Introduction

This guide outlines a procedure for installing the following Rails environment:

• Ubuntu 11.10
• Ruby 1.92
• Rails 3.20
• Rubygems 1.8.15
• MySQL
• SQLite
• Git

Step 1: Update your operating system packages

The first thing we are going to do is get the latest updates for Ubuntu. The following two commands will download and install the latest Ubuntu updates.

sudo apt-get update
sudo apt-get upgrade

Step 2: Install Ruby 1.9.2, build-essential, and git

Ubuntu provides several versions of Ruby. If you aren’t careful, you may end up installing older or even multiple versions. We want to install version 1.9.2 so we have the latest and greatest. For this, and other tasks ahead of us, we’ll also need build-essential as it has the developer tools that will be needed to compile various gems. Git is optional, but it doesn’t hurt to have a handy version control system at your disposal.

sudo apt-get install ruby1.9.2-full build-essential git-core

Step 3: Install RubyGems 1.8.15

Ubuntu is a few versions behind on their offical RubyGems package. So rather than using that we’ll use the RubyGems installation method here. You’ll download version 1.8.15 of RubyGems, unzip it, and then run the setup.rb program to install it.

wget http://production.cf.rubygems.org/rubygems/rubygems-1.8.15.tgz
tar -zxvf rubygems-1.8.15.tgz
cd rubygems-1.8.15
sudo ruby setup.rb

Step 4: Update RubyGems

Once you have RubyGems installed, you want to double-check to make sure you have the latest version of the RubyGems software and then update all gems, if you have any installed.

sudo gem update --system
sudo gem install rubygems-update
sudo update_rubygems

Step 5: Install everything else

Now that you have RubyGems installed, it’s time to install Rails and the rest of the gang. One of the common issues I’ve run into when installing Rails is that I’d get compile errors when installing MySQL or SQLite. We’ll address that by installing the the right Ubuntu packages. I’ve also run into the occasional error when running commands to generate new models, controllers, etc. We’ll fix that by installing node.js as the JavaScript framework.

sudo gem install rails
sudo apt-get install libsqlite3-dev
sudo gem install sqlite3
sudo apt-get install nodejs
sudo apt-get install mysql-server mysql-client
sudo apt-get install libmysql-ruby libmysqlclient-dev
sudo gem install mysql

Step 6: Test Drive

You should now have a working Ruby on Rails environment. To test it out, create a Rails application in your home directory as follows:

cd ~/
rails new app_of_the_century
cd app_of_the_century
rails generate model User

If you installation worked, Rails should create your application file/folder structure and generate a User model all without a single error.

Cut and Paste Version

Now that I’ve explained it step-by-step above, here’s a cut and paste version that should “just work” if you were to paste it into a terminal window.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install ruby1.9.2-full build-essential git-core
wget http://production.cf.rubygems.org/rubygems/rubygems-1.8.15.tgz
tar -zxvf rubygems-1.8.15.tgz
cd rubygems-1.8.15
sudo ruby setup.rb
sudo gem update --system
sudo gem install rubygems-update
sudo update_rubygems
sudo gem install rails
sudo apt-get install libsqlite3-dev
sudo gem install sqlite3
sudo apt-get install nodejs
sudo apt-get install mysql-server mysql-client
sudo apt-get install libmysql-ruby libmysqlclient-dev
sudo gem install mysql

I certainly appreciate feedback so if you have other suggestions for a smoother Rails install on Ubuntu 11.10, add a comment to the post so that I can improve this post. Thanks in advance!

Step 1: Setting Up Circles

First, you need to understand Google+ Circles. Circles allow you to create and share information with groups of friends just like you have in your real life social circles. For example, my circles include the following:

• Friends – Those I trust with my information and can see the majority of my posts, photos, etc.
• Family – See some of my posts, mostly about family-related stuff.
• Following – Don’t see my posts, but I want to see their posts.
• College Friends – See some of my posts, mostly those related to my college days.
• Work Friends – See some of my posts, mostly those related to life at work.
• Geeks – See some of my posts, mostly those on topics about technology and gadgets.

So come up with your list of circles and create them. Once you’ve created your circles, begin adding your contacts to one or more circles. It’s perfectly fine to add a contact to more than one circle. For example, some people in my Friends circle are also in my College Friends circle.

Step 2: Lockdown Your Profile

By default, most of your profile is visible to anyone on the web. Unless you want to share all your information with the world, then you’ll want to change these settings.

1. Select Google+ settings from the configuration menu
2. Click on Profile and Privacy
   
   
3. Next to the Public profile information section, click Edit visibility on profile.
   
4. There is a globe icon next to each profile item. When you click on it, it allows you to edit the visibility for that information.
5. When you are done, click the Done editing button at the top of the screen.

You can configure your profile privacy in a number of ways including selecting Custom so that you can select specific circles with whom you want to share profile information. I allow most of my circles to see my profile information with a few exceptions such as my my address and phone number.

Although you have pretty good control over most information, there are a few that you cannot hide from the public.

