Skip to content

Commit

Permalink
fix(blog): fix broken and HTTP links
Browse files Browse the repository at this point in the history
  • Loading branch information
azasypkin committed Oct 14, 2023
1 parent aba9c61 commit 54eb827
Showing 10 changed files with 19 additions and 19 deletions.
4 changes: 2 additions & 2 deletions blog/2023-05-25-technology-stack-overview.md
Original file line number Diff line number Diff line change
@@ -61,7 +61,7 @@ To accomplish this, instead of relying on SQLite's built-in full-text search cap

When it comes to testing in Rust, there's not much to say except that it's a breeze! Writing tests in Rust is straightforward, thanks to the built-in testing framework provided by the language. Most of the time, running `cargo test` is all you need to validate your code.

However, I'd like to highlight a fantastic testing library called [**Insta**](https://crates.io/crates/insta). Insta is a snapshot testing library for Rust that brings the power of snapshot testing, similar to Jest, to the Rust ecosystem. If you're familiar with Jest snapshot testing, you'll appreciate how useful snapshots can be in unit tests.
However, I'd like to highlight a fantastic testing library called [**Insta**](https://github.com/mitsuhiko/insta). Insta is a snapshot testing library for Rust that brings the power of snapshot testing, similar to Jest, to the Rust ecosystem. If you're familiar with Jest snapshot testing, you'll appreciate how useful snapshots can be in unit tests.

## Frontend

@@ -75,7 +75,7 @@ Both React and Parcel, a zero-configuration build tool, offer excellent support

### Web UI Framework

With the abundance of Web UI frameworks available today, I wanted to make a practical choice that would allow me to leverage my existing knowledge and meet the specific requirements of Secutils.dev. Rather than investing time in learning a new framework, I decided to work with a framework that I was already familiar with and confident would suit my needs: [**Elastic UI**](https://elastic.github.io/eui).
With the abundance of Web UI frameworks available today, I wanted to make a practical choice that would allow me to leverage my existing knowledge and meet the specific requirements of Secutils.dev. Rather than investing time in learning a new framework, I decided to work with a framework that I was already familiar with and confident would suit my needs: [**Elastic UI**](https://eui.elastic.co/).

It's worth mentioning that I have a personal connection to Elastic UI as I work for Elastic and know the team behind the framework. This familiarity gives me an added level of confidence in its capabilities and reliability.

10 changes: 5 additions & 5 deletions blog/2023-05-28-deployment-overview.md
Original file line number Diff line number Diff line change
@@ -36,7 +36,7 @@ All components of Secutils.dev have their own distinct scope and evolve independ

Most of the components, except for the API server, primarily serve static resources and do not require significant computing power. These components can be effectively delegated to content delivery networks (CDNs) to enhance performance and scalability. On the other hand, the API server may need more flexible scaling mechanisms to handle potential increases in demand (🤞).

Given that I was already managing a self-hosted Kubernetes cluster in Oracle Cloud (which I will discuss in more detail in one of my next posts), I decided to deploy the Secutils.dev components as [**separate Kubernetes pods**](https://kubernetes.io/docs/concepts/workloads/pods). This allows for efficient traffic routing using Traefik Ingress rules, ensuring that requests are directed to the appropriate pods based on the URL:
Given that I was already managing a self-hosted Kubernetes cluster in Oracle Cloud (which I will discuss in more detail in one of my next posts), I decided to deploy the Secutils.dev components as [**separate Kubernetes pods**](https://kubernetes.io/docs/concepts/workloads/pods/). This allows for efficient traffic routing using Traefik Ingress rules, ensuring that requests are directed to the appropriate pods based on the URL:

```yaml
apiVersion: traefik.containo.us/v1alpha1
@@ -58,11 +58,11 @@ spec:
port: 7373
```
For more details on Traefik Ingress rules, you can refer to the [**official documentation**](https://doc.traefik.io/traefik/providers/kubernetes-ingress).
For more details on Traefik Ingress rules, you can refer to the [**official documentation**](https://doc.traefik.io/traefik/providers/kubernetes-ingress/).
To automate the issuance and renewal of TLS certificates for the `secutils.dev` domain name, I utilize [**Traefik along with Let's Encrypt**](https://doc.traefik.io/traefik/https/acme). The use of TLS certificates is essential, especially for the `.dev` top-level domain, which is included on the [**HSTS preload list**](https://get.dev). This list mandates that all connections to `.dev` websites be made over HTTPS. By leveraging Traefik, I can ensure that the TLS certificates are automatically managed and renewed, eliminating the risk of overlooking the certificate renewal.
To automate the issuance and renewal of TLS certificates for the `secutils.dev` domain name, I utilize [**Traefik along with Let's Encrypt**](https://doc.traefik.io/traefik/https/acme/). The use of TLS certificates is essential, especially for the `.dev` top-level domain, which is included on the [**HSTS preload list**](https://get.dev). This list mandates that all connections to `.dev` websites be made over HTTPS. By leveraging Traefik, I can ensure that the TLS certificates are automatically managed and renewed, eliminating the risk of overlooking the certificate renewal.

