Why you should not use Drupal anymore

February 5, 2018
by chirale
Leave a comment
Coding / django / Drupal / Python

I’ve started using Drupal on 2007. For about 9 years I visits drupal.org almost on daily basis, I released a module, I suggested some patches, participated to local events and so on. I’ve started working on Drupal with Drupal 5 and I ended on Drupal 7 with a long time on Drupal 6.

In the meantime, Acquia was created to support Drupal development and make some money from the project and for the project in a typical open source scheme, free software accompained to paid services.

This is my report based on those years.

Flaws

On my journey to Drupal and beyond, I enjoyed the community but I’ve seen many issues in those years:

  • Too much security flaws in core and contrib.
  • Too much bugfix to fix these flaws: maintaining tens of website without Acquia automatic update services become a challenge (and it’s the reason you want to pay for it).
  • Contrib modules are frequently poorly designed and maintained.
  • Issues remains unfixed forever or are automatically closed without being actually fixed on both core and contrib.
  • Any major version released can be totally different from the previous one, requiring extra efforts for nothing.
  • Drupal inherit all the PHP problems and try to overcome them with internal functions replacing some of those from the language accompained with the good Drupal API documentation.

The result of these issues together is that you cannot use Drupal without a dedicated Drupal team to take care of fixing components. Even two people are not enough to develop and follow couples of Drupal websites, not to mention a lone developer.

I’ve talked with other developers that used Drupal and other applications to design and publish websites and their assumption is easy: if you have a small team, you cannot use Drupal. Not anymore. Maintainance would be overwhelming.

Following this fondness for big teams, the release of Drupal 8 confirmed how low is the power of the community become compared to core contributors and Acquia (where many of them now works). They deliberately moved this open source software from a multipurpose Content Management System usable from small and big firm to a software that has the Enterprise world in his mind and forget the others.

This was a shock for many small developers and enthusiasts.

GTFO

I’ve read about Drupal enthusiasts that suffers the same uneasiness of mine after long-time Drupal and PHP development.

Here’s a list of theirs experiences along with the number of years they used this software:

Some of them migrated to Django like me. During this journey I’ve discovered a wonderful language like Python and his tools and documentation. I’ve also discovered how deep you can customize the framework to do the job, concentrating on the important things.

You cannot tell the difference without using another framework like Django or WordPress, just to pick some very different beasts. You need to compare Drupal with others to try the difference.

Try and choose

While Drupal try to overcome PHP language, Django uses only a fraction of the power of Python and it’s not the best tool on the Earth for building website like I supposed Drupal was.

This means that I can move for example to Flask when I have to build small of focused web applications, or to Kivy when I have to make a desktop and mobile app using the same language, the same Python packages, building my own classes to share when needed.

This is actually a change of perspective, to choose a language before the framework to easily switch from one to another in case the project go wild.

Upgrading an existing application using a well designed framework is straightforward compared to the major versions migration on Drupal. During the last 7 years, Django preserved much of his structure making simple the maintainance and the upgrade of websites. Virtualenvs surely helps, but the whole design supports the developer in his duties. This is not an unique feature of Python and Django, but it’s what it lacks to PHP/Drupal.

Here’s and example of how a framework built in Python can scale and how to migrate between major versions of the language here, even a very big website can be feasible when the framework design works in your same team:

Decreasing popularity

Another reason to think about leaving Drupal is his decreasing popularity. It seems naif but it’s a very important matter for open source software since a weak community leaves bugs unfixed and create less contrib modules.

Here’s the popularity in Google Trends of Drupal compared to Django between May 1st, 2007 and December 31st, 2017:

drupal-django-trends-2007-2017

Golden age for Drupal was long time ago, at the time of Drupal 6 and early 7. Decline followed the effort to build Drupal 8 in 2012 and the outcome of this transition is better described by this graph:

drupal-wordpress-trends-2007-2017

Drupal was a credible WordPress competitor back on 2008 scoring a 1:3 ratio in Trends at the time of Drupal 5. On January 2018 with Drupal 8 as major version it’s passed to 1:10.

Drupal failed to become the alternative for WordPress and actually was surpassed by niche, low-level alternatives like Django. Because by now:

  • Who wants to build web applications uses Python/Django, Ruby on Rails, Javascript/Node.js, Java, C# and so on.
  • Who wants to build website with a great backend still using PHP uses WordPress.

