed Javascript runtime environments, something amazing is happening: computing is moving back to a client-server model, with servers located in the cloud serving web applications running in the browser sandbox.

With browsers transforming into target platforms for general application development, there comes a desire for software running at near-native speed, something which a highly dynamic language like Javascript still has a hard time to deliver (even though Javascript runtimes have improved speed tremendously over the last years). It is not surprising that Google has come up with their own answer to this problem: Google native client (NaCl) allows native C/C++ code to be compiled to run directly in the browser and has been part of Chrome since version 14 (November 2011). In this blog post, I’ll take a closer look at this technology and explore how it works. Weiterlesen