Replace ssmtp with postfix null client

Posted: 2014-10-21 | mail | gmail | ssmtp | postfix

I’ve been using ssmtp to provide outgoing mail to two machines. This provides a simple way to send mail out using gmail without having to have a running mail server. It had the restriction that you had to log in to gmail to use it.

Recently for one of those machines this stopped working with a login failure. The same configuration worked on different machines as long as the machine’s IP address was different. This suggests that it is in fact being blocked and could be due to sending more than 10 messages in a given period (the box doesn’t send that many - but they are often close together due to cron runs etc).

So I decided to switch to postfix so that the machine could send mail itself via normal routes. But I do not want them to ever receive mail. Postfix seems to call this a null client.

I ended up with the following /etc/postfix/ configuration

myhostname = FQDN
mydomain =
myorigin = $mydomain

relayhost = RELAYHOST

inet_interfaces = loopback-only
inet_protocols = ipv4
mydestination =

Where FQDN is the FQDN of the box postfix is installed on and RELAYHOST is $mydomain for machines running out on the net and my ISP’s mail relay for boxes at home.

All that was left to do was to fixup the SPF records for the domain (so that the ISPs mail relay was included) and mail started to flow again.

Another advantage is that I no longer have to login as a specific mail user - which means that websites hosted using apache virtual hosts can again send email as themselves rather than the notification user I was using.

sSMTP and Gmail - authentication suddenly failing

Posted: 2014-09-30 | mail | gmail | google | smtp | ssmtp

I’ve been running sSMTP as my mailer daemon for a long time using my google apps domain as mail server.

The config for this was pretty simple - /etc/ssmtp/ssmtp.conf:







This has been working fine.

Recently I noticed mail was not getting through. I now see in the logs:

Creating SSL connection to host
SSL connection using RSA_ARCFOUR_SHA1
Authorization failed (535 5.7.8 <> - gsmtp)

I’ve checked the password. I can log in to the web with it and send mail via the gmail web gui just fine.

I’ve turned on two-factor auth and set up an app specific password.

I’ve checked that SPF and DKIM are set up on the domain (a bit cargo-culting here - found this on a google help page)

Nothing helps. As far as I can see - everything is correct just that google will no longer accept mail from this ssmtp instance - and I have no idea why :(

Chrome - prevent custom print dialog on OSX

Posted: 2014-07-27 | chrome | mac | osx

I dislike Chrome’s custom print dialog - I always end up clicking the use system print dialog button.

This kills Chrome’s custom print dialog

defaults write DisablePrintPreview -boolean true

I’m guessing (haven’t tried) that you can reset with one of

defaults write DisablePrintPreview -boolean false


defaults delete DisablePrintPreview

Adobe - unable to open raw files

Posted: 2014-06-23 | adobe | lightroom | photoshop | bridge

Some chat with @AdobeCare - see this update to the post. Still not solved though

This is an issue I’ve been having since my previous iMac and Lightroom4/Photoshop CS5.

Photoshop simply can’t open raw files.


I’ve had this on my old iMac with Lightroom 4 and Photoshop CS5.

I currently have this on my current iMac with Lightroom 4 and Lightroom 5 with Photoshop CS6, Photoshop CC and now Photoshop CC 2014.

I also have it on my macbook pro with Lightroom 5, Photoshop CC and Photoshop CC 2014.


This affects DNG raw format files that are originally from:

  • D700 (Nikon NEF)
  • D4S (Nikon NEF)
  • S100 (Canon CR2)
  • X100S (Fuji RAF)


Open raw file from Lightroom in Photoshop. Photoshop starts but no image opens.

Non-raw files work fine. It’s just raw.

I can also repeat this with bridge instead of Lightroom. Same error.

I also see strangeness in Adobe Photoshop -> Automate (photomerge and merge to HDR pro) - again - it can’t open raw files.


I have no idea. The multiple machine issue makes me wonder if it’s something to do with my account. Just guessing tho.

What have I tried?

I’ve tried trashing my adobe prefs - no help. I tried installing on the macbook pro (clean osx install). This helped for about 10 minutes. Then back to the same issue.

Last thing I did was to uninstall every adobe app I had on my iMac then reinstall just those I currently use (Lightroom 5, Photoshop CC 2014, InDesign CC 2014). Still no help.


Currently I have to export from Lightroom as tiff to same folder, sync the folder to get the tiff into Lightroom and then open in Photoshop. Means that you lose a lot of the continuity, and means that the library is getting lots of odd duplicate tiff files. Cam

Next steps?

No idea :(

I’ve tried asking in the forums - no-one could give me a fix.

I’ve tried today using adobe’s support help chat.

  • Log in
  • Help
  • Chat
  • Fill out the description in detail
  • Submit
  • Wait
  • Wait
  • Wait
  • Get a “You’re now talking to …” and someone’s name
  • Then instantly over to “Chat is not currently available”.

