投稿時間:2023-06-03 10:04:12 RSSフィード2023-06-03 10:00 分まとめ(8件)
カテゴリー等 | サイト名等 | 記事タイトル・トレンドワード等 | リンクURL | 頻出ワード・要約等/検索ボリューム | 登録日 |
---|---|---|---|---|---|
IT | ITmedia 総合記事一覧 | [ITmedia ビジネスオンライン] 「アンナミラーズ」姿を消して1年、人気のパイはどうなったのか | https://www.itmedia.co.jp/business/articles/2306/03/news028.html | itmedia | 2023-06-03 09:30:00 |
IT | ITmedia 総合記事一覧 | [ITmedia ビジネスオンライン] 資金ゼロでも米留学は可能なの? 就職にも有利「年収3倍に」 | https://www.itmedia.co.jp/business/articles/2306/03/news052.html | itmedia | 2023-06-03 09:08:00 |
海外TECH | DEV Community | Next level data privacy with easy free and secure self hosting at home | https://dev.to/maxime1992/next-level-data-privacy-with-easy-free-and-secure-self-hosting-at-home-2c84 | Next level data privacy with easy free and secure self hosting at homeHello Yes you read this well Self hosting made Easy Free Secure With a machine running at your house not in the cloud Even if you ve never done that before That said if you prefer to apply all this on a server you rent to some provider it ll work the exact same way You ll just skip the chapter on the router configuration Let s clarify from the start what I mean by Easy The first setup isn t necessarily easy nor complicated But it takes a bit of time We ll go through it all together Once it s done adding new apps will take a few seconds or minutes based on how complex the docker strategy is integrated database or separate container to run Postgres for example Free You will not have to pay monthly or yearly bills for a server you rent online and a domain name because I ll explain how to setup everything locally using your desktop laptop or a spare computer that you can keep open You d still have to pay for a machine if you don t have a spare one as well as electricity to run it That said as a metric for this my server has consumed kwh in months which makes it kwh month or € month IntroHave you ever wished to self host one of the brilliant open source project listed in awesome self hosted A project of your own A school project Or anything else that is web based Sky or the RAM of your server is the limit If you re afraid of ️ ️Online solutions that have no respect for your privacyOnline hosting solutions where you re in control of the server and apps but it can be expensive ️How to configure NGINX as it seems too complicated️Expose your services safely on the internetFear no more In this blog post we ll be starting from scratch all the way up to have a local stack safely accessible from the outside of our own network What we will achieveHere s the high level breakdown of what we ll do Install and use Docker Docker Compose in order to have self contained applicationsUse DuckDNS to create a free domain name that we can point to our public IP to have access to our apps from outside our home network note you could skip this step and use your own domain name of course if you prefer to Use SWAG to manage our NGINX server SSL certificates and failban to ban people trying to brute force our servicesUse Authelia combined to our NGINX in SWAG to add a double authentication layer in front of all our servicesDiscuss about how to open up the ports on a router to be able to have access to your apps from the internetAccess the default monitoring dashboard of SWAG from internet behind our double authentication layerAs a bonus and real life demo I ll soon write another blog post for this serie where we ll add brilliant applications Paperless ngx to manage all your digital documentsPhotoprism to manage all your pictures and videosKopia to backup all your data from all the containersAt the end of this blog post you will Be able to have all this stack up and runningBe in a position to add any other web app easilyLet s get started Hang tight for the initial setup Things will get way easier once this is done Architecture overviewAs an image is often worth a thousands words here s the high level overview of what we ll be setting up Note that we ll add the apps at the bottom only in the next post of the series DuckDNS setupAs mentioned previously this part is optional and if you prefer to use your domain name instead you can Head over DuckDNS website and log in with the provider of your choice You ll be setup in a matter of seconds You should land on this page Note that the token displayed in the middle of the page must be kept secret never share it We ll get back to it soon In the domain input type the domain name you wish to have pointing to your local setup This will be the base of the public URL to access all your service Something like You will only need one as we ll be using sub domains so don t name it for a specific app For example with the apps we ll be setting up in the next post we ll end up with the following URLs From this point all the commands we run should be run on the machine you decide to use as the server If you only want to try out this whole stack without having a server you can definitely give it a go from your current computer as well and migrate the setup to a server if you wish later on I am running on Ubuntu so all the command will be Ubuntu based That said it should be quite trivial to change the OS specific commands to match yours Docker and Docker Compose setupI ll assume we start from scratch here If you have Docker and Docker Compose installed already you can skip this chapter