:::: MENU ::::

Hieratic – a new way to use Puppet and Hiera

Today I’m announcing the release of Hieratic, a new Puppet module designed to improve the integration between Puppet and Hiera.

Hiera tries to improve Puppet by taking site specific data out of manifests. Hiera makes it possible (and even easy) to define complex sites by making general configurations and then defining only the differences between each node. This can be done on a very granular (and configurable) level. If you haven’t played with Hiera yet take a minute to read through it’s overview and bask in the awesome.

As much as I love it though Hiera is not without flaws. Since it wasn’t shipped by default in Puppet until 3.0 many modules do not have built in support for it. Automatic Parameter Lookup partially solves this problem, but has some serious limitations that significantly reduces it’s usefulness- the biggest being that it is incapable of merging values from multiple levels and only provides the highest priority items.

Hieratic solves this problem. It lets you define a variety of a resources, including classes, while still allowing deep merging to occur. With Hieratic it’s possible to completely separate Puppet code from configuration.
Continue Reading

Fetch v0.6.1 Released

This update has a lot of bug fixes and optimizations, particularly around character encoding, that have been submitted by over a dozen contributors. This release also contains two new functions- listMailboxes and getOrderedMessages.

Puppet PSAD v1.1.2 Released

The PSAD Puppet Module has been updated. The major addition includes some better handling of the PSAD service checks, which should result in a faster check of the PSAD service and remove some potential warnings on versions of Ubuntu. Additionally some documentation and formatting updates have been made.

Special thanks to netson for their contributions!

Stash v0.12.2 Released

This backwards compatible release contains a number of feature and stability improvements.

  • On the HHVM front a nasty regression with APCIterator was resolved, continuing the commitment to HHVM compatibility.
  • The Filesystem driver was given an alternative format, JSON, for systems where the native PHP was not optimal. This driver also saw signicant performance improvements related to the clearing functions.
  • The Redis driver was given additional tests, improved error handling, and better support for persistent connections.
  • Memcached also received improvements around it’s use of persistent connections, as well as support for the AWS autodiscovery feature.

In addition to those points there were a few minor bug fixes as well as some readability related code improvements.

Special Thanks to Steve Clay, Paul Scott, Matthias Kreft, Ben Clark and Giuseppe Roberti for their contributions to this release!

JShrink reaches 100k downloads on Packagist!

Five years ago JShrink was released to let PHP apps minify their javascript assets natively. Since then the PHP world has matured considerably, especially when it comes to package delivery. The introduction of composer, and it’s website counter part Packagist.org, has been a huge boon to development.

Two and a half years ago JShrink was put on Packagist, and since then it has become an increasingly important channel for JShrink’s distribution. Today it hit a new milestone- 100,475 downloads! It’s not just the total number of downloads that is going up, but the monthly download count as well, with downloads hitting just shy of 15k a month.

Thanks for all your support!

A Walkthrough of PSR-6: Caching

There’s been a lot of discussion about PSR-6, the php-fig caching interfaces, so I thought it was time to step in and describe what this system is all about. Be prepared to read far more about caching interfaces than you probably thought possible.

Continue Reading

New Module for Managing PSAD using Puppet

I’m a firm believer in hosting my own email and other services, and after running some updates to deal with Shellshock I realized it was time to replace my provisioning scripts and bring my personal systems under proper configuration management. It was while doing this that I found out there isn’t a PSAD module for Puppet! This is something I just couldn’t allow, so I’ve spent some time over the last few days fixing that problem.

PSAD is one of my favorite security tools for services. It works with the existing firewall to detect post scans and actively block them. It has the ability to persist data, meaning it can catch scans that are occurring over long periods of time, and it has a variety of configuration options to suite all needs. Further, because it’s using the firewall logs themselves you can add and remove new firewall rules without needing to change any of the PSAD configurations- whitelisting an IP address is a simple matter of adding that change to your firewall.

The PSAD module handles everything you need to get PSAD up and running.

  • It can be used to control the entire configuration of PSAD.
  • It adds the firewall logging rules that are needed.
  • It adds a cronjob to keep PSADs signatures up to date.
  • Of course, it also installs PSAD and keeps the service running.

The module itself on PuppetForge, with development living on Github.

Major Stash and StashBundle Updates

For the last two months there has been a lot of development on Stash and the Symfony StashBundle, culminating in the release of Stash 0.12 and Stash Bundle v0.4.

It’s hard to stress how much work went into these two releases. For Stash there was 139 commits and the Stash Bundle itself had another 103. Much of this was internal changes designed to improve performance and ease future development, but there are also a lot of goodies that you’ll want to start exploring.

New Documentation Site and Github Organization

Stash and the Stash Bundle have both been moved out of my personal Github account and over to a new organization. At the same time we’re launching a brand new site, StashPHP.com, for all of the Stash documentation. A special thanks to the folks at the Guzzle project for releasing their Sphinx theme to the public, as that was the basis for the new site.

Full Support for HHVM

This latest release is the first to commit to supporting HHVM. Every new change will be tested against both the stable HHVM and the nightly builds, and any problems that come up will be resolved before being released.


Stash has already has great support for grouping cached items together using Stacks, and with this latest release it adds Namespaces to the mix. These features are redesigned to work together, allowing each namespace to contain it’s own completely independent groups of items.

For more information on how to use these features in your project check out the Groupings documentation on the Stash site.

Public API Additions

Besides the Namespace features there are a few new public functions available. The DriversList class has been expanded to allow more data to be pulled out about what drivers are available on the system as well as making it possible to register custom drivers. The Item class also contains new functions which pull out metadata about when an Item was first created and when it is expected to expire.

Intensely Expanded Test Suites

Testing is by far one of the most important parts of the Stash library. Stash’s test suite contains 162 tests and over 4,200 assertions, which act to make sure that all drivers behave in a consistent manner and that all data that goes into Stash comes out as it should.

The StashBundle had not, until this point, been tested nearly as thoroughly. That has changed with this update, and the StashBundle now has 98% code coverage, with 94 tests and 834 different assertions.

Major Rewrite and Expansion of Documentation

All of the documentation has been reviewed and updated, including the PHPDoc and inline commenting. New sections have been added to help people Extend Stash for their purposes, Add New Drivers for systems not currently supported, and to Integrate Stash into their projects.

Lots of Little Things

Although a lot of big things have been mentioned, there’s numerous smaller changes that help make Stash better. For more information as well as a list of all potential BC breaks please check out the Changelogs for Stash and StashBundle.

JShrink added to the HHVM Compatibility Test Suite

In the most recent release of JShrink I pledged full HHVM support, and since then have been running our full test suite against the 3.0 release as well as the nightly builds. Well, it seems that HHVM has itself committed to supporting JShrink, as they’ve added it to their own framework compatibility test suite.

For the last week JShrink has been present on the HHVM Compatibility Dashboard, where it is one of 24 projects that are working at 100%. I’m proud to publish code that supports HHVM, and am very excited that JShrink is one of the projects used to test compatibility of HHVM against the existing php ecosystem.