So... I want to ensure that all computers on my home network are able to access anything which uses IPv6. This guide explains how to go about setting up a full IPv6-enabled network using an EdgeRouter with an ISP which does not support native IPv6 and provides dynamic IP addresses.

Get an IPv6 tunnel

The first thing you need to do is head over to the TunnelBroker.net site and signup for an account and request a new tunnel.

1. Goto the site
2. Create an account or login with one if you already have one
3. Select Create Regular Tunnel
4. Enter your current IPv4 IP address in the IPv4 Endpoint field and select the location closest to your physical address.
5. Once you have created the tunnel, you'll be given a number of IP addresses and network addresses.

Creating the tunnel

Now you need to add this tunnel to your EdgeRouter. Login to your EdgeRouter using SSH and execute the following commands.Login to your EdgeRouter using SSH.

configure  
set interfaces tunnel tun0 description "HE IPv6 Tunnel"  
set interfaces tunnel tun0 encapsulation sit  
set interfaces tunnel tun0 local-ip 0.0.0.0  
set interfaces tunnel tun0 remote-ip [SERVER IPv4 ADDRESS]  
set interfaces tunnel tun0 address [CLIENT IPv6 ADDERSS]  

Next, you need to configure a default route which will send all IPv6 traffic down over the new tunnel.

set protocols static interface-route6 ::/0 next-hop-interface tun0  

You can now commit and save this configuration and give it a quick test.

commit  
save  
exit  
ping6 google.com  
> PING google.com(2a00:1450:4009:80a::2000) 56 data bytes
> 64 bytes from 2a00:1450:4009:80a::2000: icmp_seq=1 ttl=58 time=19.3 ms
> 64 bytes from 2a00:1450:4009:80a::2000: icmp_seq=2 ttl=58 time=10.4 ms

Although this is all working great, HE is sending your traffic to the IP address you entered when you created the tunnel. If this changes (i.e. you disconnect and reconnect to your ISP), your IPv6 tunnel will cease working. To resolve this, HE provides a Dynamic DNS endpoint which will receive your IP each time you connect and updates your tunnel configuration as appropriate.

Let's set that up. To start, you'll need to get some information from the tunnel broker site.

• Your Update key - this can be found on the advanced tab of your tunnel settings page.
• Your tunnel hostname - you can find this on the main page in the list of all the tunnels you have configured. It'll look something like this username-1.tunnel.tserv1.lon2.ipv6.he.net.

Run the following commands and replace pppoe0 with the name of your external interface.

configure  
edit service dns dynamic interface pppoe0  
set service dyndns host-name [TUNNEL HOSTNAME]  
set service dyndns login [TUNNELBROKER.NET USERNAME]  
set service dyndns password [UPDATE KEY]  
set service dyndns server ipv4.tunnelbroker.net  
top  
commit  
save  
exit  

You can check on the status of this at anytime using:

show dns dynamic status  
> interface    : pppoe0
> ip address   : 146.200.56.42
> host-name    : adamcooke-1.tunnel.tserv1.lon2.ipv6.he.net
> last update  : Sat Jan 10 13:40:25 2015
> update-status: good

Although the EdgeRouter can now connect to IPv6 hosts, none of the other computers on your network are able to do this yet.

Configuring a firewall

Unless you want all your clients to be available publically (you probably don't), you'll need to configure an IPv6 firewall.

Firstly, you need to create the firewall itself. In this example, we'll drop everything except existing connections.

configure  
edit firewall ipv6-name home-ipv6  
set default-action drop  
set rule 10 action accept  
set rule 10 state established enable  
set rule 10 state related enable  
top  

Next, we need to associate this new firewall with our interfaces. I'm assuming that eth0 is the interface which connects to your local network.

set interfaces ethernet eth0 firewall out ipv6-name home-ipv6  
commit  
save  

You're now protected. If you need to allow certain hosts, you can do this by adding new rules to the home-ipv6 firewall.

Connecting clients

When we created our tunnel, we were allocated a /64 subnet (the "Routed /64"). This is the subnet which clients on your network will have IP addresses in. For example, my home network is 2001:470:1f1d:5::/64.

