DEV Community: Given Ncube

Why You Shouldn't Hire Me

Given Ncube — Tue, 20 Jan 2026 19:37:59 +0000

Let me be completely honest with you. I'm about to tell you exactly why you shouldn't hire me as a software engineer.

Unless, of course, you actually want software that works.

Look, I get it. You're probably looking for someone who can seamlessly blend into your existing team culture of shipping fast, moving faster, and asking questions never. Someone who won't rock the boat. Someone who treats "it works on my machine" as a valid deployment strategy.

That's not me. And here's why you should probably keep scrolling past my resume.

I Write Hand-Artisanal Code

While your other candidates are churning out code like a factory farm produces chicken nuggets, I'm over here hand-crafting each function like the fate of the multiverse depends on it.

I know, I know. It's 2026. We're supposed to be using AI to generate code faster than we can say "technical debt." But here I am, actually thinking about variable names. Writing comments that explain not just what the code does, but why it exists. Structuring things so that when some poor soul opens this file at 2 AM in three years, they don't immediately start updating their LinkedIn profile.

My code comes with a warning label: May actually be readable by humans. It might even, brace yourself, stand the test of time.

Now, I understand this is deeply suspicious in an industry where "legacy code" means "anything written last quarter." But I can't help myself. I was raised to believe that code should be a love letter to your future self, not a passive-aggressive sticky note that just says "good luck lol."

I have strong opinions

Here's the thing that really makes me unemployable: software has become terrible in recent years, and I aim to rectify that one line of code at a time.

Remember when apps didn't require 8GB of RAM just to display a to-do list? Remember when updates actually fixed things instead of breaking three unrelated features? Remember when software loaded in less time than it takes to brew coffee?

I do. And I can't forget it.

I'm on a personal crusade to make software that doesn't suck. Is this quixotic? Absolutely. Is it marketable? Questionable. Will I bore you at the team lunch with rants about how Slack shouldn't use more memory than Photoshop? Definitely.

If I can only make one piece of software great and bug-free, like they used to do back in the 90s when Netscape Navigator was considered cutting-edge technology and software shipped on physical disks so you had to get it right, it won't be curing cancer, It probably won't even be that interesting. But I'd rest knowing I made a difference to the world. Somewhere, someone will open an application I worked on, it will launch in under two seconds, and they will experience a brief moment of joy in our dystopian hellscape of spinning loading wheels.

This makes me dangerously passionate about my work. I might actually suggest we fix bugs instead of marking them as "won't fix" or "works as intended." I could potentially recommend we spend an extra day making something robust instead of shipping it and dealing with the consequences when it inevitably crashes in production during the Super Bowl.

Revolutionary, I know.

I'm Actually Competent (In This Economy?)

Now that everyone is chasing abstraction layers like they're Pokémon cards, I've become that weird person who's actually competent at the fundamentals.

I learned to code before "vibe coding" was a thing. Before you could just describe what you wanted to ChatGPT and pray. I actually understand what's happening beneath the seventeen layers of frameworks, abstractions, and middleware that modern development has become.

Can I write a for-loop without Googling the syntax? Yes, and I'm not afraid to admit it.

Do I know what a pointer is? Disturbingly, yes.

Can I debug an issue without immediately opening a new tab to ask an AI what's wrong? I mean, I'll eventually ask the AI, but I'll at least try to figure it out first like some kind of cave person.

I realize this makes me sound like I'm a thousand years old and about to start a sentence with "back in my day." But here's the truth: understanding the fundamentals means I actually know why something isn't working, not just that it isn't working. It means when someone suggests adding another framework to our already-tottering Jenga tower of dependencies, I might, and I'm sorry in advance, ask if we really need it.

I know. Awkward.

I Believe In Testing (The Audacity)

I write tests. Not because someone makes me. Not because it's in the ticket. But because I have this wild idea that code should do what we think it does.

Automated tests. Unit tests. Integration tests. The whole embarrassing suite.

"But the code is self-documenting!" you cry. Cool. The tests are self-validating. We can both be right.

I Actually Read Documentation

For fun. I know that makes me sound like a serial killer, but it's true.

I read release notes. I peruse changelogs. I have opinions about semantic versioning. When a library updates, I don't just blindly upgrade and hope for the best—I actually check what changed.

I'm basically a liability at this point.

I Will Actually Clean Up The Vibe Slop Your Team Has Been Churning Out

Let's address the elephant in the room: that codebase you've been building for the last four years.

You know the one. The "we'll clean it up later" one. The "it was a hackathon project that somehow became production" one. The one where every file starts with // TODO: refactor this and ends with // I'm so sorry.

The codebase where half the functions are named doTheThingV2Final_actuallyFinal_USE_THIS_ONE().

I'm not here to judge. Well, okay, I'm a little here to judge. But mostly I'm here to fix it.

Because here's what happened: for the last four years, your team has been vibing. They've been in the flow state. They've been shipping features faster than you can say "technical debt." And bless their hearts, they've created what can only be described as "vibe slop"—code that works (mostly) but reads like it was written by a random word generator having a fever dream.

I get it. Deadlines were tight. The CEO wanted that feature yesterday. "We'll refactor it later" seemed like a reasonable compromise at 11 PM on a Thursday.

But now "later" is here, and that code is still there, lurking in your repository like a cursed artifact that no one wants to touch.

Here's my pitch: I will roll up my sleeves and venture into that haunted codebase. I will decipher the variable names that seem to be inside jokes from 2021. I will untangle the functions that are 800 lines long because "it's all related, technically." I will find out what utilsHelperFinalV3.ts actually does (spoiler: probably way too much).

And then, and this is the dangerous part, I will clean it up.

Not a full rewrite. I'm not a monster. But a steady, methodical campaign of making things better. Extracting functions. Adding types. Writing those tests that everyone agreed were important but nobody had time for. Removing the commented-out code from 2022 that's been sitting there "just in case."

Will this make me popular? Probably not. Will I have to have awkward conversations about why we have three different date formatting utilities? Absolutely. Will someone say "but it works fine, why change it?" every single standup? You bet.

But six months from now, when a new feature takes days instead of weeks because the code is actually maintainable, when bugs stop appearing in "completely unrelated" parts of the system, when new hires don't immediately start looking for new jobs, you'll thank me.

Or you'll fire me. It's really a coin flip.

I Think "Move Fast and Break Things" Should Only Apply to Your Fitness Routine

Look, I appreciate the hustle culture as much as the next anxiety-ridden millennial. But maybe—and hear me out—we could move at a reasonable pace and break fewer things?

I know this makes me sound like a dinosaur. Next I'll be suggesting we have meetings about meetings and require three levels of approval to change a button color. But there's a middle ground between "cowboy coding directly to production" and "six-month approval process for a typo fix."

That middle ground is called "having literally any process at all," and I'm a big fan.

So Here's The Deal

If you've made it this far and you're thinking "this person sounds insufferable," you're probably right. We wouldn't be a good fit.

