Mostly Harmless

Mostly about my amusement

This is not a Gutenberg Review, It’s a Blog Post

WordPress users are fantastic. This review and how the reviewer brought it back. My reply is a blog post so here we are and below is my reply.

*Reads. STANDS AND APPLAUDS!*

Hello Jan. I usually write the text all in plain form inside a blog post, then split it with some h2 h3 h4 headings and adding images.

PERFECT! Seriously, thank you for that. 😉 I read many reviews and your reply cheered me up immensely. I’ll let more qualified people reply to that.

About this not being a blog, I beg you pardon if I was OT, but then please tell me, is there an official forum where WordPress users can freely discuss about matters like this?

I’m getting very off topic but the thing with blogs is that they frequently devolve into a mess of either positivity (never saw that myself but I’m keeping an open mind) or negativity (OH YEAH, ALL THE TIME!)

The https://wordPress.org/support/ site is divided into sections for support of the WordPress code, support of plugins and themes, and reviews which is feedback.

When someone leaves a review here it is not a blog post. It’s their experience for that theme or plugin. Though as you know we’ve good software for blogging about that.

If someone leaves a review that is substantive about that plugin or theme then that’s fantastic. Gutenberg’s 4.9.8 callout had the desired effect. People are trying it and for the most part even their 1 star reviews have provided good feedback to improve it.

If someone just vents, hate posts, rage replies then that’s not for here. I don’t think you’re surprised that happens. Such behavior has a limited value and a short shelf-life here. These forums are moderated and no, that’s not censorship in case anyone wants to chime in that way.

You left a review of reviews. I commented about that as a moderator. You replied in an excellent fashion and brought it back to feedback about this plugin and editor. Much thanks!

*Drinks coffee, probably too much but here we are.*

The people who are coding Gutenberg, who are driving it forward, who support the users, who are doing this on their own time for the community are good people. These forums are 100% staffed by volunteers. I know you get that but others will read this and again here we are.

For their efforts they generally get a “thank you” but some disparage them, cast aspersions on their intentions and motivations. The whole effort gets accused by some and something negative and those users are occasionally downright mean and cruel. That may get tolerated on some blogs but that’s abuse and isn’t tolerated long here.

*Finishes off coffee, I’m sure you see a theme with me.*

Thanks again for the update. It’s the weekend so someone may not get to it soon but you’ll get a reply about your experience and some follow up questions.

In America it’s pronounced “CUE”

I’m a little miffed and want to write this down.

My mother and I went to the local Giunta’s Meat Farms (it’s called MEAT FARMS, how can I not like that place?) and wanted to get a few bottles of wine. There’s a local wine and liquor shop on the other end of the same strip. We walked there to save time and a few miles.

This isn’t the place we normally buy wine at. Usually we go to a store on Old Country Road that is ran by a nice Korean American couple. They’re from Argentina and they speak Spanish perfectly. I’m ashamed of my 2 year-old level grammar when they speak. They’re nice and know their wine. Some of their recommendations have been very good.

The place we went today had a person who felt the need to educate my mother about wine and tried to convince her that she wanted a rosé. She doesn’t like that type of wine, said so and he continued his hard sell. She and I shortly told him “thanks, but we know what we’re looking for”.

Mom has been educated about wine well before he was born. I swear, he was mansplaining wine to her.

As we’re checking out, Mom asked him if the store carries Don Q rum. She pronounced it “don COO”. He looked at us weird and feigned that he didn’t know what we meant. Finally he says

Oh, you mean “dän CUE”. No, we don’t carry it.

To which I replied

We’re Puerto Rican, we pronounce it “don COO”.

No big deal, right? While we are finishing up paying for the wine, that’s when he explained.

In America it’s pronounced “CUE”. You can try stores in Brentwood or Wyandanch.

Oh. That’s how it is in “America”. Good to know.

A little background about Long Island. Both of those towns are considered “minority” places and not in a flattering way. You know when that Orange Racist, who’s also currently president, talks about MS-13? He’s usually using Brentwood as his example.

There’s nothing wrong with those places and yeah, we’ve been to both towns before. There are some amazing Hispanic restaurants in Brentwood.

