DEV Community: Steve Yonkeu

I left the Cloud to Coolify

Steve Yonkeu — Thu, 19 Feb 2026 15:23:56 +0000

Before throwing the first stone at me, think twice and calm down so I can explain why I am doing this.

For a long time, I did what most developers do: I deployed everything on the big cloud providers. AWS, managed services, endless dashboards, monthly bills that always seemed to creep up…

It worked — until it didn’t.

At some point, I realized I wasn’t paying for “infrastructure,” I was paying for complexity. So I decided to leave the traditional cloud setup behind and move to something simpler: Coolify.

Before getting to know why we switch from cloud to coolify, ask yourself "what is the cloud?"

What is the cloud?

As many might know, the "cloud" is a myth, it does not exist. What exist is someone's else computer which you are running your code on and paying the person per resources use, per time spent, often known as the pay-as-you-go billing method.

Conventionally, The cloud is a network of remote servers on the internet that store, manage, and process data, allowing access to files and services from anywhere.

Why I Left the Cloud?

The cloud is powerful, but it comes with tradeoffs:

Costs grow fast, even for small projects
Managed services are convenient… until you need to migrate
Too many moving parts for simple apps
Vendor lock-in is real I wanted something closer to the old-school VPS experience, but with modern developer tooling. That’s where Coolify came in.

What is Coolify?

Coolify is basically an open-source alternative to platforms like:

Vercel
Heroku
Netlify
Render But instead of deploying on their infrastructure… You deploy on your own server.

It gives you:

Git-based deployments (Webhook or Manual)
Docker support
One-click databases
Automatic SSL
Monitoring
Multi-app hosting All with a clean UI.

My Infrastructure Setup

I wanted something:

Affordable
Reliable
Simple
Scalable enough for side projects and small production apps So I went with:
1 VPS
Docker
Coolify managing everything
OVH as the provider The setup is minimal:

Internet → VPS → Coolify → Apps + Databases

Coolify becomes your control panel for deploying:

Web apps
APIs
Postgres / MySQL
Redis
Background workers

I personally used OVH, mainly because of the price-to-performance ratio.

OVH servers tend to offer:

Strong CPUs
Good bandwidth
Cheap monthly pricing
European hosting options

My Setup

I purchased a VPS from OVH cloud for a year at less than USD100 flat rate.

How to Install Coolify (Step-by-Step)

Provision a Fresh VPS Ubuntu 22.04 works best. Make sure you have:
Root SSH access
Ports 80/443 open
A domain name ready (optional but recommended)
Run the Coolify Install Script
SSH into your server:

ssh root@your-server-ip

Then run:

curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash

This installs:

Docker
Docker Compose
Coolify

Access the Dashboard Once installed, visit:

http://your-server-ip:8000

From there you can:

Create projects
Connect GitHub/GitLab
Deploy your first app
Replace the default domain with yours.

Note: Sometimes this might not work if you do not open the port 8000 on the server.

# Check ports status
sudo ufw status

# Open inbound requests to port 8000
sudo ufw allow 8000

# Reload firewall
sudo ufw reload

Add a Domain + SSL Coolify makes this ridiculously easy:
Add your domain in the app settings
Enable SSL
It automatically uses Let’s Encrypt No need to manually Nginx configs. Coolify uses traefik and caddy in replacement of nginx.

What I Host on Coolify Now

Since switching, I’m running:

Personal projects
APIs
PostgreSQL databases
Redis
Background workers
Internal tools All from one dashboard. It feels like having my own mini-Heroku.

Little tip: This might be life saving to turn on proxied connections on Cloudflare for your domain to avoid some common attacks related to proxy like DDoS.

Now what will you do?

Just so you know, I am an AWS certifies solution architect. I understand products can not start to be built on big giant solutions but we rather turn to use it when we find real need for it.

Migrating your FastAPI app step by step to serverless

Steve Yonkeu — Fri, 19 Dec 2025 04:58:46 +0000

Serverless is good, serverless is cool, serverless is innovative. But how far can we push with its uses? Let's navigate some ups and downs around serverless technology.

When someone hears and "understands" the serverless concept for their fist time. what come to their mind is, So:
I can move all these my applications to serverless and save cost?

I can have managed services but yet very cheap?
This mean no more paying for idle servers?
This this remove the need for DevOps?
I can scale automatically without any complex setup?

Stop being happy (^_-), you are assuming without knowing what is going on. The right questions comes when understanding: What, Why, When, How, Who regarding serverless.

What is Serverless ?

1. Execution Model

Your code runs:

On demand
In response to events (HTTP requests, messages, schedules, file uploads, etc.)
For short-lived executions (typically seconds to minutes) You don’t keep servers running, the platform spins up execution environments when needed.

2. Cost Model

You pay for	Great for	Not always cheaper for
Execution time	Spiky traffic	Constant high-throughput workloads
Number of requests/events	Infrequent workloads	Long-running processes
Resources consumed (memory, duration)	Event-driven systems	Predictable, steady traffic

3. Scaling Model

What scaling is	What scaling is not
Automatic	You still need to understand concurrency limits
Horizontal	You still design for backpressure and failures
Event-driven	Bad architecture can still scale expensive problems

4. Operations Reality

Serverless does not remove DevOps, it changes it.

What you still need	Where the difference lays
Monitoring and logging	Less infrastructure ops
CI/CD pipelines	More platform
Security and IAM	More observability
Cost controls	More architecture work
Incident response	More studies of compatibilities

The Right Questions Come After Understanding

Once the excitement fades, the real questions begin:
What workloads fit serverless?

Why should I use it instead of containers or VMs?
When does it save cost and when does it not?
How do I design, test, monitor, and debug at scale?
Who owns reliability, security, and cost control?

Serverless is a powerful tool, not a universal solution.

Do I have your attention now? Fine, let's code!

Steps to Migrate

Step 0: The Starting Point (FastAPI App)

# apps.py

from fastapi import FastAPI, status

app = FastAPI()

@app.get("/health", status_code=status.HTTP_200_OK)
def health():
    return {"status": "ok"}

@app.post("/items", status_code=status.HTTP_201_CREATED)
def create_item():
    return {"message": "item created"}

@app.put("/items/{item_id}", status_code=status.HTTP_200_OK)
def update_item(item_id: int):
    return {"message": f"item {item_id} updated"}

Running the code:

uvicorn app:app --reload

Step 1: Understand the Serverless Mapping (Mental Model)

Step 2: Add Mangum (ASGI → Lambda Adapter)

Install dependencies

pip install fastapi mangum

Update to apps.py file.

from fastapi import FastAPI, status
from mangum import Mangum

app = FastAPI()

@app.get("/health", status_code=status.HTTP_200_OK)
def health():
    return {"status": "ok"}

@app.post("/items", status_code=status.HTTP_201_CREATED)
def create_item():
    return {"message": "item created"}

@app.put("/items/{item_id}", status_code=status.HTTP_200_OK)
def update_item(item_id: int):
    return {"message": f"item {item_id} updated"}

# Lambda entry point
handler = Mangum(app)

The handleris what AWS Lambda will invoke.