Rinse & repeat. Tried both chrome and firefox.

Update - 23/06 - 22:00

Long back and forward with @AdobeCare on twitter. Came down to “reinstall adobe camera raw”. Only issue is I can’t find a later ACR than 7.1 on the downloads page. Only the DNG converter.

Since Photoshop CC 2014 comes with Camera Raw - 7.1’s not going to work.

Now - I did reinstall the DNG converter.

Now - if I open raw files from bridge or Photoshop File > Open I get them in Camera Raw and can open them from there in Photoshop.

But opening from Lightroom and the broken Automate actions - these still fail.

@AdobeCare suggest that now I need to use Chat (which I’d already tried) or phone (which as far as I can see from the page they linked me to requires payment since I don’t have some kind of enterprise agreement).

So - no real progress then - since editing the original raw files is kinda useless for a Lightroom user who starts with edits in Lightroom.

Puppet 3.6.1 - deprecation: environments

Posted: 2014-05-26 | puppet | debian

This weekend I updated puppet (master and agent) from 3.6.0 to 3.6.1 (this is on debian using the repository).

This filled my logs with the following error:

puppet-master[26558]: no 'environments' in {:current_environment=>*root*, :root_environment=>*root*} at top of [[0, nil, nil]]

So - something in a point release broke.

Some digging leads to directory environments. Here we can learn that directory environments:

  • override config file environments
  • can be enabled in some specific ways

And in the release notes we can see that it will also mean:

  • using no environments is deprecated
  • “In a future version of Puppet (probably Puppet 4), directory environments will always be enabled”

Now - I have not enabled environments - so it looks like 3.6.1 on debian at least this last point has already happened (could be a bug, could be just me - no idea).

Now - I have a really really simple network to manage - a puppet master who is also an agent - and a second agent. That’s it right now. So - how to simply get back to running a single production environment?

The simplest I have found is the following.

  1. create the directory environments/production under puppet (default /etc/puppet)
  2. create an environment.conf file pointing back to the original locations

My environment.conf looks like

manifest = $confdir/manifests/site.pp
manifestdir = $confdir/manifests
modulepath = $confdir/modules

Now at least I’m back with a running master/agent. Maybe I should look into using the environments/production directory properly - but at 6am on a monday morning I needed a quick fix ;)

Next issue - how to handle the deprecation of import (which I use in one file - the main site.pp to bring in config from nodes.pp and then for each site). But that’s only giving deprecation warnings so I have a little time.

Postgresql sort 'WHERE id IN' by original id list order

Posted: 2014-05-02 | postgresql | rails

I’ve been testing elasticsearch in a rails project recently - and stumbled on an issue with sorting.

You see - elasticsearch returns the search results either sorted by score or by the sort order you ask for. Then you need to convert the search results to records - so a simple

ModelType.where(id: ids)

However - on postgresql - this returns the records in database order (seems to be insert order).

You could try sorting post fetch:

index = ModelType.where(id: ids).to_a.group_by(&:id) { |i| index[i.to_i].first }

But - what if we want to do this in the database.

A google search led me to this article on how to give postgresql a similar function to mysql’s findinset

So - adding a rails migration to add the function:

create or replace function find_in_array(
  needle anyelement, haystack anyarray) returns integer as $$ 
  i integer; 
  for i in 1..array_upper(haystack, 1) loop 
    if haystack[i] = needle then 
      return i; 
    end if; 
  end loop; 
  raise exception 'find_in_array: % not found in %', needle, haystack; 
$$ language 'plpgsql';

and an initializer file where we override:

class String
  def sql_escape
    self.gsub(/[%_'\\"]/, "\\\\\\0")

class Array
  def to_postgres_array
    "'{" + self.inject([]) do |mem, val|
      mem << (val.kind_of?(String) ? "\"#{val.sql_escape}\"" : val)
    end.join(", ") + "}'"

We end up able to call:

ModelType.where(id: ids).order("find_in_array(id, #{ids.to_postgres_array})")

Benchmarking this on my small'ish dataset shows that this is faster than the post fetch sort in ruby. Not sure what it does on larger data sets though.

Site specific chrome launcher's on OSX

Posted: 2014-04-02 | chrome | osx

I was looking for a chrome based site specific browser (SSB) for mac. This is similar to but chrome based.

I ended up using the shell script - I used the version from this gist - which I’ve also linked locally:

You simply run the script - give it a name (no spaces), a URL and an icon and it will create an app in /Applications.