• Full Name
• Brief Description
• Gender
• Profile Photo

You can also view your profile as another user would see it. Simply visit your profile and enter the name of someone in one of your circles in the textbox that says View profile as…

Your profile is now being displayed with only the information that the user you entered can see. If everything looks okay, then no further configuration needed. If not, go back and make the appropriate changes.

Step 3: Restricting Search Visibility

By default, your profile will appear in Google search results. You can change your profile settings at any time if you don’t want Google and other search engines to index your profile. To change your profile settings, do the following:

1. Click Edit profile on the About tab.
2. Click the Search visibility section.
3. Uncheck Help others find my profile in search results.
4. Click the Save button.

Your profile is now configured to prevent it from being indexed by most search engines.

Step 4: Locking Down Other Privacy Settings

There are a variety of other privacy-related settings that aren’t always obvious at first glance. I’m going to cover just a few of them here.

Limit who can see other people in your circles

By default, Google allows others to see people in all your circles. In some cases, you may want to restrict who can see people in your circles.

1. Click Edit profile on the About tab.
   
2. Under your profile image, click on the In “your username” circles.
   
3. From here, you can configure circles that can see people in your network. You can also choose whether or not other people can see you in their circles. In my case, I’ve chosen to limit my network’s visibility to specific circles and allow friends to show me in their circles.
   
4. Click the Save button.

Limit who can send you email

You can control who can send email to you using your profile information. You can let everyone send you email or limit it to specific circles.

1. Click Edit profile on the About tab.
   
2. Under your profile image, click on the Send an email button.
3. Select whether or not you want people to be able to email you from a link on your profile. If you want to further restrict access, select specific circles you want to allow to send you email. In my case, I’m permitting people in my circles to send me email right from my profile.
4. Click the Save button.

Block A User (with caveats)

You can block someone completely by doing the following:

Thanks for the tip on this one @KnightNotHorse.

Step 5: Streaming to the Appropriate Circles

When creating a post, you may select the circles with whom you want to share the information.

1. To create a new post, click the Share what’s new… text box.
2. Enter the information you want to share (text, videos, pictures, etc) and select the circles with whom you want to share the information.
3. Select the Share button.

In this case, I’ve chosen to share a message with my College Friends circle. By default, Google+ will remember the groups you specified in your most recent post and use those same groups in your next post.

Other Gotchas

• Comments can appear as public – As of July 01, 2011, you cannot prevent your comments from becoming public. If you comment on a post, that comment can be seen by anyone that has access to see the post. So if your friend allows Anyone on the web to see their posts, then your comments on their posts will appear publicly. This can violate some people’s privacy expectations, so as a best practice, pretend whatever you say will be seen by everyone on the planet.
• All profiles have a public presence – There’s no way to disable your profile from being publicly accessible. The best you can do at this time is limit the amount of information that can be accessed by the public. At the minimum, you profile will show your full name, gender, profile photo, and profile description.

I certainly appreciate feedback so if you have other suggestions for improving privacy when using Google+, add a comment to the post so that I can improve this post. Thanks in advance!

Background

I’ve explored a variety of different remote backup strategies and haven’t found one that’s a good fit for me. Mostly because I have around 250-300GB of data to backup and the monthly bill for that amount of data is more than I’m willing to spend. In general, my preference is to use the 3-2-1 strategy in that you have 3 copies of your data, in 2 different places, of which 1 of them is offsite.

When working on the solution, I had a few requirements including:

• All data must encrypted in transit and while at rest
• Must support full and incremental backups
• Must be cost effective and not result in recurring monthly bills

So what was the solution? Well, I collaborated with a colleague of mine and we setup remote backups to each others Linux servers using a few basic tools and two external hard drives. It takes a little more elbow grease than commercial solutions, but once you have it up and running it works pretty well and doesn’t cost an arm and a leg.

Backup Architecture

Technically, you could use whatever operating system you wish. I used Ubuntu and he used CentOS because that’s what we were familiar with. As long as it supports the tools, it should work just fine.

• Operating System: Linux-based OS (e.g., Ubuntu, CentOS, etc)
• Packages: openssh, gpg, duply, duplicity, sshfs, and rsync
• Hardware: 2TB Western Digital External Hard Drive

How it works

First, the client uses duply to backup data to a server on the local network. All data is encrypted in transit and compressed/signed/encrypted on the local server. The initial backup can take some time depending on how much data you have to bakcup, but incremental backups are much quicker.

Then I have a nightly cron job that executes a script that copies the data to my friend’s remote server. First, it uses SSHFS to create a mount point for the file system on my friend’s server, then it rsyncs the data over SSHFS, and finally unmounts the directory when complete. For additional security, we’ve implemented the OpenSSH ChrootDirectory configuration option to limit access.

We had originally attempted to backup without the local server, but found that trying to backup 250GB to a remote server over our internet connection was slow and often resulted in having to pause/cancel the transfer half way through. Not only that, but sometimes canceling the transfer resulted in corrupting the backup. Having the local server made things quicker and less prone to corruption issues.

The Guide

Here’s the basic set of steps to get this solution up and running for you. It assumes the use of Ubuntu, so you will need to tweak it according to your environment.

