DEV Community: Muhammad Dhiyaul Atha

Step-by-Step Deployment Active Directory (AD DS) pada Windows Server 2025 via PowerShel

Muhammad Dhiyaul Atha — Fri, 15 May 2026 15:20:57 +0000

Banyak orang masih menggunakan GUI untuk mengonfigurasi Windows Server. Padahal, menggunakan PowerShell jauh lebih cepat, ringan, dan minim error navigasi. Di artikel ini, saya akan membagikan alur praktikum saya dalam membangun Forest baru imsak.com di Windows Server 2025 sepenuhnya menggunakan terminal.

Environment Praktikum

Platform: VirtualBox (Internal Network)
OS: Windows Server 2025
Target Domain: imsak.com
Static IP: 172.20.80.10

Tahapan Konfigurasi

1. Identitas Server (Hostname)

Langkah pertama adalah mengubah nama komputer agar lebih mudah dikenali dalam jaringan forest. Di sini saya mengubahnya menjadi A3N4.

Rename-Computer -NewName "A3N4" -Restart

2. Networking: Static IP & DNS Loopback

Domain Controller wajib memiliki IP statis. Selain itu, DNS harus diarahkan ke 127.0.0.1 (loopback) karena server ini sendiri yang akan mengelola record DNS domain.

# Mengatur IP Statis
New-NetIPAddress -InterfaceIndex 3 -IPAddress 172.20.80.10 -PrefixLength 24 -DefaultGateway 172.20.80.1

# Mengatur DNS ke Loopback
Set-DnsClientServerAddress -InterfaceIndex 3 -ServerAddresses ("127.0.0.1")

3. Instalasi Fitur AD DS

Sebelum bisa mempromosikan server menjadi DC, kita perlu memasang binary dan modul manajemen Active Directory.

Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

4. Membangun Forest Baru (Promosi Domain)

Ini adalah inti dari praktikum. Kita akan membuat Forest baru bernama imsak.com.

Install-ADDSForest -DomainName "imsak.com" -DomainNetbiosName "IMSAK" -InstallDns:$true -Force

Setelah perintah dijalankan, masukkan **SafeModeAdministratorPassword* yang kuat. Sistem akan otomatis melakukan restart setelah proses selesai.*

Verifikasi & Pengujian

Setelah server aktif kembali, kita perlu memastikan semuanya berjalan normal.

5. Cek Login Otoritas

Pastikan user yang masuk adalah user domain.

whoami
# Output: imsak\administrator

6. Resolusi Nama DNS

Tes apakah DNS sudah mengenali domain baru kita.

Resolve-DnsName imsak.com

7. Status Layanan (Health Check)

Memastikan layanan utama AD DS (NTDS, DNS, ADWS) sudah berstatus Running.

Get-Service adws,dns,ntds | Select-Object Name, Status

Kesimpulan

Deploy Active Directory di Windows Server 2025 via PowerShell memberikan pengalaman manajemen server yang lebih profesional. Dengan mengikuti alur yang terstruktur, kita bisa meminimalisir kesalahan konfigurasi dan mempercepat proses deployment.

Apakah kamu punya kendala saat mencoba Windows Server 2025? Yuk diskusi di kolom komentar!

Implementasi Kea DHCPv4 pada RHEL 10: Solusi Modern Pengelolaan Jaringan

Muhammad Dhiyaul Atha — Thu, 30 Apr 2026 11:31:39 +0000

1. Pendahuluan

Kea mulai diadopsi sebagai pengganti ISC DHCP dengan arsitektur yang lebih modern. Kea menawarkan performa lebih tinggi dan struktur konfigurasi berbasis JSON yang lebih modular. Artikel ini mendokumentasikan langkah-langkah konfigurasi Kea di lingkungan virtual (VirtualBox) dengan client Windows 10.

2. Topologi & Skenario Jaringan

Server (RHEL 10):
- Adapter 1: NAT (Akses Internet)
- Adapter 2: Internal Network (enp0s8) - IP Statis: 10.0.2.1
Client (Windows 10):
- Adapter 1: Internal Network - DHCP Client

3. Konfigurasi Interface Server

Sebelum menjalankan Kea, interface yang mengarah ke client harus memiliki IP statis.

# Menambahkan IP statis ke interface internal
sudo ip addr add 10.0.2.1/24 dev enp0s8
sudo ip link set enp0s8 up

4. Konfigurasi Kea DHCPv4

Edit file /etc/kea/kea-dhcp4.conf. Fokus utama adalah mengarahkan interfaces ke enp0s8 dan menentukan pools alamat IP.

"Dhcp4": {
    "interfaces-config": {
        "interfaces": [ "enp0s8" ]
    },
    "lease-database": {
        "type": "memfile",
        "name": "/var/lib/kea/kea-leases4.csv"
    },
    "subnet4": [
        {
            "subnet": "10.0.2.0/24",
            "pools": [ { "pool": "10.0.2.100 - 10.0.2.200" } ],
            "option-data": [
                { "name": "routers", "data": "10.0.2.1" },
                { "name": "domain-name-servers", "data": "8.8.8.8, 8.8.4.4" }
            ]
        }
    ]
}

5. Keamanan & Aktivasi Service

Membuka port DHCP pada firewall dan merestart service Kea.

# Konfigurasi Firewall
sudo firewall-cmd --add-service=dhcp --permanent
sudo firewall-cmd --reload

# Restart Service
sudo systemctl restart kea-dhcp4

6. Pengujian pada Client

Pada client Windows 10, lakukan pembaruan IP melalui Command Prompt.

ipconfig /release
ipconfig /renew

7. Analisis Log & Database Lease

Verifikasi terakhir adalah memeriksa apakah server mencatat penyewaan IP tersebut dalam database lokal.

