DEV Community: Rehmat Alam

I built a random online secret generator in less than 30 minutes using AI

Rehmat Alam — Sat, 17 Jan 2026 11:23:51 +0000

As a programmer, I have dozens of options for generating app secrets for my web apps, but most of the time I end up searching Google for an online secrets generator. Moreover, despite Chrome's built-in password generator, I frequently use online random password generators. This made me think this might be a global problem for developers (and non-developers), and I tried spending some time building a secure, usable tool for it.

With Vercel's V0 AI coding app, I built this random secrets and random password generator app in under 30 minutes. I have deployed it here, and the code is open source on GitHub for other developers to use.

Over the last couple of years, AI has improved dramatically in solving challenges, and coding is one of the most served niches. In another (upcoming) post, I'll discuss how AI has replaced my front-end developers and what my experience has been so far using AI as a companion tool when building web apps. Happy coding!

I created GoalHappy, the simplest task manager for developers

Rehmat Alam — Wed, 03 Dec 2025 14:46:24 +0000

As a developer, I frequently need to quickly track a list of tasks, and most of the time, I don't need the full-featured project management capabilities of solutions like Basecamp, Notion, Todoist, and others. I tried almost every tool, from Apple Reminders to Basecamp, but I either failed to manage my tasks properly or the features and complexity of the bigger tools overwhelmed me. To solve this, I created GoalHappy, a simple task manager app.

Features

No login required, start managing your tasks right away
If you need cloud sync, create a free account and get 50 tasks synced for free
PWA - Use cross-device (offline), and get your tasks synced when online
If you need to manage a lot of tasks and lists, and also want to share the lists for collaborative work, the paid version is just $2 per month or $18 per year

I believe that, as a developer, you will love GoalHappy. Everyone reading this post can use the coupon code DEVFRIENDS to get 100% off the pro version of GoalHappy for 1 year. The coupon code is valid for a limited time. Looking forward to constructive feedback from fellow developers.

Protecting Kong API gateway using Let's Encrypt

Rehmat Alam — Thu, 09 Sep 2021 08:01:13 +0000

For the last several months, I am using the awesome Kong API gateway to monitor, protect, and scale our microservices. So far, I am learning something new and amazing about this powerful API gateway each day. Previously, I used the certbot's standalone authentication method to retrieve SSL certificates for the gateway but that resulted in renewal problems as Kong service itself needed to be stopped in order to get an SSL certificate renewed.

Today, I tried a different approach. As Kong uses NGINX, I succeeded in obtaining SSL certificates for our API gateway by writing some custom NGINX conf.

First of all, I got started by editing /etc/kong/kong.conf file. The file looked like this after I edited and saved it:

pg_user = kong
pg_password = mydbpass
proxy_listen = 0.0.0.0:80 reuseport backlog=16384, 0.0.0.0:443 http2 ssl reuseport backlog=16384
nginx_http_include = /etc/kong/nginx.conf

You will notice above that I have instructed Kong to included a custom NGINX conf file. After that, I created the NGINX conf file at /etc/kong/nginx.conf with the following content:

server {
    listen  80;
    server_name     api.myservice.tld;
    server_tokens   off;

    root /var/certbot/web;

    location /.well-known {
        try_files $uri $uri/ =404;
    }

    location / {
        return 301 https://$host$request_uri;
    }
}

What does the above NGINX conf do? It routes the HTTP requests to a custom path that I have mentioned and that we will create below, and if the path doesn't match, it redirects the requests to HTTPs.

When we request an SSL certificate from Let's Encrypt using certbot, there are several authentication methods that certbot supports in order to verify the ownership of the domain. The HTTP method that's most common uses a webroot to store some authentication files in and then Let's Encrypt server looks for those files over the domain. The above NGINX configuration allows Let's Encrypt to access the verification content over HTTP and if the path isn't for ACME verification, it redirects to HTTPs.

As I have specified the root path in above NGINX conf, I needed to create the directory as well:

mkdir /var/certbot/web

And restart Kong:

service kong restart

We are almost ready. Now before attempting to obtain an SSL certificate, we need to ensure a couple of things:

Our domain is pointed to our server and is not forcing an HTTPs redirect from a CDN end, i.e. Cloudflare
Certbot is installed

If certbot isn't installed, it can be installed using snap on Ubuntu:

snap install certbot --classic

That's it. Now we are ready. Now we have to run certbot in certonly mode:

certbot certonly

And choose the webroot method when prompted. Provide your domain name that you are using with Kong and that you have added in the custom NGINX conf above, provide the webroot path, i.e. /var/certbot/web/ and press enter. If all goes well, you will be presented with a success message and the paths of the cert files will be mentioned.