DockerRun the following sudo apt get update ysudo apt get install y ca certificates curl gnupg lsb releasecurl fsSL sudo gpg dearmor o usr share keyrings docker archive keyring gpgecho deb arch dpkg print architecture signed by usr share keyrings docker archive keyring gpg lsb release cs stable sudo tee etc apt sources list d docker list gt dev nullsudo apt get update ysudo apt get install y docker ce docker ce cli containerd io Docker Composecd mkdir dockerDOCKER CONFIG DOCKER CONFIG HOME docker mkdir p DOCKER CONFIG cli pluginscurl SL o DOCKER CONFIG cli plugins docker composechmod x DOCKER CONFIG cli plugins docker composeLet s make sure we can run Docker without being an admin Replace XXXXXXXXXX by your user name sudo usermod a G docker XXXXXXXXXXnewgrp docker SWAG setupIf you wish to dig more into SWAG setup here s the official documentation SWAG is no exception to the rule and it ll be ran as a Docker container We will now create our docker compose yaml file that ll let us define all the containers we want to run I d recommend to create a new folder so that all the data from our several containers will be hosted in the same folder making our lives easier for when we look into Kopia and the backup system In my case I ve defined it at opt which is a folder I ve created myself If you point to a different folder make sure to update the paths accordingly in the docker compose file Create a file called docker compose yaml and paste the following in it version services swag image lscr io linuxserver swag latest container name swag cap add NET ADMIN env file common env swag env environment URL yourdomain duckdns org VALIDATION duckdns SUBDOMAINS wildcard DOCKER MODS linuxserver mods swag dashboard volumes opt swag config config ports internal access using server ip open port for the dashboard restart unless stoppedMake sure to update the URL in the environment It s the one you ve defined in your DuckDNS earlierDon t forget to change the path for the volume if you ve decided to put your files somewhere else than opt You could just put swag config config but then you d need to make sure to always launch the docker compose from that directoryFeel free to change the ports and if they re already taken to anything you d like Remember to only edit the port on the left side of the as the one on the right is the internal binding for the containerThen create files at the same level common env PUID PGID TZ Europe ParisTo find out your own PUID and PGID type in your console id and you ll something like this iduid maxime gid maxime Use these values As for the timezone TZ you can find it here on Wikipedia in the TZ Identifier column swag env DUCKDNSTOKEN xxxxxxxx xxxx xxxx xxxx xxxxxxxxxxxxOf course replace it with the token displayed on your DuckDNS page Time to start our first container docker compose up dIt should pull the container if you don t have it already and you should see a message like this Container swag StartedTo make double sure everything went well we can also check the logs of the container docker logs swagYou ll see a bunch of logs but the most important line being the last one Server ready Notice as well that a swag folder was created Without further ado let s access the integrated SWAG dashboard From the internet by configuring our router Router configurationWhether you have your own router or the default box provided your internet provider you will have access to all the settings That said each router has it s own UI and I cannot cover all of these So you will have to search a little bit in your router configuration to find out where you need to access the settings I ll mention If you don t find them Google is your friend for this part Search in the settings for DHCP This will let us attribute a local static IP to our computer running SWAG Create a new rule It ll ask you what s the device you wish to configure If it s a little bit smart it ll list the devices and their IP and you ll be able to select from there If not you ll have to enter the current IP and the MAC address of the computer Once done search for NAT amp PAT or NAT forwarding or Port forwarding This will let us bind a port of our public IP and redirect to a given local IP port In our case we will need to have only rule here as we ll be using sub domains to have multiple apps under the same base domain Create a new rule for all the protocols TCP UDP Define the external port to be You ll then need to point to a given internal IP and a given port Specify your computer IP as for the port it ll be as well or if you changed the port of our docker compose yaml file put the one you wrote here As we ve passed the environment variable DOCKER MODS linuxserver mods swag dashboard SWAG gives us access to an admin dashboard Therefore if everything went well with the router configuration we should now have access to it from internet Try to access your domain name with the subdomain dashboard You should see this Feels awesome right You may think though that it s not really a good idea to expose an admin dashboard publicly on the internet And you d be right Let s jump into the next chapter to setup some additional security Authelia and double authenticationAuthelia is a fantastic piece of open source software which Authelia is an open source authentication and authorization server and portal