To begin, we need to allocate an address from this range to our router. Run the command below to add the address. Note that I have added 1 just before the /64.

set interfaces ethernet eth0 address 2001:470:1f1d:5::1/64  

In order for your clients to connect they need to have their own IPv6 address. Unlike IPv4, the most common way to connect client machines to an IPv6 network is to allow them to choose their own address based on their MAC address. In order for them to do this, we need to tell them things like the router address and what DNS servers to use. This is known as a router advertisement.

edit interfaces ethernet eth0 ipv6  
set router-advert prefix [YOUR ROUTED /64]  
set router-advert radvd-options "RDNSS [YOUR ROUTER IPV6 ADDRESS] {};"  
top  
commit  
save  

Testing

Everything should now be working and the clients on your network should start having IPv6 addresses as well as IPv4 ones.

You can do some testing to ensure things are working for you. Here's a few commands which I use to test different aspects of the IPv6 connection.

Testing connectivity with ping

ping6 google.com  
> PING6(56=40+8+8 bytes) 2a00:1450:4009:80b::2000
> 16 bytes from 2a00:1450:4009:80b::2000, icmp_seq=0 hlim=57 time=16.416 ms
> 16 bytes from 2a00:1450:4009:80b::2000, icmp_seq=1 hlim=57 time=15.939 ms

Testing DNS

This command will return information about google.com. The -6 flag means that it will only use IPv6 to perform the lookups.

host -6 google.com  

Another fun command to try is this.... this will lookup a DNS name and output the full trace of how it was located. You should be able to see that each step of the trace is resolved by an IPv6-enabled nameserver.

dig -6 +trace atechmedia.com  

Next steps

• Ensure that any websites you run have are enabled for IPv6.
• Take the HE.net IPv6 certification to help improve your knowledge of IPv6.
• Install a plugin in your browser so you can see whether a site is using IPv6 or not.

It's a very simple recipe and only takes a few minutes to knock up and the end result is delicious.

Ingredients

• 600ml double cream
• ~350ml condensed milk (a whole tin)
• 6 Cadbury Crunchie Bars
• 2tsp of vanilla extract

Method

1. Chop up the Crunchie bars into small pieces. While doing this, keep hold of as much of the "dust" as possible.
2. Whip the double cream until it is the thickness of a thickish custard.
3. Fold in the condensed milk.
4. Add the chopped up crunchie bars.
5. Place the contents in a container and place in the freezer until frozen hard.
6. Enjoy.

This in itself isn't a particularily challenging issue for tech companies to deal with, however reliability determining the VAT rate for a country is slightly tricky. Unfortunately, there's no provided API which contains the VAT rates for countries therefore I have quickly knocked together a quick services which returns the VAT rates for every EU member country.

This can be accessed free of charge at jsonvat.com and the data which is served can be found in this GitHub repository.

Here's some lovely example JSON:

{
  "details":"http://github.com/adamcooke/vat-rates",
  "rates":[
    {
      "name":"Italy",
      "code":"IT",
      "periods":[
        {
          "effective_from":"0000-01-01",
          "rates":{
            "super_reduced":4.0,
            "reduced":10.0,
            "standard":22.0
          }
        }
      ]
    },
    [.... more countries here ....]
    {
      "name":"Greece",
      "code":"EL",
      "periods":[
        {
          "effective_from":"0000-01-01",
          "rates":{
            "reduced1":6.5,
            "reduced2":13.0,
            "standard":23.0
          }
        }
      ]
    }
  ]
}

While I will try to keep the data in the repository up to date, please do feel free to share this post and encourage others to submit pull requests when new VAT rates are announced. As I'm in the UK, I'll be on top of the UK changes.

Documentation is a Rails engine which provides a complete system for managing a set of hierarchical documentation. Once installed in an application, you'll have a complete user interface for viewing as well as editing a set of markdown pages.

I'm already using this myself in a couple of places including the Viaduct docs and the new Sirportly docs.

Full documentation about how to get started can be found on GitHub and in the repo.

This assumes you're on a clean Ubuntu installation but it should perfectly well on an existing machine too.

Install Prerequsites & Development Libraries

apt-get update  
apt-get install  openssl libssl-dev libcurl4-openssl-dev \  
  zlib1g zlib1g-dev libsasl2-dev libncurses5-dev \
  libreadline-dev libxml2-dev python python-setuptools \
  libxslt-dev build-essential

Download, Compile & Install Ruby

cd /tmp  
wget http://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.2.tar.gz  
tar zxvf ruby-2.1.2.tar.gz  
cd ruby-2.1.2  
./configure --disable-install-rdoc
make -j4  
make install  
cd /tmp  
rm -Rf ruby-2.1.2*  

Install Bundler

gem install bundler --no-ri --no-rdoc  

Use Ruby

$ ruby -v
  ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux]

However, one of the key issues is that it is nessessary to run gulp in the background when working on the application. The OCD part of me makes me feel very dirty and I do often forget to run it which leads to frustration.

