Building a web application for $5-10 per month

SAAS companies seem to fulfil almost every need lately; from VCS to mailing, from authentication to screen sharing, from image and video processing to caching and app hosting. Interestingly enough, a lot of these companies offer basic tiers for free, so it is becoming increasingly possible to launch a web application where most of the work is done by 3rd parties, with a minimal budget.

I started wondering recently if it would be possible to launch such an app, using as many 3rd party services as possible to fulfil the necessary functions (such as authentication and storage), with a budget of $5 to $10 USD per month.

The following is a graph representing my idea for the architecture of such an app, describing the interaction with these services. Most of these are free (except for the purchase of a domain name, Google Apps, and DigitalOcean, which have very accessible plans):


The goal of my small research was to verify if it would be possible to:

Build an SSL-enabled web application with monitoring + CDN + hosting + authentication using OpenID, striving for minimal cost while offloading as much back-end, data, and functionality to cheap or free 3rd party services.

Every 3rd party service mentioned in this graph had to fulfil the following criteria: 

  • Free (or very cheap)
  • Longevity (has been thoroughly adopted by the market, or major companies)
  • Reliable (at least 99% SLA)

This is a list of tools & services to get your new product up and running for dirt cheap:

  • Domain, DNS, hosting, and caching
  • Authentication
    • OpenID Connect is an initiative by several large companies to make auth simpler (like Persona by Mozilla)
  • Databases & Storage
    • Self-hosted
      • MongoDB is a great/easy NoSQL solution
      • PostgreSQL is widely used and supports SQL/NoSQL
      • MySQL and MariaDB are standard SQL RDBMS that have gone through the test of time
    • Remote
      • Google Cloud DataStore is your database in the cloud (and it has a free plan as well)
      • Amazon S3 (for storage, in case you have a large amount of images/files, optional in this case)
  • Mail
    • Mailbox hosting
      • Pawnmail – Email hosting for free! (tried it for a year and so far it seems to work great)
      • Google Apps – Mailbox functionality for your domain ($5/mailbox) in case you don’t want to set up a server
      • Postfix mail server – You can host it yourself (using Postfix), but be prepared to spend a lot of time setting it up
    • Mass-mailing systems
  • Graphics and icons
    • Unsplash (and Flickr freeuse) offer good images for use in your site for free
    • Font Awesome provides a quality icon font for free
    • (create your favicon and apple icons for free)
  • Monitoring, logging and analytics

Finally, the application itself could be built in this way:

  • Back-end: Python + Flask + Tornado. Flask is a framework which allows you to generate APIs in a simple/scalable way, and it is very easy to get started. Add Tornado to handle concurrent requests. You could use the PyOIDC wrapper to handle authentication, and the rest could rely on a simple architecture (Entity – DAL – BLL – API).
  • Front-end: Built with HTML5 + Bootstrap (easy way to get up and running fast), AngularJS (with controllers and services to communicate with the back-end), SASS (or LESS), and Gulp to compile/merge everything.
  • Source & deployments: You could use Bitbucket with two private repositories (front-end / back-end) for free, and Capistrano to deploy to your server.
  • Testing: Protractor and/or Jasmine

As easy as that!

If you have any suggestions to how I could improve this chart, or any services that would improve (or further delegate core functionality to free/cheap 3rd party solutions), please let me know in the comments!

* Note: You could use Heroku (which has a free tier) instead of DigitalOcean or Rackspace, but who doesn’t love full control over his/her server?

Living in the cloud

My hard-drive crashed last Saturday, which kind of pissed me off as I was planning on spending Sunday playing online with one of my mates. So I spent Sunday and Monday formatting and re-installing everything.

To my surprise: I didn’t actually loose anything. I hadn’t realised how much of my data actually lives on the cloud.

It turns out 100% of my data lives “up there”.

Over the years I guess I’ve been slowly migrating without noticing the full extent.

This is the list of services I currently use:

  • Google Chrome (I keep my bookmarks and history synced across devices using my Google account)
  • Steam (I use this to purchase games online, I can re-install every game I bought on the platform on a new PC in less than a day)
  • Github (I host all my projects here, including personal projects on private repos. Yeah, I could use bitbucket as well I guess)
  • Spotify (Online music streaming service. I haven’t downloaded iTunes nor have I accessed Grooveshark in a couple of years)
  • Dropbox (I did quite a few referrals and I got bumped up to 56GB of space. Now I store all my photos, videos and music on Dropbox)
  • Google Drive (Why not just use Dropbox? Well… I find Google Drive convenient for documents, so I use it for all my office-related documents)

And that is how I successfully moved everything to the cloud. Hard-drive crash? No problem. Format, re-install, wait for downloads to complete, and you’re good to go.

If you have used other cloud services in the past that you think I should add to my list of must-haves, please let me know in the comment section below.

5 Solutions for MySQL Error 1235

I got stuck for hours the other day with this problem. I’ve used triggers for years in SQL Server without a problem, however, in MySQL the implementation is a bit iffy.