It seems to create a profile per app too - so I can e.g. have two different yammer app’s that login to different accounts. This is useful but it does mean that you won’t have your normal plugins/extensions installed. It also means that on first start of the app it asks if you want to make chrome the default browser - probably wise to say no - you’ll want to keep your normal chrome profile for that :)

Setting system path for command line on Mac OSX

Posted: 2014-01-28 | mac | osx | homebrew

There’s plenty of information out there on how to set up the PATH variable for your local shell for OSX - it uses the same method as people are used to on linux - settings in your shell config files.

But what if you want/need to set the paths at the system level? How is that handled?

Well - to start with - let’s take a look in /etc/profile. Here you can see that it’s calling /usr/libexec/path_helper.

More information on that can be found on the path_helper manpage

So - paths are being read first from /etc/paths then from any files in /etc/paths.d/

The files in the /etc/paths.d directory will be read in order based on filename.

So - you now have two methods - you can change the default ordering in /etc/paths (and if you wish add paths here) - I use this to move /usr/local/bin before /usr/bin and /bin - since I have my machomebrew files there and some of them overwrite the system files (for example a later version of git). Be aware that this means it’s up to you not to install files there that are not backwards compatible - your system also uses a lot of files from /usr/bin and /bin :)

And if you want to install a set of paths for a given use/package/app then you can also choose to add that as a file under /etc/paths.d/

Note - you’ll need to edit these files as the root user - sudo vi /etc/paths for example - and for that to work you’ll either need to be an administrator of the machine or added to the /etc/sudoers file.

And finally - you’ll need to start a new shell window before seeing the changes.

Deploy from github to heroku via travis-ci

Posted: 2014-01-20 | maven | java | travis-ci | heroku | continuous integration | continuous deployment | github

A small test of using travis-ci to build a github project and auto deploy it to heroku.

Step 1 - A webapp

Create your webapp. For this I created a simple hello world webapp (1 jsp) with a dummy test (just to give travis-ci something to do).

Commit on github for this step

Step 2 - CI

Let’s add that to travis.

  • Head to Travis and log in with github oauth.
  • Click on your logged in account name and choose Accounts
  • Hit the sync now button if the last sync isn’t recent enough
  • Find your project and switch from off to on
  • Click the spanner (takes you to the deploy hooks for the github project), choose travis and enter your username/token (available from your travis profile)
  • Add travis config to the project. This means we need to add a .travis.yml file. This specifies the language as java and what JDK you want to use. See .travis.yml
  • The build should now appear in your list on travis

Commit on github for this step

Step 3 - Let’s get the build status to show at github

Once your build passes - on the travis page you can see an icon - build passing. If you click on that you get a popup of build status links.

Grab the one that uses the same format you want to use for your README.

Create the README file if not already present and include the link to the image. For this test I used markdown

Once pushed - refresh the github project page and you should see the build status icon.

Commit on github for this step

Step 4 - Create heroku app

Heroku’s example uses embedded jetty - so update the app

And initial deploy:

$ heroku create web-hello-world
Creating web-hello-world... done, stack is cedar |
Git remote heroku added
$ git push heroku master

And now we can test the deployment

Commit on github for this step

Step 5 - Push builds to heroku

We need to add the heroku information to the travis yaml file. We don’t want to have the auth key in plain text - so grab the travis command line tool and then run

$  travis setup heroku

Make sure you choose to encrypt the key.

Commit on github for this step

Step 6 - Test it

Change the app, commit and wait. Your change should arrive on the heroku site.

Once it’s been tested and deployed - you can see the change

Commit on github for this step

More info:

Other useful links

Puppet service config for ejabberd

Posted: 2013-12-13 | puppet | ejabberd

I have an issue getting a working puppet service config for ejabberd on debian.

The init.d script supports the following options:

Usage: /etc/init.d/ejabberd {start|stop|restart|force-reload|live}

So - it has restart but not status. That means setting hasstatus to false and giving it a status command.

OK - let’s fall back to a ps based status - we want to look for the ejabberd process (beam).

ps -ef | grep beam

We’re not interested in the grep processes

ps -ef | grep beam | grep -v grep

But we also want a return status - not output

ps -ef | grep beam | grep -qv grep

This should set the return status correctly.

In fact I can test too:

$ ps -ef | grep beam | grep -qv grep
$ echo $?

And if I change to grep after a non-existant process (just to test)

$ ps -ef | grep beamx | grep -qv grep
$ echo $?

So I created the following service definition:

class ejabberd::service {
  service { 'ejabberd':
    ensure     => running,
    hasstatus  => false,
    hasrestart => true,
    status     => 'ps -ef | grep beam | grep -qv grep',
    enable     => true,
    require    => Class['ejabberd::config'],

This worked to start with - but recently it suddenly started restarting the process every puppet run - here’s the output from logcheck:

--------------------- Puppet Begin ------------------------

Service starts:
    ejabberd: 143 Time(s)

---------------------- Puppet End -------------------------

And I can’t for the life of me see why.