Each component of Secutils.dev has its own Git repository, and within each repository, there is a `Dockerfile` provided. These files are used to build Docker images that are subsequently deployed to the Kubernetes cluster. To optimize the size and efficiency of the Docker images, I employ [**multi-stage builds**](https://docs.docker.com/build/building/multi-stage). This approach allows me to include only the necessary dependencies and artifacts in the final image, resulting in a lightweight and efficient container. You can find an example of this approach in the [**Web UI `Dockerfile`**](https://github.com/secutils-dev/secutils-webui/blob/main/Dockerfile) of the Secutils.dev project:
Each component of Secutils.dev has its own Git repository, and within each repository, there is a `Dockerfile` provided. These files are used to build Docker images that are subsequently deployed to the Kubernetes cluster. To optimize the size and efficiency of the Docker images, I employ [**multi-stage builds**](https://docs.docker.com/build/building/multi-stage/). This approach allows me to include only the necessary dependencies and artifacts in the final image, resulting in a lightweight and efficient container. You can find an example of this approach in the [**Web UI `Dockerfile`**](https://github.com/secutils-dev/secutils-webui/blob/main/Dockerfile) of the Secutils.dev project:

```docker
# syntax=docker/dockerfile:1
@@ -77,7 +77,7 @@ COPY ["./config/nginx.conf", "/etc/nginx/conf.d/default.conf"]

For components that serve pre-built static assets, I opt for the NGINX Alpine Linux image as the base image. NGINX is well-known for its speed and configurability, and its Alpine Docker image is lightweight. In each component's repository, you can find the NGINX configuration file ([**example here**](https://github.com/secutils-dev/secutils-webui/blob/main/config/nginx.conf)) that includes settings for Content Security Policy (CSP), compression, and additional routing configurations.

When preparing to deploy a new version to the production environment, I follow a specific process. Initially, I push the changes to a dedicated "dev" environment to perform a quick smoke test. While Kubernetes simplifies managing multiple environments, I acknowledge that the manual deployment process can be somewhat inefficient. To address this, I am currently exploring the use of [**Argo CD**](https://argo-cd.readthedocs.io/en/stable) to automate the continuous deployment process for the dev environment.
When preparing to deploy a new version to the production environment, I follow a specific process. Initially, I push the changes to a dedicated "dev" environment to perform a quick smoke test. While Kubernetes simplifies managing multiple environments, I acknowledge that the manual deployment process can be somewhat inefficient. To address this, I am currently exploring the use of [**Argo CD**](https://argo-cd.readthedocs.io/en/stable/) to automate the continuous deployment process for the dev environment.

Although deploying to Kubernetes may seem complex initially, it offers significant advantages in terms of deployment control, orchestration, and scalability. In this post, I had to omit some of the finer details to maintain readability. However, if you have any specific questions about the deployment of Secutils.dev, please feel free to leave a comment, and I'll be more than happy to provide detailed answers and insights!

Original file line number Diff line number Diff line change
@@ -46,7 +46,7 @@ To minimize build times, I make extensive use of Cargo and `npm` caches between

**Cost:** 0€ / month

**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud)
**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud/)

As I discussed in my previous post, [**Technology stack overview**](/blog/2023-05-25-technology-stack-overview.md), Secutils.dev comprises various components built on different technologies, each with its own resource requirements. When it came to choosing a hosting solution, I found Kubernetes to be the most suitable tool for the job.

@@ -87,7 +87,7 @@ I want to highlight that once Secutils.dev becomes profitable, supporting the sm

**Cost:** 0€ / month

**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud)
**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud/)

No matter what type of product you're building, you will likely need to handle sensitive information and secrets such as master keys, API keys for third-party integrations, and passwords. Storing these secrets in private Git repositories is not recommended, and it's generally preferred to use a secure vault solution.

@@ -105,7 +105,7 @@ Gone are the days when you were required to pay for TLS certificates for your we

**Cost:** 0€ / month

**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud)
**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud/)

At the current stage of Secutils.dev, the storage requirements are minimal, and the 200 GB of block volume storage included in the [**Oracle Cloud Free Tier**](https://www.oracle.com/cloud/free/#always-free) is more than sufficient.