But if you're tired of software that crashes more often than it runs, if you've ever stayed up at night wondering why a simple app needs permission to access your contacts and your firstborn child, if you've ever whispered to yourself "there has to be a better way"—then maybe, just maybe, my particular brand of insufferable is exactly what you need.

I'm not promising to revolutionize your codebase overnight. I'm not claiming to be a 10x engineer (though I am definitely a 1x engineer, which in this market might actually be impressive). I won't rewrite everything in Rust or suggest we migrate to microservices for your blog.

What I will do is write code that works. Code that's maintainable. Code that won't make the next developer curse your name and mine. Code that might—if we're very lucky—still be running in five years without requiring a full-time archaeologist to maintain it.

I'll make software a little less terrible, one semicolon at a time.

And if that sounds like a problem to you, well, there are plenty of other candidates out there who are perfectly happy shipping fast and apologizing later.

But if you want to build something that actually lasts?

Let's talk. given@flixtechs.co.zw

P.S. — Yes, I know semicolons are optional in some languages. That's not the point. The point is I care about the details. See? Already insufferable.

Deploying Rails Apps to a Caprover Instance

Given Ncube — Tue, 08 Oct 2024 12:43:45 +0000

A few days ago I wrote an article on deploying rails apps with nginx + puma + mina. Some people in the comments suggested I try Caprover, Dokku and other open source PaaS software. Dokku didn’t cut it for me, it’s a good piece of software it just wasn’t for me.

I’m aware of kamal and it’s also a great piece of software especially since it’s a first class rails citizen, however as always competition can’t hurt. (I also didn’t like how kamal is full of configuration) I mean, rails at it’s core is convention over configuration and kamal in it’s current state is the opposite of that, which I totally understand it’s only on version 2 and writing software takes a lot of work.

Getting Caprover

Back to this article, the first thing you need is to have caprover installed on your vps/server. If you don’t have one, I recommend getting one from Hertzner. After login and setting up your ssh and firewall, we now move to install caprover

Caprover uses docker to deploy apps and caprover itself runs on docker, our first dependency is docker

Follow instructions on this link to install docker

https://docs.docker.com/engine/install/debian/ I prefer to use debian for server, you can select your target OS from the left sidebar

After docker is fully installed, install caprover by following instructions on this link

https://caprover.com/docs/get-started.html

Database Setup

After finishing all the caprover setup it’s time to install our databases. I prefer to use mysql, some of you prefer postgres

Visit your caprover captain dashboard, navigate to apps and click on “one click install” apps

On the next page search for “mariadb”

Select mariadb and set the parameter slike name, root password etc

When you’re done editing click deploy.

Next set allow this database to be accessible from the host machine on port 3306 or whatever port postgres uses. This allows you to login to the database shell as root to create users, databases etc, from the host machine

Select the newly created database app and go to app configs and add port mappings

Setting up database users

This part is entirely up to you, this how I did it when I was deploying Pulse on caprover

SSH to your host machine and connect to the database using the root password you created in the previous step

Create a database user, eg, rails, do not include hostname

Grant that user permissions on all %_% databases which follows the format of database names created by rails eg, for pulse it will be pulse_production

After this you’re done with the server, it’s time to deploy your rails app

Deploy rails apps

In the caprover dash, create an app, tick the “has persistance” flag

After creating go to apps config and add env variables, I prefer to use rails credentials,

Add the RAILS_MASTER_KEY variable with the value from your config/master.key or config/credentials/production.key. If you’re using credentials instead of env vars this is everything

If you’re using active storage with local driver, add persistent path mapping to map the storage directory to actual path on the host machine

Set the database configuration to use the user you created in the previous step, since this database is in a docker network, get the hostname from caprover dash.

Like I said at the start of this article, caprover uses docker, the dockerfile that comes default with rails will suffice without any changes

Navigate to your project directory and run caprover deploy follow the prompts to select app, etc, and that’s it your app is live

Let me know what you think about caprover, I personally think it’s awesome, follow me here on Hashnode for more articles on rails and web apps development

Deploying Multiple Rails Apps on The Same Server with Puma + Nginx

Given Ncube — Tue, 01 Oct 2024 17:03:36 +0000

If Kamal is not for you then this article is for you. There’s a lot of my opinions in this article, feel free to jump to the setup section

After coming back to rails from Laravel I found that it wasn’t clear how to run multiple rails apps on the same server. If you google “deploy rails” right now you see something about deploying to heroku which was the thing when I started using rails in rails 5.

With PHP-FPM + Nginx I could run an infinite number of apps on a $5/month server. When it was time to deploy Pulse, as always I did a deep dive, most of the articles on the internet assumed I wanted to run 1 rails app on 1 vm, my first attempt worked, I ran puma, I don’t even remember how, it worked but puma was listening on port 300, I just imagined multiple apps each on it’s own port would be very confusing

To deploy multiple rails apps on the same sever we need the following

Nginx
Ruby (of course)
Puma (bundled with rails)
Mina

Here is how it works, we tell nginx that if it sees a given host name say pulse.welodge.co.zw forward that http request to this http server. This server, we will call “upstream” from now on can be listening on a port or unix socket, which is not technically a file but for this article it’s just a file. If we have 3 apps each could be listening on

/var/www/app1/tmp/app1.sock
/var/www/app2/tmp/app2.sock
etc

This makes way more sense than opening several local ports which maybe hard to keep track of as you add more apps to the server

Talk is cheap, show me the code

To follow along this tutorial you will need a Linux server. I recommend getting one from Hertzner, they have very good pricing with really good performance. Use Ubuntu or Debian, for servers I would recommend Debian because we generally want our servers to be stable. Any Linux distro would do by the way

Initial setup

After getting your server, ssh into the server as root

ssh root@<your-server-ip>

Install the required software

apt-get install nginx mariadb-server git build-essential zip unzip curl neovim

We just installed nginx, a database, I prefer mysql you can install postgres if you use postgres git to clone our repos build-essential for build tools, zip utils and curl and finally neovim***[I refuse to use nano more than once per computer]***

Enable nginx auto start

systemctl enable --now nginx

This should be everything we need. Next create 2 user accounts, 1 is yours as the admin of this server the other is deployment user which is zero privileges, this will be the user our apps are going to run as.

useradd given -m -G sudo -U

This creates a user called given the -m flag creates a home directory in /home/given -G adds the user to sudo group so we can run sudo commands -U creates a user group with name given

Now set a password for this user

passwd given

Open another terminal window and add ssh keys to this newly created account

ssh-copy-id <newuser>@<your-server-ip>

Enter the password you just created, if it fails go back to the root terminal window and restart ssh

systemctl restart ssh

Next, create our deployment user

useradd -m deploy -U

After this set a password and repeat the process of adding ssh keys.