# Melihat log aktivitas DORA secara real-time
sudo journalctl -u kea-dhcp4 -f

# Melihat database penyewaan IP
sudo cat /var/lib/kea/kea-leases4.csv

Kesimpulan

Keberhasilan implementasi Kea DHCP sangat bergantung pada ketepatan penentuan interface fisik dan pengaturan IP statis pada sisi server. Dengan berpindah ke Kea, administrator jaringan mendapatkan kontrol lebih baik melalui struktur data JSON yang rapi.

Setup Identity Management (FreeIPA) di RHEL 10: Fondasi Infrastruktur Server Terpusat

Muhammad Dhiyaul Atha — Wed, 29 Apr 2026 15:21:59 +0000

Di lingkungan enterprise, manajemen identitas terpusat adalah komponen penting untuk menjaga keamanan dan skalabilitas sistem. Jika di ekosistem Windows kita mengenal Active Directory Domain Services (AD DS), maka di dunia Linux tersedia solusi setara yaitu Identity Management (IdM) berbasis FreeIPA.

Pada artikel ini, saya akan membagikan pengalaman melakukan deployment FreeIPA di RHEL 10, lengkap dengan troubleshooting yang saya temui.

1. Environment Setup

Untuk tutorial ini, saya menggunakan spesifikasi sistem berikut agar performa Identity Management tetap stabil:

OS: Red Hat Enterprise Linux 10.
Hardware: Laptop dengan Intel i7-14650HX dan RTX 4050.
Network: Pastikan sistem menggunakan IP statis.

2. The FQDN Rule: Don't Get Stuck!

Salah satu syarat wajib untuk setup "AD DS" versi Linux ini adalah penggunaan Fully Qualified Domain Name (FQDN). Installer tidak akan menerima nama tunggal karena sistem identitas seperti Kerberos membutuhkan domain yang lengkap.

Masalah: Menggunakan nama seperti atha akan memicu error must be fully-qualified.
Solusi: Set hostname dengan format <hostname>.<domain>:
```
sudo hostnamectl set-hostname server.atha.local
```

3. Step-by-Step Installation

Gunakan perintah berikut untuk memulai instalasi server beserta DNS-nya. Saya sangat menyarankan menentukan forwarder secara eksplisit untuk menghindari masalah resolusi.

sudo ipa-server-install --setup-dns --forwarder=1.1.1.1 --forwarder=1.0.0.1

Tips Tambahan:

NetBIOS: Default-nya adalah ATHA, ini berguna untuk integrasi dengan sistem Windows.
NTP: Biarkan menggunakan pool bawaan sistem kecuali Anda memiliki server waktu khusus.

4. Troubleshooting: Belajar dari Kesalahan

Selama proses sharing ini, ada beberapa kendala yang sempat saya alami dan bisa menjadi pelajaran buat teman-teman:

DNS Timeout: Jika installer gagal saat validasi forwarder, biasanya ada masalah pada kueri IPv6 di jaringan Anda. Menggunakan flag --forwarder manual adalah solusinya.
The "yes" Confirmation: Jangan terkecoh di akhir ringkasan konfigurasi. Sistem menunggu input yes secara eksplisit. Jika hanya ditekan Enter, instalasi akan otomatis batal (Aborted).

5. Final Steps & Verification

Setelah instalasi selesai, buka akses layanan pada firewall agar sistem berjalan lancar:

sudo firewall-cmd --add-service={freeipa-ldap,freeipa-ldaps,dns,ntp,http,https,kerberos} --permanent
sudo firewall-cmd --reload

Gunakan perintah kinit admin untuk memverifikasi tiket Kerberos Anda.

Membangun sistem identitas terpusat dengan FreeIPA memberikan kontrol penuh atas keamanan jaringan. Sebagai mahasiswa Teknik Informatika yang fokus pada Backend dan Security, pemahaman ini sangat membantu saya dalam mengelola infrastruktur server yang lebih profesional.

Semoga tutorial ini bermanfaat bagi teman-teman yang juga sedang mengulik ekosistem RHEL!

I Built a Safety-First Workflow Layer for Pacman (ATHA)

Muhammad Dhiyaul Atha — Tue, 31 Mar 2026 16:35:36 +0000

Managing packages on Arch Linux is powerful, but sometimes it lacks visibility and safety.

You run a command… and it just executes.

No preview. No clear audit trail. No structured workflow.

So I started building ATHA — a safety-first workflow layer on top of pacman.

What is ATHA?

ATHA is not a replacement for pacman.

It tries to enhance it with:

Install planning (--plan) before execution
Dry-run support for safer operations
Confirmation layers for critical actions
Operation history with timeline view
Built-in system diagnostics (atha doctor)

The goal is simple:

Make package operations more predictable, transparent, and auditable.

Example

Before installing a package:

atha install --plan neovim

You get a preview of:

dependencies
disk usage
source (official repo or AUR)

Why I Built This

Arch gives full control — but sometimes operations can feel a bit “blind”.

ATHA is my attempt to improve:

Safety → reduce accidental changes
Transparency → understand what will happen
Auditability → keep track of what happened

Comparison

Feature	pacman	yay	ATHA
Dry-run support	❌	❌	✅
Install planning	❌	❌	✅
Operation history	❌	❌	✅
Workflow consistency	❌	❌	✅

Installation

yay -S atha

💬 Feedback

This project is still evolving and definitely not perfect.

I’m sure there are things that can be improved — both in design and implementation.

If you have feedback, criticism, or suggestions, I’d really appreciate hearing them.

My First Attempt at Building a Reasoning AI (ARC Prize 2026)

Muhammad Dhiyaul Atha — Thu, 26 Mar 2026 07:28:57 +0000

What if AI fails the moment the problem changes?

