JADDOG

Electrical
Yesterday I added a fan mount into the ceiling, don’t think I’ll put a fan up there. The box was complements of my neighbour so figured I’d use what I had instead of buying something. Also drilled through the existing frame of the house to run the wire up to the fixture. I had thought I’d have to notch the top plate above the door header and add some nail plates. Turns out I could drill up into the top plate and then into the header above the top plate and meet the two holes together to thread the wire. Hope all this passes inspection.

Framing
Today I got the first wall framed. Quite a learning experience. I found a different neighbor this time to help me lift what I had constructed and help me get it in place. We had to try three different approaches before the frame landed properly. While he was helping me his builder came by that was going to build his deck and game me his card. He didn’t wince at the work I had done so far, maybe that’s a good thing. I put two nails to hold it in place until I secure it finally and one of them i couldn’t get out to shift the frame slightly. Need to get a nail puller of some kind to get the final alignment of the frame. I’ll get to that.

Hoping to be ready for rough in inspection Friday. As long as I can get to building the other frame before then I have a friend coming Friday morning to help me with some of the details of completing the framing. Here’s my first wall framed:

Preparation
Got all the exiting moulding and siding off. Bought some sweet general purpose sheers to cut the siding with. Also got a set of 2x4s in place for the corner support.

Electrical
Had a neighbour come and help with getting the electrical started. Still need to thread the line up into the ceiling. Not sure if I’m going to run wire for sockets yet.

Porch is ready to be framed:

Porchry: A the process of converting my side porch into a pantry.

Introduction
I have often read peoples accounts of projects they have taken on and blogged about along the way. I’m about to pursue an endeavour I have zero experience in and thought it would be fun to blog about it.

If you look at these pdfs ( pantry_house_1-4 & pantry_1-2 ) you’ll see the plan I submitted to the Town of Apex in application for the building permit that give a basic layout of my first floor of my house the construction of the frame for the walls. Creating the pantry will open up our kitchen space so that we can remodel it and gain lots of counter top and cabinet space, which we severely lack right now.

Pemission
First step, which I almost forgot to do, was to get permission from the Town and the HOA. A huge applause for my HOA! I submitted my request last Tuesday to the management company, was visited by the president of the HOA Wednesday for a 5 min review, left for vacation to the beach thursay and had an approval letter in the mail when I returned Saturday evening. A second applause for the Town of Apex. I submitted my building permit application Thursday before I left for vacation and despite their being short a set of hands in the office they still beat their usual five day turn around. I was called Monday morning with an inviation to pick up (and pay for) my approval. $75 bucks for the building permit and $40 bucks for the electrical. I have no idea if that’s reasonable or not. On the other hand, what choice do I have?

My plans estimated a $600 build cost. We’ll see how that goes. I plan to keep track of the cost of materials and leave out the cost of tools that I add to my collection along the way Though, I think I’ll be able to borrow tools I need.

Investigation
My plans called for ten foot walls and replacing the column on the porch with a set of double treated 2x4s. This was a rough guess that I don’t think is too far off from what I needed. I’d torn out pieces of the siding and moulding on the porch to form a plan of attack and decided yesterday to go get my first round of materials:

• 4 treated 2′x4′x10′s
• 2 treated 2′x4′x8′s
• 16 2′x4′x105″ studs
• 4 2′x4′x96″ studs
• Box of galvanized nails
• Box of Decking Screws
• 5 Red Head masonry anchor bolts

Already up to $140, I had estimated $55 for framing materials. Oops!

Fun story here. On my plans I did not specify how I would attach the frame to the existing porch foundation. The town wrote in that they expected me to use !/2″ anchor bolts 6′ on center no more then 12″ from the corners. I wanted to be sure I bought the correct bolts so I asked someone at Lowes what would fit this requirement. The employee told me that anchor bolts are set in concrete when it’s poured and that I would probably have to re-pour a new foundation. I was confused with this so I started to call the town to ask what I was missing. Before I could complete dialling the number a guys approached me, apologized for eaves dropping my conversation and offered his assistance,  worked in construction, as he thought he had overhead me getting misinformation. He proceeded to kindly lead me to the proper anchor bolts and walk me through a very detailed instruction on how to use them. I had a few more questions but was interrupted by my 2 yr old asking me to take him to the potty, who later told me that he wanted his mommy and “Lowes is not fun”. I hoped he just meant that particular visit since he usually has fun there riding the lawn mowers. So we went and got the lumber and I let him ride on the flat bed cart. Hopefully this was a decent recovery.

So here’s a picture of the porch post investigation:

The column is a hollow pvc like construction. I’m not sure if it’s weight or load bearing so I’m going to treat it like it is. You can’t see it in this pic, but the foundation is painted brick like next to the wood steps in this pic with a layer at the top of unpainted brick and filled in with concrete. Standard porch? as far as I know. At this point I’m working to tear out enough of the molding and siding to take exact measurements for the frame and start to build it. Once I have the measurements I need to cut and construct each wall frame and put them into place. Once in place I’ll drill through the wood into the brick/concrete to attach the frame to the foundation. Then I’ll use the deck screws to attach the frame to the existing walls.

More to come.

You parents out there will know what I mean. Listen to the lyrics of this. It’s pretty hilarious, and oddly accurate.

Loki is one of the projects that I started at work and open sourced. I have been giving intermittent attention to. It was recently metioned at a buildbot meeting:

There are already some configuration-generation apps out there (notably Loki),

http://buildbot.net/trac/wiki/Meeting29April2010#BuildCoordination

Also, Mozilla recorded the meeting: http://videos.mozilla.org/serv/air_mozilla/buildbot080event.ogg
Loki is referenced in this video just after the 0:28:50 mark.

