Abstract: add SID APT source, configure APT Pinning to give squeeze packages priority over SID ones, rebuild the nodejs package under squeeze.

• Add SID APT source by creating /etc/apt/sources.list.d/sid.list (use your nearest mirror):

deb http://ftp.us.debian.org/debian/ sid main
deb-src http://ftp.us.debian.org/debian/ sid main

• Configure APT pinning by creating /etc/apt/preferences.d/sid:

Package: *
Pin: release a=unstable
Pin-Priority: 50

• Install the latest version of libv8 manually, libv8-3.8.9.20 at the time of writing this:

apt-get install libv8-3.8.9.20

• Download the nodejs package sources, dependencies and build them:

cd
apt-get source nodejs
apt-get build-dep nodejs
cd nodejs-*
debuild -nc -uc

• If you encounter build-dependency errors, you should try first to lower the dependency in debian/control, both in Build-Depends and in Depends and re-run debuild. If the build fails (e.g. with undefined reference to 'ev_run') the previous version is missing required functions. So, you must install the updated versions of the required dependencies (e.g. libev4) from sid, using apt-get install name=version e.g. libev4=1:4.11-1. I suggest this because you’ll have to manually update packages installed from sid, so the lesser, the best.

• Install the generated package

dpkg -i nodejs_*.deb nodejs-dev*.deb

• Profit :-)

So you have a Linux VM you use for development, because you want to mirror the production environment as closely as possible. You have many applications to deal with, they have to be running at the same time because they are nifty REST JSON web services.

You are very tired of remembering which one you put on port 8081, and your configuration files slowly become a real mess. So you set up IP address aliases in for the network interface and decide to assign even host names – /etc/hosts is just fine – for each app.

Then, in such a setup, why would you still need to run them on ports higher than 1024? Wouldn’t it be just great to type the application name in the browser address bar? Indeed it is, but it’s better to not run them as root, anyway.

The solution is Linux capabilities (see also here). The one that interests us is cap_net_bind_service: it gives a process the right to bind well-known ports (< 1024). If you use an interpreted language, of course you’ll have to add the capability to the interpreter itself. That’s why there’s development in the title of this article – you should not set this up on a production server, if you don’t know what you are doing.

“If it is good, they stop making it”, the payoff printed on the conference necklaces, distributed to every participant, along with an über-l33t badge customized with our nickname and the key hash.

Being my first experience at an international security conf (I’ve only been to the ccc2k+7 camp), and being a ph outsider ‘cause I never participated to previous editions, the boot keynote held by FX, staffer and frontman, has been enlightening: “you ought to be here!”, he yelled while pointing at the stage, wearing a white shirt with the Phenoelit logo printed on both arms.

“This conference has never started on time”, he continued, “so there was no reason to do that for this last one”. the schedule is straightforward: party, the next day's talks from 12.00PM to 7.30PM, then party, and the last day's talks from 12.00PM to 5.30PM. definitely a setup well-playing with the available alcohol :-D.

Thanks to @jodosha efforts and praising the former Javaday event, now renamed into codemotion that brought in Rome many Ruby developers from Milan, Padua and other parts of Italy – the first official Ruby Social Club in Rome has been a great success. Of course, officialty is measured only in the amount of twitter spam posted about it! :-): earlier RSCs in Rome go back in time to 2006 organized by current mikamai members and more meetups promoted by @jeko in 2007.

What matters is that there’s a community, there’s a passion, and there’s love to share knowledge - no matter who holds the meetings, the important thing is that they’re being held :-).

The event was simple and direct - some beers first, then my keynote on RVM and Ruby interpreters, then Luca’s one announcing his minege.ms project and after real social networking :-). I met @gravityblast after much time we didn’t meet, knew the PIP group and met @svarione, @punkmanit, @leonardoperna, @riggasconi, @ogeidix and other smart people. Moreover, we spent quite some nice time together, making up a really lousy and funny week-end. Of course, huge kudos to @nhaima’s car - that tirelessly carried us around Rome for two days :-)

Now, looking forward to the next meetup, thanks everyone who participated, who offered me beers and, last but not least, thanks to @etapeta for bringing me in time at the meeting - you’re the real hero :-).

I spent the last two days trying to set up the Aluminium Mac Mini (rev. 4,1) as a home NAS server with encrypted storage, and I wanted a BSD system on it. There’s already an embedded OpenBSD onto the soekris gateway, and another companion would have been nice. :-)

Guess what, there’s no way out:

• FreeBSD 8.1 doesn’t complete the boot process, due to a bug in the SATA chipset, NV MCP89;
• FreeBSD 8.2-RC1 boots but, due to the same bug, doesn’t recognize any SATA drive nor any USB umass device;
• NetBSD 5.1 boots fine, handles SATA disks via the generic pciide driver (no DMA, thus quite slow) but, unluckily, doesn’t handle the BCM57762 ethernet controller. I tried with quick and dirty patches to bring the bge driver up to date with -current, but still no luck: the MII link detection works, the card transmits but doesn’t receive. The sdmmc controller as well works with -current but not with 5.1-RELEASE. ACPI works correctly;
• OpenBSD 4.8 boots, can access the SATA drives without DMA, and recognizes the bge network card, but exposes the very same behaviour as NetBSD 5.1 with the -current driver fitted in;
• DragonFlyBSD 2.8.2 doesn’t even enter kernel mode, I suspect due to ACPI bugs;
• PureDarwin didn’t inspire me too much, due to the many blocking issues.

All of them support encrypted storage, I built up a NetBSD CGD disk flawlessly onto dk wedges; FreeBSD has got the interesting gbde(8) and geli(8) GEOM-based tools that I wasn’t able to test, while OpenBSD supports crypto via a softraid personality. Unluckily, support for the, nowadays, exotic Apple hardware is a no-brainer.

