On two occasions I have been asked [by members of Parliament], ‘Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?’ I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.

I’m updating an older stack in CDK and is my custom I’m writing tests. When writing tests for an existing stack, I’ll incorporate the output from the deployed Cloudformation templates. This ensures that the test is realistic and works toward my main goal, which is to minimize disruption to the infrastructure when updating the code. A good example is security groups–changing the description is enough to require replacement. If you have a multi-stack deployment with ingress/egress relationships between security groups, that will cause problems. Testing for that upfront saves time.

When working with a CDK application, you can have code in three places:

Read More

Within the circle of people Liz and I knew through B-Fest at Northwestern University, Gymkata was somewhat legendary despite being a comparatively recent film (1985). For my part, I always have a soft spot in my heart for that very specific sort of 1980s film that doesn’t quite exist in the real world yet isn’t magical realism either. Films in the 1980s were allowed to be weird.

Gymkata was shown at the 2010 festival, allegedly at 9:15 PM, after Heartbeeps. I’m in no position to quibble, but that’s early for me to fall asleep halfway through, and I remember Hard Ticket to Hawaii and (ugh) Sextette. During a 24-hour film festival your brain enters a liminal state and you’ll believe all kinds of things. You’ll think Beastmaster and Krull are the same movie, and wonder (during Krull) when the hell Rip Torn is coming back. Bottom line, I nodded off at points and maintained for years afterwards that I’d missed the main part of the film.

Having now watched Gymkata in a wakeful state, with the full benefit of my faculties…no, I didn’t miss all the much in 2010. It’s just that much of an incoherent mess. Robert Clouse directed, and there are similarities to his earlier (and far better) Enter the Dragon. The plot is this: it’s 1985, the United States is building SDI (“Star Wars”), and we want to install a satellite ground station in the fictional country of Parmistan, somewhere in the Hindu Kush. The Soviet Union is never mentioned. The country is closed to foreigners; all who enter Parmistan must compete in “the game”, which is a weird combination of the Barkley Marathons and a battle royale. Succeed, and your life is spared and you gain any wish within the power of Parmistan’s ruler.

Read More

We use a git+composer strategy to manage our WordPress environments (start here for a series of posts about this) and therefore have WordPress auto-update disabled. Beyond that, Apache doesn’t have write to its own filesystem, so WordPress can’t update itself.

However, the update and upgrade buttons are still presented on the interface, and it’s possible to accidentally trigger the update process from there. When that happens, WordPress places itself in maintenance mode, tries to update itself, fails, and then takes itself back out of maintenance mode. It’s about 5-10 minutes of downtime depending on your caching strategy.

WordPress also leaves behind a memento in the form of a message displayed to every administrator (both network and site on multsite environments), informing them that “An automated WordPress update has failed to complete.” This message is easy to remove, but you may have to take multiple actions to do so.

Read More

This weekend I migrated this blog from WordPress (with a static generator) to using Hexo directly. Overall I’m pleased and the learning curve isn’t bad, though why I can’t easily link to pages or taxonomy items is puzzling. One challenge that was relatively easy to resolve was this one: how to add movie posters to the top of movie review articles?

I haven’t written a movie review here in a while, and I haven’t decided whether to start again or go longer form on Letterboxd. I’m proud of the writing of the dozen I did back in 2013-2014. I never wrote long enough to justify a billion screencaps (à la Ken Begg), but I did like including the poster at the top, floated left:

Read More

We use Siteimprove to crawl some of our web properties and we also protect those same properties with an AWS Web Application Firewall (WAF). To be on the safe side, we’re going to add Siteimprove’s IPs to an allowlist. We have to extend our WAF definition to include an IPSet and then also extend our test coverage.

That’s a lot of IPs

Siteimprove has 86 crawler IPs. First things first, we create a separate siteimprove.ts file to contain all the IPs:

Read More

I manage a bunch of redirected subdomains. We use these with third-party applications, where the application lives at some non-Lafayette URL and we want a clean, simple Lafayette URL for our users. We call these vanity plates, and at the architectural level they’re pretty simple: a Cloudfront distribution with a certificate and LambdaEdge function to handle the redirection. We monitor the state of the redirection with a Synthetic Canary.

A small challenge is that we like to have lifecycle rules on all our S3 buckets. With the above stack we actually have three buckets:

1. The logging bucket for the Cloudfront distribution
2. An empty S3 bucket that serves as the unused target for the Cloudfront distribution
3. The artifacts bucket for the Synthetic Canary.

Read More

I was running through a helpful DigitalOcean guide on getting multiple PHP-FPM versions configured on a Debian installation. Nothing too complex, but I’m usually doing this on RedHat derivatives so I appreciated the hand-holding. At the end of it the PHP-FPM service stubbornly refused to start correctly and I encountered an error that I hadn’t seen before:

1

Jun 01 19:45:07 XXXXXXX systemd[22426]: php7.2-fpm.service: Failed at step EXEC spawning /usr/lib/php/php-fpm-socket-helper: No such file or directory

Sure enough, no such file. Googling the error didn’t turn up much. More surprisingly I tried using apt-file to identify the provider of the file, and came up empty. I ran across a very old page that suggested php-common (a version-independent package) might provide the file. That package was already installed, but outdated, so I updated it…and the file was created and PHP-FPM was working again.

