Not long ago, I’ve complained how revolut is degrading their service.

Yesterday I’ve found it’s even worse than expected. The last email that I received, stated that the free limit for payments and withdrawals was 2000 BGN (around 1000 EUR),
however, the email that came recently showed that they have silently lowered the limit 5 more times - down to 450.

As a reminder, there is currently a BGN 450 limit on free monthly ATM withdrawals on our Standard plan. After this, you begin paying a 2% fee.

Read More

In my previous post, I’ve shown a way to expose Kibana (ELK) instance to the internet using Nginx. This helps us hide our internal infrastructure behind a secure gateway reverse proxy. This, however, doesn’t mean that the actual Elastic Stack is secure. To do this, we need to configure the security settings for the cluster and related supporting applications. In this article, I will show how to do exactly this.

Naturally, these settings are added to your configuration files, like elasticsearch.yml, logstash.yml or kibana.yml.
Since I am using Docker, from now on I will be showing how to set up these settings using environmental variables in Docker or Kubernetes containers.

Read More

Have you tried to set up Kibana in a subpath just to be met by the error {"statusCode":404,"error":"Not Found","message":"Not Found"}?
Or maybe you want to secure your infrastructure using Nginx reverse proxy.

I will show you how to do these two things at the same time.
I’ve written this guide, because the information found here, was scattered through many pages and takes time to find out and test.

Setting the Nginx reverse proxy

There’s not much to it, just add the following snippet to your configuration:

1
2
3
location ~ /kibana {
proxy_pass http://kibanaURL:5601;
}

Tgus tells Nginx to redirect all the traffic coming to the /kibana subpath to your Kibana server.

Setting Kibana

Now, there are two ways to set Kibana - environmental variables, when using a Docker container or through the kibana.yml.
Since I’m using Docker, let me start with this one.

1
2
3
4
5
6
7
8
9
10
11
12
kibana:
image: docker.elastic.co/kibana/kibana:7.11.0
container_name: Kibana
ports:
- '5601:5601'
environment:
- 'SERVER_BASEPATH=/kibana'
- 'SERVER_HOST=0.0.0.0'
- 'ELASTICSEARCH_URL=http://es:9200'
- 'ELASTICSEARCH_HOSTS=http://es:9200'
- 'XPACK_SECURITY_ENABLED=true'
- 'SERVER_REWRITEBASEPATH=true'

The two important things here are SERVER_BASEPATH, which tells Kibana to server its pages from /kibana instead of /, and
SERVER_REWRITEBASEPATH, which tells Kibana to handle rewriting of page and API URL requests coming under the /kibana subpath.
You can set your server to do this, but using the Kibana setting is a lot easier, most of the time.

In the yml file, these two settings are called:

1
2
server.basePath
server.rewriteBasePath

That’s it! I hope this saved you some time.

Additiopnal consideration

If you’re planning to expose your Kibana app to the internet, through reverse proxy, make sure you have the proper security configuration in place.

Inspiration:

https://serverfault.com/questions/775958/reverse-proxy-for-nginx-configuration-for-subpath
https://discuss.elastic.co/t/kibana-and-nginx-in-subpath/90280/5
https://www.elastic.co/guide/en/kibana/master/settings.html#server-rewriteBasePath
https://stackoverflow.com/questions/17423414/nginx-proxy-pass-subpaths-not-redirected
https://forum.chirpstack.io/t/running-application-behind-reverse-proxy-with-subpath/7057

Vector.io is a new observability tool, that is marketed as a one size fits all solution, for log parsing, data transformation, metrics aggregation and event collection. According to the creators, it’s Fast, Reliable, Unified, Vendor neutral, Customizable and Concise. Recently I had to make the decision if we should migrate our data pipeline to a new stack, and this tool was recommended by a co-worker, so I decided to make this evaluation.

Read More

The problem

If you’re here, then you probably have a Node.js application running in Cluster mode, either through the native Node APIs or through a package manager like PM2. In this mode, however, there is usually a load balancer that switches between several child processes to do computational work. Each of these child processes has their own statistics for resource usage. If you’re using something like Prometheus, to collect custom metrics, they are also saved per process. This results in jagged or incorrect results, when trying to display and analyze the data in a tool such as Grafana. The question is, how do we collect all these metrics and aggregate them for easy consumtion at one place?

Read More

Configuration

  1. Create a custom maintenance page that you would like to display to your users.
  2. Change your Nginx configuration to include the following:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
include /etc/nginx/extra.d/maintenance.conf;


location / {
# Adding the following "if" statement config under "location" directive
if (-e /var/tmp/nginx/maintenance) {
set $maintenance on;
}
if ($intra) {
set $maintenance off;
}
if ($maintenance = on) {
error_page 503 /maintenance.html;
return 503;
}
...
}
...

The dots in the above example are a placeholder for the rest of your configuration file and should be removed.

  1. Edit maintenance.conf file under “/etc/nginx/extra.d/maintenance.conf”
1
2
3
4
5
set $maintenance off;

location = /maintenancfe.html {
internal;
}
  1. (optional) If you want to exclude some IP or IP range from hitting the maintenance page (e.g. for development), Edit your geo.conf /etc/nginx/conf.d/geo.conf
1
2
3
4
5
6
geo $intra {
default 0;
127.0.0.1 1;
10.0.0.0/8 1;
100.0.0.0/26 1;
}
  1. Restart Nginx
1
2
$ nginx -t
$ sudo systemctl restart nginx

Switching in and out of maintenance mode

Switching the maintenance on and off is very easy, just by creating and deleting a faile.

Switch on maintenance mode

1
$ touch /var/tmp/nginx/maintenance

Switch off maintenance mode

1
$ rm /var/tmp/nginx/maintenance

When it was first released in 1999, PayPal was revolutionary. I created my account with the service in 2004, when I was still in high school.
Back then, PayPal was the only way to transfer money easily online. Even more, not having a local alternative it was irreplacable.
However times change, but PayPal keep their bad practices the same. In this article I will mentions some of the appalling ways of PayPal and suggest how to avoid them.

This post contains a lot of nitpicking, so if you don’t like it, please look away.

Read More

Since 2008 this blog was running on Wordpress. This makes Wordpress my loyal servant for almost 12 years. However, as everything else, Wordpress started showing it’s age. The performance of the PHP powered system started lagging behind some other alternatives. While being a great general purpose solution, that is being used for anything from hobby websites to ecommerce shops, I probably didn’t use 10% of the features that Wordpress provided. Mainly because of these two reasons, I decided to migrate to something more simple and easy(as well as cheaper) to manage.

After some searching on the internet, I saw that a system called Hexo is a hot thing right now, so I’ve decided to go with it.

Read More

Today i’d like to show you how to make Logstash Docker container output its operation to a log file inside the container. I’m writing specifically about this, because the official Logstash documentation is a bit vague and unless you know how Java (the language ELK stack is written in) logging with the third party library log4j2 works, you might struggle with this issue like me.

Read More

Previously I’ve written a post explaining the benefits of using Revolut over a traditional bank. Well not anymore. This time i will be writing why i’ve decided not to use Revolut anymore - simply because it will not be worth it anymore.

Aside from the annoying emails wanting you to upload a new ID document and photo every couple of months, the only other information i am subscribed to receive from Revolut is their policy updates. This is how their last email looks like:

Read More

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×