As we’re walking out and I’m holding the door for Mom, she clearly says out loud:

We are never shopping in this store again.

Unless that person’s brain condition got to his ears, he received the message loud and clear. In America we can choose which stores we shop in. **** that guy and his racist attitude.

Time-lapse 3D printer videos

I have two 3D printers and each has a webcam. I use Octopi (Octoprint on a Rasberry Pi) and can stop bad prints from my smartphone if I need to. Some materials are difficult to print and hours into it I can cancel the print job. I tried attaching the webcams to the printer’s heated bed so that I can get stable time-lapse 3D printer videos.

This didn’t go too well. I have both printers in Ikea Lack table enclosures and adding an arm to the bed meant that the camera would smack into the front door of the enclosure. When the bed moved back and forth the camera shook. This made for blurry videos. To address this, someone came up with software to pull it off with a stationary webcam. It’s called Octolapse and you can review the code on Github.

Software Plugins to the Rescue

My favorite software platforms can be extended by add-ons or plugins. Octoprint is no exception.

The Octolapse plugin waits for an event in the print job, moves the bed and extruder to a position you set and then snaps a frame. I use when the layer change for that event. After the frame is snapped the print job resumes. When the layer shift happens again it repeats and snaps another frame.

The results are fantastic. I turned off autofocus on the webcam to prevent some blurriness. Here’s a time-lapse of a multi-color snake I printed. It took 6 hours and 45 minutes. The video is 6 seconds long. It’s not a tall print so there’s not many layers to snap images.

The default Octopi time-lapse print is 1 minute and 37 seconds long and looks like this.

I have not tuned the Octopi video settings and the quality isn’t very good. The reason that the Octolapse version is better is because it’s not a moving image exactly. It’s a collection of sharp still photos stitched into a single video.

This is a better solution than a moving camera attached to the print bed. You can put the camera anywhere and obtain smooth, sharp, time-lapsed videos of your prints. I will probably put my webcams on a small stand and position it closer to the bed for larger full results.

It does add a little time to the print because the plugin inserts the commands to move the bed and extruder, snaps a photo, then goes back to printing. For each layer this is repeated. But the prints typically take hours to print and the time added is negligible.

This is a very elegant solution. The plugin has profiles for my Original Prusa i3 Mk2s MMU and one for my Monoprice Maker Select v2. I’ve not sorted out the Monoprice (the bed needs leveling and isn’t working too well right now) but once I have, I’ll post videos from that printer too.

Yes, I use Facebook and I’m deleting their apps

Take a moment to peruse the story about Cambridge Analytica. One outcome of that is that I remain a Facebook user but their apps and data are removed from my phone. I recommend all people I know to delete their apps. Here's why.

Control what you share

I use Facebook for a number of reasons.

  1. My extended family uses it. I love my family, (yes, even you and especially YOU) and they use Facebook. As far as I am aware, my family extends from Puerto Vallarta in Mexico to Puerto Rico to parts of Asia and Europe. This is a very 21st century thing and it works.
  2. Many of my school friends use it and I like to maintain some form of contact with those people. I went to school with some very cool folks. 
  3. Support groups. I'm a 3D printer user (I can stop at any time, I am not an addict) and some of the most effective sources of information are on Facebook.
  4. SOCIAL ISSUE AWARENESS! That one deserves a shout. Many people organize and discuss issues that are important to me. Like it or not, my Facebook feed is a source of information about many topics. Gun control articles? Check. Liberal causes? Check. Funny kitten videos? Check, Check.

All that is valid and anything I put on Facebook I do so with full knowledge and forethought. When I upload an image, video, comment or post to Facebook I know what I'm doing. That is no longer something I control once I do that.

When I share something on Facebook I expect it to be innocuous. My phonebook isn't that.

What else is Facebook obtaining that I don't control?

Visit your Facebook settings page and download a copy of your data from Facebook. You can do so via this link. https://www.facebook.com/settings

Depending on how much data you've shared, that can take a while. Mine took 10 minutes before Facebook notified me the download was ready.

Download and extract that zip archive. Open the index.htm file with your browser and click the Contacts Info link. My whole smart phone address book there. This wasn't somehow cross indexed from other users, I 100% never gave Facebook my cellphone number. If they got that, it wasn't from me.