fulfilling the identity and access management IAM role of information security in providing multi factor authentication and single sign on SSO for your applications via a web portal It acts as a companion for common reverseEssentially it ll let you put an extra authentication layer in front of any deployed services ️ You can setup factor authentication FA for reinforced security as well on the cake you can even define per user access to your apps To be clear if an app you deploy has already a login password access you can decide to expose it on the internet But if the security of that app is weak you may be in troubles Authelia lets you plug an extra layer with FA in front You ll only have to log once to Authelia and then still log independently to any app that has its own id password login Let s crack on Add the following service to our docker compose yaml file to add a user add directly to authelia users database yml then get the encrypted password with docker run rm ghcr io authelia authelia authelia hash password yourpassword users database yml authelia image ghcr io authelia authelia container name authelia env file common env volumes authelia config restart unless stoppedRun docker compose up d so that the Authelia container gets started as well You ll see that a new folder authelia will be created with file But if we look into the logs we can see that something needs to be fixed before we can actually use Authelia docker logs autheliaGives us time T level error msg Configuration storage option encryption key must is required time T level fatal msg Can t continue due to the errors loading the configuration This is normal it s because it s the first time the app is launched and for security reason we need to change some default values in the config Let s edit authelia configuration yml and replace it with the following server host port read buffer size write buffer size path authelia log level info file path config logs authelia logjwt secret TODO SOME RANDOM SECRET HEREdefault redirection url totp issuer authelia yourdomain duckdns orgauthentication backend disable reset password true file path config users database yml password algorithm argonid iterations key length salt length memory parallelism access control default policy deny rules domain yourdomain duckdns org yourdomain duckdns org policy two factor subject user TODO YOUR AUTHELIA USER NAME HERE session name authelia session secret TODO SOME OTHER RANDOM SECRET HERE expiration h inactivity m remember me duration M domain yourdomain duckdns orgregulation max retries find time m ban time mstorage encryption key TODO SOME RANDOM ENCRYPTION KEY HERE local path config db sqlitenotifier disable startup check false filesystem filename config notification txtUpdate all the following TODO SOME RANDOM SECRET HERETODO YOUR AUTHELIA USER NAME HERETODO SOME OTHER RANDOM SECRET HEREyourdomainTODO SOME RANDOM ENCRYPTION KEY HEREFor secrets and encryption keys generate long and random stringsTo avoid an error with the container create an empty file authelia logs authelia log Then do docker compose down amp amp docker compose up d You should see a bunch of new files created in the authelia folder and docker logs authelia shall show a few level info but no errors Last but not least we need to add a user otherwise it ll be hard to log in Launch the following command to encrypt your chosen password for Authelia docker run rm authelia authelia latest authelia hash password yourpasswordChange of course yourpassword to a very strong password as this will be your entry point to Authelia Generating it using a password manager is a good idea It ll then print the encrypted password to the console Keep it there for now and head over authelia users database yml Edit this file with the following content users your user name displayname your user name password Put the hashed password generated here starting with argon Don t forget to change the username twice to whatever you want and update the password with the one we just generated Now that Authelia is configured let s expose it through a given subdomain For this thanks to all the templates that SWAG has it s really easy for most apps that we want to add In this case copy swag config nginx proxy confs authelia subdomain conf sample to swag config nginx site confs and rename authelia subdomain conf sample to authelia subdomain conf Restart both services with docker compose down amp amp docker compose up d then go to and VICTORY If you try to log in you ll get a message saying that you need to activate double authentication to access that resource And it makes sense as we ve specified this as the default in our config Click on this button You ll see a notification It s obviously not true because we haven t setup any email provider but Authelia has a clever trick and writes the content instead to authelia notification txt It ll look like this Date CEST m Recipient Subject Register your mobileBody This email has been sent to you in order to validate your identity If you did not initiate the process your credentials might have been compromised You should reset your password and contact an administrator To setup your FA please visit the following URL Please contact an administrator if you did not initiate the process Open up the link that s written and it ll show