Most AI systems today are great at recognizing patterns — but what happens when the problem itself is different from anything they’ve seen before?

That’s exactly the challenge behind the ARC Prize 2026 on Kaggle.

Getting Started

I recently joined the ARC-AGI-2 competition on Kaggle, which challenges participants to build AI systems capable of solving problems they’ve never seen before.

Unlike typical machine learning tasks, ARC is not about training on massive datasets.

Instead, it focuses on something closer to human intelligence:
reasoning and generalization.

My First Approach (Baseline)

To get started, I built a very simple baseline model.

The goal was not to solve the problem yet — but to:

Understand the dataset structure
Learn how submissions work
Successfully make my first submission

Here’s the basic idea:

Read input grid
Generate output grid with the same shape
Fill it with zeros

Yes — it's intentionally simple.

Code & Repository

You can check my first implementation here: https://github.com/Bangkah/arc-agi-learning

This repository documents my learning journey as I explore reasoning-based AI.

First Submission (Kaggle)

Why Start Simple?

Because ARC is not about jumping into complex models.

It’s about:

Understanding transformations
Identifying patterns
Building logic step-by-step

Even advanced AI systems still struggle with ARC tasks.

Why ARC is Hard

ARC tasks require:

Understanding abstract patterns
Applying transformations
Generalizing from very few examples

Unlike traditional machine learning, there is no training phase with millions of samples.

Each problem is a completely new challenge.

First Submission Result

My first submission didn’t perform well — and that’s expected.

The real goal was:
✔ Understanding the pipeline
✔ Getting familiar with the problem
✔ Starting the journey

Key Insight

ARC is fundamentally different from most AI challenges.

It’s not about:
❌ memorizing patterns

It’s about:
✔ discovering rules
✔ applying logic
✔ adapting to new problems

What’s Next?

My next steps:

Solve ARC tasks manually
Build rule-based solutions
Improve generalization step-by-step

💡 Final Thoughts

This is not just a competition — it’s a challenge to rethink how we approach AI.

And I’m just getting started.

Have you tried solving ARC tasks?

I’d love to hear how others approach reasoning problems like this.

[Boost]

Muhammad Dhiyaul Atha — Tue, 24 Mar 2026 04:53:53 +0000

Muhammad Dhiyaul Atha

Mar 24

My First Home Server Using a 12-Year-Old Laptop

#linux #devops #productivity #homelab

Comments

2 min read

My First Home Server Using a 12-Year-Old Laptop

Muhammad Dhiyaul Atha — Tue, 24 Mar 2026 04:41:31 +0000

When an Old Laptop Finds Its New Purpose

Turning a 2012 MacBook Pro into My First Personal Server

There was a 2012 MacBook Pro sitting in front of me.

Not my main machine anymore.
Definitely not fast by today’s standards.

But that’s exactly where a simple question came up:

“How far can this old laptop still be useful?”

That question led me to a small experiment —
turning this old machine into a personal server and controlling it remotely via SSH from my main laptop.

Why an Old Laptop?

As a software engineering student, I started realizing something important:

Learning about servers is not enough if it’s only theory.

I can read documentation, watch tutorials, and follow guides —
but there’s always a gap between knowing and actually experiencing it.

At the same time, I had:

A 2012 MacBook Pro collecting dust
A growing interest in Linux
Curiosity about how servers actually work

So instead of letting it sit unused, I turned it into a learning lab.

System Choice: Arch Linux on Old Hardware

I chose Arch Linux for this machine.

Not because it’s easy — actually the opposite.

But because I wanted:

A lightweight system
Full control over everything installed
A raw, hands-on learning experience

For my main laptop, I use an Acer Nitro V16 running Garuda Linux —
this is where I control everything from.

The Struggles: Nothing Worked Perfectly

Of course, things didn’t go smoothly at first.

Here are some challenges I faced:

⚠️ Old hardware limitations (heat, performance)
⚠️ Arch Linux setup complexity
⚠️ Networking confusion (IP, services, firewall)
⚠️ SSH failing due to small misconfigurations

There were frustrating moments, especially when:

“Why is SSH installed but I still can’t connect?”

But those were the moments where real learning happened:

Reading logs
Understanding errors
Not just copy-pasting commands

The Goal: More Than Just Remote Access

My goal wasn’t just:

“Connect via SSH from another laptop”

I wanted to:

Understand how servers actually work
Get comfortable working without a GUI
Simulate a simple backend/DevOps workflow
Build the habit of working remotely

This server became my personal lab —
a safe place to break things and learn.

The Breakthrough Moment

The most satisfying moment?

From my main laptop, I ran:

ssh atha@192.xxx

And then…

The terminal of the 2012 MacBook appeared on my screen.

No GUI.
No mouse.
Just a terminal.

But it felt like opening a door to a completely new world.

What I Can Do Now

Now I can:

Manage my server from my main laptop
Install and configure services remotely
Bring an old machine back to life

And this is just the beginning.

Next, I plan to explore:

Setting up a web server
Building a simple API
SSH hardening
Small automation scripts

Final Thoughts

This experiment taught me something important:

Learning servers doesn’t have to be expensive.

Sometimes, an old laptop and curiosity are enough.

That 2012 MacBook Pro that once felt outdated
now has a new role.

Not as my main machine —
but as a silent teacher, helping me understand systems, patience, and real learning.

And this journey…

is just getting started 🚀

What about you?
Have you ever repurposed old hardware into something useful?

Saya Membuat CLI Tool Jadwal Shalat dan Merilisnya ke Arch Linux AUR

Muhammad Dhiyaul Atha — Wed, 18 Feb 2026 12:30:23 +0000

Sebagai pengguna Linux dan seseorang yang sering bekerja di terminal, saya ingin bisa melihat jadwal shalat langsung dari CLI tanpa membuka browser atau aplikasi GUI.