Introducing gulp_rails

gulp_rails is a tiny gem which sits in your Rails request cycle and runs your gulp commands automatically on each request. This now avoids the need to run any other commands other than your normal rails server when working on a application - neat, huh?

Check it out on GitHub. Also be sure to read the README as there's a bit of useful information about how to optimise your Gulpfile.js for maximum performance.

As you can see, getting started with Shoppe is really easy!

The Apple Push Notification Service

The Apple Push Notification Service (or APNS for short) is a service provided by Apple to iOS developers to enable them to send notifications to any iOS device which has installed their application. In order to do this, your service-side application must open a secure connection to the APNS service and send any notifications in binary across this persistent connection. Unfortunately, many developers are unfamiliar with this technology and more happy working with HTTP APIs. There is also the additional overhead of worrying about maintaining persistent connections to Apple to avoid being blacklisted for repeated re-connections.

Introducing APNS Proxy...

The APNS proxy is an open source Rails application which handles all the connections to the APNS service and allows you to send your notifications to a familiar HTTP endpoint. Other key features include:

• A nice web-based admin interface for managing your service & monitoring the sending of your notifications
• Monitoring of the Apple Feedback channels to ensure that devices which uninstall your application are no longer delivered notifications.
• Ability to support multiple applications with multiple environments and authentication keys.

How can I use it?

Full documentation about using the APNS Proxy is provided within the repository's README. This includes information about installing the server software and using the API to deliver notifications to it.

It's pretty simple to get started. It only took a few seconds for me to deploy a new instances for my own use to Viaduct.

Sending notifications to APNS Proxy from Ruby

I've also made APNS Client which is a Ruby library which can send messages to your APNS Proxy server. Once you've installed this, sending a notification from a Ruby application is as simple as this:

require 'apns'

# Create a client object
client = APNS::Client.new('https://apns.company.com', auth_key)

# Make a notification
notification = APNS::Notification.new  
notification.alert_body = 'Hello World!'

# Send the notification to the device token
client.notify(device_token, notification)  

Converting your P12 and CER files to a suitable format

If you follow Apple guidance and create a private key using Keychain Access, you'll be presented with a P12 private key file. You will also have a CER file from Apple once you have uploaded your signing request. The APNS Proxy service needs these keys to be provided in PEM format.

To help with this conversion, I've made a small command line utility called apns-key-convert which takes your two key files and spits out a PEM file which you can just upload into the appropriate APNS Proxy environment.

The first of these gems is how to set the top border colour of a UINavBar element.

By default, iOS includes a grey bar at the top of the bar itself. This line is actually outside the UINavBar view and not easily configurable using Interface Builder. In order to change this bar, you must create a new layer within the bar and hide the default border.

Firstly, you'll need to connect your UITabBar up to a view controller as an IBAction. In this example, I have called it tabBar.

In order to hide the system border, I have found that it's usually enough to simply set the clipsToBounds property on the tab bar to true.

self.tabBar.clipsToBounds = YES;  

Introducing Dial 9 Mobile

Dial 9 Mobile is a SIM card which you can put into any mobile and your phone will work in exactly the same way as the phone on your desk.

• Make and receive calls.
• Make and receive calls from other extensions.
• Send & receive text messages.
• If your mobile is part of a call group, it will ring just like all the other phones.
• Voicemail is available when your phone is out of range or turned off.
• Calls can be recorded just like all other extensions.
• Route any numbers directly to your mobile.

We've still got a bit of work to do our end to establish exactly how much it will cost and how it will be billed. We currently expect to charge a line rental of around £4/month and an additional 2p/minute for all calls made/to from your mobile on top of any existing call charges.

Viaduct is an application hosting platform with a difference and I'm so excited to get it out there! If you haven't already go and check out the website and/or intro blog post to get an idea of what we're trying to achieve.