They have the number of my employer's travel booking hotline. Really? I only added that a few weeks ago when I had to fix some work travel bookings in a hurry.

They could have easily gotten my own moble number from users who mistakenly uploaded that via the Facebook Messenger app as apparently I did. I'm reasonably sure that is how Facebook harvested my phone's data.

This is something that I take great care to not do. That's a line too far for me to cross and I do not want Facebook, or any social media site to get phone numbers, names and email addresses from me. I routinely tell the LinkedIn app the same thing: stop asking for that info.

And yet, there is my phonebook in my Facebook data download. I've tried to eliminate it from Facebook and I have not succeeded yet.

They know which apps I've installed too

Now visit the Applications link on your downloaded data. That is a historical list of applications on phones that I've wiped and disposed of years ago.

There's even more there about what ads I've looked at, etc. but I'm OK with those. I don't mind anyone tracking what I do on their site. It's not my site and that I can retrieve that data is a good thing. I don't think Facebook is "E-V-I-L" but when it comes to data collection I think they're stunningly blind to what they are doing.

"You are not a Facebook user, you are a Facebook product."

That's entirely correct and I don't disagree with that.

In the United States, data belongs to the person who collected it. That may not be true in other countries but within the U.S. that is 100% correct. This will not change as our government historically puts companies before people.

In Europe and other places, that isn't always the case. There are penalties for this sort of behavior. What I explicitly share on a site is acceptable. What the site backdoors from me is not.

I'll keep using Facebook from a web browser for now but there's no way I'll trust them on my phone again.

I want that contact data removed from Facebook. I want to believe that Facebook will honor that wish. But I have no reason to believe that they will do so.

You see, Mark Zuckerberg's statement isn't about Cambridge Analytica abusing user data. It's about how someone beside Facebook did that and was caught. It's just public relations now. If you are aware of that and are careful then you may want to keep using Facebook for now. But not on a phone, that trust has just gone out the window.

Wildcard certs via Let’s Encrypt

I just reduced 14 Let's Encrypt certificates down to 2. This is possible because the free service went live for wildcard certs. This has great implications for people who use the WordPress Multisite feature or routinely light up new virtual hosts in the same domain.

You can read Let's Encrypt's understated announcement here.

On my VPS I run Ubuntu 17.10 and it has a version of certbot that you can get from the official repo. Sadly, it's the 0.21 release and wildcard certs need ACME v2 support and that's only in release 0.22 and greater.

Here's what I did

On the command line I cloned cerbot from Github.

git clone https://github.com/certbot/certbot.git
cd certbot
sudo ./certbot-auto

You'll see something like so. On my main box it asked if I'm OK with installing more Python packages. A quick installation of those dependencies and I was ready to go.

Press c to cancel. You want wildcard not single hostname certs. Now type this as one line.

sudo ./certbot-auto certonly --manual --server https://acme-v02.api.letsencrypt.org/directory

The server argument is the important one and points to the new V2 API. I could modify the configuration but I'd have to remember what/where I did that. This is easier for me. Certs generated using the V1 API will work and renew with the new one so there's no worries there. The manual argument prompts you through the steps and ask what domains to use.

Normally this is not a manual process. But for the ACME V2 API, an additional check is required and I don't have a certbot plugin to interface with my DNS provider.

When prompted for the domain name I used "*.dembowski.net dembowski.net" and was instructed to create a DNS TXT record for _acme-challenge.dembowski.net as well as a file in dembowski.net/.well-known/acme-challenge/ with a generated name and content.

If you can put that file on the right web server, if you can update your DNS, then you're considered legitimate. Just make sure you wait for DNS to propagate first before proceeding. You can check if it has (at least for Google) using this link.

I have Namecheap and after a quick visit to that dashboard, I waited for the new TXT record to populate, I created that special file and hit enter.

POOF! My server was validated and the certificates were placed in /etc/letsencrypt and a few minutes later my many hosts were updated to point to that new wildcard cert. I repeated this for my other domain and I'm good.