Step 3: Create `requirements.txt`

fastapi
mangum

Step 4: Package the Application for Lambda

Create a build directory

mkdir package
pip install -r requirements.txt -t package
cp app.py package/

Zip it

cd package
zip -r app.zip .

Step 5: Create the Lambda Function

Go to Go to

AWS Lambda
Create functionAWS Lambda
- Runtime: Python 3.10+
- Architecture: x86_64
Upload app.zip
Set Handler: app.handler
Memory: 512 MB (good default)
Timeout: 10–15 seconds

Step 6: Create API Gateway (HTTP API)

Go to API Gateway
Create HTTP API
Integration:
- Type: Lambda
- Choose your Lambda function
Routes:
- ANY /{proxy+}
Deploy

This single route lets FastAPI handle all routing internally.

Step 7: Test your endpoint

Its a wrap!

Location and Device Fingerprinting

Steve Yonkeu — Tue, 22 Apr 2025 14:05:05 +0000

Are a web user? You answer No? where are you reading from?

I bet we all have experienced this once, twice, trice... nth times where we go to a platform where we have an account and after login we get an email alert.

Hey dude, you tried to login or perhaps someone is trying to snitch with your data? Quickly let us know.

In real life such emails look like this

BUT HOW IS THIS DONE???

Every time you are online and browsing, opening websites or apps, there are a few things we can collect from your device since those are public informations and unless you are told you won't know... By the way who read s privacy policies? No one, I do. And most platforms clearly tell you what they collect or might collect, for example dev.to collects IP address, MAC etc (dev.to/privacy).

Don't worry, all these is to improve our security and User Experience on the platform.

All this is part of what we call fingerprinting. Now you know it is not your Thumb fingerprint we are talking about you. Just like all fingerprints are unique so are internet fingerprints and this is what makes each user over the internet unique. How can we extract that now and use if "FOR GOOD".

What is a Fingerprint?

A web Fingerprint a unique identifier generated from a combination of your web browser's characteristics and settings, which can be used to distinguish you from other users online. It's a method websites use to track users, even when cookies are blocked, and can be used for personalization, advertising, and other purposes.

You can track users fingerprints yourself or opt for something more efficient coming from a 3rd party.

Can We CRAFT Now?

Unless you are not yet fix on what we are doing here, then email me with questions or requests and read the OWASP Fingerprints Notes

Although Django has so many included batteries, unfortunately it does not explicitly track devices info and fingerprints. As a whole, we will have to craft something for ourselves to collect a few details regarding Fingerprint.

We won't be able to track the fingerprint effectively with only python code, so now we will have a few javascript lines at the frontend to handle.

And some websites go further and scan for usage for VPN and might ban you or event stop you from using the website.

Demo

Source Code

Call To Action

You found this interesting? Buy me a beer!!! or Coffee, whatever one.

Captcha & reCaptcha For Django

Steve Yonkeu — Tue, 01 Apr 2025 02:57:11 +0000

Website and Web application today are about 1,119,023,272 with about 177,372 deployed everyday (ref: explodingtopics.com). With this knowledge you will understand how much security is needed when to comes these platforms coming up everyday. Who talks about web apps talks about "potential data source", here we go. Let's explore some measures taken by web developers to avoid automated bots, reducing spam, securing online polls & surveys, blocking credential stuffing attacks, mitigating DDoS attacks, preventing fake reviews, protecting against brute force attacks, reducing ticket scalping, safeguarding e-commerce transactions, and enhancing AI training.

Wait a minute... But what is Captcha or reCaptcha? Let me tell you.

What is Captcha and reCaptcha?

With the need to make our applications more secure and also keep bots and scrapers away, we use captcha.

The workflow of reCAPTCHA goes like this: When a user submits a form on a protected page, Google’s reCAPTCHA kicks in to verify if the user is a human or a bot. The backend server sends Google’s public key to generate a temporary token, which is then sent back to the user’s browser. This token is submitted along with the form data to the backend, which uses it alongside a secret key to request a score from Google’s API. The score (default 0.5) determines if the user is likely a human. If the score is high enough, the backend logic proceeds; otherwise, it blocks the request. This process happens seamlessly in the background, ensuring security without interrupting the user experience.

Let's CRAFT!!!

Specially today, we won't have code snippets here, we will be going with full codebase on GitHub.

Outcome

Wrapping Up

I hope this brought some better enlightenment and good understanding of how captcha and recaptcha works.

Implementing SSO In Your Django Project

Steve Yonkeu — Sat, 29 Mar 2025 14:33:21 +0000

For some developers, SSO might still be new to hear on daily purpose, whereas this has been there for a while and we keep using it daily whatever device we use. Google is one of the greatest organization relying on SSO for most services. SSO is an important aspect when it comes to improvement of UX (User Experience). So now the question you should ask yourself is:

What is SSO?

Single sign-on (SSO) is an authentication method that allows users to log in to multiple applications and websites with one set of credentials.

SSO Case Study (Google)

Before saying a word here, understand that this is just a shallow implementation of the system, I will like this to be a way for you to understand this better and know how to implement something similar to your own usecase.

Pay attention to the direction of the arrows and the different services we are pointing to. Without further ado, LET'S CRAFT THIS!!!

Implementation

This tutorial will cover the implementation of SSO in Django using Google SSO. We will have a few libraries to depend on and the code will be found in a GitHub repo later.

Project creation and dependencies installation

mkdir django_sso

cd django_sso

python -m venv .venv

source .vevn/bin/activate

pip install python-social-auth social-auth-app-django

django-admin startproject django_sso .

python manage.py startapp accounts

touch accounts/urls.py

Configuration of settings

# django_sso/settings.py
INSTALLED_APPS = [
    ...
    'social_django',
]

TEMPLATES = [
 #...
        'DIRS': [
            BASE_DIR / 'templates',
        ],
 #...
]

AUTHENTICATION_BACKENDS = (
    'social_core.backends.google.GoogleOAuth2',
    'django.contrib.auth.backends.ModelBackend',
)

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = 'your-client-id'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = 'your-client-secret'
LOGIN_URL = 'login'
LOGOUT_URL = 'logout'
LOGIN_REDIRECT_URL = 'home'=

Views and URLs configurations

# accounts/urls.py
from django.urls import path, include
from accounts.views import login_view, logout_view, home_view, generate_sso_token

urlpatterns = [
    path('auth/', include('social_django.urls', namespace='social')),
    path('login/', login_view, name='login'),
    path('logout/', logout_view, name='logout'),
    path('home/', home_view, name='home'),
    path('generate-sso-token/', generate_sso_token, name='generate_sso_token'),
]

# django_sso/urls.py
from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path('admin/', admin.site.urls),
    path('', include('accounts.urls')),
]

# accounts/views.py
from django.shortcuts import render, redirect
from django.contrib.auth import logout
from django.contrib.auth.decorators import login_required
from django.utils import timezone
from .models import SSOUserToken
import uuid

def login_view(request):
    if request.user.is_authenticated:
        return redirect('home')
    return render(request, 'login.html')

def logout_view(request):
    logout(request)
    return redirect('login')

@login_required
def home_view(request):
    return render(request, 'home.html')

@login_required
def generate_sso_token(request):
    if request.method == 'POST':
        user = request.user
        expires_at = timezone.now() + timezone.timedelta(hours=1)
        token = str(uuid.uuid4())
        SSOUserToken.objects.create(
            user=user,
            token=token,
            expires_at=expires_at
        )
        return render(request, 'sso_token.html', {'token': token})
    return redirect('home')

Let's have a look at the HTML files now.

