Let's Encrypt on Heroku with DNS Domain Validation
We needed to renew and update our certificate for www.codesy.io, and I’ve been wanting to use Let’s Encrypt for a while. I had read and tried some other guides for using Let’s Encrypt on Heroku, but none of them cover DNS domain validation. The steps are roughly:
- Install
certbot - Use
certbotto generate a manual cert - Deploy a TXT record to your DNS
- Upload signed certificate to Heroku
- Update your DNS Target
Install certbot
First, you’ll need certbot:
brew install certbot
Note: The certbot site contains install instructions for other systems.
Use certbot to generate a manual cert
With certbot you will need to generate a cert to manually install to the
Heroku server, and specify DNS as your preferred challenge:
sudo certbot certonly --manual --preferred-challenges dns
Note: certbot needs sudo to put resulting files into /etc/
certbot will ask you the domain for which you want a certificate …
… and if you’re OK with your IP being logged as having requested the certificate …
… and will finally tell you what DNS TXT record to deploy:
Please deploy a DNS TXT record under the name
_acme-challenge.www.codesy.io with the following value:
CxYdvM...5WvXR0
Once this is deployed,
Press ENTER to continue
Note: Don’t press ENTER until you have deployed your TXT record
Deploy a TXT record to your DNS
Your domain registrar likely has its own docs for adding a TXT record. Here are some links to a few:
- GoDaddy
- Hover
- Google Domains (docs by Microsoft!)
- Amazon Route 53 (See Basic Resource Record Sets)
Upload signed certificate to Heroku
Go back to certbot and press ENTER. It will create signed certificate files
in your /etc/letsencrypt directory.
SSL is now included on all paid dynos on Heroku. The $7/mo. for a hobby dyno is still cheaper than $20/mo. for the old SSL Endpoint add-on. So, to change to a hobby dyno, go to your app’s Resources panel and click “Change…”
Then, use heroku certs:add to add your Let’s Encrypt fullchain and privkey
files.
sudo heroku certs:add --type=sni /etc/letsencrypt/live/www.codesy.io/fullchain.pem /etc/letsencrypt/live/www.codesy.io/privkey.pem
Note: Again, heroku needs sudo to access files in /etc/
You can also copy+paste your certificates’ contents in your app’s settings dashboard - under “Domains and certificates”, click “Configure SSL”.
Update your DNS Target
Finally, update your DNS CNAME record for your domain to point to the
certificate-domain.herokudns.com. In our case, it was
www.codesy.io.herokudns.com
Enjoy your Let’s Encrypt-verified site!
Take 5 minutes to help web developers and earn Stack Overflow rep
Update 2014-02-28: Gareth helped me make this dynamic spreadsheet that auto-updates from Google Analytics every night.
tl;dr - go thru Today's stackoverflow MDN links to fix and fix them in the StackOverflow answers.
Helping developers is my professional and personal passion (See Exhibits A, B, C, and D). MDN and Stack Overflow are both great resources for web developers. But following a Stack Overflow answer link to a 404 page is frustrating and dis-heartening.
I added GA event tracking for 404's on MDN. I originally wanted to help writers decide which wiki pages to prioritize, based on how many times an MDN reader clicks an internal link that results in a 404. But when you record metrics and analyze them, you find the unknown unknowns, and "it’s the unknown unknowns that really matter, because that’s where the magic comes from."
So, I learned that the vast majority of 404's on MDN are from external links. (Duh!) And the biggest single source of those are old Stack Overflow links. Luckily, Stack Overflow allows us to edit those answers to update the links to MDN. There's even a special "Excavator" badge for editing a post that's been inactive for 6 months.
So, if you've got a few minutes, you could help clean some of these links up:
- Look thru the Google Spreadsheet; there's a long tail of links to fix
- Use our excellent new MDN search system to find the right doc for the link
- Edit the answer and earn +2 rep!
Note: Sometimes we may want to create REDIRECTs for the 404 pages to help other visitors, so if you fix some links, please mention it to us on this thread.
screen recording green
Both QuickTime Screen Recording and iShowU kept giving me a green video until I disconnected my external monitor. I got the idea from this Apple Support thread comment to disable the external graphics chip. There are other ideas in the full thread.