WordPress Multisite and wildcard certs

If you are running multisite then this simplifies your life tremendously. You can and should have one virtual host for your installation. In my case, they're underneath *.dembowski.net.

In my nginx configuration, I modified the server_name line to add *.dembowski.net and I removed the other vhosts files. They were pointing to the same directory for WordPress and they're not needed anymore.

Less is more. I've been waiting for this since they announced it and lighting up new web server instances while maintaining transport level encryption is such a good thing. Let's Encrypt continues to make the web a more secure place.

Prusa MMU for the MK2s

I think I can call the multi-material upgrade of my Prusa Original i3 Mk2s a success. It took me about a day to put together and another day of tuning but I like the results and the prints look good.

Here's what you get with the upgrade kit.

  • A new E3D v6 with multi-material heat break
  • An additional daughter board to drive the extruder motors
  • All of the new plastic parts in ABS
  • Bondtech gears for the extruders
  • Bowden tubes
  • Spool holders for 4 rolls
  • All the fasteners needed

The instructions on Prusa's site are very good. I setup my laptop on the kitchen table, put the printer next to it and got to work. I took my time and spent 7 hours last Saturday just assembling it. A few quick tests and all was right in the world.

The Bowden tube setup is different and I need to get used to it. I had a clog on extruder 2 and had to  unscrew the Bowden tube from the print nozzle to clear it out.

I did have to butcher my Lack table enclosure. I run my printer in the basement and that gets cold. Enclosing the printer guarantees that I'll get better prints.

Less S3D, more Slic3r PE

The one thing I am not thrilled with is the software. I use Simplify3D a lot because I generally get better results. S3D's supports are magical and just pop off. In the past I would use Slic3r PE only when I needed to.

S3D does not yet support the Prusa MMU. There is a single color profile that I found on the Internet and that works well. But for multi-color prints it's Slic3r PE or nothing. This isn't too bad for me because once the bed is level and the z height is adjusted (-0.867 mm on mine, I set the PINDA probe a little higher) I get good first layers.

The default printer profiles generally work. The only adjustment I make is to set the first layer speed to 20 mm/s. After that it's full speed ahead.

The Purge Block

If you look at the image with this post, you'll see that each multi-material print has a block next to it. When the printer changes filament the head moves to the block and prints a 60 mm by 10 mm layer. By the end of that the nozzle is primed and the color can be applied.

That layer of block either gets completely filled in or if there's not filament change a small infill is applied for the next layer. Here's a closer look at the 2 color Moai.

That print has 2 filaments on every layer. That purge block is solid at 60 mm x 10 mm x 60 mm. I don't really think that's wasteful as it keeps the results clean. I may play with those settings to reduce the size.

Here's the fun thing: if I printed 1 or I printed 10 on the same job then the purge block is still the same size. It has to be the same height as the print itself because the print nozzle cannot descend. That would risk hitting something else on the print bed. Next time I'll print more than one and lay it on it's back. That should reduce the purge block and get more use out of the filaments.

Where to Get Objects to Print?

You can make them yourself but Thingiverse is loaded with many good models. There's more than a few that my kids already want me to print. It will be a while before I really make my own.

In the meanwhile I have a printer that can do up to 4 different materials in one go. That's cool and I'm having fun with this hobby.

3D Printed WordPress Bow Ties

Sometimes my hobbies cross over into each other. This year I attended WordCamp US in Nashville and had an idea. Why not download and make a bow tie with a WordPress logo on it?

First I went to Thingiverse and I quickly found this one. I already had the WordPress logo from converting the SVG with Fusion 360 and I began to work on combining the two files.

About an hour later I swore profusely. I had a lot of problems. My PC was a little under powered. Fusion 360 can do amazing things and you can design a V8 engine with it including all the parts. My limited Fusion 360 skills were failing me.

All I wanted to do was take the logo, position it on the tie and export the results to a new STL file for printing. But I'm not really good at manipulating imported objects that way in a tool like that.

Tinkercad to the Rescue!

Autodesk makes Fusion 360 but they also have a 3D editor that lives on the web and runs in your browser called Tinkercad. I imported the two files, positioned the logo where I wanted it and exported it for printing.