Dari kebutuhan sederhana itu, saya membuat sebuah tool bernama jadwal-shalat — sebuah CLI tool profesional berbasis Python yang dapat menampilkan jadwal shalat secara otomatis berdasarkan lokasi pengguna.

Sekarang tool ini sudah tersedia secara resmi di Arch Linux AUR.

Latar Belakang

Banyak aplikasi jadwal shalat tersedia, tapi sebagian besar berbasis:

Mobile apps
Website
Aplikasi GUI

Masalahnya, bagi pengguna Linux yang sering bekerja di:

terminal
server
SSH session
environment minimal

solusi tersebut tidak praktis.

Saya ingin sesuatu yang:

ringan
cepat
otomatis
dan native di terminal

Maka saya membuat CLI tool ini.

Apa Itu jadwal-shalat?

jadwal-shalat adalah CLI tool Python yang dapat:

mendeteksi lokasi otomatis dari IP publik
menentukan timezone secara akurat
mengambil jadwal shalat dari API Aladhan (method Kemenag Indonesia)
menampilkan jadwal secara rapi di terminal

Tool ini dirancang khusus untuk pengguna Indonesia.

Fitur Utama

Beberapa fitur yang tersedia saat ini:

Deteksi IP publik otomatis
Deteksi lokasi otomatis (kota, negara, koordinat, timezone)
Fallback API lokasi jika layanan utama gagal
Menggunakan API Aladhan (method=20/Kemenag Indonesia)
Jadwal shalat lengkap
Menampilkan waktu shalat berikutnya + countdown
Output terminal rapi dengan alignment yang baik
Error handling lengkap
Timeout protection untuk API
Support timezone akurat
Siap packaging AUR dengan auto update

Contoh Output

Contoh ketika dijalankan:

Output difokuskan agar:

mudah dibaca
minimalis
profesional
cocok untuk penggunaan harian di terminal

Instalasi via Arch Linux AUR

Tool ini sekarang tersedia di AUR, sehingga instalasi sangat mudah:

yay -S jadwal-shalat

Atau manual:

git clone https://aur.archlinux.org/jadwal-shalat.git
cd jadwal-shalat
makepkg -si

Sebagai maintainer AUR, saya juga mengatur auto-update menggunakan GitHub Actions.

Instalasi Manual

Jika tidak menggunakan Arch Linux:

pip install requests

Clone repo:

git clone https://github.com/Bangkah/jadwal-shalat.git
cd jadwal-shalat
chmod +x jadwal-shalat.py
./jadwal-shalat.py

Atau:

python jadwal-shalat.py

Cara Kerja Tool Ini

Secara sederhana:

Mengambil IP publik user
Mengubah IP menjadi lokasi geografis
Menentukan timezone
Mengambil jadwal shalat dari API Aladhan
Menampilkan jadwal dan countdown

Semua proses dilakukan secara otomatis.

Fokus pada Reliability

Beberapa hal yang saya implementasikan untuk memastikan tool stabil:

fallback API jika layanan lokasi gagal
timeout protection
error handling jaringan
parsing timezone akurat
output formatting konsisten

Ini penting agar tool tetap berfungsi bahkan dalam kondisi jaringan tidak stabil.

Integrasi dengan Arch Linux Packaging

Salah satu milestone terbesar project ini adalah berhasil dipublish ke Arch Linux AUR.

Ini berarti:

user bisa install dengan yay
update terdistribusi secara otomatis
mengikuti standar packaging Linux
tool menjadi lebih profesional

Saya juga mengintegrasikan GitHub Actions untuk membantu workflow update.

Roadmap ke Depan

Beberapa fitur yang direncanakan:

input manual kota
input manual koordinat
output JSON
notifikasi waktu shalat
packaging PyPI

Tujuannya adalah membuat tool ini semakin fleksibel.

Kenapa Saya Membuat Project Ini?

Selain kebutuhan pribadi, project ini juga menjadi sarana belajar tentang:

CLI development dengan Python
API integration
timezone handling
Linux packaging (PKGBUILD)
AUR maintenance
CI/CD dengan GitHub Actions

Project kecil seperti ini sangat membantu meningkatkan skill sebagai developer.

Open Source dan Kontribusi

Project ini open source dan tersedia di GitHub:

https://github.com/Bangkah/jadwal-shalat

Kontribusi sangat diterima.

Penutup

Linux memiliki ekosistem CLI yang sangat kuat, dan saya percaya tool kecil seperti ini bisa meningkatkan produktivitas pengguna terminal.

Jika kamu pengguna Arch Linux atau Linux secara umum, kamu bisa mencoba tool ini dan memberikan feedback.

Building Sentinel AI: A Cybersecurity CLI Powered by Copilot

Muhammad Dhiyaul Atha — Sat, 14 Feb 2026 17:30:38 +0000

From Copilot Experiment to Production-Ready CLI: Building Sentinel AI

Cybersecurity is no longer optional — every connected system is exposed to potential threats. While there are many enterprise-grade tools available, I wanted to understand how such tools work internally.

So I built my own.

Sentinel AI started as a small experiment using GitHub Copilot CLI. But through iteration, debugging, and production hardening, it evolved into a fully functional, production-ready cybersecurity CLI tool for Linux.

This article explains the journey — from idea to production.

The Idea

Modern systems constantly create network connections — many legitimate, some suspicious. Most users never see what is happening behind the scenes.

I wanted a tool that could:

Show active network connections
Identify suspicious behavior
Assign risk scores
Provide actionable summaries
Work directly from the terminal

It needed to be fast, simple, and transparent.