One problem I ran into yesterday while trying to restore a database was error 1235:

ERROR 1235 (42000) at line 1408: This version of MySQL doesn’t yet support ‘multiple triggers with the same action time and event for one table’

I scoured Google for about an hour, and came to the conclusion that there is multiple reasons this error may appear. I explain these reasons and provide solutions for them below.

First of all, I suggest you get a list of all triggers by running the following command:

SELECT trigger_schema, trigger_name
FROM information_schema.triggers
WHERE trigger_schema = 'NAME_OF_YOUR_DATABASE';

Reason #1:  You can’t combine both BEFORE/AFTER with INSERT/UPDATE/DELETE

This PDF describes this issue. The problem is simple: You can’t have BEFORE_INSERT and AFTER_INSERT for the same table. You may have been updating a column BEFORE insert and updating some other table AFTER insert with the ID. I suggest you move some of this logic (maybe the BEFORE trigger) to your code.

Reason #2: AFTER_DELETE sometimes fails with error 1235

You should avoid using AFTER_DELETE triggers. Move the logic to a BEFORE_DELETE trigger if you are going to use the OLD variable. No idea why this happens, maybe it is my specific MySQL version.

Reason #3: You can’t have triggers with the same name (duplicate triggers)

Sometimes you get another error code when doing this, but other times you get the same error 1235 with no explanation. Run the “show triggers” query I stated above and look for any triggers with the same name. Always run DROP TRIGGER before creating/modifying a trigger.

Reason #4: You can’t reference the SAME TABLE you are updating/inserting to in a trigger

For example, if you wanted to set the default password for a user through a trigger upon creating a new user record, you might have tried to do this: UPDATE users SET password = ‘newPassword’;

The correct way to do this is to set the variable in the BEFORE_INSERT trigger. Example: SET NEW.password = ‘newPassword’;

Reason #5: When exporting a database (as an SQL script) you may get database definers in the script

In other words, if you export a MySQL database to a .sql file, the actual file may contain things like TRIGGER ‘mydbname’.’trigger_name’. So if you try to restore it to a database with a different name it would fail. I would have expected another error code because the database it is referencing is NOT the one I am restoring to. Anyway, you receive error 1235 for this as well.

Quick fix: Open the .sql file and replace all mentions of `EXPORTED_DB_NAME`. with a blank string (i.e. replace with nothing).

Summary / TLDR:

Do not use BEFORE/UPDATE triggers on the same table for a same function (e.g. INSERT). Do not use AFTER_DELETE triggers, use BEFORE_DELETE instead. Do not have duplicate trigger names. Do not reference the same table you are updating or inserting to in the trigger, use OLD and NEW instead with SET instead of a subquery. If you are restoring a database from a backup, check that the backup does not contain mentions to the explicit database name (when restoring to a different database name).

Please remember: When creating an INSERT trigger you can only use the NEW variable, when creating an UPDATE trigger you can use OLD and NEW, and in a DELETE trigger you can only reference OLD.

A bug has been found in the system past couple of years have been really really hectic. Snowden leaked sensitive information, the Eurozone has on-going economic problems, the UK and USA are virtually police states, the NSA and GCHQ are spying on most internet users, there has been widespread protests across the world (Brazil, UK, USA, Siria, etc… “we are the 99%” anyone?). Just last week Glenn Greenwald was detained for 9 hours at Heathrow airport as being a “terrorism suspect”. What on earth is happening?

A bug has been found, or more like hundreds of bugs, and they have been unfixed, even though the issues have been raised.

Typically, socio-political changes occur on a massive scale. Democratic republics become dictatorships, whole countries become communist states, just to turn back a few decades later. When a government breaks down, a massive change is sure to ensue.

So why don’t we implement a system of incremental changes to prevent such breakdowns in the first place? Is it really so hard? 

Most large companies with web products have bug reporting systems or community forums. In some cases the community is involved in developing the changes that are required, which then get pushed to the main code repository. Ubuntu, Google Chrome (Chromium), WordPress, Eclipse, OpenOffice, Android, and others are examples of this. Some other companies are very open to public opinion and offer bug trackers or forums to track issues, for example: Github, MySQL, etc.

Some companies out there lack an effective means of communication, or don’t really care about what the majority of their customers think. Example: Microsoft. They screw up one version of windows, then they listen to feedback and produce a good version, then they think they can handle it from there and produce an aweful version, recognise their fault and open their channels again, and so on.

Another example is Facebook. They keep pushing unnecessary UI updates to their users, who are very pissed off. They want the core part of the UI to remain as-is. If it is not broken, don’t fix it.

Quite a few governments seem to take this stance as a philosophy: We know what is right, let’s fake some listening on our behalf but keep pushing our changes. They are not listening, and it has been backfiring on them these past few years.

The world changes fast, our societies change fast, why can’t the government change fast as well? If I was in charge, the first thing I would do would be to open-source the tax laws, the constitution, and other important legal documents. Why? The people know what is best: The majority will vote, the best ideas will be upvoted, releases can be scheduled on a yearly or bi-yearly basis, ensuring everything is kept up-to-date.

Is it really so hard to say you are a democracy and really be a democracy?

How to develop good software

As a software developer, I’ve come across many horrors in coding over the years. It’s no secret that most developers code things fast and ugly to get stuff out the door. But something strange happened to me recently; I think I am finally becoming a better coder.