PHP as a declining language

If it’s not enough, here’s the TIOBE index for PHP language compared to Python from 2002 to 2018:

tiobe-python-php

These are simple indexes, but you can find other evidences about the usage crisis of the couple Drupal/PHP. Take another index like PyPL, read some of the experiences listed above or read this good picture of Drupal development cycle. Find as many sources as you want, the conclusion is the same: Drupal is now a declining framework written in a declining language. Who still uses PHP go for the winner WordPress.

What is to be done?

If you read this, probably you’re asking yourself how to leave Drupal. Start to use another language and framework to suit your needs and then try the difference. If you still want to use Drupal, using another language and framework will surely help you to write better code.

Advertisements

Certbot: auto-renew LetsEncrypt certificate on cron

September 26, 2017
by chirale
Leave a comment
Howtos / System Administration

Certificates renewal can be difficult to automate leading to errors that will mark the website as “Insecure”.

Here’s how to automate certificate renewal on CentOS 7 with nginx as webserver:

su -
(root password)
crontab -e

And then add to the crontab these lines pressing A to edit:

37 02 * * * /usr/local/sbin/certbot-auto renew
39 02 * * * /usr/bin/systemctl reload nginx

Every day at 02.37 the certificate will be asked for renewal. Two minutes later nginx will be restarted.

After you’ve typed these lines, type:

:wq

To write and quit. You’ll get this message:

crontab: installing new crontab

Other Linux distributions

If you’re using a different Linux OS you can locate certbot-auto using the following command:

whereis certbot-auto

And then you can use it on the crontab.

You’ve also to use the alternative of systemctl for your system to refresh the certificates on the webserver.

If you’ve to do get your first certificate, here you can get more information about how to install free Let’s Encrypt certificates on nginx.

When auto-renew certificates

Since certificates lasts for about three months, you can tell crontab to run this every week instead every day.

To do so, change the lines on crontab like this:

37 02 * * 0 /usr/local/sbin/certbot-auto renew
39 02 * * 0 /usr/bin/systemctl reload nginx

Adding the 0 on the 5th position will tell crontab to run the command every Sunday at 2 AM (2nd position) and 37 minutes (1st position).

If you find this syntax difficult you can use crontab.guru to easily generate the crontab.

A new language for Social Media managers on Twitter

September 17, 2017
by chirale
Leave a comment
Coding / Howtos / Python
A screen from JournaKit Followship .ows

Last months I looked for a tool to shape my community on Twitter to follow interesting profiles and to increase my followers.

I had bad experiences using integration from third party (app) so I wanted this tool to be able to create my own app on Twitter without 3rd party involvment for better security and privacy.

Since I wanted real new followers and I don’t want to violate Twitter policies I looked for a tool able to select and filter users from my network, choosing only those whom are relevant to follow.

I wasn’t looking for a new, fancy SaaS website with a monthly fee to pay, and I want to handle many accounts at the same time without additional costs.

I wanted a tool able to run on my own PC and with the full access to the source code to avoid my data to be stolen and to understand its inner mechanics.

Well, that tool doesn’t exists at the time.

So I decided to write my own.

The fancy app

When I start to develop a full-featured Twitter app for desktop with a user interface running on my local machine. I started to add icons for the actions, tables to list users, buttons to do actions, a lot of checkboxes to select users and so on.

The result was a good-looking app that works. But when I tried to filter and select users using some criteria it all became clumsy.

As a programmer, I started to feel my own application as a cage.

I wasn’t allowed to search for users on my network for multiple or complex criteria. I wasn’t able to merge, diff or intersect different set of users.

Then I realized that what I was really looking for wasn’t an app but a brand new scripting language to manage social networks.

The programming language

I started to look for open source solutions able to create this new programming language for social media management using Python 3. There is a small bunch of instructions to add to this programming language but I want it to be efficient and well-designed.

Here comes in help TextX by the professor Igor Dejanović, a parser build on top of the Arpeggio PEG. Among all formal languages and parsers, Parsing Expression Language (PEG) seems to me the better for my purpose and the most modern approach to parsers.

The grammar of this new language is written on a single file and can be graphically represented using DOT language. Then TextX use the grammar to parse the language using a Meta-model where the language comes to life.

.ows language grammar

.ows language grammar

To handle the Twitter management I used the solid Tweepy by Joshua Roesslein and to query the social network SQLAlchemy and SQLite.

Scripts are launched by command line and an interactive console with history is available to manage your Twitter account using the scripting language using the Python Prompt Toolkit by Jonathan Slenders.