That’s how Sentinel AI was born.

How GitHub Copilot Accelerated Development

GitHub Copilot CLI significantly accelerated development by helping generate:

Modular Python code structure
CLI argument parsing using argparse
Risk classification logic
Error handling and logging
Clean and readable code patterns

Instead of spending hours writing boilerplate, I could focus on architecture and functionality.

Copilot acted as a coding assistant — not a replacement — helping me move faster while maintaining control over the system design.

Architecture Overview

Sentinel AI is built using a modular architecture:

Core components:

Network Scanner — collects active connections
Analyzer — evaluates connections and assigns risk scores
Reporting Engine — summarizes system risk level
CLI Interface — provides user interaction
Logging System — records activity and errors

Key technologies:

Python
psutil
colorama
argparse
autopep8
GitHub Actions (CI/CD)

This architecture ensures maintainability and extensibility.

Core Features

Sentinel AI provides several security-focused capabilities:

Network Scanning

Lists all active network connections with:

Protocol
Local address
Remote address
Process ID
Process name

Example:

sentinel-ai scan

Intelligent Risk Analysis

Each connection is analyzed and assigned:

Numeric risk score (0–100)
Risk level classification:
- LOW
- MEDIUM
- HIGH
Explanation of the risk

Example:

sentinel-ai analyze

Example output:

Proto  Local Address      Remote Address     PID   Process   Risk
TCP    192.168.1.10:54321 8.8.8.8:53        1234  python3   HIGH (87)

System Risk Report

Provides a system-level security overview:

sentinel-ai report

Output:

=== Sentinel AI CLI Security Report ===
Total connections: 12
External connections: 3
High risk: 1
Medium risk: 2
Low risk: 9
Overall system risk: HIGH (72/100)

This allows users to understand their system security posture instantly.

System Information

Displays system-level information:

sentinel-ai system

Includes:

OS
Kernel version
CPU
Memory
Hostname

Developer Utilities

Sentinel AI also includes developer-focused tools:

sentinel-ai debug file.py
sentinel-ai explain-code file.py
sentinel-ai improve-code file.py

These tools help developers analyze, debug, and improve Python code.

From Prototype to Production

What started as a simple script evolved into a production-grade CLI tool.

Key improvements included:

Modern Python Packaging

Sentinel AI uses:

pyproject.toml
Standardized project structure
Proper dependency management

CI/CD Pipeline

Using GitHub Actions, Sentinel AI now has automated:

Linting (PEP8 compliance)
Build validation
Test execution
Release safety checks

This ensures every update maintains production quality.

Trusted Publishing to PyPI

Sentinel AI uses secure Trusted Publishing, allowing automated and secure package releases.

This eliminates manual credential handling and improves release security.

Installation

Sentinel AI is available on PyPI.

Install using:

pip install sentinel-ai-cli

Run:

sentinel-ai report

And immediately see your system’s security overview.

Challenges and Lessons Learned

Building Sentinel AI taught me several important engineering lessons:

1. CI/CD Discipline

Fixing lint errors, formatting issues, and pipeline failures helped reinforce professional development practices.

2. Production Packaging

Using modern Python packaging standards improved maintainability and reliability.

3. CLI Design Principles

Designing a clean CLI interface requires careful planning to ensure usability and clarity.

4. Copilot as a Force Multiplier

Copilot accelerated development — but debugging and refinement required human understanding.

AI helped build faster, but engineering discipline made it production-ready.

Future Plans

Planned improvements include:

Arch Linux (AUR) package
Docker image
Real-time monitoring mode
Threat intelligence integration
Plugin system

Sentinel AI will continue evolving.

Open Source and Availability

GitHub Repository:
https://github.com/Bangkah/sentinel

PyPI Package:
https://pypi.org/project/sentinel-ai-cli/

Sentinel AI is fully open source and contributions are welcome.

Conclusion

Sentinel AI began as a simple experiment with GitHub Copilot CLI.

Through iteration, debugging, CI/CD integration, and proper packaging, it became a production-ready cybersecurity tool.

This project demonstrates how modern AI-assisted development, combined with engineering discipline, can accelerate the creation of real-world tools.

Sentinel AI is not just a project — it is a foundation for building more advanced security tools in the future.

Author

Muhammad Dhiyaul Atha
Computer Science Student & Open Source Developer

Saat Laptop Lama Menemukan Peran Barunya

Muhammad Dhiyaul Atha — Fri, 30 Jan 2026 18:11:37 +0000

Mengubah MacBook Pro 2012 Menjadi Server Pribadi (Eksperimen Pertamaku)

Ada satu MacBook Pro 2012 di hadapanku.
Bukan laptop utama, performanya juga jelas sudah tertinggal jauh dibanding mesin-mesin modern. Tapi justru dari situ muncul satu pertanyaan sederhana:

“Sejauh apa laptop lama ini masih bisa berguna?”

Pertanyaan itu akhirnya membawaku pada sebuah eksperimen kecil: mengubah MacBook Pro 2012 menjadi server pribadi, lalu mengontrolnya dari laptop utamaku menggunakan SSH.

Latar Belakang: Kenapa Laptop Lama?

Sebagai mahasiswa dan pembelajar di dunia software engineering, aku mulai sadar satu hal:
belajar server tidak cukup hanya dari teori.

Aku bisa membaca dokumentasi, menonton video, atau mengikuti tutorial, tapi tetap ada jarak antara “tahu” dan “pernah mengalami sendiri”.

Di sisi lain, aku punya:

MacBook Pro 2012 yang jarang dipakai
ketertarikan besar pada Linux
rasa penasaran tentang bagaimana server bekerja di dunia nyata

Daripada membiarkannya berdebu, aku memutuskan menjadikannya server eksperimen.