This is the biggest new venture I have taken on since I started aTech Media back in 2004. It's all very exciting (and daunting) at the moment and there's loads going on behind the scenes. At the moment, we're busy working on the management and orchestration platform behind it all as well as making some big decisions about hardware. Fortunately, having worked closely with some big players in the cloud hosting world, we've got many years of experience working with virtualisation, application hosting & networks so we have a very firm understanding of the technologies involved and our requirements.

What does this mean for me for 2014? While my main focus going forward will be Viaduct, I'm not abandoned my other commitments. Fortunately, I have an excellent team at aTech and they will continue to develop & support these other projects as well as contributing heavily to Viaduct. Physically, I'm not going anywhere, so I'll still be in Poole and working from our office.

What's your role with Viaduct? To begin with, I will continue to lead development & design alongside handling all the day-to-day management & marketing responsibilities. As the time progresses, I will be able to shed some development responsibilities to the rest of the team and focus on the business side of things. As usual, Charlie is on-board too and between us we'll implement our new network & server architecture.

So... with all that said... it's time for me to get back to working on our internal API for the Viaduct orchestration suite!

I recently came by a EdgeRouter Lite from Ubiquiti Networks and we use one of these as our main office gateway/router. In the past we have just used a Linux box but the EdgeRouter is less power-hungry and easily fits into our data cabinets.

Before I get into the details of how we have this router configured, the list below outlines our key requirements from our network.

• Three seperate networks:
  • Our main office network used by staff workstations, VoIP phones etc...
  • A public network for guests to use with both wired & wireless access
  • An "access control" network which is used for our IP-connected access control system. Unfortunately, there's no security on the actual access control devices so a seperate firewalled network is a must.
• 2 PPPoE BT-provided FTTC connections (from Zen Internet). One used for public traffic and the other used just for our VPN.
• Ability to join our office network into our VPN - allowing us to connect to other networks (including our core networks in London).

Equipment Used

• The EdgeRouter Lite itself (here after referred to as the router).
• BT provided VDSL modems.
• We use two managed switches on the office which allow us to place any port in the office onto any VLAN we desire.
• Our wifi uses the Ubiquiti Unifi access points which support multiple SSIDs on different VLANs with a variety of security options. We have two SSIDs one for staff (using WPA2 Enterprise) and one for guests (WPA2-PSK).

VSDL Modems

The VSDL modems provided by BT allow you to simple connect to your ISP using PPPoE. Therefore, we placed each modem on its own dedicated VLAN which is only available to the router.

Router Interfaces

In order to configure the router, I am using the CLI interface which I love. The web interface provided by Ubiquiti seems to only include 20% of the actual functionality.

To begin I've set up our router with an interface on each of our networks. At present, it is just plugged into a single trunk port on a switch with the main office network untagged and the other VLANs tagged.

interfaces {  
    ethernet eth0 {
        address 10.0.2.1/24
        description Office
        vif 100 {
            address 10.0.3.1/24
            description Security
            mtu 1500
        }
        vif 101 {
            address 172.16.0.1/24
            description Guests
            mtu 1500
        }
        vif 201 {
            description "PPPoE Linknet #1"
            mtr 1500
        }
        vif 202 {
            description "PPPoE Linknet #2"
            mtu 1500
        }
      }
    loopback lo {
    }
}

In this configuration, you can see we have set up 5 networks. As there is only one connected physical interface, these virtual interfaces are all within the eth0 interface.

Of course, once you have made these changes, you will need to commit them on the router and any IP you were using for management may be removed.

PPPoE Configuration

Our PPPoE Configuration is pretty simple. The PPPoE configuration itself is placed on the vif for your PPPoE link network, as follows:

interfaces {  
    ethernet eth0 {
        vif 201 {
            description "PPPoE Linknet #1"
            mtu 1500
            pppoe 0 {
                default-route auto
                   firewall {
                    out {
                        modify pppoe-out
                    }
                }
                mtu 1492
                password *******
                user-id username@isp
            }
        }
    }
}

You will also notice the interface is set to use the pppoe-out firewall policy. This must also be created:

firewall {  
    modify pppoe-out {
        rule 1 {
            action modify
            modify {
                tcp-mss 1452
            }
            protocol tcp
            tcp {
                flags SYN
            }
        }
    }
}

This policy is configured to modify the size of TCP packets so they work with PPPoE connections. Read more about this here.

This is then repeated for vif 202 but using pppoe 1 rather than 0 and with different credentials. The other difference is that default-route is set to none as we don't want a default route for this connection.