Thanks for the plug!

Just uploaded a tarball of Nushus 0.12.2 to the Nushus fedora hosted site.

Docs and tickets are still being transferred out to the fedora hosted trac site.

Nushus (pronounced new shoes) is a package and file repo release management tool. It has a web interface and cli client to aid in isolating in and promoting packages through a release engineering process.

Right now you can import two types of files:

1. rpms with auto generation of yum metadata, acls management and promotion to other nushus instances on a per-repo basis
2. simple files with acls managment and promotion to other nushus instances on a per-repo basis

An instance of Nushus can be established in multiple environments. (ex: QA, Stage, Prod) The instances are then configured to talk to one another so that they can transfer files from environment to environment.

I’ve been working to open source a project I’ve been working on at work.

Pushed the code base up to FedoraHosted.org this morning. Documentation still in progress, ticket migration to FH.org trac site to come.

http://fedorahosted.com/nushus

Don’t dump out excess thinset (the stuff the adheres tile to backer board) in your driveway and expect to use just a hose to clean it up.

I ended up scooping it up with my hands and putting it in a cardboard box to get it in the trashcan. Otherwise it probably would have solidified in a huge blob in my driveway, and existed for what would have seemed like eternity.

On the other hand… I think the tile job in the downstairs bathroom turned out pretty decent. This photo is pre-grout. If I remember to I’ll take another photo in a finished state.

The problem:

I was using mod_auth_kerb to authenticate and ProxyPass to pass off the request to another server. I’m trying to support Kerberos Authentication but split the infrastructure into a proxy/app tiering using ProxyPass because I needed the ProxyPassReverseCookieDomain directive. Problem is I need to pass the user that had been authenticated along with the ProxyPass (ie. the value of REMOTE_USER) and found no configs to let me do that with mod_auth_kerb and ProxyPass.

What I tried:
I found a bunch of pages that referenced using a lookahead (LA-U:REMOTE_USER) to get the value of REMOTE_USER. Take that value and set an environment variable. Then use the env var to set a header, say, X-Forwarded-User. This didn’t seem quite right since this was being implemented at the rewrite stage (pre authentication, hence the lookahead’s subrequest) and spawned the overhead of another subrequest to get the initial value. I tried all kinds of permutations of some rewrite configs that looked something like this:

RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule .* – [E=RU:%1]
RequestHeader set X_REMOTE_USER %{RU}e

http://n2.nabble.com/SSO-with-SSPI-and-SSL-LA-U-REMOTE-USER-always-null-td4086748.html et al.

In spite of the “not quite right” of the subrequest to env var to header I always got a value of (null) back from the lookahead. So this never even worked in combination with mod_auth_kerb (I’ve been told it does with basic auth or with mod_auth_kerb + RewriteRule [P]). Further it seemed inefficient to do all this subrequest to env to header stuff. I figured the most efficient thing to do (relative to processing the requests) would be to write a simple apache module that was in the module chain after auth but before proxy. Turns out that it didn’t take too long to do either.

The Solution:

I started with a tutorial at threebit.net where I just wanted to compile an apache module and insert it into the module chain. This worked like a champ (Thanks Kevin!) and I was logging to my error_log via stderr in no time at all. After reading though some apache code I figured out that r->user was the variable that mod_auth_kerb was populating the authenticated user to and that the ap_hook_handler method was inserting this module into the chain after proxypass. This location in the module chain was a problem because when I turn on proxypass the request was being proxied before the module was being executed. After a bit more docs and code reading I found ap_hook_fixups, which is in a stage between the auth and proxy modules. So that diff would look something like this:

< ap_hook_handler(mod_tut1_method_handler, NULL, NULL, APR_HOOK_LAST);
> ap_hook_fixups(mod_tut1_method_handler, NULL, NULL, APR_HOOK_LAST);

Finally, the method_hander’s code was changed from the stderr functionality to these two lines to use the r->user variable:

apr_table_set(r->headers_in, “X-Forwarded-User”, r->user);
apr_table_unset(r->headers_in, “Authorization”);

This sets the X-Forwarded-User header with the user the proxy has authenticated and strips out the Authorization header to be sure that your not passing any basic auth information (passwords in clear text!) from server to server.

I don’t have a complete set of code anywhere for you to download at this point, though, hopefully there’s enough here that all you’d have to do is swap a few pieces of code out, compile it (I had to update the automake stuff on the tutorial cuz it’s kinda old) and install it according to the tutorial’s directions.

Words of Warning:
1. Secure your app!
If you open your app up to accept X-Forwarded-User and trust that header as a source of an already authenticated user you must make sure that the only host that can pass that header to your app is your proxy! It would not be hard to install this custom module elsewhere (or use the lookahead stuff), slap basic auth on it and pass the header to your app completely ignoring your authoritative authentication infrastructure.

2. This will be applied to every request on your proxy.
There is nothing in this module that will only apply this to a specific vhost or anything. Every request that your proxy processes will get your custom header.

Future?
A nice addition to this would to let you configure the header name in your vhost config (ProxyUserHeader “X-Custom-Header-Name”) or even to submit a patch to mod_proxy so it’s not a separate module but built into mod_proxy (ProxyPassUserHeader “X-Custom-Header-Name”). Seems intriguing to do a bit more with it.

Ran my first half-marathon this morning: Tobacco Road Marathon

My goal was to do it in less than 2 Hours.

Chip time: 1:45:35
Avg mile: 8:07

pretty happy with my results.

Next race this year: Riverwood Sprint Triathlon