It took me all of 5 minutes. The first pass had the logo a little too thin and it broke too easily. It was also upside down; I thought the clip on bow tie would work that way. Sometimes I make poor choices.

Different Colors

Just as before with my WordPress coin, I wanted the bow tie to be one color and the logo to be another. My working printer does this like so:

  • Print using one color filament till the 59th layer. I used a tool to figure that out.
  • Move the nozzle to the corner and the print away from the nozzle. The nozzle is 200° C and that will melt any plastic it is near.
  • Beep loudly. This is an important step as the 3D printer is in the basement.
  • I remove the old filament and insert the new color.
  • Log into Octopi via my iPhone's browser and tell the printer to resume.

That's it. The bow tie came out well and I printed a few more. Did I mention that I sometimes go overboard? I printed 9.

Opensource All of The Things

The bow tie I downloaded is licensed via Creative Commons – Attribution and Thingiverse provides an easy to print attribution card HTML. Which I could not incorporate into this post except as a graphic and a link.

The 3D printer community is mostly opensource and these were printed on a Prusa i3 clone. I used Simplify 3D to slice the file into gcode but there are some really good opensource slicers such as Cura and Slic3r. I've had some bad luck with Slic3r but I think I sorted that out now.

If you want to play with this modified bow tie then you can download it via Thingiverse. Or create an account in Tinkercad and play with it there. It's an easy thing to do and is lots of fun.

WordPress Is About Responsibility

Your WordPress site (or any web site you put on the Internet) has value. Take care of it, it is your front yard and what the neighbors see. It’s your front office where you invite people to talk or do business with. Own it and take responsibility for it.

Recently on the WordPress support forums, I (not wisely) got into a security conversation. No great minds were changed, nothing new was discovered and nothing was accomplished.

In the hundreds of words exchanged, there was one tidbit sent my way that caught my attention.

Do you really think that it makes sense to expect these people to know/care about — and stay on top of — new/old security risks, manual plugin updates, manual core updates, etc.?

Yes, I do. 100%. Unequivocally.

I didn't reply there as the topic dissolved into a conversation about "blame".

I don't do blame, I'm about responsibility. Blame is for children, blame is for "It's not my/their fault" comments. Blame isn't about taking ownership, it's not a reason for something that happened. Too often blame is about excuses.

This isn't a new thing for me, I blogged about it 9 years ago. There's no shame in not having the technical ability to to maintain your site.

Software is a moving target

I recently went to a work event and one of the things repeated often was that security isn’t a state that you achieve. It’s a posture and is a response to a moving target.

WordPress powers over 28% of all web sites and that number is growing. Just as it is with popular office software and home PC operating systems, that number makes WordPress sites a very attractive target to go after. That’s why WordPress takes security very seriously.

But it’s a less than perfect world out there. Plugins and themes may not get the scrutiny that the core WordPress does. Patches happen all the time. When a minor number release of WordPress is pushed out, unless you or your host did something to prevent that, your site will update without you having to do anything.

Plugins and themes don’t update automatically, that’s turned off by default. That’s also where many sites get exploited.

Learn how to maintain your site

It’s still not a big list.

  1. Learn how to schedule backups and store them off of your WordPress site.
  2. Routinely log into your site to update plugins and themes. Or add a plugin to do it for you.
  3. Learn how to restore backups onto a blank installation.
  4. Or consider paying your host or a service to do these things for you.

Many hosts support WordPress and (for a fee) will do that maintenance for you.

Take responsibility but ask for help when you need it

I’ve not seen any surveys but I would guess that easily 80% of WordPress users don’t know how to do steps 1 through 3 above. I would also wager that half of those users rely on their host provider more than they realize.

That’s fine because most of those users may not lose sleep if they lose their blogs. People start blogs and forget about them all the time. For companies and organizations, a lost or compromised site can hurt their reputation.

If you need help or Very Bad Things™ happened, then you’ve got some options.

  1. See if your host can help you. Many host providers do offer WordPress support, sometimes for a fee.
  2. Hire someone, but be wary. I personally like companies that have real people, who interact and have a real reputation. WP Site Care is one such company, there are others. Don't just use Google, ask people who may know. Go to a local WordPress meetup and ask around.
  3. Post a support topic at the free, 100% staffed by volunteers, support forum. Notice that I put this one last?

