Blog¶

August 21, 2024
in Medium
1 min read

How to Configure Grafana Alloy with Self-Hosted Prometheus and Loki Server

Published on 2024-08-21

This Is Picture

Grafnana Loki a powerful and scalable log aggregation system, lacks built-in authentication. To protect your log data, it’s essential to implement a robust authentication mechanism. This post guides you through setting up basic authentication for Loki behind an Nginx reverse proxy.

Promtail

Promtail is a log collection agent designed to efficiently gather log data from various sources and send it to a Grafana Loki instance for storage and analysis. It’s a crucial component of the Grafana Loki stack, working alongside Loki and Grafana to create a comprehensive log management solution.

Monitoring and logging are crucial aspects of maintaining the health and performance of your applications. Grafana Loki, a powerful tool for log aggregation and visualization, simplifies this task. By setting it up behind an Nginx reverse proxy with basic authentication, you can secure your logging infrastructure efficiently. This guide will walk you through the entire process step by step.

August 6, 2024
in Medium
1 min read

Setup Grafana Loki Basic Auth Behind Nginx Reverse Proxy (HTTPS)

Published on 2024-08-06

This Is Picture

Quick Introduction

Grafana Loki

Grafnana Loki a powerful and scalable log aggregation system, lacks built-in authentication. To protect your log data, it’s essential to implement a robust authentication mechanism. This post guides you through setting up basic authentication for Loki behind an Nginx reverse proxy.

Promtail

Promtail is a log collection agent designed to efficiently gather log data from various sources and send it to a Grafana Loki instance for storage and analysis. It’s a crucial component of the Grafana Loki stack, working alongside Loki and Grafana to create a comprehensive log management solution.

Monitoring and logging are crucial aspects of maintaining the health and performance of your applications. Grafana Loki, a powerful tool for log aggregation and visualization, simplifies this task. By setting it up behind an Nginx reverse proxy with basic authentication, you can secure your logging infrastructure efficiently. This guide will walk you through the entire process step by step.

December 11, 2023
in Medium
1 min read

How to saving Gitlab runner cost up to 90% using AWS EC2 Spot instance

Published on 2023-12-11

This Is Picture

Gitlab Runner is a component of Gitlab CI/CD that plays a crucial role in executing the jobs defined in your CI/CD pipelines. It acts as a worker machine, responsible for running tasks like building, testing, and deploying your code. Unlike other CI/CD tools that require dedicated servers, Gitlab Runner offers flexibility and scalability.

In the fast-paced world of software development, optimizing costs without compromising performance is an ongoing challenge. Gitlab Runner, a powerful CI/CD tool, plays a crucial role in building, testing, and deploying our code. However, running traditional on-demand instances for Gitlab Runners can lead to significant costs, especially for teams with fluctuating workloads.

September 22, 2023
in Medium
1 min read

Code-Server: run VScode anywhere on browser

Published on 2023-09-22

This Is Picture

Run VS Code on any machine anywhere using Code Server Docker Compose File

Code Server is a VS Code extension that lets you run VS Code on any machine anywhere using Docker Compose. This means you can code on your Chromebook, tablet, and laptop with a consistent dev environment. You can also develop on a Linux machine and pick up from any device with a web browser.

To run VS Code on any machine anywhere using Code Server Docker Compose File, follow these steps:

Install Docker and Docker Compose in server, you can follow this link Create a docker-compose.yml file in the root of your project directory. Add the following code to your docker-compose.yml file:

March 19, 2023
in Medium
1 min read

DevSecOps: Securing Gitlab CI/CD Pipeline

Published on 2023-03-19

This Is Picture

In today’s fast-paced software development landscape, delivering secure and reliable applications quickly is crucial. This is where DevSecOps comes in, bringing together development, operations, and security teams to integrate security practices throughout the entire application lifecycle. A key element of this approach is securing your GitLab CI/CD pipeline, which automates the process of building, testing, and deploying your code.

August 20, 2022
in Medium
1 min read

Linux Server System Audit Using Cisofy Lynis

Published on 2022-08-20

This Is Picture

Lynis adalah alat audit keamanan untuk sistem berbasis UNIX seperti Linux, macOS, BSD, dan lainnya. Ini melakukan pemindaian keamanan mendalam dan berjalan pada sistem itu sendiri.

Hardening System merupakan sebuah keharusan yang wajib kita lakukan dalam mempersiapkan environment aplikasi yang akan kita gunakan, hal seperti bagaimana sistem melakukan patching, upgrade dan konfigurasi server untuk meminimalisir kerentanan yang ada pada server.

August 11, 2022
in Medium
1 min read

8 Tips Server Security Hardening

Published on 2022-08-11

This Is Picture

Ketika kita membangun sebuah aplikasi khususnya aplikasi yang berbasi web tentunya kita membutuhkan sebuat server untuk menyimpan dan menjalankan aplikasi kita, dalam hal ini Tim Operation perlu memastikan ketika menyiapkan sebuah environment khususnya server harus memenuhi standar keamanan yang ada, untuk meminimalisir serangan yang dilakukan oleh orang yang tidak bertanggung jawab, yang akan merugikan perusahaan dimana kita bekerja, disini saya akan memberikan beberapa tips dalam melakukan hardening server khususnya linux server. Read More: Medium: 8 Tips Server Security Hardening

June 1, 2022
in Medium
1 min read

Monitoring Website Menggunakan Uptime Kuma “Uptime Robot” Alternative

Published on 2022-06-01

This Is Picture

Ketika kita memiliki sebuah aplikasi khususnya web apps salah satu poin yang harus kita penuhi adalah SLA (Service Level Agreement) yang mana salah satu faktor yang harus kita penuhi adalah ketersediaan tinggi / High Availability dan ini merupakan salah satu faktor yang dipertimbangkan oleh calon pengguna kita dalam menggunakan aplikasi yang kita miliki karena dengan High Availability yang tinggi artinya layanan aplikasi kita dapat diandalkan kapan saja oleh penggunanya, lalu bagaimana caranya kita untuk meningkatkan High Availability tersebut ? ada beberapa cara yang menurut saya bisa meningkatkan hal tersebut salah satunya adalah Monitoring.

May 26, 2022
in Medium
1 min read

Mengelola Password List Dengan Passbolt

Published on 2022-05-26

This Is Picture

Quote

Finally, a password manager built for collaboration. Secure, flexible, and automation ready. Trusted by 10,000 organizations, including Fortune 500 companies, newspapers, governments and defence forces.

Ketika kita menggunakan sebuah aplikasi, service atau mengakses sebuah website kita biasanya memerlukan yang namanya kredensial username dan password yang berbeda hal ini akan membuat kita bingung dan terkadang lupa dengan password yang kita gunakan, salah satu solusinya adalah menggunakan password manager, saat ini cukup banyak aplikasi yang menyediakan layanan ini agar membantu kita dalam mengelola password yang kita punya seperti 1password, Google My Password, dll.

May 6, 2022
in Medium
1 min read

Integrasi Sonarqube Dengan Jenkins Pipeline

Published on 2022-05-06

This Is Picture

Sonarqube merupakan sebuah tools yang biasanya digunakan pada tahapan Static application security testing (SAST) pada tahap ini sebuah kode program akan dianalisa apakah didalamnya terdapat sebuah kerentanan, bug, code smell dan lainnya. hal ini sangat penting dilakukan agar sebuah kode program memiliki kualitas yang baik dan memiliki keamanan yang baik.

Sonarqube akan melakukan analisa sebuah kode program menggunakan rules yang dimilikinya kemudian melaporkan hasil analisa tersebut kepada user.