I wanted to create a client portal of sorts to allow my clients to login and check billing status/history etc. Since I pre-dominantly program websites in Django that part was a no brainer. But what was troubling me was dealing with the SSL and non-SSL parts. I had only ever created "secure sites" in the past where everything was behind a login and run over SSL. It was the flipping back and forth between secure and non that had me a little puzzled on how to implement.
I did some reading and eventually settled (for now) on using nginx (which I use as my main webserver) to look at the paths and redirect as needed:
if ($uri ~ (/bromin|/accounts|/invoices|/sf)) {
rewrite (.*) https://nomad.ca$1 permanent;
}
So I have one of these blocks in the standard port 80 definition and another in the secure socket definition (with the operator switched to !~ and the rewrite to http).
The only reason I don't like this implementation is that the links in the HTML are not updated. So a link may claim it will take you to a secure page but might redirect to a non-secure page if the SSL isn't needed. This violates a bit of what I would consider safe coding practice as a prudent user would notice the difference and it may raise suspicion. However since I haven't even purchased a signed certificate this will do for now.
Not that I really think Google is evil; today the nay sayers have a little less to gripe about. Google has announced a new interface into their world of information designed to let you know what they know and track about you with your Google Account.
I took a peek and well, nothing surprising, they know a lot about me. I don't see Google the same as Microsoft or Facebook and how Google uses my data (so far) is acceptable to me, heck it helps me be productive. So I provide them with a lot of access to me and my data. As long as Google keeps releasing these types of transparency tools I will continue to do so.
I recently ordered 3 pieces of art from DNA11, one for each of us in the immediate family. The whole process was actually fun and educational. You are sent a DNA kit which you use and send back. Once the swabs are processed you pick out your colors etc and within a short period of time your art arrives all shiny and new. The folks at DNA11 were terrific to deal with. They also just opened a new online shop called CanvasPop where you can have any photo printed on canvas.



Big thanks to Adrian and Nazim!
Tomboy reached a milestone yesterday in releasing version 1.0.0. I set out this morning to create a new package for Jaunty but Sandy and the others at Tomboy were one step ahead of me and have announced a new PPA for Tomboy builds.
To use the latest (stable) in Jaunty create the following file:
gksu gedit /etc/apt/source.list.d/tomboy.list
And add this as the content:
deb http://ppa.launchpad.net/tomboy-packagers/stable/ubuntu jaunty main
deb-src http://ppa.launchpad.net/tomboy-packagers/stable/ubuntu jaunty main
Add the keys:
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 9518DB4B
Then the normal:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install tomboy
Of course there are also development packages and packages for Karmic.