It’s not advisable to run a linux machine as root, we need to disable root login on this machine, disable password authentication. Edit the /etc/ssh/sshd_config file

nvim /etc/ssh/sshd_config

Find an entry that says PermitRootLogin and change that to no PasswordAuthentication change to no

Save the file and restart ssh. Before we leave this root account, setup a firewall, using the uncomplicated firewall

apt-get install ufw

Allow only port 80, 443, and 22

ufw allow 22
ufw allow 80
ufw allow 443

Enable the firewall and exit the root account

ufw enable && exit

Now ssh to this server with the deploy account and install ruby and node

Follow this tutorial to install ruby https://gorails.com/setup/ubuntu/24.04

Install node with nvm: https://github.com/nvm-sh/nvm?tab=readme-ov-file#installing-and-updating

Do the same for your user account

By now you have ruby and node installed on your server and it’s ready

Deployment with mina

To semi automate our deployment from now we will use mina to setup our environment and deploy from github

In the deploy user account generate ssh keys to authenticate with github

ssh-keygen -t rsa

copy the the file in ~/.ssh/id_rsa.pub and paste the values in on github Settings > SSH and GPG Keys > New SSH Key

In your rails project add mina as a dependency

bundle add mina && bundle exec mina init

Open your config/deploy.rb and replace everything with the following code

require "mina/rails"
require "mina/git"

require "mina/rbenv"

set(:application_name, "app_name")
set(:domain, "app_domain_name")
set(:deploy_to, "/var/www/app_domain_name")
set(:repository, "git url")
set(:branch, "main")

set :ssh_options, "-o StrictHostKeyChecking=no"

set(:user, "deploy")
set(:shared_dirs, fetch(:shared_dirs, []).push("tmp/sockets", "tmp/pids", "log"))
# add storage to shared dirs
set(:shared_dirs, fetch(:shared_dirs, []).push("storage"))
set(:shared_files, fetch(:shared_files, []).push("config/credentials/production.key"))

# load nvim
task(:remote_environment) do
  invoke(:"rbenv:load")
  command('export NVM_DIR="$HOME/.nvm"')
  command('[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"')
  command("nvm install 22")
end

# install latest ruby if it does not exisit
task(:setup) do
  command("rbenv install 3.3.5 --skip-existing")
  command("gem install bundler")
end

desc("Deploys the current version to the server.")
task(:deploy) do
  deploy do
    invoke(:"git:clone")
    invoke(:"deploy:link_shared_paths")
    invoke(:"bundle:install")
    invoke(:"rails:db_create")
    invoke(:"rails:db_migrate")

    command("yes y | yarn set version stable") # optional if you don't use yarn
    invoke(:"rails:assets_precompile")
    invoke(:"deploy:cleanup")

    on(:launch) do
      in_path(fetch(:current_path)) do
        command("mkdir -p tmp/")
        command("touch tmp/restart.txt")
        command("systemctl --user restart #{fetch(:application_name)}-sidekiq.service")
        # command("bundle binstubs puma")
        invoke(:"puma:restart")
        invoke(:"sidekiq:restart")
      end
    end
  end
  # you can use `run :local` to run tasks on local machine before or after the deploy scripts
  run(:local) { command("echo \"Done!\"") }
end

namespace(:sidekiq) do
  desc("Start Sidekiq")
  task(:start) do
    in_path(fetch(:current_path)) do
      command("systemctl --user start #{fetch(:application_name)}-sidekiq.service")
    end
  end

  desc("Restart Sidekiq")
  task(:restart) do
    in_path(fetch(:current_path)) do
      command("systemctl --user restart #{fetch(:application_name)}-sidekiq.service")
    end
  end

  desc("Check Sidekiq status")
  task(:status) do
    command("systemctl --user status #{fetch(:application_name)}-sidekiq.service")
    command("journalctl --user -xeu #{fetch(:application_name)}-sidekiq.service")
  end

  desc("Tail Sidekiq logs")
  task(:log) do
    command("journalctl --user -u #{fetch(:application_name)}-sidekiq.service -f")
  end

  desc("Setup Sidekiq systemd service")
  task(:setup) do
    puts("Setting up systemd service for Sidekiq..")
    path = fetch(:deploy_to)
    content = File.read("./config/sidekiq.service").gsub("<APP_PATH>", path)
    File.write("./tmp/sidekiq.service", content)
    run(:local) do
      command("scp ./tmp/sidekiq.service #{fetch(:user)}@#{fetch(:domain)}:~/.config/systemd/user/#{fetch(:application_name)}-sidekiq.service")
    end

    command("systemctl --user daemon-reload")
    command("systemctl --user enable #{fetch(:application_name)}-sidekiq.service")
  end
end

namespace(:puma) do
  desc("Start Puma")
  task(:start) do
    in_path(fetch(:current_path)) do
      # command("bundle binstubs puma")
      command("systemctl --user start #{fetch(:application_name)}-puma.service")
    end
  end

  desc("Restart Puma")
  task(:restart) do
    in_path(fetch(:current_path)) do
      command("systemctl --user restart #{fetch(:application_name)}-puma.service")
    end
  end

  desc("Check Puma status")
  task(:status) do
    command("systemctl --user status #{fetch(:application_name)}-puma.service")
    command("journalctl --user -xeu #{fetch(:application_name)}-puma.service")
  end

  desc("Tail Puma logs")
  task(:log) do
    command("journalctl --user -u #{fetch(:application_name)}-puma.service -f")
  end

  desc("Setup Puma systemd service")
  task(:setup) do
    puts("Setting up systemd service for Puma..")
    path = fetch(:deploy_to)
    content = File.read("./config/puma.service").gsub("<APP_PATH>", path)
    File.write("./tmp/puma.service", content)
    run(:local) do
      command("scp ./tmp/puma.service #{fetch(:user)}@#{fetch(:domain)}:~/.config/systemd/user/#{fetch(:application_name)}-puma.service")
    end

    command("touch #{fetch(:deploy_to)}/shared/tmp/pids/server.pid")
    command("systemctl --user daemon-reload")
    command("systemctl --user enable #{fetch(:application_name)}-puma.service")
  end
end

desc("Copy production key to server")
task(:copy_secrets) do
  run(:local) do
    command(
      "scp ./config/credentials/production.key #{fetch(:user)}@#{fetch(:domain)}:#{fetch(:deploy_to)}/shared/config/credentials/production.key"
    )
  end
end

Let’s break down what this code does, mina needs to know the application name, domain name, the ssh user it will login with, we set that at the beginning

We then set shared directories that will not change across deployments like the tmp dir storage and the credentials

Next we setup environment, we load rbenv and nvm, the setup task will install ruby and bundler

the deploy task will git clone symlink the shared directories, run bundler, migrate the database and precompile assets, after deployment is done, we restart puma and sidekiq if you use sidekiq

We have setup for sidekiq, puma

in the config dir add a file called puma.service we will be using systemd to manage multiple puma instances running at the same time