HTML contents

<!-- templates/login.html -->
<!DOCTYPE html>
<html>
<head>
    <title>Login</title>
</head>
<body>
    <h1>Login</h1>
    <a href="{% url 'social:begin' 'google-oauth2' %}">Login with Google</a>
</body>
</html>


<!-- templates/home.html -->
<!DOCTYPE html>
<html>
<head>
    <title>Home</title>
</head>
<body>
    <h1>Welcome, {{ user.username }}!</h1>
    <a href="{% url 'generate_sso_token' %}">Generate SSO Token</a>
    <a href="{% url 'logout' %}">Logout</a>
</body>
</html>


<!-- templates/sso_token.html -->
<!DOCTYPE html>
<html>
<head>
    <title>SSO Token</title>
</head>
<body>
    <h1>Your SSO Token</h1>
    <p>{{ token }}</p>
    <a href="{% url 'home' %}">Back to Home</a>
</body>
</html>

Results

The result might not look same at the time you see this tutorial, the source code has been updates with some more styles.

Conclusion

I hope you enjoyed crafting Django SSO and understood how much impact it has on UX. Happy CRAFTing. Don't forget to follow for more. Drop your thoughts in the comments section.

Role-Based Access Control in Django

Steve Yonkeu — Fri, 28 Mar 2025 23:05:59 +0000

Security is a very important aspect in web development, sometimes so much underrated. While naming folders mostly on your project tree we can easily find auth, ask yourself if that is authentication or authorization? Well, this post about both authentication and authorization, but however emphasis will be brought more to authorization.

Authentication v/s Authorization

Authentication verifies who you are; authorization determines what you can access.

Small stories extract showing some people who access what they were not to:

2013 (Edward Snowden and the NSA incidence): Edward Snowden, a contractor for National Security Agency (NSA) by then, exploited his privileged access to leak classified documents revealing global surveillance programs to The Washington Post and The Guardian. The alleged stories about NSA spying on world leaders, foreign governments and the U.S. citizens, as well as its attempts to undermine internet security, became facts and putting the agency at the center of the worst scandal they could ever imagine.
2017 (Vanderbilt University Medical Center Breach): Two employees at Vanderbilt University Medical Center inappropriately accessed the medical records of 3,000 patients over 19 months. Their roles did not require such extensive access, indicating a failure to enforce the principle of least privilege.
2018 (SingHealth Data Breach): In Singapore, the personal particulars of 1.5 million patients were stolen from SingHealth's database. Attackers gained privileged access by compromising a front-end workstation and obtaining login credentials, exploiting weak access controls.
2024 (Sellafield Cybersecurity Failings): Sellafield, a nuclear site in Cumbria, UK, was fined nearly £400,000 after pleading guilty to cyber security failures over a four-year period.
2025 (Ambulance Victoria Data Breach): A former employee of Ambulance Victoria unlawfully transferred files containing personal details of approximately 3,000 staff members. The breach was attributed to the employee's failure to adhere to the organization's code of conduct, which prohibits the removal of data for non-work-related purposes.

And so on and so forth!

Different Authorization Methods

In Django, managing user permissions is crucial for building secure applications.

1 . Basic Authentication: This is using simple session authentication stories some credentials in the cookies.

from django.contrib.auth.decorators import login_required

@login_required
def restricted_view(request):
    return render(request, 'restricted.html')

What's the bottleneck? if we have an admin and a normal user how do we differentiate?

2 . Hardcoded Flag-Based Permissions: We can say this is an extension of the later. Above basic authentication here we have a few roles on the system where we use boolean to say if it is or is not x-role. This can be ideal when dealing with solutions where we have 3 to 5 roles. Limitations comes in with complex permissions.

from django.shortcuts import redirect
from django.contrib.auth.models import User
from django.db import models

class Profile(models.Model):
    user = models.OneToOneField(User, on_delete=models.CASCADE)
    is_manager = models.BooleanField(default=False)

def manager_view(request):
    if not request.user.profile.is_manager:
        return redirect('permission_denied')
    return render(request, 'manager_dashboard.html')

3 . Generic Flag-Based Permissions: Each model created in Django by default has a few permissions as metadata and this can be edited or customized in the Meta class of the model.

class Document(models.Model):
    title = models.CharField(max_length=200)

    class Meta:
        permissions = [
            ("view_document", "Can view documents"),
            ("edit_document", "Can edit documents"),
        ]

To check or verify the permission, we can check like we see below:

from django.contrib.auth.decorators import permission_required

@permission_required('documents.view_document', login_url='login')
def document_list(request):
    documents = Document.objects.all()
    return render(request, 'documents/list.html', {'documents': documents})

We can check on the templates too:

{% if perms.documents.view_document %}
  <div class="document-list">
    {% for doc in documents %}
      <p>{{ doc.title }}</p>
    {% endfor %}
  </div>
{% endif %}

The limitations here comes when we might need to split the users in groups of user and assigning some permission access to some resources.

4 . Role-Based Access Control (RBAC): Django is a powerful method for managing user permissions by assigning roles to users. Instead of managing permissions individually, RBAC groups them into roles like "Admin," "Editor," and "Viewer." Each role is associated with specific permissions, simplifying the management process. In Django, you can implement RBAC using the built-in Group model and Permission system. By creating groups with predefined permissions and assigning users to these groups, you can easily control access to different parts of your application. This approach enhances security, scalability, and maintainability, making it ideal for complex applications with multiple user roles.

Let's CRAFT?

from django.db import models
from django.contrib.auth.models import Group, Permission
from django.contrib.auth.mixins import UserPassesTestMixin
from django.views.generic import ListView

class Role(models.Model):
    name = models.CharField(max_length=50)
    group = models.OneToOneField(Group, on_delete=models.CASCADE)

    def __str__(self):
        return self.name

class DocumentListView(UserPassesTestMixin, ListView):
    model = Document
    template_name = 'documents/list.html'

    def test_func(self):
        return self.request.user.has_perm('documents.view_document')

We can also go into a middleware.

