Redmine w/OS X OpenLDAP, Parallels Server and JumpBox

OpenRain used a slew of crappy Trac sites for issue tracking until we switched to Redmine several days ago. The decision came because..

  • Redmine can authenticate off LDAP with trivial configuration.
  • Redmine has multi-project support out-of-the-box.
  • Redmine has some nifty Gantt chart and calendaring schwag and is generally better.
  • Parallels Server (for OS X) is finally available.
  • JumpBox has a beta Redmine VM image available.

If you’ve got an existing LDAP infrastructure, the whole shebang shouldn’t take more than an hour or two to set up.

  1. Install Parallels Server on your OS X Leopard server.
  2. Download the Redmine JumpBox. Generate a new MAC address and boot it. Do the one-page configuration thingy in your browser.
  3. Log into Redmine and create a new “Authentication Mode” set to LDAP. If you’re using the default OpenLDAP schema that ships with Leopard server, enter the attributes like so..redmine.png
  4. All your users should now be able to log into your Redmine JumpBox using their LDAP credentials! You’ll have to set up your projects, ACLs etc. within Redmine, but that’s some pretty hot shizzle to get running in such a small timeframe.

Mad props to Redmine, Parallels, JumpBox and Apple for further simplifying my business.

What's Better Than Windows Balloon Help?…

Twice as much balloon help!

picture-3.png

My current testing environment for JumpBox development uses two Windows XP virtual machines on OS X under Parallels coherence mode: one with IE6 (gold taskbar on the bottom), the other IE7 (blue taskbar on the right). While they perform sufficiently with 4GB physical RAM, the constant nurturing required to keep these retards up to date and complaint free is ridiculous, given I only boot them once every couple weeks. Dyslexia also arises when each instance periodically “forgets” I’m using a Dvorak layout and reverts to QWERTY, even when sitting idle.

picture-1x.png

It’s the little things that drive one nuts. Office 2004 for OS X, for example, sets the bar really low for usability, quality and elegance. Full-screen mode?

full_screen.png

..I guess not. And I won’t be inserting any cells into this table, either…

insert_cells.png

Given a choice between A and A, I think I’ll choose A.

spell_check.png

Waaaaay too much of this stupidity plagues Office. Not that Microsoft has much motivation to fix it, but it’s still sad to see such crappy software in wide-spread use.

preston.rant_mode = false

Dynamically Generating SSL Certificates with Ruby on Rails

OpenRain had a couple projects recently need to programmatically generate private keys and SSL certificates in Ruby. To contribute back to the community, we’re releasing several small things today.

  • SSLsicle.com A simple form which does the OpenSSL grunt work and pop outs an SSL certificate ready to use with Apache (or whatever). SSLsicle uses..
  • eassl_fix A Rails plugin which patches a small but critical bug in the eassl v0.1.1643 gem which makes OpenSSL object manipulation a bit less dense. I’ve submitted a patch (included) to the author, but as of today he hasn’t applied it. (Also, props to the JumpBox guys.)

If you need to write your own code to generate SSL certificates in Rails..

  1. sudo gem install eassl
  2. Install the eassl_fix plugin
  3. Bust out a view for the user to enter the information that gets baked into the cert and then write a few lines in your controller…
    require 'eassl'
    key = Key.new
    options = {
    :country      => params[:csr][:country],
    :state        => params[:csr][:state],
    :city         => params[:csr][:city],
    :organization => params[:csr][:organization],
    :department   => params[:csr][:department],
    :common_name  => params[:csr][:common_name],
    :email        => params[:csr][:email]
    }
    name = CertificateName.new(options)
    csr = SigningRequest.new(:name => name, :key => key)
    ca = CertificateAuthority.new(:password => nil)
    cert = ca.create_certificate csr
    @pem = key.private_key.to_s
    @pem += cert.to_pem
  4. @pem.to_s will contain an unencrypted private key as well as a signed certificate suitable for deployment.