you a page with a QR code With your favourite FA authentication app add it For example you can use Google Authenticator Brilliant We ve got Authelia and FA setup But wait our dashboard at is still not protected Let s edit swag config nginx proxy confs dashboard subdomain conf but first Note that usually the proxy confs contains all the templates and for the apps you want to expose you copy one the corresponding template to the site confs folder next to it In this case the dashboard template is here by default for some reason feel free to move it to site confs instead Anyway let s edit dashboard subdomain conf All you have to do for every new conf file that you use to expose a new service is to check for the lines with a comment enable for Autheliaand uncomment the next line Make sure you do that on all occurrences of the comment There should be at least include config nginx authelia server confinclude config nginx authelia location confIn this case there are lines to uncomment ️ Now reload both services docker compose down amp amp docker compose up d and head over your dashboard It should not be accessible directly and you shall see the Authelia authentication page Pro tip Notice how the URL goes from to something like If you re using a password manager assuming it s got regex support for URL detection it s possible to separate your apps from the Authelia login which is very convenient instead of having a domain match that d just always show you the Authelia entry as the domain doesn t change when Authelia login shows up It s just the end of the URL For your Authelia entry in your password manager enter this https a z yourdomain duckdns org autheliaFor all your apps enter this example with Paperless that we ll setup later https paperless yourdomain duckdns org authelia This way when your app doesn t open the Authelia page your password manager will only show entry for the app and when Authelia shows up it ll only show Authelia not all of your apps entries I believe data privacy is important and being able to self host applications where you own your data is like a super power In the next post of the series I ll show how to setup of my favourites open source apps to manage your documents pictures and backup all that safely If you re interested in more articles about Angular RxJS open source self hosting data privacy feel free to hit the follow button for more Thanks for reading Found a typo If you ve found a typo a sentence that could be improved or anything else that should be updated on this blog post you can access it through a git repository and make a pull request Instead of posting a comment please go directly to and open a new pull request with your changes If you re interested how I manage my dev to posts through git and CI read more here | 2023-06-03 00:44:44 |
海外TECH | DEV Community | 10 tools and resources you need to level up your programming career ( All free ) : | https://dev.to/durgesh4993/10-tools-and-resources-you-need-to-level-up-your-programming-career-all-free--3pmo | tools and resources you need to level up your programming career All free There are YouTube videos Chrome extensions and resources for coding Don t waste time going through all of them to find the best Follow for such content Scribe Writing up docs and how to guides used to take up so much time but not anymore Scribe creates auto generated step by step guides cutting down hours of work to minutes It s a must have tool if you re working solo or in a team Fireship This YT channel is a bit different to the others Jeff does an amazing job of explaining super complex stuff in an understandable way in seconds not hours The production quality is killing Watching this channel will teach you so much FreeCodeCamp freeCodeCamp is the ultimate free resource for learning and upskilling your programming skills Over tutorials Whatever skills or technology you re looking to build there s sure to be a tutorial Wappalyzer This is a personal fave of mine It s helped me several times as a web developer and business owner Wappalyzer tells you the tech stack of any website This is a great asset if you want to stay on top of technology trends Traversy Media Brad traversymedia has created web development courses for over a decade And he s damn good at it too His YouTube channel is full of simple to understand crash courses on everything from beginner frontend to advanced backend Official Documentation of whatever technology you re learning This is a primary method of how professional software developers learn This is where you ultimately want to be LeetCode LeetCode is arguably the best platform to practice technical interview questions Anytime you want to switch companies for a higher position or pay you should be spending time here preparing for your technical interviews Daily Dev Want to stay on top of the latest developer news dailydotdev chrome extension has you covered It even offers personalization so you get just what you re looking for Currently used by over k devs and growing ProgrammingWithMosh Mosh has a wealth of experience and has transferred that into courses and content taking people from limited coding experience through to hirable software developers A lot devs have had fantastic outcomes learning from him Harvard CS Courses Get Harvard education without the price tag it s free Deepen your knowledge in your current domain or expand your areas of expertise and know that you re getting information straight from top quality sources If You liked this Article Follow for more such content around web development resources tips and cheatsheet | 2023-06-03 00:10:49 |
