Jekyll and Windows

How to Jekyll on Windows

A lot of people, including myself and this site, use Jekyll to create cool markdown-based blogs. A smaller subsection of those people use Windows - namely because developing on Windows is an absolute pain. But if you're reading this you're definitely one of the few!

Short Answer:

You can't.

Long Answer:

It is technically possible - there are a lot of guides on how to get Jekyll started on Windows - and most revolve around using Cygwin. Here are some links to get you started:

Links

• Jekyll homepage
• Julian Thilo's Comprehensive Ruby on Windows guide
• RVM on Windows script

There are a multitude of issues for the guide, which as of Dec 2014, ranges from compile errors (spoiler: you'll download every Visual Studio version, ever), to Ruby having outdated SSL certificates (and the common fix, RVM, is not really Windows compatible).

Solution

The easiest workaround I found was installing CentOS 7 onto a VM. It's a lot to download for a blog setup, but I use that VM frequently for a stable dev environment. If you wanted a throwaway distro, you could try Puppy Linux 5.6, the variations of which can be around a couple hundred MB. Installing Ruby and Jekyll took minimal googling on Linux, and after I setup the blog file structure, I could use my standard Sublime 3 text editor to create new posts, without having to go back into Linux.

Its Still Not Over - Sometimes My Blogs Dont Render Properly

You thought it was that easy? Nope. Jekyll blogs require YAML Front Matter, a sort of header that classifies each file. The problem is that sometimes Windows will encode a BOM character into the start of your UTF-8 file. Normal text editors will not render them, so you can't see them. A BOM before your YAML header will stop Jekyll from rendering the pages properly - they'll look like you typed it all in plaintext in a HTML file.

If youre using Sublime, you can use Package Control to install HexViewer which will allow you to view and edit the hex. A BOM will show EF BB BF as the first bytes of your file. Typically you want 2D 2D 2D, which is the 3 hyphens for the start of the YAML header. Change it accordingly, and save using File > Save with Encoding > UTF-8 (don't save it as UTF-8 with BOM! This is exactly what you are trying to avoid!).

I hope this post helped someone troubleshoot their setup!

OAuth

What is OAuth?

OAuth is a powerful web authorization service that lets user exchange tokens for access to server-side resources. In theory, this protects the users credentials by keeping them hidden after the initial exchange. Tokens expire in a set amount of time, warding against unguarded terminals.

A Case For

OAuth is a powerful system with a userbase that includes some of the largest contemporary web traffic servers. It's security is not to be laughed at, and when implemented correctly, has no effect on the end user. It is as strong as it is transparent.

A Case Against

As all-encompassing as OAuth is, I could not help but feel like it was too encompassing in my brief encounter. Now, I am by no means an experienced OAuth adventurer who can safely tell you the depths of its waters, but the lengthy pains I encountered trying to implement OAuth was sufficient enough to drive me to more hospitable frameworks.

In trying to use OAuth, as an example, I had to use no less than 8 arguments to try to create a user session. This is of course, after staring at the docs for what seemed like forever and eventually require-ing someones JS workaround into my app. So bear in mind, 8 arguments is the short version.

oauth_consumer_key
oauth_token
oauth_signature_method
oauth_timestamp
oauth_nonce 
var consumerSecret
var tokenSecret
and the resulting: oauth_signature

Could I probably have stopped whining, dug deeper, and eventually have implemented OAuth? Definitely. Was I going to? Nope. Even if I wasn't pressed for time (which I was - it was a 2 day whirlwind sprint), I could probably have spent my time better writing an alternative.

I'm a firm believer in a framework doing your work for you. (Ask me about my Backbone MVC pains.) And OAuth did not seem to fulfill that basic premise. In fact, it was starting to look like OAuth was a string concatenator, rather than a framework. The straw that broke the camel's back was the oauth_nonce. It was basically a long string of random characters. As silly as this sounds, it was this level of lack of abstraction that made me finally move on. It was in the middle of writing the randomStr() function that I realized - what am I doing? I am solving a problem to solve a different problem to solve an authentication problem. I eventually decided to look elsewhere for my authentication needs.

Fin

As you can probably tell by the comparative length of the arguments, I dislike OAuth. That does not mean that I don't think it's a great authentication setup - I just don't think it is a very good API. I would say that OAuth seems a fine system for a high security requirement and free man-hours on the dev team for that purpose, but for small scale appliations, I recommend looking elsewhere.