DEV Community: David Dut

Hosting a vite project on cloud

David Dut — Wed, 15 Mar 2023 15:31:14 +0000

I recently discovered working with vite. vite is a build tool that makes development easy and faster by serving locally during development and bundle your javascript css and other assets together for production. So cool right?
From a react standpoint, I was used to:



npx create-react-app dut-project
cd dut-project
npm start

And your server is up and running.

After running the npx create-react-app dut-project, the build process(You need to be patient as this happens). The command generates 3 folders and 4 files i.e. node_modules, public and src folders with the files being .gitignore, package.json, README.md and package.lock.json. In this process,
Babel transforms the code by adding polyfills which makes your ES2015+ code work with older bowsers.
ESlint is a linter that scans your code against a set of rules and warns you if any rule is violated. There is a lot that happens that we won't delve much into.
The key features of using Create react app are:

It uses webpack and Babel to bundle the code, that is, the code needs to finish building step by step before you can make changes on the code.
Create react app provides room for customization especially beneficial when running larger and more complex projects.

Cloud Deployment
I am not going to mention how to do this on cpanel since it's pretty straightforward.
In this guide, my preffered cloud environment is linode.
I am assuming you have already linked your domain to linode

ssh into your server



ssh user@ip-address/domain

Once you are logged in, you can install all the required prerequisites like nginx/apache, nodejs, certbot and pm2. You can easily find guide on how to install each of the above mentioned. I preffer using nginx.

Modify your sites-available to indicate the directory linked to the domain and also where your pm2 logs are going to be accessible.
sudo vim /etc/nginx/sites-available/dutdavid.com

Paste the following and modify according to how you set up your environment



server {

        root /var/www/dutdavid.com/portfolio;
        index index.html index.htm index.nginx-debian.html;

        server_name dutdavid.com;
        access_log /var/log/nginx/nodeapp.log;
        error_log  /var/log/nginx/nodeapp-error.log error;

        location / {
        proxy_pass http://x.x.x.x:xxxx; //indicate IP and port 
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        }

Save and test if the changes you made are 'accepted' by nginx
sudo nginx -t
Restart nginx
sudo systemctl restart nginx
The next step would be to install certbot to enable ssl on your domain
sudo certbot --nginx -d dutdavid.com

That is mandatory process for deploying any static project on linode
Now to make a react project visible on that domain, we will need pm2
Assuming you have already installed pm2,
create ecosystem.config.js file
you can also initialize it. It should look like this



module.exports = {
  apps : [{
    name :"portfolio",
    script : "npm start",
    error_file : "./pm2-error.log",
    out_file : "./pm2-out.log",
  }]
}

To get it started, you simply run
pm2 start ecosystem.config.js

These are other commands you can use on pm2



pm2 logs //view logs
pm2 dlush // clear logs
pm2 startup ubuntu // keep pm2 running even on reboot
pm2 kill // kill pm2 instance

You can now access your website using your domain

Now Lets talk about Vite
LiKe I mentioned before, vite is a js build tool that simplifies the way we build front-end web applications. Other tools to do this include webpack that we mentioned above when using create react app. Using webpacks can be slow as it adds more code dependencies. Vite is lightweight development server that is built on top of the native ES modules feature of modern browsers.
It's designed to be fast, simple and easy to use.

Creating and Running Vite Project
To create a vite project, you simply need to create a folder eg .viteproject
cd into viteproject then:



npm create vite@latest
npm install
npm run dev

follow the prompts and the project will be created with the default files and folders

The main key features of vite include :

Vite does not require many configuration or setup and can be used with any framework as seen when creating a vite project, you have the option to choose which framework to use.
Vite is faster than create react app as it uses the Native ES modules feature of modern browsers eliminating the need for webpack and Babel.
Has HMR(Hot module Replacement) feature which enables you to make code changes instanly without losing the state of the application.

Deployment on cloud
Deploying Vite on cloud is straightforward. Initially I struggled with this because I assumed I'd just use pm2 and everything will just be fine. It did not work 😂. Word of advice, read code documentation. It's not like user manual which we all avoid reading, and assume we'll figure it out along the way.
Anyway, the process is quite simple.
Inside the project folder run:
npm run build
This should create a dist folder with all the necessary files and folders bundled into a lightweight folder which you can point at in the sites-available configuration file

The dist folder is what will be rendered.
Access your domain https://dutdavid.com and you should see your site.

In conclusion, both build tools provide a development environment with unique features for development. There are key differences and it's all based on your preferences. Inshort Whatever floats your boat.

wazuh agent as a docker image

David Dut — Tue, 24 Jan 2023 12:54:09 +0000

one problem I have faced is having different SIEMS monitoring one host device for instance you need different logs from one endpoint device. Having all the agents running on that device could lead to resource contention and potential conflicts. One way around this is have one agent run as a docker container and map the host directories to the docker container directories. In this guide I will be running the wazuh agent in a docker container. For Demo purposes. Both the wazuh manager are deployed in local VM.

PREREQUISITES
I am assuming you already have your wazuh manager running and ready to connect to the agent.