Copy the paths of the cert files and once again edit the Kong conf file located at /etc/kong/kong.conf. Add these two lines to the Kong conf file:

ssl_cert = /etc/letsencrypt/live/api.myservice.tld/fullchain.pem
ssl_cert_key = /etc/letsencrypt/live/api.myservice.tld/privkey.pem

Ensure that you are providing the correct SSL file paths. After editing the Kong conf file, it should look something like this:

pg_user = kong
pg_password = mydbpass
proxy_listen = 0.0.0.0:80 reuseport backlog=16384, 0.0.0.0:443 http2 ssl reuseport backlog=16384
ssl_cert = /etc/letsencrypt/live/api.myservice.tld/fullchain.pem
ssl_cert_key = /etc/letsencrypt/live/api.myservice.tld/privkey.pem
nginx_http_include = /etc/kong/nginx.conf

Restart Kong:

service kong restart

And now your Kong installation should be served over HTTPs. The good news is that now you don't need to worry about the SSL renewals as they will not fail even if Kong service is up and using port 80.

I found this to be an easy and elegant way to secure a Kong installation using free SSL certificates from Let's Encrypt. Do you know any better way to do this? Leave a comment and I'll give it a try :)

Google Search (aka. Google SERPs) JSON API

Rehmat Alam — Sun, 28 Jun 2020 08:22:48 +0000

Data mining is a hard job and it gets harder when you are supposed to deal with giants like Google. A couple of years ago, I needed to deal with Google SERPs data and I searched for available options. I found a couple of web services as well as open-source code to get Google SERPs data but each solution had its own limitations.

I found a couple of services to be reliable but they were costly. Some were affordable but I had to wait for several minutes before they returned me a result. And there, I started my research.

I opted for Python as the programming language and thanks to several other tools that I used, I was able to build a solution. My web service is https://serpsbot.com and now it is in full production mode. You can use it to consume Google SERPs data for any purpose.

To cover the server costs, I'm charging $0.001 per API call there. For high-volume customers, the price can be reduced down to $0.0005 per API call.

How to get Google SERPs?

You can get Google SERP results as JSON data. Here is an example of usage for the awesome Python. Please beware that you need to create an account and get your API key at our website SerpsBot first.

import requests

# Your API key
apikey = 'your-api-key-here'
headers = {
  'Authorization': 'Bearer {}'.format(apikey)
}

payload = {
  'q': 'programming',
  'pages': 2,
  'hl': 'en-US',
  'gl': 'us'
}

res = requests.get('https://serpsbot.com/api/v1/google-serps/', headers=headers, params=payload)

# JSON data
res.json()

How to build a custom site search engine?

Using our API service, you can build a search engine for your website. As we support all Google search filters, you can pass in your website URL using site: filter and only results for your provided URL will be returned.

import requests

# Your API key
apikey = 'your-api-key-here'
headers = {
  'Authorization': 'Bearer {}'.format(apikey)
}

payload = {
  'q': 'python site:dev.to',
  'pages': 2,
  'hl': 'en-US',
  'gl': 'us'
}

res = requests.get('https://serpsbot.com/api/v1/google-serps/', headers=headers, params=payload)

# JSON data
res.json()

Possibilities are limitless. You can use any programming language to consume data from our API endpoint and you can build your next tool that consumes data from our API. If you have any questions, you can ask me in the comments.

p.s. I'll publish the website source at GitHub in the upcoming months.

20 Goals Developers Should Set for 2020

Rehmat Alam — Sat, 04 Jan 2020 13:39:54 +0000

In my opinion, developers are the busiest creatures on the earth, but this lifestyle results in a lot of negativities in their life. To ensure that we live a healthy life as well as to keep our social circle active, we should try to keep a balance in our routine. I have copied a set of 20 goals below that should help a developer (or any other person with an imbalanced routine) live a happier and healthier life in 2020 and onward.

These goals are obtained from a religious source but they should help all people regardless of their believes.

#1. Be kind

Even a small act of kindness can make all the difference in someone's life.

#2. Meditate

Whether as a part of your faith, or just as a means to disconnect from the world for a few moments, meditation is known to help improve the body, mind and soul.

#3. Spend time with elderly

Speak to them, learn from them, and look after them. They have a lifetime of experiences to share.

#4. Help the less fortunate

Generosity to others, no matter who they are or where they come from, is a key pillar of Islam (and many other religions).

#5. Volunteer

Whether you give your time, knowledge, or resources, each one of us can do so much to help the societies we live in.

#6. Embrace differences

Spend time learning about people that are different than you. Encouraging pluralism starts with you.

#7. Spend time with loved ones

Let's not take our family and friends for granted. Spend quality time with those who are dearest and help keep your circles united.

#8. Make healthy choices

Making your health and wellbeing a priority is important not only for you, but also for those around you.

#9. Stay active

Doctors recommend at least 150 minutes per week of moderate-intensity aerobic activity or 75 minutes per week of vigorous aerobic activity, or a combination of both, preferably spread throughout the week.

#10. Learn a new skill

Whether related to your job or otherwise, keeping yourself current, regardless of your age, is important.