# middleware.py
from django.utils.deprecation import MiddlewareMixin

class RBACMiddleware(MiddlewareMixin):
    def process_view(self, request, view_func, view_args, view_kwargs):
        # Custom permission checks here
        if request.path.startswith('/admin') and not request.user.is_staff:
            return HttpResponseForbidden("Access denied")

#settings.py
MIDDLEWARE = [
    # ...
    'hello_app.middleware.RBACMiddleware',
]

We can still improve that, Don't miss out the next blog posts. Don't miss out anything. Follow me and subscribe not to miss out.

Conclusion

Role-Based Access Control (RBAC) is a widely-used method for managing user permissions in Django, but it has several limitations. RBAC struggles with fine-grained permissions, requiring excessive roles for granular access control. Role explosion occurs when roles and permissions become overly complex, leading to management challenges. RBAC lacks context awareness, treating all users within a role uniformly, which can be problematic in dynamic environments. Hierarchical role management is limited, making it difficult to implement complex inheritance structures. User experience can suffer due to unclear role definitions, and misconfigurations pose security risks. Additionally, RBAC may face scalability issues in large systems with thousands of users and roles. Despite these limitations, RBAC remains a robust solution for applications with well-defined roles and permissions. For more complex scenarios, combining RBAC with other access control methods like Attribute-Based Access Control (ABAC) or Policy-Based Access Control (PBAC) can enhance flexibility and security.

Django 2FA With Google Authenticator

Steve Yonkeu — Fri, 28 Mar 2025 01:40:35 +0000

Django Django Djnago Djonga Djingo!!!

I have been on a mission to build things around Django for more than half a decade now, you won't say it? Congratulations to me!!!

Back to business, Aren't you skeptical about your security on your applications or platforms you use daily? To be honest I am.

Small exercise, go back to line one of this blog and read well. How many "Django" can you see?

It is not more new to hear about terms like MFA, 2FA, OPT (TOPT, HOTP) and other Passwordless. Today Let's get more interested into 2FA using Google Authenticator. Why Google Authenticator? Jot that somewhere please, I will answer in a few minutes.

What is 2FA?

This story goes way way way back around the... (kidding)

Two-Factor Authentication (2FA) is a security mechanism that requires two independent authentication factors to verify a user's identity. It consists of a knowledge factor (something you know, like a password) and a possession factor (something you have, like an OTP token, authenticator app, or hardware key). The authentication process involves entering the primary credential, followed by verification using the second factor. It is commonly implementated into TOTP (Time-Based One-Time Passwords) and FIDO2 security keys.

Why the "Collabo" with Django?

You might have not known nor hear about Django, but give it a try. However Django quickly and easily integrates with anti-phishing, breaches and brute force attacks recent discoveries and those to come (You can always contradict me, Down). Because of Django vast, rich, active communities and ecosystem libraries supporting such integrations already do exist. Lastly and the most important, an extra security layer, improving user confidence blocking attackers who reuse stolen passwords from data breaches and also COMPLIANCE.

Implementation

With further ado, here is how this can be done with Django. Do not worry, in case you miss something, I have the codebase somewhere for you, read carefully to see the link. We will be going through the project setup (dependencies, structure and configuration), models, db migrations and project execution.

Setting up the project

Whoever calls my name prior to a python project should call performance, architecture, good resource utilization and best practices (but who defines best practices?).

Creating folders and virtual environment

mkdir django2fa && cd django2fa

python -m venv .venv

source .venv/bin/activate

pip install django-two-factor-auth webauthn pillow pyotp phonenumbers

Creating Django Project and Django App

django-admin startproject django2fa .

python manage.py startapp accounts

touch accounts/urls.py

Tree structure

.
├── .venv/
├── accounts
│   ├── admin.py
│   ├── apps.py
│   ├── __init__.py
│   ├── migrations
│   │   ├── 0001_initial.py
│   │   └── __init__.py
│   ├── models.py
│   ├── tests.py
│   ├── urls.py
│   └── views.py
├── db.sqlite3
├── django2fa
│   ├── asgi.py
│   ├── __init__.py
│   ├── settings.py
│   ├── urls.py
│   └── wsgi.py
├── manage.py
├── README.md
├── requirements.txt
└── templates
    └── two_factor
        └── _base.html

6 directories, 19 files

Django project settings edits

# settings.py

+ SECRET_KEY = os.getenv('SECRET_KEY')

+ DEBUG = True if os.getenv('DEBUG') == 'True' else False
+ ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS').split(',') if os.getenv('ALLOWED_HOSTS') else []



+ INSTALLED_APPS = [
# ...
+   'django_otp',
+   'django_otp.plugins.otp_static',
+   'django_otp.plugins.otp_totp',
+   'django_otp.plugins.otp_email',

+    'two_factor',
+    'two_factor.plugins.phonenumber',
+    'two_factor.plugins.email',

+    'accounts',
 # ...
+ ]

+ MIDDLEWARE = [
# ...
+     'django_otp.middleware.OTPMiddleware',
# ...
+ ]

# ...

+ AUTHENTICATION_BACKENDS = [
+   'django.contrib.auth.backends.ModelBackend',
+ ]

+ LOGIN_URL = 'two_factor:login'
+ LOGIN_REDIRECT_URL = 'two_factor:profile'
+ LOGOUT_REDIRECT_URL = 'two_factor:login'

+ TWO_FACTOR_PATCH_ADMIN = True
+ TWO_FACTOR_STRIC = True

+ AUTH_USER_MODEL = 'accounts.STUser'

Urls.py modifications:

from django.contrib import admin
from django.urls import path, include
from two_factor.urls import urlpatterns as tf_urls

urlpatterns = [
    path('admin/', admin.site.urls),
    path('', include(tf_urls)),
    path('', include('accounts.urls')),
]

Let's have the demo

Running migrations and creating a superuser
DEMO

Wrapping Up

Alright, alright, what are your thoughts? Was this helpful? Personal thoughts about these is to look for all possible ways to authenticate users. What about "Signin with Eyes? or DNA?" Don't think it is a joke.

Because the people who are crazy enough to think they can change the world, are the ones who do. - STEVE JOBS

So are you crazy enough?

The Django Iceberg

Steve Yonkeu — Thu, 13 Mar 2025 20:52:00 +0000

Hey buddy, what framework will you go in for after studying programming? Django!!!

Django has always been my go-to framework when I need to build something quickly without sacrificing quality. There's something spacial about how it balances structure with flexibility and ease. But over the years, I've come to realize that Django is like an iceberg - what you see initially is just the beginning of something much deeper and more powerful than you thought.

When I first started with Django, I was immediately struck by how approachable it was. The documentation was clear, the structure made sense, and I could build something functional in a matter of hours. Little did I know that beneath this friendly surface lay layers upon layers of functionality waiting to be discovered.