Pilihan Sistem: Arch Linux di Mesin Tua

Aku memilih Arch Linux untuk MacBook Pro 2012 ini.

Bukan karena paling mudah — justru sebaliknya.
Tapi karena aku ingin:

sistem yang ringan
kontrol penuh terhadap apa saja yang terpasang
dan pengalaman belajar yang “apa adanya”

Untuk laptop utamaku, aku menggunakan Acer Nitro V16 dengan Garuda Linux. Dari sinilah semua kontrol dilakukan.

Kendala: Tidak Semua Berjalan Mulus

Tentu saja, eksperimen ini tidak langsung berjalan mulus.

Beberapa kendala yang aku temui:

⚠️ Hardware lama: kipas cepat panas, performa terbatas
⚠️ Konfigurasi Arch Linux yang menuntut ketelitian
⚠️ Networking yang awalnya membingungkan (IP, service, firewall)
⚠️ SSH yang sempat gagal konek karena kesalahan kecil

Ada momen frustrasi, terutama saat:

“Kenapa sudah install SSH tapi tetap tidak bisa diakses?”

Namun justru di titik-titik inilah aku benar-benar belajar:
membaca log, memahami error, dan tidak asal copy–paste perintah.

Tujuan: Bukan Sekadar Bisa Remote

Tujuanku bukan hanya:

“bisa login SSH dari laptop lain”

Lebih dari itu, aku ingin:

memahami konsep server secara nyata
membiasakan diri mengelola sistem tanpa GUI
mensimulasikan workflow backend & DevOps sederhana
dan melatih kebiasaan bekerja secara remote

Server ini aku anggap sebagai laboratorium pribadi, tempat aman untuk salah dan belajar.

Progres: Saat SSH Akhirnya Berhasil

Momen paling memuaskan adalah saat dari Acer Nitro V16 aku menjalankan:

ssh atha@192.xxxx

Lalu…
terminal MacBook Pro 2012 muncul di layarku.

Tidak ada tampilan grafis.
Tidak ada mouse.
Hanya terminal — tapi rasanya seperti membuka pintu ke dunia baru.

Sekarang aku bisa:

mengelola server dari laptop utama
install service tanpa menyentuh fisik server
menjadikan MacBook lama sebagai mesin yang “hidup kembali”

Dari sini, rencananya akan berlanjut ke:

web server
API sederhana
hardening SSH
dan mungkin automasi kecil-kecilan

Penutup

Eksperimen ini mengajarkanku satu hal penting:

Belajar server tidak harus mahal.
Kadang, laptop lama dan rasa penasaran sudah cukup.

MacBook Pro 2012 yang dulu terasa usang, kini punya peran baru.
Bukan sebagai mesin utama, tapi sebagai guru diam-diam yang mengajarkanku tentang sistem, kesabaran, dan proses belajar yang sebenarnya.

Dan perjalanan ini… baru saja dimulai.

Membuat API CRUD di Laravel dengan Sanctum (Step by Step)

Muhammad Dhiyaul Atha — Sun, 11 Jan 2026 15:00:37 +0000

"Pernah nggak, frontend kamu butuh data dari backend Laravel, tapi API-nya belum aman? Di artikel ini, kamu akan belajar bikin API CRUD yang hanya bisa diakses user terautentikasi pakai Sanctum."

Kenapa Harus Pakai Sanctum untuk API CRUD?

Data lebih aman, hanya user login yang bisa akses
Cocok untuk SPA, mobile app, dan aplikasi modern
Mudah diintegrasikan dengan frontend (React, Vue, dsb)

Studi Kasus: API Artikel (CRUD + Auth)

Kita akan membuat API CRUD Artikel yang hanya bisa diakses user yang sudah login menggunakan Laravel Sanctum.

Step 1: Setup Project Laravel & Sanctum

composer create-project --prefer-dist laravel/laravel belajar-api
cd belajar-api
composer require laravel/sanctum
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
php artisan migrate

Tambahkan middleware Sanctum di app/Http/Kernel.php pada group api:

'api' => [
    \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
    'throttle:api',
    \Illuminate\Routing\Middleware\SubstituteBindings::class,
],

Step 2: Setup Model User & Artikel (Ownership Data)

User

Pastikan model User pakai trait HasApiTokens dan relasi ke artikel:

use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens, Notifiable;
    // ...

    public function articles() {
        return $this->hasMany(Article::class);
    }
}

Artikel

php artisan make:model Article -m

Edit migration:

public function up()
{
    Schema::create('articles', function (Blueprint $table) {
        $table->id();
        $table->string('title');
        $table->text('content');
        $table->foreignId('user_id')->constrained()->cascadeOnDelete();
        $table->timestamps();
    });
}

Jalankan migrasi:

php artisan migrate

Di model Article.php:

protected $fillable = ['title', 'content', 'user_id'];

public function user() {
    return $this->belongsTo(User::class);
}

Step 3: Auth Controller (Register, Login, Logout)

php artisan make:controller Api/AuthController

Contoh fungsi register, login, logout:

public function register(Request $request) {
    $validated = $request->validate([
        'name' => 'required',
        'email' => 'required|email|unique:users',
        'password' => 'required|min:6',
    ]);
    $user = User::create([
        'name' => $validated['name'],
        'email' => $validated['email'],
        'password' => bcrypt($validated['password']),
    ]);
    $token = $user->createToken('api-token')->plainTextToken;
    return response()->json(['user' => $user, 'token' => $token], 201);
}

public function login(Request $request) {
    $credentials = $request->only('email', 'password');
    if (!auth()->attempt($credentials)) {
        return response()->json(['message' => 'Unauthorized'], 401);
    }
    $user = auth()->user();
    $user->tokens()->delete();
    $token = $user->createToken('api-token')->plainTextToken;
    return response()->json(['user' => $user, 'token' => $token]);
}

public function logout(Request $request) {
    $request->user()->currentAccessToken()->delete();
    return response()->json(['message' => 'Logged out']);
}