Here’s why I put my favorite one at the end. There are no customers there, only users. If your site is on fire and you need it back ASAP then that’s just not a good option. I’ve been supporting and helping to admin those forums for years and they are top notch.

Those forums are staffed by unpaid volunteers working on their free time out of the goodness of their own hearts. Would you tell your CEO that’s your support model? You could do that. Some people have that misunderstanding and it often ends poorly. They don’t get the support they need and sadly, WordPress loses a user who didn’t realize what they were getting into.

A little self-education goes a long way. Don’t be afraid to ask questions about your WordPress site. At the end of the day it’s your responsibility. Learn and create a plan to maintain it and keep it running.

Don’t accept blame for what happens to your WordPress site. Take responsibility instead.

A 3D Printed Dial

I had a broken dial. I also have a 3D printer, so rather than epoxy the heck out of the old one, I designed and printed a replacement. One finished 3D printed part was produced with just a few hours of work.

My pool has a salt cell that uses electrolysis to convert salt in the water into chlorine. You manually set the level from 10% to 100% generation but I usually leave it alone at it’s maximum setting.

That dial literally has one job and it broke. It was flush with the panel so rotating it meant scrolling the right exposed side. Built out of cheap injected plastic though it did last for 7 years.

In Fusion 360 I started with a stub to make sure I sized the knob holder correctly and ended up with a knurled dial that protrudes from the machine. My process isn’t very good and I learn through “what’s that feature do?” For example, the knurling was put on my making a sketch, extruding and cutting it out of the dial then creating a circular pattern out of that 120 times.

The effect came out great. My first pass has knurling that was too shallow (0.5 mm). Until I printed it out I couldn’t see that I had made a mistake. Once I saw it I went in the designs time line, deleted the sketch (which also deleted the pattern) and re-did it again. The new knurling rocks.

The last iteration was missing something. I put on the face a cutout to show that turning it clockwise means more, counter clockwise means less. The original dial had that printed on the face but my cutout is more prominent. It also meant I got to try something cool on my design.

I started with PLA but when I got what I wanted I printed it in ABS plastic. Here’s a photo of the iterations.

Yes, I could have fixed the old dial with some epoxy. That would have molded the broken part nicely. But it’s not often I get to use one of my toys in a real world way like this. 2 days of on/off fiddling got me the part I really wanted.

Next time can it yell “Danger Will Robinson!” instead?

Yesterday I went to work at a data center in NJ. I don't often go as the round trip is more than 5 hours on the road. I had to do some heavy lifting and I wasn't sure if I had access to the last place I needed. So my pal walked me to the man trap there so I could check.

Man traps worked like this: I badged into the trap, the first door closed me into a small room. I badged to a second door, added another type of mandatory authentication and the second door would open. If it didn't work then the first door will unlock and I would have had to exit and try again. Or I just didn't have access and I wasn't getting in.

I did this. The second door opened. Sweet! I walked through and waited for my friend to join me.

Once I closed the second door on the data center side, the LCD panel lit up RED and the speaker started loudly repeating these words.

PIGGY BACK ALERT! AN ATTEMPT TO PIGGY BACK INTO THE DATA CENTER WAS MADE!

That happened. It was loud. It did not stop, it just yelled at me on a loop.

The stern recorded voice just kept repeating that. I was in the data center and the door would not open to let me exit. There was an emergency open door exit button for safety but there was no way I was going to set off that alarm too. I was not in any danger.

I had to call my pal on his cell. He was on the other side of the man trap and he could not come in either. The speaker was on both sides and we were both getting yelled at by a recording.

In short, I put that section of the data center into lock down mode.

What happened was that the first door's handle was not quite in the fully reset position. The door was locked magnetically (I checked) but it wasn't considered fully closed. When I went past the second door pandemonium was the result.

A security guard came and reset the system. He was a good sport about it and it happened to other people before. I tried a couple more times just to be safe. It was all good now.

I'm just glad the local cops weren't called. That would not look good on my next employee review.

« Older posts

© 2018 Mostly Harmless

Theme by Anders NorenUp ↑