# config/puma.service
[Unit]
Description=Puma HTTP Server
After=network.target

# Uncomment for socket activation (see below)
# Requires=puma.socket

[Service]
# Puma supports systemd's `Type=notify` and watchdog service
# monitoring, as of Puma 5.1 or later.
# On earlier versions of Puma or JRuby, change this to `Type=simple` and remove
# the `WatchdogSec` line.
Type=notify

# If your Puma process locks up, systemd's watchdog will restart it within seconds.
WatchdogSec=10

# Preferably configure a non-privileged user


# The path to your application code root directory.
# Also replace the "<YOUR_APP_PATH>" placeholders below with this path.
# Example /home/username/myapp
WorkingDirectory=<APP_PATH>

# Helpful for debugging socket activation, etc.
# Environment=PUMA_DEBUG=1

# SystemD will not run puma even if it is in your path. You must specify
# an absolute URL to puma. For example /usr/local/bin/puma
# Alternatively, create a binstub with `bundle binstubs puma --path ./sbin` in the WorkingDirectory
# ExecStart=<FULLPATH>/sbin/puma -C <YOUR_APP_PATH>/puma.rb


Environment="PATH=/home/deploy/.rbenv/shims:/home/deploy/.rbenv/bin:/usr/local/bin:/usr/bin:/bin:$PATH"

ExecStart=<APP_PATH>/current/bin/bundle exec puma -e production --pidfile <APP_PATH>/shared/tmp/pids/server.pid -C <APP_PATH>/current/config/puma.rb -b unix://<APP_PATH>/shared/tmp/puma.sock <APP_PATH>/current/config.ru

# Variant: Use `bundle exec puma` instead of binstub
# Variant: Specify directives inline.
# ExecStart=<FULLPATH>/puma -b tcp://0.0.0.0:9292 -b ssl://0.0.0.0:9293?key=key.pem&cert=cert.pem


Restart=always

[Install]
WantedBy=multi-user.target

Copy paste as it is, you might change the PATH config if your deploy user is not actualy deploy but everything else stay the same. Also note that we are binding puma to a unix socket instead of a port

If you are using sidekiq create a sidekiq.service in the config dir

[Unit]
Description=sidekiq
After=syslog.target network.target

[Service]
Type=simple
Environment="PATH=/home/deploy/.rbenv/shims:/home/deploy/.rbenv/bin:/usr/local/bin:/usr/bin:/bin:$PATH"
WorkingDirectory=<APP_PATH>
ExecStart=<APP_PATH>/current/bin/bundle exec sidekiq -e production -C <APP_PATH>/current/config/sidekiq.yml -r <APP_PATH>/current
ExecReload=/usr/bin/kill -TSTP $MAINPID

# if we crash, restart
RestartSec=1
Restart=on-failure
#Restart=always

# output goes to /var/log/syslog
#StandardOutput=syslog
#StandardError=syslog

# This will default to "bundler" if we don't specify it
#SyslogIdentifier=sidekiq

[Install]
WantedBy=multi-user.target

Again don’t change anything else except for the username from deploy to your configured username

Now setup our deployment environment with mina setup

bundle exec mina setup

After it’s done, copy the secrets to product, I prefer to use secretes instead of environment variables

bundle exec mina copy_secrets

This will copy secrets from your local machine to production

Setup puma and sidekiq

bundle exec mina puma:setup && bundle exec mina sidekiq:setup

Now the only thing left is our nginx config. Where you store this file is up to you, I’ve been thinking about this for while, you can store it in the config/nginx.conf, add it to the shared_files with mina like this

set(:shared_files, fetch(:shared_files, []).push("config/nginx.conf"))

Or put it in the /etc/nginx/sites-available dir it’s up to you, here is the base config that I use for my apps

upstream <app_name>-puma {
  server unix:///var/www/<app-domain-name>/shared/tmp/puma.sock;  # Define upstream server for myapp
}

server {
  server_name <app-domain-name>;  # Server name for this nginx server block
  listen 80;

  root /var/www/<app-domain-name>/current/public;  # Root directory for static files
  access_log /var/www/<app-domain-name>/shared/log/nginx.access.log;  # Access log path
  error_log /var/www/<app-domain-name>/shared/log/nginx.error.log info;  # Error log path and verbosity

  if (-f $document_root/maintenance.html) {
    rewrite  ^(.*)$  /maintenance.html last;  # Rewrite to maintenance page if it exists
  #  break;  # Stop further processing
  }

   location ~ ^/rails/active_storage {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_pass http://<app-name>-puma;

    proxy_buffering off;

    expires max;
  }

  location / {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  # Set X-Forwarded-For header for proxy
    proxy_set_header Host $host;  # Set Host header for proxy
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Forwarded-Proto https;
     proxy_set_header  X-Forwarded-Port $server_port;
    proxy_set_header  X-Forwarded-Host $host;
    proxy_redirect off;
    if (-f $request_filename) {
      break;  # Serve directly if file exists
    }

    if (-f $request_filename/index.html) {
      rewrite (.*) $1/index.html break;  # Rewrite to index.html if it exists
    }

    if (-f $request_filename.html) {
      rewrite (.*) $1.html break;  # Rewrite to .html if it exists
    }

    proxy_pass http://<app-name>-puma;  # Proxy pass to upstream if no static file found
  }

  location ~* \.(ico|css|gif|jpe?g|png|js)(\?[0-9]+)?$ {
    expires max;  # Set max expiration for static files
    gzip_static on;
    add_header Cache-Control public;
  }

location /cable {
    proxy_pass http://<app-name>-puma;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Ssl on; # Optional
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Forwarded-Host $host;
    proxy_redirect off;
  }

  # Error page configuration
  location = /500.html {
    root /var/www/<app-domain-name>/current/public;  # Serve 500.html from this directory
  }
  keepalive_timeout 10;
}

wherever you stored this file, make a symbolic link to /etc/nginx/sites-enabled/<app-doman>.conf

sudo ln -s /path/to/nginx-config-file /etc/nginx/sites-enabled/your-app-domain.conf

Check for errors with

sudo nginx -t

If it says okay, restart nginx, visit your domain name in the browser and your app should be live.

During all these commands if you run into permissions errors change ownership of the /var/www/ to deploy and www-data group

sudo chown -R deploy:www-data /var/www

This will give our deploy user ownership of that directory as well as the webserver if it uses that directory for some other reason

Now let’s add ssl with let’s encrypt

Follow the steps on this link to add ssl support https://certbot.eff.org/instructions?ws=nginx&os=snap

And that’s it you’ve successfully deployed rails with nginx + puma + mina. The downside is that right now we have to download mulitiple apps 1 servermanually from our local machine, I tried to find a github action for mina but I couldn’t. One that I found was using ruby 2 and didn’t work quite as I intended. I could create one myself but skill issues, I don’t know docker and don’t quite understand github actions syntax.

I understand that this was quite long to just deploy an app but you only have to do this once and never again, you can reuse the deploy.rb file as it is, the .service files as they are, the nginx config as it is for the next project

Going forward, kamal? docker?