The Tip of the Iceberg: What Newbies See

Every Django journey begins with the framework's most visible features, the ones that make it accessible to developers of all backgrounds. These initial encounters with Django create a foundation that supports everything that comes later.

MVC Architecture (MTV, Really)
Django's "batteries-included" philosophy starts with its Model-Template-View structure. As a newcomer, you learn to define data models, create HTML templates, and write views to handle requests. The simplicity of models.py, views.py, and urls.py feels almost magical. It's like Django is saying, "Here's everything you need to get started - no fuss, no complicated setup."
ORM: The Database Abstraction Layer
The Object-Relational Mapper lets you interact with databases using Python code instead of raw SQL. For those new to databases, queries like MyModel.objects.filter(name="Django") are intuitive and powerful. It abstracts away the complexity while still giving you room to grow.
Admin Interface
The auto-generated admin panel (admin.py) is a game-changer. With minimal code, you can manage data through a sleek UI - a feature that saves weeks of boilerplate work. It's like having a built-in control center for your application.
Templates and Forms
Django's templating engine and form system handle frontend logic with minimal fuss. Newbies quickly build forms with validation and render dynamic HTML. The framework guides you toward best practices without being restrictive.
Built-In Authentication
User registration, login, and permissions are handled via Django's django.contrib.auth. Features like @login_required decorators make security seem effortless. It's reassuring to know that authentication is handled securely out of the box.

The Hidden Depths: What Senior Developers Uncover

As you spend more time with Django, you begin to notice patterns and features that weren't obvious at first. These deeper aspects of the framework transform how you think about web development and what's possible.

Middleware: The Silent Guardian
Middleware processes requests and responses at every step. Seniors use it for tasks like rate-limiting (e.g., django-ratelimit), logging, or even modifying headers. Custom middleware unlocks granular control over HTTP flows. It's like having a series of filters that can inspect or modify traffic as it passes through your application.
Custom Management Commands
Beyond the basic runserver and migrate commands, developers can create their own CLI tools (manage.py) for cron jobs, data imports, or cleanup tasks. It's like having a personal admin for your project - automation becomes second nature.
Deployment Complexity
While newbies might deploy with gunicorn and nginx, experienced developers navigate Docker, Kubernetes, and cloud services (AWS, Heroku). They optimize static files with whitenoise or CDNs and secure settings with environment variables. Deployment transforms from a mysterious process into a well-understood, repeatable workflow.
Performance Tuning
- Caching: Using django-cache-machine or Redis to reduce database hits.
- Database Optimization: Indexing, raw SQL, and connection pooling (e.g., pgbouncer).
- Async/Await: Leveraging Django 3.1+ async views and consumers for real-time features. Performance becomes a first-class citizen in your development process.
Advanced ORM Features
- Queryset Chaining: Combining annotate(), aggregate(), and F() expressions for complex queries.
- Database Routers: Routing queries to different databases for read/write separation.
- Raw SQL: When the ORM can't handle it, seniors write optimized SQL without fear. The ORM evolves from a convenience tool to a powerful instrument in your toolkit.
Signals and Hooks
Signals like post_save or pre_delete let you trigger actions (e.g., sending emails) when models change. Custom signals add event-driven logic to apps. It's like giving your application a nervous system that responds to internal events.
Testing and CI/CD
Seniors write tests with pytest or Django's TestCase, mock external APIs, and automate deployments via GitHub Actions or GitLab CI. Testing transforms from a chore into an essential part of your development workflow.
Third-Party Integrations
Django's ecosystem includes packages like django-rest-framework (APIs), celery (task queues), and django-allauth (social auth). Knowing when to extend core Django vs. adopting external tools becomes a nuanced decision rather than a guess.
Security Beyond the Basics
- CSRF/XXS Protection: Tweaking CSP headers or SECURE_HSTS_SECONDS.
- Dependency Scans: Using safety or bandit to audit vulnerabilities. Security becomes proactive rather than reactive.
Contributing to Django Itself
Top-tier developers dive into Django's source code, fix bugs, or propose new features. This reveals how the framework's internals - like the request-response cycle or middleware hooks - truly work. Contributing becomes a way to give back to the community that has supported your growth.

The Deepest Mysteries: Rarely Seen, Often Overlooked

These are the features that remain hidden until you've spent significant time with Django, the ones that surprise even experienced developers when they're discovered.

Database Backends: Swapping PostgreSQL for SQLite or even custom backends.
Geodjango: Building GIS applications with spatial data.
Django as a Service: Using Django outside web apps (scripts, cron jobs...).
Middleware-Driven Architecture: Designing apps where middleware handles authentication, logging, or even business logic.

Conclusion: Embracing the Iceberg

Django's beauty lies in its balance: it's approachable for beginners yet infinitely scalable for experts. The tip of the iceberg - MVC, ORM, and the admin - gets you building fast. But the deeper layers - middleware, async, and ecosystem mastery - turn good developers into architects.

So, the next time you hear "It's just Django," remember: the framework's true power lies beneath the surface, waiting for those willing to dive in.

Final Thought: The Django Iceberg isn't just about features - it's a journey. Every developer's path is unique, but the deeper you go, the more you realize how much there is to explore. 🐍

Serverless or Server for Django Apps?

Steve Yonkeu — Mon, 06 Jan 2025 15:33:17 +0000

Developers' nightmare 10 years ago and now can't be the same. Ten years back, we had challenges on how to handle scalability, latency, cost, resource usage and downtime. Existence of challenge creates innovation and who says innovation says "SMART".

What if I told you, you can get your app fully serverless? Sounds like a dream? Think about cloud, think about server(less/no). Somewhere below I will get you to do some comparison on this.

Without further ado, let's get to compare these environments based on cost, architecture, ease to get started, availability and scalability. (Feel free to drop comments on your thoughts, I will love to read and learn more).

Note: Through out this blog we will use the most affordable solution and keep our wallets secure (no billing on us... we use our free tier)

Architecture

Let's see and understand how both of these methods impacts the developers life and daily routine.

Server Deployment

Just like we see above, we have a low cost deployment for a Django Application with all functionalities present. Most of the questions in your head are soon going to be answered.

What is this, that, this too, what about that... what is used for?
How scalable and how reliable is this setup? Well... Let's go >>>

Nginx + Certbot: Proxy, routing and SSL for our app
Gunicorn: Do you remember the Warning Django keeps bringing when you run your app locally and it says: this is a development server try not to use this is prod? Yes, Gunicorn is our Prod server. It does a lot Read More....
Postgres: Coming from AWS RDS. It is an AWS Managed Postgres "server".
Amazon EC2: This is available on AWS Compute services

Talking about Scalability, well, I will get back to that.

Serverless Deployment

{% block LittlePause %}

Wait a minute, why did AWS create serverless services and are so invested into it.

SERVERLESS IS THE FUTURE!!!

Think about you(Ze developer) not caring that much about your cloud environment. Focusing on your code, and your code.