@@ -115,7 +115,7 @@ Additionally, the free tier includes 20 GB of Object Storage, which I utilize fo

**Cost:** 0€ / month

**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud) and [**Zoho**](https://www.zoho.com/mail/zohomail-pricing.html)
**Vendor:** [**Oracle (Oracle Cloud Infrastructure)**](https://www.oracle.com/cloud/) and [**Zoho**](https://www.zoho.com/mail/zohomail-pricing.html)

Within the [**Oracle Cloud Free Tier**](https://www.oracle.com/cloud/free/#always-free), an Email Delivery Service is available, allowing me to send up to 3000 emails per day for free. While I don't currently send a significant number of transactional emails to Secutils.dev users, it's great to have such a tool at my disposal.

2 changes: 1 addition & 1 deletion blog/2023-06-13-project-finances.md
Original file line number Diff line number Diff line change
@@ -14,7 +14,7 @@ Just a short update this time, as I was busy preparing my tax return and rebalan

When you're bootstrapping a product alone, it's crucial to be mindful of your money, spending habits, and investments. If the costs associated with developing and running a pre-revenue product don't deplete your personal funds to the extent that it affects your lifestyle, then you gain an additional and essential degree of freedom — the freedom to choose what to work on, with whom, and when. It also has long-term benefits for your physical and mental health, as it minimizes the ambient stress associated with financial matters.

If you've read my [“Running micro-SaaS for less than 1€ a month”](https://secutils.dev/docs/blog/running-micro-saas-for-less-than-one-euro-a-month) post, you know that the current cost of running [Secutils.dev](http://secutils.dev/) is negligible (ignoring my time and energy). However, if the need to scale arises or if I suddenly have to pay for all the tools and infrastructure I currently use for free, I can do so without any issues. Even though I planned out the budget for running Secutils.dev long before I started pouring my time and energy into it, I still relentlessly strive to keep costs as low as possible.
If you've read my [“Running micro-SaaS for less than 1€ a month”](https://secutils.dev/docs/blog/running-micro-saas-for-less-than-one-euro-a-month) post, you know that the current cost of running [Secutils.dev](https://secutils.dev/) is negligible (ignoring my time and energy). However, if the need to scale arises or if I suddenly have to pay for all the tools and infrastructure I currently use for free, I can do so without any issues. Even though I planned out the budget for running Secutils.dev long before I started pouring my time and energy into it, I still relentlessly strive to keep costs as low as possible.

In fact, I have a dedicated "Bootstrapping" portfolio separate from my main portfolio to support my side projects and ideas. This portfolio consists of a few ETFs, growth stocks, value dividend-yielding stocks, and even a small allocation to crypto. It's not risk-free, but then again, nothing ever is. Building a portfolio is just half the battle, the other half is understanding and maintaining it over time. Here's a fun fact: I even created [a free tool called AZbyte](https://www.reddit.com/r/ETFs_Europe/comments/q6eqzm/azbyte_a_free_tool_to_analyze_and_compare_etf/) at some point to analyze my portfolio.

2 changes: 1 addition & 1 deletion blog/2023-06-15-q2-2023-update-resources-tracker.md
Original file line number Diff line number Diff line change
@@ -22,7 +22,7 @@ Whether the underlying reason is a targeted attack or just a broken build, you d

I hope it's clear now how automated web resource tracking can be useful to developers. But if you're a security researcher, you can benefit from it too. If you focus on discovering and understanding potential security flaws of third-party web applications, you might want to be notified when the application resources change. It could be a sign that the application rolled out an upgrade, and it might be a good time to go and poke holes in it.

**Fun fact:** While testing this functionality on [Secutils.dev](http://secutils.dev/) Web UI, I caught the misspelled name of the Plausible usage analytics script in my development environment 🤦 The functionality isn't yet released, but it's already providing value!
**Fun fact:** While testing this functionality on [Secutils.dev](https://secutils.dev/) Web UI, I caught the misspelled name of the Plausible usage analytics script in my development environment 🤦 The functionality isn't yet released, but it's already providing value!

It will take quite a bit of time and iterations to implement all the ideas I have regarding this feature. For the initial release, I'm planning to implement the most basic functionality: the web-scraper component (done, see [secutils-dev/secutils-web-scraper](https://github.com/secutils-dev/secutils-web-scraper)), the UI to register a web page to track resources (in progress), and a way to *manually* trigger the re-fetching of resources (not started yet). In this release, I'm focusing on the resources that usually include a sizeable chunk of application business logic and are therefore the most useful for the target audience: JavaScript and CSS. However, it should eventually support more resources like images, videos, etc.