I will keep adding updates to this blog post but for now this setup meets my needs. Kamal 2 is out at the time of writing this and everyone is singing praises on how good it is to setup servers and it is. But, I don’t think it’s for everyone, from what I understand [at the time of writing this] the docs say kamal is good to run the same app on multiple servers, like instances of the same on multiple servers but what I want the vice versa of this, I know this is skill issues on my part I don’t know docker but I don’t have time to understand the ins and outs of docker right now but I do know ruby shell nginx and with this I can deploy to the server with semi minimal effort.

But this is just my way of doing things, follow me on Hashnode for more articles like this and let me know your thoughts in the comments below

Securing Rails application with Action Policy

Given Ncube — Sat, 21 Sep 2024 08:36:05 +0000

There is lot of yapping going on in this article if you just want to see the implementation you can jump to the Setup section

Recently, when I was building Pulse, I wanted an admin dashboard of sorts, I wanted to be able to manually create startups other users can then claim later, I also wanted to see a list of registered users, some basic stats, etc.

The problem now, I didn’t want every Joe and Jill to access the admin dashboard and do whatever they want simply because they registered an account.

To solve this, I did a deep dive, found solutions like cancan and it’s derivatives, and a bunch of other gems. However I wanted a setup that was a bit automatic that I could setup once and subsequently use and work out of the box without me writing extra code.

I guess you’re wondering, Gavin, why did you roll out your own dashboard when there are dashboard gems out there? Well, I tried, but I found that the amount of customization I’ll have to make requires me to write more code than just generating a scaffold_controller in the admin namespace.

Okay back to adding authorization, here is what I was looking to achieve

Users need to have roles,
Roles have permissions (still working on this)
Authorize controllers via Policy

I found 2 really good gems for this, ActionPolicy and Rabarber. ActionPolicy allowed me to write policies, and in those policies I will then decide if the user has a certain role before they can perform a given action.

Setup

To set this let’s start by installing Rabarber to add roles to the users

bundle add rabarber

Generate the migrations

rails g rabarber:roles users

Migrate the database

rails db:migrate

Now include the roles module to the user model

class User < ApplicationRecord
  include Rabarber::HasRoles
  # ...
end

Finally, let’s assign some roles to our users, I was lazy to build a UI for this so we’ll just use the rails console, I’m going to be the only admin for a while anyway and I will only do this once in production so no big deal

rails c

User.first.assign_roles(:super_admin, :admin)

And that’s it, this all we have to do to get this running. Now, let’s add action policy to add authorization to the controllers

bundle add action_policy

Install action policy with

rails generate action_policy:install

Let’s also generate a policy for the startup model

rails g action_policy:policy admin/startup

Authorization with policies

My project structure looks like this, in the root controller directory I have unauthenticated controllers for public access which inherit from the default application_controller.rb I have controller in controllers/app namespace that inherit from app/application_controller.rb, finally controllers/admin with controllers that inherit from admin/application_controller.rb

In the app namespace I just call before_action :authenticate_user! in the application controller and I don’t have to do it ever again in inheriting controllers. Same with the admin namespace

From action policy docs, we have to authorize! on every controller action, which I was trying to get away from.

In the application_policy.rb I added this, to give basic access to anyone with role admin then in the specific policies I will then give access based that role and another role. For example if you’re admin you can access the dashboard, but you have to be admin + moderator to update startups

# app/policies/application_policy
class ApplicationPolicy < ActionPolicy::Base
  default_rule :manage?
  alias_rule :index?, :create?, :new?, to: :manage?

  def manage?
    user.has_role? :admin
  end

  private

  def owner?
    record.user_id == user.id
  end
end

With this, if i don’t have any complex authorizations, I could just generate a policy that inherits application_policy and everything would work out of the box without adding extra code.

Okay, this alone will not work, we need to tell the admin/application_controller to automatically authorize all controllers based on the controller name, find a policy for that controller and use it to authorize the current controller. As long as we follow rails conventions this should work out of the box

# app/controllers/admin/application_controller.rb
class Admin::ApplicationController < ActionController::Base
  before_action :authenticate_user!
  before_action :authorize!
  verify_authorized
  layout "admin/application"

  def implicit_authorization_target
    # If you don't pass the target, it will be guessed
    # based on the controller name.
    # See https://actionpolicy.evilmartians.io/#/implicit_target
    super || controller_name.classify.to_sym
  end

  def authorization_strict_namespace
    true
  end
end

First we authenticate the user, this is standard. Next, I added a before action to call :authorize so that I don’t to do this for every other action in the controllers. The docs say

You can also call authorize! without a resource specified. In that case, Action Policy tries to infer the resource class from the controller name

Then finally we added the implicit_authorization_target that first calls the parent method and if that returns nil we then use the current class name to find the policy.

Finally we enable strict namespaces. This allows us to have scoped policies, for example, policies in app/policies/admin/* will only authorize controllers in app/controllers/admin/* and so forth,

We can have other policies for non admin authenticated actions, perhaps we want an authenticated user to only be able to create startups only if they have certain roles and we don’t want that policy to affect the admin policy.

That’s it we are good to go, at this point authorization now works out of the box! The next thing would be to add custom pages for 401 errors.

Let me know what you think about this pattern.

Implementing Event-Driven Architecture in Rails with Active Support Instrumentation

Given Ncube — Tue, 17 Sep 2024 20:21:55 +0000

TL:DR; You can skip to setup if you just to see the implementation

Background

When I was building Pulse by Welodge I wanted to notify a user when they submit a startup for approval, when it’s accepted/rejected. I also wanted to notify the admins that someone has submitted a startup. The first implementation I simply dispatched a noticed Notifier in the controller when startup was submitted, but this did not have some “rails magic” into it.

After a quick search I found a few articles online about event driven architectures in rails but they all seem to be overly complicated for what I wanted and they seem to rely on 3rd party packages, which is fine but eventmachine wanted to run a separate “event server” or something like which was overkill,

After a deep dive, I landed on Active Support Instrumentation which rails’s own implementation of the observer pattern. Cool, I can now publish an event and have many subscribers which do different things. What the docs don’t say is how to get it to work in userland and that’s what this article is about

Setup

To get this working properly we need to setup a few things, first we need to auto load “subscribers” which I shall call listeners from here on. We want to store listeners in app/listeners/xx_listener.rb where xx is a resource/model in our application. To achieve this let’s hook into the to_prepare config hook to load the event listeners during application boot

module Startuplist
  class Application < Rails::Application
    # rest of your app config
    listeners = "#{Rails.root}/app/listeners"
    Rails.autoloaders.main.ignore(listeners)

    config.to_prepare do
      Dir.glob("#{listeners}/**/*_listener.rb").sort.each do |listener|
        load listener
      end
    end
  end
end

Now all we have to do is define a listener file in app/listeners/ in this case app/listeners/startup_listener.rb

ActiveSupport::Notifications.subscribe "app.startup.submitted" do |event|
  startup = event.payload[:startup]
  StartupSubmittedNotifier.with(record: startup, message: "Your startup was submitted").deliver(startup.user)