{% endblock LittlePause %}

On the architectural diagram we have a few components, let's talk about what does what.

API Gateway: Serving as an entry point to our app
Lambda: where our code runs without provisioning or managing servers. It automatically scales based on the number of incoming requests and charges only for the compute time consumed.
Lambda Function: represents your entire Django application wrapped in a serverless environment.
Amazon Aurora: Our serverless postgres compatible database.

Pricing / Cost / Billing

Category	Server-Based (EC2 + Nginx)	Serverless (Lambda + API Gateway + Zappa)
Pricing Model	Fixed monthly cost based on instance type.	Pay-as-you-go, charged per request and compute time.
Compute Costs	Fixed pricing for instance type .	1M requests free per month, then $0.20 per 1M requests.
Free Tier Availability	EC2 t3.micro free for 12 months (750 hours/month).	1M Lambda requests + 400,000 GB-seconds free/month.
Traffic Handling	Manual scaling required for high traffic.	Auto-scales automatically with traffic.
Uptime Management	Runs 24/7, charges apply even when idle.	Only charges during request handling (event-driven).
API Gateway Costs	Not required.	Free Tier: 1M requests/month, then $3.50 per million.
Data Transfer (to Internet)	Free for up to 100GB per month in Free Tier.	Free for up to 100GB per month in Free Tier.
Storage Costs (RDS)	Free Tier: 750 hours db.t3.micro for 12 months.	Same Free Tier for RDS as server setup.
Storage for Static Files (S3)	Free Tier: 5GB standard storage for 12 months.	Free Tier: 5GB storage + 20,000 GET + 2,000 PUT requests.
SSL/TLS Certificates	Free via ACM or Let's Encrypt.	Free via ACM (Amazon Certificate Manager).
Cold Start Delays	Not applicable (server always running).	Cold starts possible after inactivity.
Maintenance	Manual OS patching, scaling, and monitoring.	Fully managed, no server maintenance required.
Best for	Steady traffic and continuous workloads.	Variable traffic and unpredictable workloads.
Cost Estimation (After Free Tier)	~$50-$70/month (EC2 + RDS + S3 + Transfer).	~$5-$30/month (depends on request volume).

Scalability

You had scalability in your head since from the diagram above, get satisfied.

Category	Server-Based (EC2 + Nginx)	Serverless (Lambda + API Gateway + Zappa)
Scalability Type	Vertical Scaling (Scaling Up) by increasing instance size or Horizontal Scaling by adding more instances (manually or via Auto Scaling Groups).	Horizontal Scaling (Scaling Out) by adding more Lambda function instances automatically.
Automatic Scaling	Requires Manual Configuration (Auto Scaling Groups).	Automatic and Fully Managed Scaling by AWS based on incoming traffic.
Performance During Scale	Dependent on instance size and type (CPU, RAM). Needs larger instances for increased load.	Lambda creates more instances as traffic spikes, handling thousands of requests simultaneously.
Scaling Speed	Slower due to instance launch times and warm-up.	Instant Scaling as Lambda spins up new containers rapidly.
Cold Starts	Not applicable (server always running).	Yes, cold starts occur after a period of inactivity but can be reduced with provisioned concurrency.
Concurrency Limits	Limited by Instance Type Capacity. Manual intervention needed for multiple servers.	Scales Concurrently and Infinitely (Default 1,000 concurrent executions, adjustable).
High Traffic Handling	Needs proactive scaling adjustments or larger instances for sudden traffic spikes.	Handles sudden traffic spikes seamlessly by auto-scaling.
Resource Management	Fixed resources per instance, even during low traffic periods.	Dynamically allocates resources based on traffic.
Global Scalability	Needs manual deployment in multiple regions.	Lambda supports multi-region replication for global scaling with minimal configuration.
Maintenance During Scaling	Needs manual load balancing setup (ELB, ALB).	No infrastructure to manage, auto-scales seamlessly.
Best For	Predictable and steady workloads with constant traffic.	Unpredictable traffic, event-driven workloads, and bursty traffic.

Automation

Both of these setups can have setups easy to automate via GitHub CI/CD.

Serverless

name: Deploy Zappa to AWS

on:
  push:
    branches:
      - main

jobs:
  deploy:
    name: Deploy with Zappa
    runs-on: ubuntu-latest
    environment: production

    steps:
      # Step 1: Check out code
      - name: Checkout Code
        uses: actions/checkout@v4

      # Step 2: Set up Python version
      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: 3.12

      # Step 3: Install Dependencies
      - name: Install Dependencies
        run: |
          python -m venv .venv
          source .venv/bin/activate
          pip install --upgrade pip
          pip install -r requirements.txt
          pip install zappa

      # Step 4: Create AWS Profile (Explicit Configuration)
      - name: Create AWS Profile
        run: |
          mkdir -p ~/.aws
          echo "[default]" > ~/.aws/credentials
          echo "aws_access_key_id=${{ secrets.AWS_ACCESS_KEY_ID }}" >> ~/.aws/credentials
          echo "aws_secret_access_key=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> ~/.aws/credentials
          echo "[default]" > ~/.aws/config
          echo "region = ${{ secrets.AWS_REGION }}" >> ~/.aws/config
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}

      # Step 5: Validate AWS Credentials and Profile
      - name: Validate AWS Configuration
        run: |
          aws configure list
          aws sts get-caller-identity

      # Step 6: Deploy/Update Zappa
      - name: Deploy to AWS Lambda with Zappa
        run: |
          source .venv/bin/activate
          zappa deploy ${{ secrets.ZAPPA_ENV }} || zappa update ${{ secrets.ZAPPA_ENV }}

Server

name: Deploy Django and Celery to EC2 instance

on:
  push:
    branches:
      - main

jobs:
  deploy_project:
    name: Deploy
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4.1.7
      - name: Get changed files
        id: changed-files
        uses: tj-actions/changed-files@v44.5.7
        with:
          since_last_remote_commit: true
          separator: ","

      - name: Copy files via scp using SSH key
        uses: appleboy/scp-action@v0.1.7
        with:
          host: ${{ secrets.HOST }}
          username: ${{ secrets.USERNAME }}
          key: ${{ secrets.DEPLOY_KEY }}
          port: ${{ secrets.PORT }}
          source: "."
          target: ${{ github.event.repository.name }}

  build_project:
    name: Build
    needs: deploy_project
    runs-on: ubuntu-latest
    steps:
      - name: Executing remote SSH commands using SSH key
        uses: appleboy/ssh-action@v1.0.3
        with:
          host: ${{ secrets.HOST }}
          username: ${{ secrets.USERNAME }}
          key: ${{ secrets.DEPLOY_KEY }}
          port: ${{ secrets.PORT }}
          script: |
            sudo supervisorctl reread
            sudo supervisorctl update
            sudo supervisorctl restart all

Tutorial

Subscribe and check the video you need On My YouTube Channel and My GitHub for the source code and sample tutorial.