#11. Set career goals

Knowing your destination is the first step to get there.

#12. Read a new book

Reading is a fantastic pastime that helps to develop vocabulary and critical thinking skills, no matter your age.

#13. Stay current on world affairs

Understand not only what's happening in your local community, but also in other countries around the world.

#14. Make a new friend

Good friendships last a lifetime and can enrich our lives, so invest the time in making a new friend or reconnecting with old ones.

#15. Invest in education

From early childhood through to post-secondary, education is paramount and will determine the future of our youth and community. Young or old, as students or mentors, we should all invest more in education for ourselves and our children.

#16. Protect the environment

As the Qur'an says, all that is on this earth has been entrusted to us to look after. Each generation must leave for its successors a wholesome and sustainable social and physical environment.

#17. Use technology responsibly

Be mindful of how you are using electronics such as smartphones and laptops, how you are sharing your data, as well as the frequency of usage.

#18. Be happy

Happiness is a state of mind. And don't forget that happiness is contagious!

#19. Be grateful

We all have things to be thankful for. Let's take the time to remember them and those that have helped us along the way.

#20. Celebrate your success

Working hard and achieving your goals deserves to be celebrated.

You may share your thoughts on points that you liked the most and the ones that you didn't like or you don't want to apply in your life.

Managing a ServerPilot Server over Command-line Interface

Rehmat Alam — Thu, 02 Jan 2020 10:02:25 +0000

When it comes to server management tools, ServerPilot is my favourite option. I stopped using cPanel almost 4 years ago and switched to ServerPilot. Since then, I'm loving it.

ServerPilot offers a minimalist web UI where you can manage your web apps, databases and other related stuff. But recently, I felt the need of a CLI program to manage a ServerPilot-provisioned server as I love CLI to manage servers. So to achieve that goal, I've written a Python package called SPSuite that you can use in order to manage a server that you have provisioned using ServerPilot.

How to Install SPSuite?

The package is available at GitHub at this URL. You can install it from the source code or you can use PIP to install from PyPi repository directly.

To install using PIP, execute the following command in your terminal after signing into your ServerPilot-provisioned server as root:

pip3 install spsuite

Once the package is installed, a command spsuite will become available to you. Type spsuite -h to see all available commands. Here is the list of sub-commands currently available on spsuite:

Sub-command	Details
listsysusers	Show all SSH users existing on this server.
createsysuser	Create a new SSH user.
listapps	Show all existing apps.
createapp	Create a new app.
updatedomains	Update an apps' domains and recreate vhost files.
changephp	Change PHP version of an app.
changephpall	Change PHP version for all apps.
deleteapp	Delete an app permanently.
delallapps	Delete all apps permanently.
listdbusers	Show all existing database users.
createsqluser	Create a new MySQL user.
updatesqlpassword	Update any MySQL user's password.
dropuser	Drop a MySQL user.
dropallsqlusers	Drop all MySQL users except system users (root, sp-admin, debian-sys-maint, mysql.session, mysql.sys).
listdbs	Show all existing databases.
createdb	Create a new MySQL database.
dropdb	Drop a MySQL database.
dropalldbs	Drop all databases except system databases (information_schema, mysql, performance_schema, sys).
getcert	Get letsencrypt cert for an app.
getcerts	Get letsencrypt certs for all apps.
removecert	Uninstall SSL cert from an app.
removecerts	Uninstall SSL certs for all apps.
forcessl	Force SSL certificate for an app.
unforcessl	Unforce SSL certificate for an app.
forceall	Force HTTPs for all apps.
unforceall	Unforce HTTPs for all apps.
denyunknown	Deny requests from unknown domains.
allowunknown	Allow requests from unknown domains.

Example:

To create a new web app, execute this command:

spsuite createapp --name myapp --user rehmat --domains mysite.example,www.mysite.example

Above command will create a ServerPilot app with name myapp under the SSH user rehmat with domains mysite.example and www.mysite.example. If the SSH user doesn't exist, it will be created first. Latest PHP version will be used. If you need to use a specific PHP version for the web app, you can pass the version with --php flag.

Things to Remember

Please note that this tool doesn't rely on ServerPilot in order to manage a server once it's provisioned. As it works independently, the web apps, databases, SSH users and other data doesn't get stored in ServerPilot servers thus the data created using this app is not available in your ServerPilot web UI.

You can even delete your server from ServerPilot after it's initial configuration and spsuite will let you manage your server. This way, you can use ServerPilot to provision your server securely and then you can delete the server from ServerPilot and use spsuite onward to avoid ServerPilot recurring fee. But I don't recommend that. I have written this utility to allow users to manage their ServerPilot servers over CLI and my intention is not to offer the users a way to bypass ServerPilot fee.

If you face any issues while using this package, you can ask me in comments and I'll be glad to help. Moreover, don't forget to star my GitHub repository if you found this tool helpful.