Hopefully this post helps the next person find their answer faster than I found mine.
MaaS: MDN as a Startup
tl;dr – I want to reboot MDN as a Lean Startup – a platform for web developer knowledge and community. There's a bunch of new kinds of work to do. Go to the MDN Metrics project proposal on wiki.moz, join the thread on mdn-drivers, or comment here to give feedback.
After I read Kanban and The Phoenix Project I picked up Lean Startup and Lean Analytics. I love that the Lean Startup community is inclusive of intrapreneurhsip – people making new products inside larger host companies. The “Developer Program” we've discussed at Mozilla is a perfect example of intrapreneurship, and we should treat it as a User-Generated Content startup.
We're already doing this ...
We're redesigning MDN and already launched the redesign to beta testers. It looks great - it highlights important content, improves search and discover-ability, and it's easier to read article text. We're improving the redesign with quick continuous deployments to beta users; we even pushed to production 4 times during Mozilla Summit - 2 of which were changes made by new contributors from our impromptu MDN hack night!
But ...
We need to measure
It's no secret that the redesign project has been stressful across all teams - Product, UX, Creative, Development, Content, and our community. Pressure can be healthy - constraints foster creativity, innovation, and some pretty epic hacks. But pressure without purpose is just wasteful stress. And the driving philosophy of Lean is to eliminate inefficient and wasteful activity.
Dan McKinley from Etsy gave a very insightful talk about Designing for Continuous Experimentation at Warmgun design conference. He tells the story of Etsy implementing an infinite scroll project:
So when we decided to do this we just went for it. We designed and built the feature, and then we figured we'd release it and it'd be great.
...
Eventually we came to terms with the fact that infinite scroll had made the product worse, and we had changed too many things in the process to have any clue which was the culprit.
...
So if we go back to our "product plan," we see a couple of major things wrong with it. We did a lot of work and it was pointless. A better way to have done this would have been to validate those premises ahead of time and then make the call.
(Emphasis mine) So, I'm pushing hard for MDN to validate premises before we expend time, effort, and stress on projects.
What should we measure?
MDN is site for user-generated content like Wikipedia, reddit, Twitter, Facebook, etc. Lean Analytics has an entire chapter devoted to UGC metrics for:
- Visitor Engagement - how often do our readers come back, and how long do they stay?
- Engagement Funnel and Changes - how many users register; how deeply are they involved with MDN and how do we encourage them to deeper activities?
- Notification Effectiveness - how many newsletter subscribers and twitter followers do we have? How many of them open the email or click thru to the links?
- Content Creation and Interaction - how many people tag, edit, translate, or review articles; how many comment or create demos?
- Value of Created Content - how visitors read certain topics and articles; which traffic sources bring more engaged users?
- Content Sharing & Virality - how many users tweet, like, or otherwise share articles; how do the recipients behave as a result?
For example, I've been digging into our MDN Engagement Conversion Funnel:
For me, the engagement cliff between visiting and creating an account is too huge. So that measurement tells me we should add more activity features between visiting and creating an account. Maybe something like:
If we add features, we should implement minimum viable features to validate our assumptions about the impact we want - e.g., does a sharing or voting feature actually increase account registrations and editing behavior? So we'll also want to define "the impact we want" - higher quality content, more visitors, etc.
How should we measure?
So far I've done all this by hand, but I'm proposing that we start a project for MDN Metrics on the site itself. Something similar to the interface of SUMO's KPI dashboards, though our KPI's will be different. That way everyone in the MDN community has the access to our metrics when discussing MDN product and priorities. If you've read this far and want to give feedback, leave comments here, or join the thread on mdn-drivers.
team fortress 2 enable steam community ingame
Another quick google-search-turned-post to help others looking for a solution to this problem.
After my last Steam upgrade (Mac client) the community overlay stopped working in Team Fortress 2. This breaks a number of features, including the "Invite" button when creating a party. This is the solution that worked for me:
1. In Steam Library, right-click Team Fortress 2 and choose Properties
2. UN-CHECK "Enable Steam Community In-Game"
3. Quit Steam
4. Re-open Steam
5. RE-CHECK "Enable Steam Community In-Game"
Overlay starts working again!