In order to route our VPN traffic over the other PPPoE connection (pppoe1), we will create a static interface route which ensures the IP for our VPN will always go to that connection.

protocols {  
    static {
        interface-route x.x.x.x/32 {
            next-hop-interface pppoe1
        }
    }
}

Configurating NAT

Next up, you'll need to configure a NAT so that your local subnets have access to the internet over these connections. The following NAT rule will ensure that all traffic destined for pppoe0 will be "natted" as appropriate.

service {  
    nat {
        rule 5000 {
            description pppoe0-nat
            log disable
            outbound-interface pppoe0
            type masquerade
        }
    }
}

You should repeat these as rule 5001 for pppoe1 for the other connection (if you need it). In our case, we don't actually need to NAT the traffic to our VPN as only our router will be connecting to it.

DHCP Server

Assuming you don't want every user to manually configure their own IPs on your network, you'll need to configure the DHCP server. We only need to dynamically allocate addresses for our office & guest networks.

service {  
    dhcp-server {
        shared-network-name office {
            subnet 10.0.2.0/24 {
                default-router 10.0.2.1
                dns-server 8.8.8.8
                dns-server 141.1.1.1
                domain-name poole.atech.io
                start 10.0.2.10 {
                    stop 10.0.2.199
                }
            }
        }
    }
}

You should repeat the shared-network-name section for your public network and set it up to allocate addresses as appropriate. We just use a couple of public DNS servers as nameservers (Google and C&W in this case).

Mid-way testing

You can give all that a test now. Pop a computer onto one of your subnets and using ping and mtr to test you can access the sites you expect and that traffic is routed over the correct paths.

To look at the connected interfaces, just run show interfaces on your router's CLI.

ubnt@gateway:~$ show interfaces  
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down  
Interface    IP Address                S/L  Description  
---------    ----------                ---  -----------
eth0         10.0.2.1/24               u/u  Office  
eth0.100     10.0.3.1/24               u/u  Security  
eth0.101     172.16.0.1/24             u/u  Guests  
eth0.201     -                         u/u  PPPoE Link #1  
eth0.202     -                         u/u  PPPoE Link #2  
lo           127.0.0.1/8               u/u  
             ::1/128
pppoe0       123.123.123.123           u/u  
pppoe1       123.123.123.234           u/u  

You can also take a look at your routing table with show ip route.

ubnt@gateway:~$ show ip route  
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,  
       I - ISIS, B - BGP, > - selected route, * - FIB route

K>* 0.0.0.0/0 is directly connected, pppoe0  
C>* 10.0.3.0/24 is directly connected, eth0.100  
C>* 62.3.84.21/32 is directly connected, pppoe1  
C>* 62.3.84.25/32 is directly connected, pppoe0  
C>* 127.0.0.0/8 is directly connected, lo  
C>* 172.16.0.0/24 is directly connected, eth0.101  
S>* xxx.xxx.xxx.xxx/32 [1/0] is directly connected, pppoe1  

The final route in the example output is the static route you provided for your VPN connection on pppoe1.

Setting up OpenVPN

This isn't a blog post about the specifics of OpenVPN but I will explain where to put your configuration files and how to make the router connect to it.

I have placed my OpenVPN configuration files into /config/auth/ovpn* on the router. I have 4 files:

• ovpn.conf - a standard OpenVPN client configuration file
• ovpn-ca.crt - the OpenVPN CA certificate
• ovpn-client.crt - the OpenVPN client certificate
• ovpn-client.key - the OpenVPN client private key

Once you have put these in place, you should tell the router you've done that with:

interfaces {  
    openvpn vtun0 {
        config-file /config/auth/ovpn.conf
    }
}

You can configure OpenVPN itself in the openvpn configuration above but as I already had configuration files, it was quicker to do this for me.

Once you have committed these changes, you should find that your VPN connects and your show interfaces includes a new interface for your VPN connection.

tap0         10.0.5.4/24               u/D  

If your OpenVPN server also provides you with routes, you will find that show ip route includes these routes along with a "connected" route for your VPN client subnet.