JournaKit Followship .ows

All these free software / open source tools among others are the construction blocks used to create this bare-bones social media managers’ tool for Twitter.

A simple scripting language to manage and expand your network of followers and friends with complex queries, running on my PC, registered with custom application on Twitter and executable on many accounts at the same time.

Its name is JournaKit Followship .ows and it’s available on Gumroad. The complete application, the source code and a comprehensive user manual are provided allowing you to master the .ows language.

This is the first application of the JournaKit suite aiming to help journalists and writers whom use the web to share their works and to discover new sources and contacts.

Comment this article or contact me privately if you want to know more about it.

10 essentials steps to use Elementary OS as media station

July 27, 2017
by chirale
Leave a comment
Howtos
Elementary OS (Loki)

I was looking for an easy and good alternative for Windows 7 on a laptop used as a media station to watch Netflix and Crunchyroll and I choose Elementary OS.

This GNU/Linux distribution is based on Ubuntu and it’s relatively easy to install. Anyway, it needs some steps to work great as media station. Here we go:

  1. Make AppCenter Work
    1. Click on Applications on the top left corner of the screen
    2. Click on Terminal
    3. On the console type these commands: 
      sudo dpkg --configure -a
sudo apt update
  2. Update your system
    1. Open the AppCenter moving the mouse at the bottom on the screen, then click on the store icon
    2. Click on Updates on the top of the window
    3. Click on Update All and wait until all packages are installed
    4. When finished, click on the Power icon in top right corner of the screen and restart
  3. Update language (if different than English)
    1. Go to the System settings on the bottom bar
    2. Choose Language & Region
    3. A yellow box should appear telling the language installation is not complete: click on Complete installation
    4. Type the user password you’ve choosen during the installation
    5. Click on Unlock
    6. Select your language, region and format
    7. Log out using the top right power button and log in again. The OS is now translated.
    8. Click on Update names to change home directories names according to the selected language (or keep it in the English version)
  4. Install VLC
    1. Go to AppCenter
    2. On the top right corner of the AppCenter search “vlc”
    3. Click Install
  5. Install your preferred browser
    1. On the top right corner of the AppCenter look for your favourite browser:
      1. If you’re looking for Firefox, type “firefox” and install it
      2. If you’re looking for Chrome, type “chromium” and install it. It’s the open source alternative of Chrome.
  6. Make your browsers ready to watch streaming shows:
    1. If you’re using Firefox, go to Menu > Preferences > Content > and flag Play DRM content checkbox. It will allow services using this meh technology.
    2. Optional: Install Flash Player for Linux if needed (automatically installed in Firefox):
      https://get.adobe.com/it/flashplayer/otherversions/
  7. Optional: Translate your browser
    1. On Firefox, type about:addons in the address bar
    2. Search for your language and install
      1. Language pack
      2. Dictionary
  8. Optional: Install Office Productivity Tools:
    1. On AppCenter, search for LibreOffice, LibreOffice Writer and LibreOffice calc and install them (one by one) to open Word and Excel files or Open Office files.
  9. Optional: get new wallpapers automatically
    1. In the AppCenter search for “Variety
    2. Install and configure it
    3. You can add nice quotes and a clock to the desktop editing Preferences
  10. Switch the sound to the TV when the HDMI cable is plugged into the port:
    1. By default, when you plug the HDMI cable to the PC you can hear the sound coming from PC speakers
    2. To solve this issue open the Terminal and type 
      sudo bash

      And type your password.

    3. Follow this howto to automatically redirect sound to the TV when it’s plugged in. To create or edit files you can use: 
      nano /path/to/file

With these steps your brand new media station is ready for watching streaming relying on the strong security implemented in GNU/Linux systems.

10 steps to install LyX on Windows

June 18, 2017
by chirale
comment 1
Howtos

Here the steps to install LyX on Windows:

  1. Download MiKTeX to provide LaTeX (usually the 64bit version)
  2. Select the installation directory and remember the path
    mikitex
  3. Complete the installation procedure
  4. Download and install LyXWinInstaller
  5. Press Next until a dictionary list is presented: add dictionaries for your languages
  6. Before installing the MiKTeX will be shown:
    lyxwin
  7. Click Install and proceed.
  8. You should get an Update popup for MiKTeX, check the connection settings and then proceed and click Next to update all packages
  9. After the update close the MiKTeX popup and wait to LyX installation to finish: it should take minutes, to see progress click “See details” so you can see it’s not hanged up but it’s simply fetching different templates you can use later.
  10. Select Launch LyX and start using LyX

Now you can enjoy LyX for Windows to create PDF using LaTeX without having to deal with the usual formatting hassles of a WYSIWYG editor.