  Rabarber::Role.assignees(:admin).each do |admin|
    SubmissionReceivedNotifier.with(record: startup, message: "A new startup was submitted").deliver(admin)
  end
end

ActiveSupport::Notifications.subscribe "app.startup.accepted" do |event|
  startup = event.payload[:startup]
  StartupAcceptedNotifier.with(record: startup, message: "Your startup was accepted").deliver(startup.user)
end

Here we are simply subscribing to all events related to the startup model, the user_listener.rb could look something like this

ActiveSupport::Notifications.subscribe "app.user.created" do |event|
  SubscribeNewsletterJob.perform_later event.payload[:user].email
end

Which subscribes a newly registered user to a newsletter like ConverKit, MailChimp or Mailerlite

Okay this is cool, how do we then dispatch these events, right, on Pulse the Startup has a status enum so I did something like this to dispatch events each time a status changes

statuses.keys.each do |status|
  after_save :"broadcast_#{status}_changed"

  define_method :"broadcast_#{status}_changed" do
    if saved_change_to_status? && self.status == status
      ActiveSupport::Notifications.instrument "app.startup.#{status}", startup: self
    end
  end
end

This made sure that each time the status changed via a controller or anywhere else in the code, I publish a app.startup.status event which listeners could subscribe to and do what ever they want with the data,

You can broadcast these events anywhere in your app for example we can also do something like for the user model

after_create :broadcast_create
def broadcast_create
  ActiveSupport::Notifications.instrument "app.user.created", user: self
end

On this event we can then send welcome email, subscribe to newsletter, provision a tenant, etc.

I hope you enjoyed this pattern, let me know what you think about this.

What you working on?

Given Ncube — Sun, 15 Sep 2024 20:07:26 +0000

Are you working on a saas tool? the next todo app? let's hear it below

Securing Rails Active Storage Direct Uploads

Given Ncube — Sat, 14 Sep 2024 18:23:21 +0000

TL;DR; if you just want the code, head over to the bottom of this article

I noticed something odd with Active Storage direct uploads. Did you know there is literally no authentication at all by default! The idea scared me.

From the docs, it doesn’t say how to secure that endpoint either. There’s a way to use token auth for API apps but for traditional apps that’s still pretty much open season.

Let’s look at how that can be problematic, First we have CSRF protection so no one can just fire up curl and start uploading files from a script, however that can be easily solved by first making a legit request, grabbing the CSRF token and voila! We also have security by obfuscation assuming that a malicious actor doesn’t know that active storage uploads exists but I’m sure they can read the same documentation that you and I know read.

Someone can just spam upload large files and offset your S3 bill or simply run you out of storage, or DDOS your server all of which are not desirable scenarios.

To solve, this I found some GitHub issues that discussed this but no one provided a solution for what I was worried about, I saw an article from this guy but his solution suggested extending the ActiveStorge::DirectUploadsController and creating a new route. This doesn’t really solve the problem because the other active storage direct uploads route will still be unprotected, I took his solution and used a much simpler implementation using an initializer.

Basically, we want

authenticate the direct uploads endpoint with a before_action
rate limit the endpoint to prevent DDOS

# config/initializers/active_storage.rb
Rails.application.config.to_prepare do
  ActiveStorage::DirectUploadsController.class_eval do
    before_action :authenticate_user!
    rate_limit to: 20, within: 20.minutes, by: -> { current_user.id }
  end
end

Rails has a configuration hook, at least that’s what I think that is, that allows you to run code before the rails app boots I imagine. The cool thing is, we can do a class_eval on the ActiveStorage::DirectUploadsController to add a before_action to authenticate the user then rate limit by user id so that one user doesn’t just spam upload files to the server.

The Ultimate Guide To Content Marketing For Businesses: Strategies For Growth And ROI

Given Ncube — Sat, 31 Aug 2024 17:08:43 +0000

Content marketing stands as a cornerstone of modern business strategy. It's not just about creating content; it's about crafting a narrative that resonates with your audience and drives business growth.

Consider these statistics:

Content marketing costs 62% less than traditional marketing and generates about 3 times as many leads. (DemandMetric)
29% of marketers actively use content marketing (HubSpot)
Companies that blog produce 67% more leads per month than those that don't. (DemandMetric)

This guide will equip you with strategies to:

Develop a content marketing framework aligned with business goals
Create high-impact content that drives engagement and conversions
Implement effective distribution strategies
Measure and optimize your content marketing ROI

Let's dive into the mechanics of content marketing that drives real business results.

Understanding Your Target Audience: The Foundation of Effective Content

Knowing your audience is more than demographics, that's the bare minimum everyone does. It's about understanding their psychographics, behaviors, and decision-making processes. It's about getting into their shoes and having an intimate relationship with them.

Developing Comprehensive Buyer Personas

Create detailed buyer personas using:

Customer interviews
Sales team insights
CRM data analysis
Social media listening
Competitor analysis

Example Buyer Persona:

Name: Marketing Director Mike
Age: 35-45
Company: Mid-size B2B firm ($10-50M annual revenue)
Challenges: Proving marketing ROI, aligning with sales team
Goals: Increase qualified leads by 20%, reduce customer acquisition cost
Information sources: Industry reports, LinkedIn groups, marketing podcasts
Decision-making factors: Proven ROI, ease of implementation, scalability

Mapping the Customer Journey

Align your content with each stage of the buyer's journey:

Awareness: Educational blog posts, infographics
Consideration: Case studies, webinars
Decision: Product comparisons, ROI calculators
Retention: How-to guides, customer spotlights

Follow this in-depth guide on identifying and understanding your target audience

Developing a Content Marketing Strategy: From Goals to Execution

A robust strategy turns content into a business asset. Here's how to build one:

Setting SMART Goals

Align content goals with business objectives:

Increase organic traffic by 50% in 6 months
Generate 100 marketing qualified leads per month through gated content
Improve customer retention rate by 10% through educational content

Content Audit and Gap Analysis

Inventory existing content
Analyze performance (traffic, engagement, conversions)
Identify gaps in the content funnel
Prioritize content creation based on potential impact

Resource Allocation

Determine your content marketing budget:

Industry average: 25-30% of total marketing budget
Allocate resources across creation, distribution, and analysis
Consider outsourcing vs. in-house creation

Editorial Calendar and Workflow

Create a structured approach to content production:

Topic ideation (use tools like BuzzSumo, Google Trends)
Content brief creation
Production schedule
Review and approval process
Publication and promotion workflow

Creating High-Impact Content: Quality Over Quantity

Focus on creating content that drives results. Here's how:

Data-Driven Topic Selection

Use tools like SEMrush or Ahrefs to:

Identify high-volume, low-competition keywords
Analyze competitor content gaps
Discover trending topics in your industry

Content Formats for Maximum Engagement

Diversify your content mix:

Long-form articles (2000+ words) for SEO and thought leadership
Video content (54% of consumers want to see more video content from brands they support - HubSpot)
Interactive content (quizzes, calculators) for higher engagement
Podcasts for building intimate connections with your audience

Creating 10x Content

Develop content that's 10 times better than the top-ranking result:

Provide unique insights or data
Offer actionable takeaways
Include expert quotes or interviews
Use high-quality visuals (custom graphics, videos)
Ensure comprehensive coverage of the topic

Example: Instead of a basic "Guide to Email Marketing," create "The Ultimate Email Marketing Playbook: Strategies from 50 Top CMOs, with Templates and Case Studies"

Content Distribution: Amplifying Your Reach

Creating great content is only half the battle. Distribution is key:

Owned Media Strategy

Website optimization: Improve site speed, implement schema markup
Email marketing: Segment your list for targeted content distribution
Employee advocacy: Encourage employees to share content (can increase reach by 561% - MSLGroup)

Earned Media Tactics

Influencer partnerships: Collaborate with industry thought leaders
PR outreach: Secure guest posting opportunities on high-authority sites
HARO (Help a Reporter Out): Provide expert quotes for media coverage

Paid Media Approaches

Social media advertising: Use retargeting for content promotion
Native advertising: Platforms like Outbrain or Taboola for content discovery
PPC for content: Use Google Ads to promote high-value content pieces

Measuring Content Marketing Success: Metrics that Matter

Focus on metrics that tie directly to business goals:

Traffic and Engagement Metrics

Organic traffic growth
Time on page
Bounce rate
Social shares and comments

Lead Generation Metrics

Conversion rate (visitors to leads)
Lead quality score
Cost per lead

Revenue Impact Metrics

Marketing qualified leads (MQLs) to sales qualified leads (SQLs) ratio
Content-assisted conversions
Customer lifetime value (CLV) of content-acquired customers

ROI Calculation

Use this formula:\
(Gain from Investment - Cost of Investment) / Cost of Investment

Example:

Content marketing cost: $20,000
Revenue generated: $100,000
ROI = ($100,000 - $20,000) / $20,000 = 400%

Advanced Content Marketing Strategies

Stay ahead of the curve with these advanced tactics:

AI-Powered Content Creation

Use AI tools for:

Content ideation (e.g., GPT-4 powered brainstorming)
SEO optimization (e.g., Clearscope, MarketMuse)
Personalized content recommendations

Account-Based Marketing (ABM) Content

Create personalized content for high-value accounts:

Industry-specific whitepapers
Custom ROI calculators
Personalized video messages

User-Generated Content (UGC) Campaigns

Leverage your customers' voices:

Customer success story contests
Social media hashtag campaigns
Customer-led webinars or podcast episodes

Conclusion: Your Path to Content Marketing Excellence

Content marketing is not a one-size-fits-all solution. It requires:

A deep understanding of your audience
A strategic approach aligned with business goals
Commitment to creating high-quality, valuable content
Effective distribution across multiple channels
Continuous measurement and optimization

Start by auditing your current efforts. Identify gaps in your strategy. Implement one new tactic at a time. Measure results and iterate.

Remember, content marketing is a long-term strategy. Consistency and patience are key. With the right approach, content marketing can become your most powerful tool for sustainable business growth.

Your next step? Choose one strategy from this guide. Implement it this quarter. Track the results. Use those insights to refine your overall content marketing approach.

The digital landscape will continue to evolve. But the core principle remains: provide value, build relationships, drive growth. Your content is your voice in the digital world. Make it count.

How To Pick A Domain Name That Doesn't Suck

Given Ncube — Fri, 30 Aug 2024 15:37:29 +0000

Imagine you're building a house. The domain name is like picking the perfect spot for it. It's that important.
This guide will help you choose a domain name that puts your website on the map.

What's a Domain Name?

A domain name is your address on the internet. It's what people type to find your website. For example, in "www.coolshoes.com", "coolshoes" is the domain name. The ".com" part? That's called the Top-Level Domain (TLD).

Why Your Domain Name Matters

Your domain name is a big deal. It's often the first thing people see. A good one makes people remember you. A bad one? They might forget you exist.

Think about it. You're at a party. Someone asks for your website. Which sounds better: "www.best-shoe-store-in-town.net" or "www.kickskingdom.com"?

A smart domain name does more than sound cool. It helps search engines find you. It builds your brand. It's the foundation of your online home.

How to Choose a Winning Domain Name

Let's break it down. Here's how to pick a domain name that works:

Keep It Short and Sweet

Shorter is better. Aim for 6-14 letters. Why? It's easier to remember. Easier to type. Harder to mess up.

Think about big brands. Google. Amazon. Apple. Short names stick.

You might not get a single word. Most are taken. But you can still make it snappy.

Avoid complex words. If you have to spell it out every time, it's too hard.

Use Keywords Wisely

Keywords can help. They tell people what you do. But don't go crazy. Too many keywords look spammy.

If you can fit a keyword naturally, do it. Running a fitness blog? "FitFocus.com" could work. It has a keyword, but it's not stuffed.

Put important words at the start. Search engines like that.

Remember: A creative name beats a keyword-stuffed one any day.

Make It Unique and Brandable

Stand out. Be different. Create a name that's all you.

Mix words. Make new ones. "Pinterest" combines "pin" and "interest". Clever, right?

Think about Zillow, Skype, or Etsy. These names are odd. But they work. They stick in your head.

Don't be afraid to get weird. Sometimes, the strangest names become the biggest brands.

Pick the Right Domain Extension

".com" is king. But it's not the only choice. Here's a quick guide:

.com: Best for most businesses.
.org: Good for non-profits.
.net: Works for tech companies.
.co: Popular with startups.
.io: Another tech favorite.

Country codes like .co.zw or .uk work if you're targeting specific places.

If you can get .com, grab it. If not, don't stress. Pick what fits your brand best.

No Hyphens, No Numbers

Keep it clean. Hyphens and numbers confuse people. They're hard to remember. Hard to share.

Hyphens can make you look cheap. Numbers create doubt. Is it "2" or "two"?

Stick to letters. Your future self will thank you.

Make It Easy to Say and Spell

Imagine telling someone your domain name in a loud bar. Would they get it? If not, rethink it.

Easy to say means easy to share. Easy to spell means fewer lost visitors.

Test it. Say it out loud. Ask a friend to spell it. If they struggle, it's too hard.

Check Social Media and Trademarks

Before you commit, do some digging. Is the name free on social media? You want the same name everywhere. It makes you easy to find.

Check for trademarks too. The last thing you need is a lawsuit. Consider talking to a lawyer for full protection.

Locking down your name everywhere saves headaches later.

Look Into Its Past

Domain names have history. Sometimes it's good. Sometimes it's bad.

Use the Wayback Machine. See how the domain was used before. Was it spammy? That could hurt you.

Check its backlinks too. Good links are a bonus. Bad ones are trouble.

Knowing the domain's past protects your future.

Think Long-Term

Your domain should grow with you. Don't box yourself in.