Step 4: Article Controller (CRUD)

php artisan make:controller Api/ArticleController --resource

Contoh fungsi CRUD:

public function index() {
    return Article::all();
}


public function store(Request $request) {
    $validated = $request->validate([
        'title' => 'required',
        'content' => 'required',
    ]);
    // Ownership: artikel milik user login
    $article = $request->user()->articles()->create($validated);
    return response()->json($article, 201);
}

public function show(Request $request, $id) {
    $article = Article::findOrFail($id);
    // Authorization: hanya pemilik yang boleh akses
    if ($article->user_id !== $request->user()->id) {
        abort(403, 'Unauthorized');
    }
    return $article;
}

public function update(Request $request, $id) {
    $article = Article::findOrFail($id);
    if ($article->user_id !== $request->user()->id) {
        abort(403, 'Unauthorized');
    }
    $validated = $request->validate([
        'title' => 'required',
        'content' => 'required',
    ]);
    $article->update($validated);
    return response()->json($article);
}

public function destroy(Request $request, $id) {
    $article = Article::findOrFail($id);
    if ($article->user_id !== $request->user()->id) {
        abort(403, 'Unauthorized');
    }
    $article->delete();
    return response()->json(null, 204);
}

Step 5: Route API

Edit routes/api.php:

use App\Http\Controllers\Api\AuthController;
use App\Http\Controllers\Api\ArticleController;

Route::post('register', [AuthController::class, 'register']);
Route::post('login', [AuthController::class, 'login']);

Route::middleware('auth:sanctum')->group(function() {
    Route::post('logout', [AuthController::class, 'logout']);
    Route::apiResource('articles', ArticleController::class);
});

Step 6: Testing API CRUD dengan Postman

Method	Endpoint	Fungsi
GET	/api/articles	List semua artikel
POST	/api/articles	Simpan artikel baru
GET	/api/articles/{id}	Detail artikel
PUT	/api/articles/{id}	Update artikel
DELETE	/api/articles/{id}	Hapus artikel

Jangan lupa kirim token di header:

Authorization: Bearer {token}

Contoh Response JSON

{
    "id": 1,
    "title": "Belajar Laravel API",
    "content": "Laravel API itu powerful...",
    "user_id": 1,
    "created_at": "2026-01-11"
}

Kenapa API Ini Aman?

Dengan Sanctum + auth:sanctum, API ini tidak bisa diakses tanpa token. Setiap request divalidasi berdasarkan user yang login, dan hanya pemilik data yang bisa mengakses/mengubah artikelnya sendiri.

Kalau Mau Dipakai di Frontend

React: simpan token di localStorage, kirim di header Authorization setiap request
Axios: gunakan interceptor untuk otomatis attach token
Jangan expose token di public repo!

Error Handling & Status Code

201 Created: Data berhasil dibuat
200 OK: Data berhasil diambil/diupdate
204 No Content: Data dihapus
401 Unauthorized: Token salah/expired
404 Not Found: Data tidak ditemukan
422 Unprocessable Entity: Validasi gagal

Common Mistake Pemula

Lupa migrate/publish Sanctum
Lupa middleware auth:sanctum
Token tidak dikirim di header
Lupa set Accept: application/json
Salah endpoint (POST login, bukan GET)
Salah group route (harus di dalam middleware)

Next Step

API Resource (response lebih rapi)
Pagination & filtering
Role & permission
Testing dengan Thunder Client

🚀 Yuk Diskusi & Share!

Kalau kamu stuck di step tertentu, tulis di komentar ya! Share juga pengalaman kamu bikin API CRUD Laravel, atau request topik lanjutan (API Resource, pagination, dsb).

Referensi:

Laravel API Authentication dengan Sanctum

Muhammad Dhiyaul Atha — Sun, 11 Jan 2026 14:50:53 +0000

"Pernah nggak, API kamu bisa diakses siapa saja tanpa login? Atau frontend sudah jadi, tapi bingung gimana cara login ke backend Laravel? Di sinilah Laravel Sanctum jadi solusi autentikasi API yang simpel dan powerful."

Kenapa Perlu Autentikasi API?

Melindungi data dari akses sembarangan
Wajib untuk aplikasi SPA, mobile, dan public API
User harus login untuk akses data pribadi

Cara Kerja Sanctum (Token Based Auth)

Laravel Sanctum menggunakan token-based authentication. Artinya, setelah login, user akan mendapatkan token yang harus dikirim di setiap request API melalui header Authorization. Ini membuat API lebih aman dan mudah diintegrasikan dengan frontend atau mobile app.

Studi Kasus: API Artikel dengan Login

Di artikel ini, kita akan membuat API Artikel yang hanya bisa diakses user yang sudah login menggunakan Laravel Sanctum.

Step 1: Install Sanctum

composer require laravel/sanctum
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
php artisan migrate

Command ini akan menambahkan tabel personal_access_tokens yang digunakan untuk menyimpan token API user.