If you’re a beginner or you want to jog your memory about LyX select Help > Tutorial.

To export to PDF you can user File > Export and then select PDF LuaTeX or PDF XeTeX. In my case LuaTeX generate larger document than XeTeX but both are nicer than those generated by ps2pdf.

Note: If you get some error by MiKTeX regarding SOMETHING.sty, close LyX and in the Windows application finder search MiKTeX Package Manager and run it as Admin. Then look for SOMETHING and install it. This will fix the issue!

Spellcheck web page by address

June 2, 2017
by chirale
Leave a comment
Howtos / Python

Looking for error in web pages can be very boring. I’ve tried some online tools but they seems too old, unsatisfying or premium only so I go to a 3 days programming marathon and I put online a brand new tool to do the job I need.

Go to Spellcheck This! and paste the URL address of the page you want to check and get the page checked for Deutsch, US English, Español, Français and Italiano.

The tool try to understand the language of the page and then return the result highlighting in different ways typing errors, names and acronyms on paragraphs, heading tags, tables and blockquotes.

spellcheck-result.jpg

It’s very far from perfect but it speeds up the spell check job. I’ve already spotted and fixed some minor errors on Wikisource and Wikipedia on very long texts.

Comment if you use and like it!

Programming note: Spellcheck This! is build with Python upon Flask and PyEnchant on the backend and Dust.js, jQuery and Foundation 6 Essential for the frontend.

Linux: MySQLdb on virtualenv with –no-site-packages

March 21, 2017
by chirale
comment 1
Howtos / Python / System Administration

In the past it was difficult to get MySQL working on virtualenv without using system packages. Now you can have a real separated environment with simple steps:

  1. Follow this guide to install virtualenv using this command: 
    virtualenv myproject --no-site-packages

    This command will install a new virtualenv inside a new directory myproject created by the command itself.

  2. Activate virtualenv: 
    source myproject/bin/activate
  3. Upgrade setuptools 
    pip install pip --upgrade
  4. You can now install MySQLdb, inside the package MySQL-python: 
    pip install MySQL-python
  5. Now do a simple test trying to connect to an existing database: 
    python
import MySQLdb
db = MySQLdb.connect(host="localhost",   # your host, usually localhost
                     user="chirale",         # your username
                     passwd="ITSASECRET",    # your password
                     db="chiraledb")         # name of the database
cursor = conn.cursor()
cursor.execute("SELECT VERSION()")
row = cursor.fetchone()
print "server version:", row[0]
cursor.close()
conn.close()

Tested on CentOS 7, Python 2.7

Tip: If you are starting to create a database doing all the dirty work alone you’ve to give SQLAlchemy a try. You can use like an ORM or a lower level as you wish.

See also

The Hitchhiker’s Guide to Python
Simple MySQLdb connection tutorial

About the same topic

Python: MySQLdb on Windows virtualenv (w. figures)

Python: MySQLdb on Windows virtualenv (w. figures)

March 1, 2017
by chirale
comment 1
Howtos / Python

If you have a virtualenv on Windows and you want to add MySQLdb support via mysql-python, read this before spending hours of your life to figure why it doesn’t and it will never work.

1) Install MySQL for Python selecting the same Python version of the virtualenv

python-mysql-win

2) From site-packages directory above, copy the selected files:

python-mysql-mysqldb

3) (optional) On PyCharm, look for virtualenv site-packages inside the path marked with the arrow:

pycharm-virtualenv

4) Open your virtualenv console ad do:

import MySQLdb

MySQL for Python is now installed on your virtualenv.

About the same topic
How to Install MySQLdb in PyCharm, Windows
Linux: MySQLdb on virtualenv with –no-site-packages

 

Free SSL certificates and how to install on nginx in 10 steps

February 27, 2017
by chirale
comment 1
Howtos / System Administration
HTTPS, encrypt via SSL / TLS

Here how you can get free SSL cerificates using Let’s Encrypt. Forget about the expire of certificates using the auto-renewal script. A complete reference to install a Let’s Encrypt certificate is this Digital Ocean’s howto. Here there’s a quick guide based on it, plus some additional suggestions. Here we go!