K>* 10.0.0.0/16 via 10.0.5.1, tap0  
C>* 10.0.5.0/24 is directly connected, tap0  
K>* 185.22.208.0/22 via 10.0.5.1, tap0  

Fixing the Guest Network

Unfortunately, at this point we have a bit an issue with our Guest network. While it can access most of the internet, it will not have access to anything which is routed over the VPN connection. This is because our core network routers know how to route 10.0.2.0/24 back to our office over the VPN but has no idea about the 172.16.0.0/24 network used for the guest network.

We don't want our guests to access to our network over the VPN so we need to use policy based routed to route traffic different based on its source IP. Fortunately, this is pretty simple. Firstly, we need to create a new routing table for the public network which sends everything over pppoe0.

protocols {  
    static {
        table 101 {
            interface-route 0.0.0.0/0 {
                next-hop-interface pppoe0
            }
        }
    }
}

Next, we need to create a firewall policy to route traffic from 172.16.0.0/24 to this new routing table.

firewall {  
    modify public-traffic {
        rule 10 {
            modify {
                table 101
            }
            source {
                address 172.16.0.0/24
            }
        }
    }
}

Finally, we need to set up our public interface on the router eth0 vif 101 to use this policy.

interfaces {  
    ethernet eth0 {
        vif 101 {
            in {
                modify public-traffic
            }
        }
    }
}

Securing the access control network

We don't want anyone (except our access control server) accessing the access control network so we need to add a firewall policy for this.

firewall {  
    name security {
        default-action drop
        rule 1 {
            action accept
            description "Allow Management Server"
            destination {
                address 10.0.3.0/24
            }
            log disable
            protocol all
            source {
                address xxx.xxx.xxx.xxx
            }
        }
    }
}

As above, this policy needs to be applied to the security interface.

interfaces {  
    ethernet eth0 {
        vif 100 {
            out {
                name security
            }
        }
    }
}

Finishing up

That's pretty much all there is to it. There are a couple of other bits which I haven't documented like IPv6 tunnelling over our VPN and DHCP settings for the Unifi APs.

All in all, the EdgeRouter is a powerful bit of kit and I would recommend them for any office-based situation. The software itself seems to be based on Vyatta who have an excellent reputation for routing. I look forward to having a look at their more professional equipment in the future!

At the time, we received quite a lot of interest from other designers & developers and, the SaaS market was tiny compared to today. Frameworks were much less advanced and creating applications was a slow and labourious process. It certainly shows here!

Desklamp was originally written in PHP and later converted to Ruby on Rails. I recently came across the original PHP code and an associated screencast. I thought it would be fun to share both!

This screencast shows some of the little UI enhancements which existed - inline editting, confirmation dialogs, validation errors etc... I'm actually very proud of the design & the experience . I wish I could say the same about the code! I haven't looked at it in too much detail but if I wrote actual MySQL queries in my views today, I would be hung, drawn and quartered.

Here's a few screenshots from the application and it's associated marketing website:

However, for one reason and other, I have ended up with domains split across two Gandi accounts so I wanted to transfer them into the same account. A simple task, you'd think?

Firstly, I try to do this in the web interface, but it's not possible there. So, I emailed support and asked and was told a crazy and ridciculous procedure:

• Complete a form signed by both new & old owners and return to them by fax or post. Despite it being 2013, they cannot accept these by e-mail.

• Topup the receiving account with the full registration amount for the domains. Therefore they are asking me to re-buy domains which I have already paid for. I'm told "this is the charge to move the domain". I wouldn't object to this so much if the domain was renewed at the point of transfer but I have no reason to think it will be.

All of this, for a simple:

UPDATE domains SET user_id = 'NEWID' WHERE domain = 'mydomain.io';  

Am I being unresonable in expecting these simple moves to other accounts to be free and a simple process?

I looked at a number of potential solutions, ranging from Spree & Magento to hosted solutions like Shopify but I couldn't really find anythign which met my needs and I was happy with using.

I then decided to quickly build something in Rails and Shoppe was born. I originally was planning to just build something for the Dial 9 shop but was pursuaded to build it as an engine which can be plugged into any Rails application to expose a wealth of e-commerce functionality.

Shoppe is a full Ruby on Rails engine which provides all the models needed to accept orders through a checkout process, integrate with any payment processor as well as having a beautiful user interface for managing products & orders.

It's a completely open source project released under the MIT licence. It has a lovely little website and some excellent documentation to help anyone get started.

Check out the demo to see an example frontend store and access the backend Shoppe interface.

So... if you're looking for some e-commerce platform, why not take a look at Shoppe?