October 18, 2010 · 7 min read

From microphone to MP3: the Myousica audio pipeline

• myousica
• music
• ruby
• rails
• audio
• open-source

This is the third and final post in the Myousica series. The first covered the Rails platform, the second the Flash multitrack editor. This one covers how audio actually gets from the user’s microphone to a playable MP3 — the pipeline that connects all the services together.

The uploader is a separate Rails 2.2 application — headless, no database, no ActiveRecord. Just controllers, background workers, and audio processing tools. Andrea Franz built the initial version in April 2008, I took over from May 2008 onwards. 120 commits, originally called multitrack_server before being renamed to mewsic-uploader in March 2009.

The full pipeline¶

Here’s the complete flow from microphone to playable track:

Two entry points: the user can upload an MP3 file directly, or record via microphone (which produces an FLV stream through Red5). Both end up as an MP3 with a waveform PNG.

October 16, 2010 · 8 min read

The Myousica multitrack: audio mixing in the browser

• myousica
• music
• flash
• actionscript
• audio
• open-source

This is the second post in the Myousica series. The first one covered the Rails platform. This one dives into the multitrack editor — the Flash/Flex component where users actually mix music in the browser.

The multitrack was initially developed by Vaclav Vancura, who built the original architecture, the UI component library, and the audio playback engine. I then took over and rewired it heavily — integrating recording, upload, the backend services, and the state machine that holds it all together. 81 ActionScript files, ~7,300 lines of code, 129 commits.

Here’s Vaclav’s original screenshot showing the remix view — where songs connect and branch into new remixes:

What it does¶

The editor loads in the browser as a Flash SWF. You can:

• Load up to 16 audio tracks simultaneously
• Play them all in sync with a single transport
• Adjust per-track volume and balance
• Record your own track from the microphone, synchronized to the playback
• See waveforms for every track
• Search for tracks to add to your mix (via the Rails API)
• Save and publish the result

All of this happens client-side in Flash Player 9, with the heavy lifting (encoding, storage) offloaded to the backend services.

October 14, 2010 · 10 min read

Myousica: a collaborative music remixing platform

• rails
• ruby
• myousica
• open-source
• music

Today we’re releasing the source code of Myousica — the collaborative music remixing platform we’ve been building since late 2007. We launched in September 2008 after 9 months of development, ran it for about 5 months, and paused the site in February 2009. The project has been rebranded to Mewsic along the way, but the idea is the same. Rather than letting the code rot on a private server, we’re putting it all on GitHub. Full history preserved, warts and all.

This is the first of three posts walking through the codebase. This one covers the main Rails application — the platform itself. The next two will cover the Flash multitrack editor and the audio processing pipeline.

The idea¶

The pitch is simple: I upload a bass track for Let It Be, you upload your voice, someone else adds guitar and drums. Through Myousica, there’s a multitrack editor running in your browser where you can mix everything together, adjust volumes, and publish the result. Other people can then take your remix, add their own tracks, and remix the remix.

Out of curiosity, I was looking how a browser interacts with the Google Instant backend. While looking at the HTTP exchanges via Firebug, I first asked myself why they’re encoding HTML and JS with \xYY escape sequences, then why the very same JS functions are sent back and forth on every request, and later I stumbled upon the google.com/s?q=QUERY JSONp service.

Give it a query, and it’ll return the suggested related phrases that are used to build the menu under the search input while using suggestions and/or instant (didn’t dig too much into all the other parameters).

Anyway, what’s interesting is that, of course, the suggestions are customized on a per-country basis. To show the differences explicitly, let’s ask the service the simplest query possible, a:

For Italy you’ll get:

$ curl http://www.google.it/s?q=a
window.google.ac.h(["a",[["ansa","","0"],
["alice","","1"],["alitalia","","2"],["alice mail","","3"],
["apple","","4"],["agenzia delle entrate","","5"],
["audi","","6"],["aci","","7"],["autoscout","","8"],
["atm","","9"]],"","","","","",{}])

hum, let’s scrap the JSONp and parameters out:

$ curl -s http://www.google.it/s?q=a | ruby -rjson -ne 'puts JSON($_[19..-2])[1].map(&:first).join(", ")'            
ansa, alice, alitalia, alice mail, apple, agenzia delle entrate, audi, aci, autoscout, atm

For the US you’ll get:

amazon, aol, att, apple, american airlines, abc, ask.com, amtrak, addicting games, aim

UK:

argos, amazon, asda, asos, autotrader, aa route planner, aol, apple, amazon uk, aqa

Ireland:

On July 22nd 2010, Mikamai hosted a Ruby Social Club in Milan, where nearly 50 people attended watching five speeches about Ruby, Web development and Startups. I was glad to be one of the speakers, and I presented a set of Rails plugins we spun off from our latest (and greatest) project: Panmind (read more on the about page) and released as Open Source on GitHub.

The keynote is split in two parts: the first one explains why you should follow the sane software engineering principle of writing modular and interest-separated code and then how you could (and should) extract it from your Rails application by decoupling configuration and then prepare for the Open Source release, by writing documentation AND presenting to a Ruby event so, hopefully, someone else will write unit tests! :-)

We released an SSL helper plugin that implements filters (like Rails’ ssl_requirement) but also named route helpers: no more <%= url_for :protocol => 'https' %>! You’ll have something like plain_root_url and ssl_login_url - like they were built into the framework.

Then, a Google Analytics ultra-simple plugin, with <noscript> support, a couple of test helpers and an embryo of a JS Analytics framework - hopefully it’ll evolve into a complete jQuery plugin. Then, a ReCaptcha interface, with AJAX validation support and eventually a Zendesk interface for Rails.