2 changes: 1 addition & 1 deletion blog/2023-06-20-why-i-started-writing-regularly.md
Original file line number Diff line number Diff line change
@@ -42,7 +42,7 @@ Lastly, I write publicly to share my thoughts and ideas to receive feedback. In

However, the easiest post for me to write, which essentially offered a "something for nothing" scheme — ["Running a micro-SaaS for less than 1€ a month"](https://secutils.dev/docs/blog/running-micro-saas-for-less-than-one-euro-a-month) — attracted a larger audience. Interestingly, the posts with the fewest readers provided the most valuable feedback. I believe this is because the readers who were willing to invest their time in reading and digesting non-trivial information also had a lot to share on the topic.

![[Secutils.dev](http://Secutils.dev) blog statistics](https://secutils.dev/docs/img/blog/2023-06-20_readers_stat.png)
![[Secutils.dev](https://Secutils.dev) blog statistics](https://secutils.dev/docs/img/blog/2023-06-20_readers_stat.png)

That wraps up today's post, thanks for taking the time to read it!

2 changes: 1 addition & 1 deletion blog/2023-06-23-exploring-services-with-webhooks.md
Original file line number Diff line number Diff line change
@@ -12,7 +12,7 @@ Today, I'd like to show you how you can leverage the ["Webhooks" feature](https:

<!--truncate-->

For our exploration, we'll be using [Notion](https://notion.so/) as our target. Notion has an extensive API surface, but I'm particularly interested in how it handles the embedding of external content, such as links, images, and other web pages.
For our exploration, we'll be using [Notion](https://www.notion.so/) as our target. Notion has an extensive API surface, but I'm particularly interested in how it handles the embedding of external content, such as links, images, and other web pages.

I'm an avid user of Notion. — it's my go-to tool for everything. I collect numerous links within Notion and heavily rely on their "Web Bookmark" functionality, which provides neat previews and allows me to navigate through the links quickly.

4 changes: 2 additions & 2 deletions blog/2023-06-30-ai-integration.md
Original file line number Diff line number Diff line change
@@ -8,7 +8,7 @@ tags: [thoughts, technology]
---
Hello!

It's an understatement to say that there is a lot of hype around AI these days. It seems to be integrated into everything. The company I work for, Elastic, is also keeping up with the trend by recently releasing the [**Elasticsearch Relevance Engine™ (ESRE™)**](https://www.elastic.co/blog/may-2023-launch-announcement) and the [**Elastic AI Assistant**](https://www.elastic.co/blog/introducing-elastic-ai-assistant). Even though I'm typically quite skeptical about over-hyped stuff, I must admit that AI is certainly making waves!
It's an understatement to say that there is a lot of hype around AI these days. It seems to be integrated into everything. The company I work for, Elastic, is also keeping up with the trend by recently releasing the [**Elasticsearch Relevance Engine™ (ESRE™)**](https://www.elastic.co/search-labs/may-2023-launch-announcement) and the [**Elastic AI Assistant**](https://www.elastic.co/blog/introducing-elastic-ai-assistant). Even though I'm typically quite skeptical about over-hyped stuff, I must admit that AI is certainly making waves!

Unsurprisingly, I also find myself asking a question: could the integration of AI tools be useful to the users of [**Secutils.dev**](https://secutils.dev)? Let's attempt to answer this question by exploring a simple proof-of-concept that I have been tinkering with this week!

@@ -58,7 +58,7 @@ The output generated by AI would look something like this:
> 4. The x-forwarded-for, x-forwarded-proto, x-forwarded-host, x-forwarded-port, and x-forwarded-server headers indicate that the **request has been forwarded from another server, possibly a load balancer or proxy server**.
> 5. The user-agent header indicates that the request is made by a client identified as "NotionEmbedder", which might be a **custom user agent** used by the client application.
> 6. The accept header indicates that the client can accept any type of response.
> 7. The referer header suggests that the **request was triggered from the URL "https://www.notion.so/"**.
> 7. The referer header suggests that the **request was triggered from the URL https://www.notion.so/**.
---

Not bad for the first attempt! I've highlighted the parts that I believe bring significant value to the user. And this is just a "generic" model, imagine how much more useful and cost-efficient it can be with a pre-trained and fine-tuned one. Due to the time constraints of this proof-of-concept, I didn't have a chance to implement an interactive prompt that would allow users to dig deeper and ask more specific follow-up questions. However, adding this feature would be straightforward and incredibly valuable to users.
Loading

0 comments on commit 54eb827

Please sign in to comment.