"SeattleBagelShop.com" is great if you're staying small. But what if you expand? What if you start selling more than bagels?

Avoid trends too. What's hot now might be lame in a year.

Pick a name you can stick with. Changing later is a pain.

Protect Your Domain

Found the perfect name? Don't stop there. Buy similar ones too:

Common misspellings
Different endings (.net, .org)
Hyphenated versions

It costs a bit more. But it protects your brand. It stops others from stealing your traffic.

You don't need websites for all of them. Just point them to your main site.

Common Mistakes to Avoid

Watch out for these traps:

Copying others: Be original. Avoid legal trouble.
Ignoring your audience: Pick a name they'll like.
Being too clever: Clear beats clever every time.
Forgetting to check meanings: Your cool name might mean something bad in another language.
Obsessing over SEO: Don't stuff it with keywords.
Rushing: Take your time. This decision matters.
Not getting feedback: Ask others what they think.
Picking a limiting name: Leave room to grow.
Forgetting mobile users: Long names are hard to type on phones.
Letting it expire: Set up auto-renewal. Don't lose your domain by accident.

Avoid these, and you're on the right track.

Tools to Help You Choose

You don't have to do this alone. Use these tools:

Name generators: Try Namemesh or Panabee for ideas.
Keyword tools: Google Keyword Planner helps find popular terms.
Availability checkers: Namecheap or GoDaddy show what's free.
Brand checkers: NameCheck helps secure your name across platforms.

These tools make finding the perfect name easier.

Quick Questions, Quick Answers

Q: What's the best domain ending?
A: .com if you can get it. But .co, .io, or .org work too. Pick what fits your brand.

Q: How long should my domain be?
A: Aim for 6-14 characters. Shorter is usually better.

Q: Can I change my domain later?
A: Yes, but it's a hassle. Pick a name you can stick with.

Q: What if the name I want is taken?
A: Get creative. Try variations. Or come up with something totally new.

Q: How do I check if a domain is available?
A: Use sites like GoDaddy or Namecheap. They'll show you what's free.

Wrap It Up

Picking a domain name is a big step. It's the start of your online journey. Take your time. Be creative. Ask for opinions.

Remember: A great domain name is easy to remember, fits your brand, and leaves room to grow.

Now it's your turn. Start brainstorming. Use the tools we talked about. Find that perfect name.

Your online future is waiting. Go claim it. Join our newsletter below to get more tips on setting up your business online

Rebuilding my site in Laravel

Given Ncube — Thu, 07 Dec 2023 23:16:07 +0000

I just started a new youtube channel and here is my first video

What are you currently working on?

Given Ncube — Sat, 26 Aug 2023 19:34:36 +0000

Let's hear them cool side projects you're currently hacking

Authenticate With Any OAuth Provider With Laravel Socialite

Given Ncube — Fri, 25 Aug 2023 19:48:20 +0000

Ever tried to create an account on a website and find out there's no option to "login with Google"? Annoying, right? You're not alone. Luckily for you I can help you prevent that and get more signups for your app

In this post I will show you how to create a universal Socialite Controller that works for any socialite driver

To get start, let's install socialite with composer on a Laravel pronect

composer require laravel/socialite

So the way socialite works is that a user clicks on a link that redirects them to a 3rd party site to login and then redirected back to your site for the actual login.

So first, let's create the socialite controller

php artisan make:controller SocialiteController

Redirect

So this is when we redirect the user to 3rd party OAuth provider to login. Add this method to the SocialiteController

/**
 * @param string $driver
 * @return RedirectResponse
 */
public function redirect(string $driver): RedirectResponse
{
    return Socialite::driver($driver)->redirect();
}

So the redirect takes a $driver as an argument so we can add any driver any time. Say, you had used Google before, and now you want add GitHub, you just change a route parameter

Callback

After the user is logged in, they are redirected to a callback URI that does the actual login. Add the following method to the controller

/**
 * @param string $driver
 * @return RedirectResponse
 */
public function callback(string $driver): RedirectResponse
{
    try {
        $socilite = Socialite::driver($driver)->user();
    } catch (Exception) {
        return to_route('login')->with('error', 'Something went during. Please try again.');
    }

    $user = User::whereEmail($socilite->getEmail())->first();

    if (is_null($user)) {
        $user = User::create([
            'name' => $socilite->getName(),
            'email' => $socilite->getEmail(),
            'password' => Hash::make($socilite->getId()),
        ]);

        event(new Registered($user));
    }

    auth()->login($user, true);
    session()->regenerate();

    return redirect()->intended(RouteServiceProvider::HOME);
}

This method also takes the $driver as an argument to tell socialite which provider was used login.

If for some reason something went wrong, we redirect the user to the login page with a flash error message

We then check if the user has an existing account, if not, we create an new one with a random password which they can change later from the profile page if they so wish

Else, we log them in and regenerate session to prevent session high jacking by bad actors

Finally we redirect the user to the intended URL

Routes

To make this work, we need to register the routes for this controller

Route::get('/auth/{driver}/redirect', [SocialiteController::class, 'redirect'])
    ->name('socialite.redirect')
    ->whereIn('driver', ['google']);

Route::get('/auth/{driver}/callback', [SocialiteController::class, 'callback'])
    ->name('socialite.callback')
    ->whereIn('driver', ['google']);

Here we add {driver} as a route parameter which will be injected into the callback and redirect method thanks to Laravel's Dependncy Injection.

Say a bad actor realizes that the {driver} parameter is dynamic, and tries other characters like a social driver that does not exist, that could have unwanted side effects.

To prevent this, we call the whereIn() method and tell Laravel to expect only a defined set of values for the driver param, in this case just "google". Anything else besides that will throw a 404 Not Found.

Socialite authenticate with Google

Our code is ready for use, in production! In this example, let's allow users to login to our app using their google accounts.

First, get credentials from Google Cloud Console

Step 1, visit https://console.cloud.google.com and signin with your google account

Step 2, Create a new project or use an existing one

Step 3, Click the 3bar menu and select APIs & Services > Credentials

Step 4, Click on Create Credentials > OAuth Client ID

Step 5, Select Web Application from the dropdown and enter name and redirect URIs

On the redirect URI this is where you put the link to your callback route replace the {driver} param with "google". For example http://localhost:8000/auth/google/callback

Now all that is left is just creating a link that your users can click to login with Google. For example if you have a Breeze Starter kit installed

<a href='{{ route('socialite.redirect', 'google') }}'>
    <x-secondary-button aria-label="Continue with google"
                        class="w-full justify-center mt-5">
        <img src="https://tuk-cdn.s3.amazonaws.com/can-uploader/sign_in-svg2.svg"
             alt="google">
        <p class="text-base font-medium ml-4 text-gray-700">Continue with Google</p>
    </x-secondary-button>
</a>

I hope this helps you to create more smooth login flows for your apps. To make sure you don't miss another tutorial like this when it's up, follow me here on DEV and get a ping each time I make a new post.