The following code download the script and make it executable. (1)

cd /usr/local/sbin  # CentOS
cd /usr/local/bin  # Ubuntu / Debian
wget https://dl.eff.org/certbot-auto
chmod a+x /usr/local/sbin/certbot-auto

Logout and login again to make the certbot-auto script available as a command without typing the entire path.

The following code create a path for ssl certificate. Change /usr/local/etc/my/files/path/ssl_cert with a path for where you’ll store certificates, you can select a path not in your document root. (2)

mkdir /usr/local/etc/my/files/path/ssl_cert

Now edit your /etc/nginx/conf.d/mysites.conf and add this into the server {…} directive to make available example.com/.well-known url (3):

server {
listen 80;
server_name example.com www.example.com mysite.com www.mysite.com;
        location ^~ /.well-known {
                alias /usr/local/etc/my/files/path/ssl_cert/.well-known;
                allow all;
        }
}

At this time you’ve to make available .

Check syntax and reload nginx:

nginx -t
systemctl reload nginx

Now execute the script to install certificates for your domains. Remember to use the command with -d domain-without-www -d www-domain in this order. (4)

  1. Install all needed dependencies for your system (via yum on RedHat based distro and apt on Debian based)
  2. Generate a valid certificate
certbot-auto certonly -a webroot --webroot-path=/usr/local/etc/my/files/path/ssl_cert -d example.com -d www.example.com -d mysite.com -d www.mysite.com

An auto check will be performed and you will get a Congratulation message.

Now generate a strong Diffie-Hellman group with this command (5):

openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

Check syntax and if ok reload the nginx server to apply changes and . (6)

nginx -t
systemctl reload nginx

Auto-renewal

A certificate will be valid for a short period of time, e.g. 3 months.

To auto-renew the certificate for all of your domains, you should add the auto-renewal command to cron.

You can read how to renew certificates on cron here.

Enable SSL on nginx

To enable SSL on nginx, if you have already a mysite.conf file mapped for uncrypted connection on port 80. Inside the /etc/nginx/conf.d directory, copy the file as mysite_ssl.conf and:

Change all occurrences of:

listen 80;

to:

listen 443 ssl;

In this way nginx will listen to 443 port on SSL. Ensure you have this port available externally (firewall and/or Selinux audit2allow). (8)

In the original file, mysite.conf, you can delete all entries but you have to keep the well-know part (step 3). This will avoid errors by Let’s Encrypt script.

Add and enable cyphers. Here there’s a good cyphers list, reliable for compatibile but secure using TLS only. (9)

server {
    # the port your site will be served on
    listen      443 ssl;
    # the domain name it will serve for
    server_name example.com; # substitute your machine's IP address or FQDN
    ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem;
    ##### Cyphers and SSL fine tuning #####
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;
    add_header Strict-Transport-Security max-age=15768000;
    ##### END Cyphers and SSL fine tuning #####
    # charset     utf-8; etc...
}

Test nginx syntax with:

nginx -t

and then reload nginx to apply changes (10), on CentOS:

systemctl restart nginx

Transfer files from iPad to Windows wireless w/o cloud in 10 steps

January 21, 2017
by chirale
Leave a comment
Howtos / System Administration

10 steps to transfer files without using iCloud or other cloud services: an iPad and Windows are all you need.

Requirements:

  • Windows (tested on Windows 7)
  • Wi-fi router

Windows

  1. Create a new folder ipadshare on your disk (even removable) to host files
  2. Right click on the folder > Share with... > Specific users…
  3. Click on the bottom arrow on the dropdown > Create a new user > Another account (second to last element) > Create new account
  4. Type the name and the password for the new user (no Administrator)
  5. Back to the Share with…> Specific people… window:
    1. Select the new user from the dropdown
    2. Click on Add
    3. Give her read/write access
    4. Save

Ipad

  1. Connect to the same Wi-fi router your Windows PC is connected to
  2. From home screen go to Settings > Display and Brightness > Auto-Lock > Never
  3. From App Store, Install and open FileExplorer (free)
  4. Enter into Local or Photos
    1. Tap Edit and then Select all on the bottom (or select one element at time)
    2. Tap Copy into
  5. Select Connections > ipadshare. Type user and password and then tap Save.

Do not lock the screen during the transfer process since otherwise FileExplorer free can freeze. After the transfer, check the transferred items before deleting them from the ipad.

Photo by AddictiveTips.com.