Read More

The Lehigh and Northampton Transportation Authority (LANTA) is making a number of changes to its routes, effective June 21, 2021. At first glance, these don’t look like cuts so much as refactoring. I’m going to focus on the changes within Easton:

• West Ward, Northampton Street: routes 101 and 216 replace 106 and 220. There’s still a one-seat ride to Nazareth Commons and downtown Bethlehem, but we lose Allentown. However, 101 does appear to have a timed transfer with the 107 in Bethlehem for Allentown service, and the 107/220 are on an every half-hour schedule between the two. 101/216 are both hourly as before, with a 15/45 separation inbound and every 30 minutes outbound. The latter is a real improvement over the current schedule, where the 106 and 220 leave Easton six minutes apart.
• West Ward, Lehigh / Washington: the re-routed 106 and 220 replace the 216 and 101, respectively. The 106 follows the old 216 route to 18th, but then turns north to sere Nazareth Commons / Northampton Crossings. The 220 follows Freemansburg to Emrick, then rejoins its old route at the William Penn Park & Ride. Outbound separation is 20/40, inbound is half-hourly to hourly, as the 106 is on a ninety-minute frequency inbound only. Again, this is something of an improvement; the current frequency is 50/10 outbound and half-hourly inbound.
• College Hill / South Easton: the 214 is extended into South Easton, replacing the 106 and 216 which now terminate downtown. The 214 does a circle in South Easton to cover both routes. The old 214 schedule was bizarre, with no relationship to any clockface. The new one is hourly between Easton Food Market and Forks Plaza South, with additional rush-hour service offest by a half-hour to Cattel / High for Lafayette College. Connection from incoming buses to/from the 214 should be half-hourly or better; it’s not clear if there’s a recommended pairing. This is a massive improvement on the previous service offering, as far as College Hill is concerned.

I’m curious to see how this affects food access. The 214 will still hit the Giant in Forks Township and the Easton Food Market and the 106 / 216 the stores out at Nazareth Highway / PA-33. That still leaves the Giant in Palmer Town Center without direct service, and for the Aldi and Lidil on Freemansburg you’re relying on the 220, with uneven timekeeping as it comes from Allentown. I think the lack of bus access to Hugh Moore Park and the National Canal Museum remains a growth opportunity, but the roads in West Easton are a rat’s nest. Route 507, a demand response service, covers it at present.

Read More

Beginning with a round-trip to Brattleboro, Vermont, in March 2013 for HighEdWeb New England, I made at least one round-trip on the Vermonter every year between 2013 and 2017, and then two more in 2019. I’ve logged 3,033 miles since 2013. I’ve made a couple of firsts aboard it as well: my first trip east of New York on the Northeast Corridor, and my first trip east of Springfield on CSX’s Boston Subdivision.

The Vermonter makes a daily run from Washington, DC, to St. Albans, Vermont, just shy of the Canadian border. It uses Amtrak’s Northeast Corridor from Washington, DC, to New Haven, Connecticut (via New York City), then turns north to follow the Connecticut River through Springfield, Massachusetts, into Vermont. I’ve never been further north than Bellows Falls, Vermont; normally I don’t even take it into Vermont. I’ve also never taken it west of New York, not that there’s a reason to.

The Vermonter has some unusual features. Up until the end of 2014, it made a backup move at Palmer, east of Springfield, to continue north toward Vermont. This took a good twenty minutes as the Vermonter pulled past the crossing the connecting track, stopped, the crew manually threw a switch, then reversed direction. It’s a J-turn, but on a railroad. The state acquisition of the Connecticut River Line, completed at the end of 2014, eliminated this operation, though for good measure the Vermonter still backs in and out of Springfield Union Station.

Read More

A man is a very small thing, and the night is very large and full of wonders

I’m back visiting my parents in Mt. Pleasant, Michigan, where I grew up and spent the first 18 years of my life. Mt. Pleasant is a small place. Even now, the permanent population is about 26,000. Central Michigan University, when it’s in session, adds another 20,000. It’s not even 8 square miles. A man can walk from Pickard Road, at the northern edge, to Broomfield in the south, in under an hour. Growing up, it didn’t seem that way. I counted it as a major achievement when I first bicycled to the southern edge of CMU’s campus. As we get older the familiar shrinks even as the unfamiliar expands.

Deerfield Park is one of several parks on the Chippewa River, which runs through the county and city. It’s about five miles west of town, a stone’s throw though it didn’t seem that way once. It’s a little under two miles north-south and a little under a mile across at its widest point, though in that space are a multitude of trails, campsites, a generous sledding hill less dangerous than Mission Creek, and no fewer than four crossings of the river. In my memory, there was always a bridge that was hard to find, hidden away off the beaten path. Today, with clear skies and time to kill, I resolved to find all four bridges and settle the matter.

Read More