Docker: Learn and Practice, Part 2

Docker: Learn and Practice, Part 2

If you do not know how to run Docker, you should start from Part 1.

Last time, you learn how to run a Docker container with different arguments and convert the command to a docker-compose.yml for easier maintenance. This time I will show configurations with user Docker image and talk more about different options on Docker Compose.

Continue reading “Docker: Learn and Practice, Part 2”

Headless CMS comparison for 2019

Headless CMS

With the raise of popularity of single-page application (SPA), we can separate front-end and back-end completely. Front-end only rely on API to communicate back-end, so that we can always change the implementation of front-end (e.g. web application, mobile application, etc) without changing the back-end.

For simple applications that do not have a complicate logic (e.g. blog), we can use a headless content management system (CMS) as a back-end.
Most headless CMS provide basic features to create content and schema, this allows developer to focus on implementation on the Front-end.

To find a suitable headless CMS, I have tried many different solutions and I want to share my views on them.

Continue reading “Headless CMS comparison for 2019”

Protect your endpoints with Keycloak Security Proxy

Protect your endpoints with Keycloak Security Proxy

When we setup applications in our homelab, there are always some applications do not support authentication or authentication integration.

The solution I was using was Organizr. While it protects your endpoint, it is not the best solution. If you read the source code, it is just matching IP addresses which leads to a lot of problems. Also, it does not redirect you to login page or allow you to setup for remote authentication. It only has limited (admin and user) roles to control access and do not play well with other identity providers, like LDAP.

Continue reading “Protect your endpoints with Keycloak Security Proxy”

HTTPS with Let’s Encrypt and Cloudflare

HTTPS with Let's Encrypt and Cloudflare

Chrome and Firefox has planned to mark ALL the HTTP connection to be not secure. “How insecure it can be?” you may asked. Without HTTPS, HTTP is transferring the package in plain text, which is vulnerable to all kind of attack, especially Man-in-the-middle (MITM) attack. For example, free Wi-Fi providers can modify any HTTP pages and inject their advertisements. This can also happen when you send out data. The middle can steal and modify any data you send including user name and password.

This tutorial is going to teach you how to get HTTPS certificates from Let’s Encrypt using Certbot and Cloudflare.

Continue reading “HTTPS with Let’s Encrypt and Cloudflare”