海外TECH | DEV Community | Building a Thread-Based Web Server without using any third-party libraries or frameworks with Ruby | https://dev.to/ariasdiniz/building-a-thread-based-web-server-without-using-any-third-party-libraries-or-frameworks-with-ruby-2plp | Building a Thread Based Web Server without using any third party libraries or frameworks with RubyHi There Today I d like to showcase something I ve been working on a web server built entirely from scratch using Ruby The goal isn t to present the project per se but rather to share some insights and knowledge I ve gained through this journey I ll be explaining the architecture its pros and cons and an overall view of how it works This server is part of MacawFramework an open source Ruby framework designed to help developers create web applications with ease Server ArchitectureThe server is built around Ruby s TCPServer class and incorporates a thread based architecture The ThreadServer class includes a base module ServerBase which is primarily responsible for handling the HTTP protocol Together these components provide a default implementation for our web server The code demonstrates usage of key Ruby features such as the Queue class for thread safe data handling and the Mutex class for synchronization It also takes advantage of Ruby s OpenSSL library to integrate SSL security into the server class ThreadServer include ServerBase def run server TCPServer new bind port server OpenSSL SSL SSLServer new server context if context end end Thread based ModelThe thread based model is simple yet effective Upon starting the server it spins up a specified number of worker threads that handle client connections Incoming connections are queued in a work queue work queue where they are then processed by the worker threads ensuring fair scheduling and load distribution def run num threads times do spawn worker end endprivatedef spawn worker workers mutex synchronize do workers lt lt Thread new do loop do client work queue pop break if client shutdown handle client client end end endend Thread Pool ManagementThe server uses a Mutex workers mutex to safely manage the worker threads pool A maintenance routine runs in a separate thread checking the health of the worker threads every seconds It will respawn any threads that have died ensuring consistent server performance def run Thread new do loop do sleep maintain worker pool end end endprivatedef maintain worker pool workers mutex synchronize do workers each with index do worker index unless worker alive if is shutting down macaw log amp info Worker thread index finished not respawning due to server shutdown else macaw log amp error Worker thread index died respawning workers index spawn worker end end end endend Graceful ShutdownThe server is designed to gracefully shut down when required making sure all pending connections in the work queue are processed before closing the worker threads and the server itself def close shutdownendprivatedef shutdown is shutting down true workers each amp join server closeend LimitationsWhile the threading model is effective it has some limitations due to Ruby s Global Interpreter Lock GIL The number of concurrent connections it can handle is limited by the number of worker threads Additionally slow clients could potentially tie up a worker thread reducing the server s capacity However for JRuby and TruffleRuby users this threading model can leverage true system level threading due to the lack of a GIL potentially providing better performance on multi core systems Despite these trade offs the built in web server in MacawFramework offers a good balance for most web applications particularly for small to medium scale deployments For larger scale applications with high concurrency demands consider supplementing the built in server with an event driven architecture or utilizing a third party server solution better suited for such scenarios ConclusionIn summary the thread based web server included in MacawFramework provides a straightforward efficient and secure solution for running your web applications requiring minimal configuration and making deployment a breeze It s a demonstration of how core Ruby features can be leveraged to build a simple yet robust web server I hope this journey through the creation of a thread based web server was insightful There s always more to learn and improve so let s keep sharing and growing Happy coding | 2023-06-03 00:03:59 |
金融 | ニュース - 保険市場TIMES | SOMPOひまわり生命、禁煙に関する一般アンケートの結果を発表 | https://www.hokende.com/news/blog/entry/2023/06/03/100000 | 2023-06-03 10:00:00 | |
ニュース | BBC News - Home | Biden says debt ceiling deal averted 'economic collapse' | https://www.bbc.co.uk/news/world-us-canada-65795242?at_medium=RSS&at_campaign=KARANGA | congress | 2023-06-03 00:39:25 |
ビジネス | 東洋経済オンライン | 任天堂「ゼルダ新作」爆売れ、ギネス更新の納得理由 超有名シリーズだが、人気が落ちていた過去も | ゲーム・エンタメ | 東洋経済オンライン | https://toyokeizai.net/articles/-/677013?utm_source=rss&utm_medium=http&utm_campaign=link_back | nintendo | 2023-06-03 09:30:00 |
コメント
コメントを投稿