Conclusion

Make the choice which is best for you and drop your thoughts in the comment section.

How to Scan in GoLang

Steve Yonkeu — Sat, 04 Jan 2025 11:25:19 +0000

In Go (golang), the fmt package provides several functions for scanning input from the console or other input sources.

For me these have always been useful during test and so many other areas. And so far I usually work with 4 functions during scanning.

Let's explore some of them and see how, why and when to use it.

1. `fmt.Scan`

Purpose: Reads space-separated input from standard input (console).
Stops Reading: Stops on the first newline or whitespace.
Multiple Variables: Can read multiple variables in one call.
Returns: Number of successfully scanned items and error if any.

Example:

package main

import (
    "fmt"
)

func main() {
    var name string
    var age int
    fmt.Print("Enter your name and age: ")
    fmt.Scan(&name, &age) // Reading input separated by space
    fmt.Printf("Hello %s, you are %d years old.\n", name, age)
}

Input Example:

Alice 25

Output:

Hello Alice, you are 25 years old.

2. `fmt.Scanln`

Purpose: Reads input until a newline (\n) is encountered.
Stops Reading: Stops on newline instead of whitespace.
Multiple Variables: Can read multiple variables but stops if it reaches newline first.
Returns: Number of successfully scanned items and error if any.

Example:

package main

import (
    "fmt"
)

func main() {
    var name string
    var age int
    fmt.Print("Enter your name and age: ")
    fmt.Scanln(&name, &age) // Reads until newline is encountered
    fmt.Printf("Hello %s, you are %d years old.\n", name, age)
}

Input Example:

Alice 25

Output:

Hello Alice, you are 25 years old.

3. `fmt.Scanf`

Purpose: Reads formatted input using format specifiers (like %s, %d, %f).
Stops Reading: Stops based on the specified format.
Multiple Variables: Can read multiple variables with precise control using format specifiers.
Returns: Number of successfully scanned items and error if any.

Example:

package main

import (
    "fmt"
)

func main() {
    var name string
    var age int
    fmt.Print("Enter your name and age (formatted): ")
    fmt.Scanf("%s %d", &name, &age) // Reads formatted input
    fmt.Printf("Hello %s, you are %d years old.\n", name, age)
}

Input Example:

Alice 25

Output:

Hello Alice, you are 25 years old.

4. `bufio.NewReader` (For Advanced Input Handling)

Purpose: Provides more advanced input reading capabilities compared to fmt.
Stops Reading: Allows reading an entire line including spaces.
Multiple Variables: Reads input as a single string and then can be split further if needed.
Returns: The complete input line as a string.

Example:

package main

import (
    "bufio"
    "fmt"
    "os"
    "strings"
)

func main() {
    reader := bufio.NewReader(os.Stdin)
    fmt.Print("Enter your name and age: ")
    input, _ := reader.ReadString('\n') // Reads entire line including spaces
    input = strings.TrimSpace(input)    // Trim newline and spaces
    fmt.Printf("You entered: %s\n", input)
}

Input Example:

Alice 25

Output:

You entered: Alice 25

📊 Summary Table:

Function	Purpose	Stops Reading At	Supports Formatting?	Multiple Variables?	Use Case
`fmt.Scan`	Basic scanning	Whitespace	❌	✅	Simple input without newline
`fmt.Scanln`	Scans until newline	Newline (`\n`)	❌	✅	Input until newline
`fmt.Scanf`	Formatted input scanning	Controlled by format	✅	✅	Precise formatted input
`bufio.NewReader`	Advanced input handling	Customizable	✅	❌	Large input with spaces

How to Print in GoLang

Steve Yonkeu — Sat, 04 Jan 2025 11:15:21 +0000

It has always been a challenge for me when working with GoLang and trying to print out something, usually during debugging and or various other tasks while building.

Let's have a quick look at what we should use and when should we use it with regards to printing in GoLang.

PS: Try to read through, we will make it fast as much as possible.

Personally I usually use about 7 of the print methods in-built in GoLang, which include: fmt.Print, fmt.Println, fmt.Printf, fmt.Sprint, fmt.Sprintln, fmt.Sprintf and fmt.Fprint. In Go (golang), the fmt package provides several printing functions for different use cases.

1. `fmt.Print`

Purpose: Prints values directly to the console.
No Formatting Specifiers: Just concatenates values as strings.
No Line Break: No newline at the end, so subsequent output appears on the same line.

Example:

fmt.Print("Hello", " ", "World!")

Output:

Hello World!

2. `fmt.Println`

Purpose: Prints values directly to the console, with a newline at the end.
No Formatting Specifiers: Concatenates values with spaces between them.
Auto Line Break: Automatically adds a newline at the end.

Example:

fmt.Println("Hello", "World!")

Output:

Hello World!

3. `fmt.Printf`

Purpose: Prints values directly to the console with formatting specifiers.
Formatting Specifiers: Uses %s, %d, %v, etc.
No Auto Line Break: Doesn't automatically add a newline; you need to specify \n.

Example:

fmt.Printf("Name: %s, Age: %d\n", "Alice", 25)

Output:

Name: Alice, Age: 25

4. `fmt.Sprint`

Purpose: Concatenates values into a string without formatting.
No Printing: Doesn't print to the console, just returns the string.
No Line Break: No newline included.

Example:

message := fmt.Sprint("Hello", " ", "World!")
fmt.Println(message)

Output:

Hello World!

5. `fmt.Sprintln`

Purpose: Concatenates values into a string with a newline.
No Printing: Doesn't print to the console, just returns the string.
Auto Line Break: Adds a newline to the returned string.

Example:

message := fmt.Sprintln("Hello", "World!")
fmt.Print(message)

Output:

Hello World!

6. `fmt.Sprintf`

Purpose: Formats values into a string using format specifiers.
No Printing: Doesn't print to the console, just returns the formatted string.
No Line Break: No newline unless explicitly added.

Example:

message := fmt.Sprintf("Name: %s, Age: %d", "Alice", 25)
fmt.Println(message)

Output:

Name: Alice, Age: 25

7. `fmt.Fprint`

Purpose: Writes formatted output to a specified writer (like files, buffers, etc.).
For Advanced Usage: Typically used with files or custom outputs.

Example:

import (
    "os"
    "fmt"
)

func main() {
    fmt.Fprint(os.Stdout, "Hello World!")
}

Output:

Hello World!