Tambahkan middleware Sanctum di app/Http/Kernel.php pada group api:

'api' => [
    \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
    'throttle:api',
    \Illuminate\Routing\Middleware\SubstituteBindings::class,
],

Step 2: Setup Model User

Pastikan model User pakai trait HasApiTokens:

use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens, Notifiable;
    // ...
}

Step 3: Membuat Endpoint Auth (Login, Register, Logout)

Buat controller misal AuthController:

php artisan make:controller Api/AuthController

Contoh fungsi register, login, dan logout:

public function register(Request $request) {
    $validated = $request->validate([
        'name' => 'required',
        'email' => 'required|email|unique:users',
        'password' => 'required|min:6',
    ]);
    $user = User::create([
        'name' => $validated['name'],
        'email' => $validated['email'],
        'password' => bcrypt($validated['password']),
    ]);
    $token = $user->createToken('api-token')->plainTextToken;
    return response()->json(['user' => $user, 'token' => $token], 201);
}


public function login(Request $request) {
    $credentials = $request->only('email', 'password');
    if (!auth()->attempt($credentials)) {
        return response()->json(['message' => 'Unauthorized'], 401);
    }
    $user = auth()->user();
    $user->tokens()->delete(); // hapus token lama, 1 user = 1 token aktif
    $token = $user->createToken('api-token')->plainTextToken;
    return response()->json(['user' => $user, 'token' => $token]);
}


public function logout(Request $request) {
    $request->user()->currentAccessToken()->delete();
    // Logout akan menghapus token aktif sehingga request berikutnya akan ditolak.
    return response()->json(['message' => 'Logged out']);
}

Step 4: Route API Auth & Proteksi Artikel

Edit routes/api.php:

Route::post('register', [AuthController::class, 'register']);
Route::post('login', [AuthController::class, 'login']);

Route::middleware('auth:sanctum')->group(function() {
    Route::post('logout', [AuthController::class, 'logout']);
    Route::apiResource('articles', ArticleController::class);
});

Step 5: Testing API Auth dengan Postman

Register

POST /api/register
Content-Type: application/json
{
  "name": "Atha",
  "email": "atha@mail.com",
  "password": "password123"
}

Login

POST /api/login
Content-Type: application/json
{
  "email": "atha@mail.com",
  "password": "password123"
}

Response:

{
  "user": { "id": 1, "name": "Atha", ... },
  "token": "1|longapitoken..."
}

Akses Artikel (dengan token)

Tambahkan header:

Authorization: Bearer 1|longapitoken...

GET /api/articles

Error Handling & Status Code

201 Created: Register sukses
200 OK: Login sukses, data diambil
401 Unauthorized: Token salah/expired
422 Unprocessable Entity: Validasi gagal

Common Mistake Pemula

Lupa publish/migrate Sanctum
Lupa tambahkan middleware auth:sanctum
Token tidak dikirim di header
Lupa set Accept: application/json
Salah endpoint (POST login, bukan GET)
Salah group route (harus di dalam middleware)

Next Step

Refresh token
Role/permission
API Resource
Testing dengan Thunder Client

🚀 Yuk Diskusi & Share!

Kalau kamu stuck di step tertentu, tulis di komentar ya! Share juga pengalaman kamu pakai Sanctum, atau request topik lanjutan (refresh token, role, dsb).

Referensi:

DEV Community: Muhammad Dhiyaul Atha

Step-by-Step Deployment Active Directory (AD DS) pada Windows Server 2025 via PowerShel

Environment Praktikum

Tahapan Konfigurasi

1. Identitas Server (Hostname)

2. Networking: Static IP & DNS Loopback

3. Instalasi Fitur AD DS

4. Membangun Forest Baru (Promosi Domain)

Verifikasi & Pengujian

5. Cek Login Otoritas

6. Resolusi Nama DNS

7. Status Layanan (Health Check)

Kesimpulan

Implementasi Kea DHCPv4 pada RHEL 10: Solusi Modern Pengelolaan Jaringan

1. Pendahuluan

2. Topologi & Skenario Jaringan

3. Konfigurasi Interface Server

4. Konfigurasi Kea DHCPv4

5. Keamanan & Aktivasi Service

6. Pengujian pada Client

7. Analisis Log & Database Lease

Kesimpulan

Setup Identity Management (FreeIPA) di RHEL 10: Fondasi Infrastruktur Server Terpusat

1. Environment Setup

2. The FQDN Rule: Don't Get Stuck!

3. Step-by-Step Installation

4. Troubleshooting: Belajar dari Kesalahan

5. Final Steps & Verification

I Built a Safety-First Workflow Layer for Pacman (ATHA)

What is ATHA?

Example

Why I Built This

Comparison

Installation

Links

💬 Feedback

My First Attempt at Building a Reasoning AI (ARC Prize 2026)

Getting Started

My First Approach (Baseline)

Code & Repository

First Submission (Kaggle)

Why Start Simple?

Why ARC is Hard

First Submission Result

Key Insight

What’s Next?

💡 Final Thoughts

[Boost]

My First Home Server Using a 12-Year-Old Laptop

My First Home Server Using a 12-Year-Old Laptop

When an Old Laptop Finds Its New Purpose

Turning a 2012 MacBook Pro into My First Personal Server

Why an Old Laptop?

System Choice: Arch Linux on Old Hardware

The Struggles: Nothing Worked Perfectly

The Goal: More Than Just Remote Access

The Breakthrough Moment

What I Can Do Now

Final Thoughts

Saya Membuat CLI Tool Jadwal Shalat dan Merilisnya ke Arch Linux AUR

Latar Belakang

Apa Itu jadwal-shalat?

Fitur Utama

Contoh Output

Instalasi via Arch Linux AUR

Instalasi Manual

Cara Kerja Tool Ini

Fokus pada Reliability

Integrasi dengan Arch Linux Packaging

Roadmap ke Depan

Kenapa Saya Membuat Project Ini?

Open Source dan Kontribusi

Penutup

Building Sentinel AI: A Cybersecurity CLI Powered by Copilot

From Copilot Experiment to Production-Ready CLI: Building Sentinel AI

The Idea

How GitHub Copilot Accelerated Development

Architecture Overview

Core Features

Network Scanning