Step 1

Install and configure your server operating system to automatically mount your external hard drive. This hard drive will be used to store the local backups, or if you have the disk space, you don’t even need an external hard drive.

• Partition your external hard drive as needed
• Format it with ext4
• Configure /etc/fstab to automatically mount it as /data/

Step 2

Now let’s install and configure OpenSSH on the server.

sudo apt-get install openssh

In /etc/ssh/sshd_config:

Configure OpenSSH to use its internal SFTP subsystem.

Subsystem sftp internal-sftp

Then configure the chroot() matching rule for users in the “sftponly” group.

Match group sftponly
     ChrootDirectory /data/chroot/%u
     X11Forwarding no
     AllowTcpForwarding no
     ForceCommand internal-sftp

We created a specific directory for our user so it was obvious. Keep in mind that the directory in which to chroot() must be owned by root.

# chown root.root /data/chroot/your_user
# usermod -d / your_uuser
# adduser your_user sftponly

Now test to make sure that it all works.

sftp your_user@host

You should be able to login and only access the chroot directory. You should not be able to access file system locations outside the chroot directory.

A gotcha that we ran into is that the chroot directory for the user must be owned by root and cannot be writable to the user. So you need to create a directory within the chroot directory to store the backups.

mkdir backups

This will effectively create the directory /data/chroot/your_user/backups. Then you can make the directory writable to your user.

# chown your_user:your_user /data/chroot/your_user

Step 3

Install and configure the Fuse Sync script on the server. The script is responsible for mounting the remote filesystem using SSHFS and then syncing the files to the remote system using rsync. There configuration file includes comments for the different configuration parameters, most of which should be self-explanatory. The major features of this script include:

• Supports for custom sshd configuration files specific to your remote host connection
• Sends automatic emails with the results of the script
• Records backup logs
• Automatically mounts and unmounts SSHFS remote file systems
• Detects if the backup is already running and exits accordingly

Step 4

Install the necessary tools on the server including rsync and sshfs.

sudo apt-get install rsync fuse-utils sshfs

Step 5

Install the necessary tools on the client including duply, gpg, and duplicity. The process for installing these tools will vary based on operating system. You may use the following on a Ubuntu system:

sudo apt-get install duplicity duply rsync gpg

Mac users may wish to consider using MacPorts and Windows users may want to give Cygwin a shot.

Step 5

Since backups are encrypted/signed, you will need to generate a GPG key on the client.

gpg --gen-key

Remember the Key ID and password.

Step 6

Next, create a duply profile on the client and setup the basic configuration parameters.

duply offsite create

This will create the following files:

~/.duply/offsite/conf
~/.duply/offsite/exclude

The conf file is the configuration file and the exclude file is for specifying files you want to exclude from being backed up.

In ~/.duply/offsite/conf file:

Configure settings according to your environment. Here’s a sample.

# Your GPG Key ID you just created
GPG_KEY='your GPG Key ID'

# Your GPG password for this key
GPG_PW='your GPG password'

# The local server you are backing your files up to including the path
TARGET='scp://username@your.local.host:22//your/backup/path/'

# Location of files you want to backup
SOURCE='/Users/dgm'

# Refer to duply documentation for these
MAX_AGE=6M
MAX_FULL_BACKUPS=1
VERBOSITY=5
TEMP_DIR=/tmp

Step 7

You should be able to run the sync-fuse.sh script manually and it should work. To automate it, create a cron job on the server for your user.

# m h  dom mon dow   command
00 02 * * * /home/your_user/scripts/sync-fuse.sh >> /dev/null 2>&1

I’ve set it to run in the middle of the night so it doesn’t consume bandwidth during the day when I might be working, Hulu’ing, or Netflix’ing.

Step 8

Celebrate! You have setup encrypted offsite backups.

Not Working?

Let us know. We’re always looking for feedback that will help us improve the quality of our posts.

Additional Resources

• Duply Homepage
• Duplicity Homepage
• Fuse Sync on Github

When we originally launched the company back in 2008, we put together a one-page website that provided basic information about us. It wasn’t our best work, but it had to suffice as we began to help our customers. With two successful years under our belt, we decided to take a 2-month break on projects to focus on developing a brand new version of our website.

The goal with the new design was to improve the interface, better describe our services, provide examples of how we can help, and give the website some more personality. When building the website, we followed the same process we use when working with customers. First we identified our requirements, then we built a sitemap, created a few wireframes, several concept designs, and finally developed a WordPress theme from scratch to meet our exact needs and take advantage of all of the WordPress 3.0 features. Hoo rah!

• Concept Design #1 – Padiwan
• Concept Design #2 -The Young Jedi
• Concept Design #3 -Obi-Wan Kenobi (Winner)

As you can see, the site evolved tremendously since the original concept design. We received a plethora of design feedback from friends, customers, and family and are grateful for your input. As with any website, we expect their to be a few bugs to work out. As always, we greatly appreciate any feedback on the new website and you can easily reach us through email, on Twitter, or through Facebook.

Have a Happy New Year!