Summary Table:

Function	Purpose	Returns a String?	Directly Prints?	Supports Formatting?	Auto Newline?
`fmt.Print`	Simple printing, no newline	❌	✅	❌	❌
`fmt.Println`	Simple printing with newline	❌	✅	❌	✅
`fmt.Printf`	Formatted printing	❌	✅	✅	❌
`fmt.Sprint`	String concatenation (no print)	✅	❌	❌	❌
`fmt.Sprintln`	String concatenation with newline	✅	❌	❌	✅
`fmt.Sprintf`	Formatted string creation	✅	❌	✅	❌
`fmt.Fprint`	Formatted printing to a writer	❌	✅	✅	❌

Take a look at my YouTube and GitHub

Day 04: Terraform Code for Clustered Web Server

Steve Yonkeu — Thu, 05 Dec 2024 23:17:29 +0000

Today we'll dive deeper into Terraform as we continue the challenge of mastering Day 4: Basic Infrastructure. The focus is on developing a more robust understanding of the input variables. Local variables and in deploying increasingly complex infrastructure. These concepts are critical to making Terraform configurations reusable, dynamic, and scalable.

Keywords

A cluster is a group of computers. Connected servers (servers) that work together as a system to improve performance. Availability and scalability for any application or task...
A web server is software or hardware that stores, processes, and delivers websites or web applications to users over the Internet using protocols such as HTTP or HTTPS.

Key Learnings:

Input Variables: Input variables allow us to make our configurations flexible by passing values at runtime. This eliminates hardcoding, making our scripts adaptable for multiple environments.
Local Variables: Local variables simplify complex expressions and enable reusable configurations by reducing redundancy.

Activities:

Configurable Web Server: We deployed a web server using input variables to define properties such as instance size, AMI, and tags dynamically.
Clustered Web Server: A significant milestone was deploying a highly available web application using multiple EC2 instances across availability zones for redundancy and reliability.
Documentation Exploration: Diving into Terraform's documentation provided deeper insights into providers, resource blocks, and workflows, reinforcing our understanding of the foundational concepts.

Takeaways:

The experience was challenging and rewarding. The use of high availability setups emphasizes the importance of infrastructure (IaC) as code in modern development practices. Promise to continue traveling.

Terraform Code for Configurable Web Server

provider "aws" {
  region = var.aws_region
}

variable "aws_region" {
  default = "us-east-1"
}

variable "instance_count" {
  default = 1
}

variable "instance_type" {
  default = "t2.micro"
}

variable "ami_id" {
  default = "ami-0c02fb55956c7d316"
}

resource "aws_security_group" "web_sg" {
  name_prefix = "web-sg-"

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "Web Server SG"
  }
}

resource "aws_instance" "web_server" {
  count         = var.instance_count
  ami           = var.ami_id
  instance_type = var.instance_type
  security_groups = [aws_security_group.web_sg.name]

  tags = {
    Name = "Web Server ${count.index + 1}"
  }

  user_data = <<-EOF
              #!/bin/bash
              sudo yum update -y
              sudo yum install -y httpd
              sudo systemctl start httpd
              sudo systemctl enable httpd
              echo "<h1>Welcome to Terraform Configurable Web Server</h1>" > /var/www/html/index.html
              EOF
}

output "web_server_ips" {
  value = aws_instance.web_server[*].public_ip
}

Terraform Code for Clustered Web Server

provider "aws" {
  region = var.aws_region
}

variable "aws_region" {
  default = "us-east-1"
}

variable "cluster_instance_count" {
  default = 3
}

variable "instance_type" {
  default = "t2.micro"
}

variable "ami_id" {
  default = "ami-0c02fb55956c7d316"
}

resource "aws_security_group" "cluster_sg" {
  name_prefix = "cluster-sg-"

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "Clustered Web Server SG"
  }
}

resource "aws_instance" "cluster_web_server" {
  count         = var.cluster_instance_count
  ami           = var.ami_id
  instance_type = var.instance_type
  security_groups = [aws_security_group.cluster_sg.name]

  tags = {
    Name = "Cluster Web Server ${count.index + 1}"
  }

  user_data = <<-EOF
              #!/bin/bash
              sudo yum update -y
              sudo yum install -y httpd
              sudo systemctl start httpd
              sudo systemctl enable httpd
              echo "<h1>Welcome to Terraform Clustered Web Server ${count.index + 1}</h1>" > /var/www/html/index.html
              EOF
}

output "cluster_web_server_ips" {
  value = aws_instance.cluster_web_server[*].public_ip
}

Social Media Post

🔥 Deployed a highly available web app today! I'm beginning to enjoy the benefits of IaC.

Let’s keep building and learning. Onward to Day 5!

DEV Community: Steve Yonkeu

I left the Cloud to Coolify

What is the cloud?

Why I Left the Cloud?

What is Coolify?

My Infrastructure Setup

My Setup

How to Install Coolify (Step-by-Step)

What I Host on Coolify Now

Migrating your FastAPI app step by step to serverless

What is Serverless ?

1. Execution Model

2. Cost Model

3. Scaling Model

4. Operations Reality

The Right Questions Come After Understanding

Steps to Migrate

Step 0: The Starting Point (FastAPI App)

Step 1: Understand the Serverless Mapping (Mental Model)

Step 2: Add Mangum (ASGI → Lambda Adapter)

Step 3: Create requirements.txt

Step 4: Package the Application for Lambda

Step 5: Create the Lambda Function

Step 6: Create API Gateway (HTTP API)

Step 7: Test your endpoint

Location and Device Fingerprinting

BUT HOW IS THIS DONE???

What is a Fingerprint?

Can We CRAFT Now?

Demo

Source Code

Call To Action

Captcha & reCaptcha For Django

What is Captcha and reCaptcha?

Let's CRAFT!!!

Outcome

Wrapping Up

Implementing SSO In Your Django Project

What is SSO?

SSO Case Study (Google)

Implementation

Results

Conclusion

Role-Based Access Control in Django

Authentication v/s Authorization

Different Authorization Methods

Conclusion

Django 2FA With Google Authenticator

What is 2FA?

Why the "Collabo" with Django?

Implementation

Setting up the project

Let's have the demo

Wrapping Up

The Django Iceberg

The Tip of the Iceberg: What Newbies See

The Hidden Depths: What Senior Developers Uncover

The Deepest Mysteries: Rarely Seen, Often Overlooked

Conclusion: Embracing the Iceberg

Serverless or Server for Django Apps?

Architecture

Server Deployment

Serverless Deployment

Pricing / Cost / Billing

Scalability

Automation

Serverless

Server

Tutorial

Conclusion

How to Scan in GoLang

1. fmt.Scan

2. fmt.Scanln

3. fmt.Scanf

4. bufio.NewReader (For Advanced Input Handling)

📊 Summary Table:

How to Print in GoLang

1. fmt.Print

2. fmt.Println

3. fmt.Printf

Step 3: Create `requirements.txt`

1. `fmt.Scan`

2. `fmt.Scanln`

3. `fmt.Scanf`

4. `bufio.NewReader` (For Advanced Input Handling)

1. `fmt.Print`

2. `fmt.Println`

3. `fmt.Printf`

4. `fmt.Sprint`

5. `fmt.Sprintln`

6. `fmt.Sprintf`

7. `fmt.Fprint`