I’ve been developing an ERP/MRP/CRM by myself for the past 3+ years and I’m finally reaching the release date. I’ve been testing the product with two clients for the past year, and naturally, many bugs have popped up out of nowhere, many features have been requested, and so on. You know… the typical software development cycle plagued with inadequacies.

However, I’ve finally learned a valuable piece of information I’d like to share:

Features, not rules.

I went in with a bunch of rules for the last meeting I had with my clients. They had to follow these rules to use the new features in my system correctly. They needed to follow certain processes in an orderly manner, they needed to avoid placing certain characters at the start of some files, they needed to use the correct extensions, they needed to avoid using certain half-baked process, they needed to process files at the end of the month and not in-between, etc.

Naturally, they were a bit taken aback. They are not computer-savvy, and they have a hard time grasping new things. “Why?” kept comming up all the time. I tried to explain that this is natural in a system so big, there are certain rules you must learn to avoid entering bad data, or messing up parts of the system, etc.

Halfway through the training I realised I was doing things the wrong way. Whenever you have to write down more than 3 rules for a process, it is almost always better to make the system handle all possible exceptions instead, and inform the user appropriately when they have made a mistake. It is easy to do this with forms for example, you write down some regex rules (or use JQuery Validate), you add extra back-end validation, you use a “form/validation” class, etc. However, when the processing takes place in the back-end (e.g. a file parser that changes content in the database), it is easy to expect too much of the users.

I left the meeting with all the rules I had written down scratched out and a page full of tasks to be performed.

I think it is vital for us to embrace this. A system must be able to handle anything thrown at it, it must be able to validate incorrect data, file extensions, and any other exception you may think of. It seems natural, most of you are thinking “this is so obvious, why write a blog post about it?”. Why? Well, because I keep seeing these kinds of mistakes all over the place. I’m sure many developers out there still think “oh, I’ll just explain the user how to do it”. Then you get a ton of calls of users asking why this or that is not working, and you have to explain that there is a certain process to be followed.

The answer is simple: Think before you code, and make whatever you code “think”.

On political parties and why they should not exist

I was quite amused by a G+ post written by Google co-founder Sergey Brin today, which in summary, says the following:

I must confess, I am dreading today’s elections. Not because of who might win or lose. But because no matter what the outcome, our government will still be a giant bonfire of partisanship.

In fact, I have thought the same for some time now. Just before the Mexican elections, I had a long debate with an ex-friend of mine about this. We talked about how there should be no political parties, but instead, individuals backed by people with similar thoughts, where they aim to change the country following X or Y strategy, without naming themselves as “conservatives” or “liberals”, but rather as politicians with X or Y views. He strongly disagreed, to the point of ending our friendship because instead of analysing and debating this rationally, he was stubborn and single-minded.

In my view, you shouldn’t divide the political system into two bands. There is always scope for one person to believe in some things from one side, and some things from the other. I believe it shouldn’t be about “the way the party does things”, but instead, more about “what will benefit the country the most”.

This article, published today on TechCrunch, briefly talks about this:

“No free country has ever been without parties, which are a natural offspring of freedom,” wrote James Madison.

Of course, I believe this is absolute rubbish. Political parties are not natural offspring of freedom. Freedom is one thing, political parties are another. Whilst siding yourself with a political party can be considered freedom of choice, the choices made by political parties are often single-minded unilateral decisions which lack freedom of thought, as they are constrained within boundaries imposed by the political parties’ belief system.

The article furthermore offers the following possible solution:

One popular, if contentious, solution to bitter partisanship is a multi-party system, where multiple groups are constantly forging new alliances based on specific issues, rather than a constant zero-sum tug-of-war where each party has the same enemy on every problem.

However, I digress. A multi-party system will lead towards more confusion.

So what do we need?

What we need are intelligent, knowledgeable, enthusiastic people, who put their country before their set of beliefs, to put together a group of people with similar beliefs that will back this person, economically, emotionally and whole-heartedly, so that this person may get into office. This person would not be part of a political party, but instead, would propose a plan, establishing feasible time-lines, whilst adhering to a set of rules that would govern his/her time in office (apart from the constitution, of course).

This would also make voting much simpler of course. Don’t think left-right politics. Think alignment to values and proposals. Voting could be separated into three stages. The first stage would consist of a questionnaire, where you answer yes/no to a set of questions concerning the country, society, economy, education, business, war, and a few other factors. This questionnaire would give you a list of three candidates (and their backing groups) that fit the answers the best. The second stage would consist of an analysis of the available options, studying the background, the plan, and the ideas of each candidate. The third stage would be the actual voting process as we know it: Select a candidate, vote.

Of course, this can’t work without guarantees. Each candidate would have to guarantee that the plan will be followed, and if catastrophic misalignment of the plan ensues, that person would leave office and a new voting poll would take place.

Of course these are just a few ideas I’ve been thinking about for a while now. Implementing these may be next-to-impossible, considering the system we currently have, and the rate it takes to ‘commit new changes’. Nonetheless, I believe it would bring forth a better system.

What say thee?