PROCEDURE
In this guide, my wazuh manager is using the IP address 10.0.2.16 while the agent IP is agent47: 10.0.2.15

First step is to install docker on the agent

sudo apt update
sudo apt install apt-transport-https curl gnupg-agent ca-certificates software-properties-common -y
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
sudo apt install docker-ce docker-ce-cli containerd.io -y
sudo usermod -aG docker $USER
newgrp docker

check the docker version
docker version
Ensure docker is running
sudo systemctl status docker

If docker is not running for some reason, run the following commands.

sudo systemctl start docker
sudo systemctl enable docker
sudo systemctl restart docker

Now that docker is installed. The next step is to get the image from docker hub.
One of the challenges I faced was getting the right image. I tried working with noenv but for some reason could not make it work. Shout out to fajarhide for deploying the centos image that worked for me. To pull the image:
docker pull fajarhide/wazuh-agent
To check the image pulled:
docker images -a

Running the docker image
Now this is the part that got me scratching my head the most.
How well your image will run is determined by the tags you use in this one command

docker run --network host --env WAZUH_MANAGER_IP='10.0.2.16' -e WAZUH_MANAGER_PORT=1514 -e WAZUH_REGISTRATION_PASSWORD=admin --add-host=agent47:'10.0.2.15' --name wazuh-agent -v /var/log/syslog:/var/log/syslog -v /var/log/auth.log:/var/log/auth.log -v /var/log/dpkg.log:/var/log/dpkg.log -v /var/run/docker.sock:/var/run/docker.sock:ro -v /etc/localtime:/etc/localtime:ro -v /etc/timezone:/etc/timezone:ro fajarhide/wazuh-agent

--network host this line will enable the image to take the current network interface being used by your device
-v tag this tag is very important. it's used to map various directories you want to scan from to the directories in the docker image.

check that the docker image is running
docker ps -a

When you navigate to agents tag of your wazuh manager, you'll see that your agent is connected.

The final step is to configure ossec.conf to scan varies directories. You can add as many configurations as you want based on what you want to scan i.e vulnerabilities, file integrity etc.
To access the image, you'll need the image ID shown above

docker exec -it b031b69b5364 /bin/bash
You will need to install an editor either vim or nano depending on which works best for you.

yum update -y
yum install vim
yum install nano

vim /var/ossec/etc/ossec.conf
edit the ossec.conf file and configure it according to your needs.
This is the minimal configurations I used

<ossec_config>
  <client>
    <server>
      <address>10.0.2.16</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>centos, centos7, centos7.9</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

  <client_buffer>
    <!-- Agent buffer options -->
    <disabled>no</disabled>
    <queue_size>5000</queue_size>
    <events_per_second>500</events_per_second>
  </client_buffer>
<!-- Policy monitoring -->
<rootcheck>
    <disabled>no</disabled>
    <check_files>yes</check_files>
    <check_trojans>yes</check_trojans>
    <check_dev>yes</check_dev>
    <check_sys>yes</check_sys>
    <check_pids>yes</check_pids>
    <check_ports>yes</check_ports>
    <check_if>yes</check_if>

  <!-- Frequency that rootcheck is executed - every 12 hours -->
  <frequency>43200</frequency>

  <rootkit_files>etc/shared/rootkit_files.txt</rootkit_files>
  <rootkit_trojans>etc/shared/rootkit_trojans.txt</rootkit_trojans>

  <skip_nfs>yes</skip_nfs>
</rootcheck>
<syscheck>
   <directories check_all="yes" realtime="yes">/home/dut</directories>
</syscheck>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/ossec/logs/active-responses.log</location>
  </localfile>

  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/auth.log</location>
  </localfile>

  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/syslog</location>
  </localfile>

  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/dpkg.log</location>
  </localfile>
<global>
<fim_daemon>yes</fim_daemon>
</global>
<sca>
    <enabled>yes</enabled>
    <scan_on_start>yes</scan_on_start>
    <interval>12h</interval>
    <skip_nfs>yes</skip_nfs>
</sca>
<wodle name="syscollector">
   <disabled>no</disabled>
   <interval>1h</interval>
   <os>yes</os>
   <packages>yes</packages>
   <hotfixes>yes</hotfixes>
</wodle>
</ossec_config>

I'm assuming you already know how to work with the ossec.conf file

Save and exit the editor

Exit and restart the container

Now your wazuh manager should be able to show the various security events.

Load Balancing with Golang

David Dut — Mon, 19 Sep 2022 11:29:43 +0000

Load balancing is the process of efficiently distributing incoming network traffic across a group of backend servers.
In an instance where there are constant requests from users mostly common with banking systems etc, having a traffic ‘cop’ in between the user requests goes a long way to efficiently maximize the requests to maximize on speed and capacity utilization to ensure no server is overworked. If one server goes down, the load balancer redirects traffic to the remaining online servers.

In the above instance, when a user makes a request, it goes through the load balancer to determine which server is available.
A reverse proxy is required in this as well for security. We are using the http util package to create the reverse proxy. The reverse proxy redirects the request while hiding the address of the server

type simpleServer struct {
    addr  string
    proxy *httputil.ReverseProxy
}

func newSimpleServer(addr string) *simpleServer {
    serverUrl, err := url.Parse(addr)
    handleErr(err)

    return &simpleServer{
        addr:  addr,
        proxy: httputil.NewSingleHostReverseProxy(serverUrl),
    }
}

The loadbalancer will be implemented as a struct with a port, server and roundrobincount to check between the alive servers.

type LoadBalancer struct {
    port            string
    roundRobinCount int
    servers         []Server
}

func NewLoadBalancer(port string, servers []Server) *LoadBalancer {
    return &LoadBalancer{
        port:            port,
        roundRobinCount: 0,
        servers:         servers,
    }
}

We also create a function to create a new loadbalancer and server based on the struct.

We have 2 methods
isAlive method checks if the server is up or not and
Get address method to get address of the server

func (s *simpleServer) Address() string { return s.addr }

func (s *simpleServer) IsAlive() bool { return true }

An overview of this;

We have a main function which creates a server list and calls the server proxy function to get the next available server. Thus checks if the server is alive through roundrobin