Exporting HTTP errors through OpenTelemetry

by Sebastien Mirolo on Thu, 19 Sep 2024

Having gained some insights into OpenTelemetry through previous experiments, we planned to forward 50x nginx log records to an aggregator through OpenTelemetry. read more...

Shipping ssh login events through OpenTelemetry

by Sebastien Mirolo on Wed, 18 Sep 2024

Following the failed experiment to ship OpenTelemetry events to GitLab, we embarked on a smaller project of creating an HTTP POST request on a homegrown service every time an engineer ssh into the Cloud infrastructure. read more...

OpenTelemetry and GitLab (failed experiment)

by Sebastien Mirolo on Mon, 9 Sep 2024

As Web traffic has spiked other the summer, the engineering team is looking to upgrade the logging infrastructure to have better visibility into "soft errors" - i.e. 502, 503, 504 and the like. The team has been more and more relying on a self-hosted GitLab instance for day-to-day activity, and has seen many new features around Monitoring coming out of GitLab. Soon the idea of shipping OpenTelemetry events to GitLab started to look good. read more...

Auto-update of Letsencrypt Wildcard TLS Certificates

by Sebastien Mirolo on Tue, 16 Jul 2024

Letsencrypt started to issue wildcard certificates in . Verification of ownership is done through a TXT DNS record, which means for auto-updating, we need to be able to update DNS entries programmatically. Since the domain we are planning to use wildcard certificates on is managed by AWS Route53, this is perfect. read more...

Upgrading to Amazon Linux 2023

by Sebastien Mirolo on Thu, 4 Jan 2024

Over time we ran production workloads on Fedora, CentOS7, Amazon Linux 2, and now Amazon Linux 2023 (which means we are back on Fedora I guess). This post is about the quirks we encountered migrating from Amazon Linux 2 to Amazon Linux 2023. read more...

Leveraging GPT-4 to Streamline ESG Compliance Audits

by Dima Knivets on Tue, 24 Oct 2023

In today's rapidly evolving corporate landscape, Environmental, Social, and Governance (ESG) compliance is more crucial than ever. Auditors specializing in ESG standards are often burdened with the cumbersome task of manually sifting through a mountain of company documents to extract relevant information, making it a significant bottleneck in the auditing workflow. read more...

Generating picture-in-picture of a speaker with Synthesia

by Sebastien Mirolo on Fri, 4 Aug 2023

After experimenting with AI-generated voice over in a previous post, it was time to amp it up. In this post, we will sign up for Synthesia and attempt to generate a picture-in-picture of a AI-generated actor taking us through a video tutorial. read more...

Producing Voice Over for Video Tutorials with Open Source

by Sebastien Mirolo on Wed, 26 Jul 2023

The team has embarked on producing a series of video tutorials. Since none of the team members is a native English speaker and we have been eager to test some new Artificial Intelligence (AI) tools, we decided to experiment with Text-to-Speech technologies - Open Source ones of course. read more...

A stopped EC2 instance that would not start again

by Sebastien Mirolo on Fri, 16 Jun 2023

Many times we stopped an EC2 instance, changed the instance type and started it again. This time, the instance would just refuse to start again. Let's dive in how we debugged this issue and fixed it. read more...

Upgrading to Java11 on Amazon Linux 2

by Sebastien Mirolo on Wed, 16 Nov 2022

A latest update of Jenkins (version 3.6) triggered an required upgrade to Java 11. The process to upgrade from Java8 to Java11 on Amazon Linux2 is pretty straightforward. read more...

Connecting an AzureAD SAML provider

by Sebastien Mirolo on Wed, 16 Nov 2022

In this post we will delegate user authentication for a Djaoapp-powered Software-as-Service (SaaS) product to a SAML provider hosted by AzureAD. read more...

Operating a SaaS product through ownership changes

by Sebastien Mirolo on Tue, 30 Aug 2022

Either because you sold the business, or a critical operation engineer is promoted and/or leaves the company, changes in ownership are inevitable. To be prepared for it, you should create a business continuity plan and review it regularly. read more...

Twelve Transactional E-mails Every SaaS Needs

by Sebastien Mirolo on Wed, 13 Jul 2022

You have decided to launch your SaaS product and are looking forward to subscribers signing up with their credit card. Congratulations! Let's now see the transactional e-mails your customers will be expecting. read more...

Packaging Python Apps

by Morgan Shorter on Mon, 25 Apr 2022

I have never quite understood why Python (or Ruby) packages are delivered through their own manager (pip, gem) instead of the local system package manager (apt, yum, etc). It might make sense for pure language packages but it becomes borderline insane when dealing with bindings to native libraries. read more...

Running an Amazon Linux2 virtual machine on your own hardware

by Morgan Shorter on Fri, 21 Jan 2022

I have a prod test-bed with privileged ports, FQDNs, and production configs running in my home lab. With it, I can test all our apps, proxies, databases, and unattended install scripts without having to deploy a new instance. In this article, I'll explain how I set up an Amazon Linux 2 virtual machine on my headless home server, and how I used WireGuard to elevate that VM from a handy sandbox to a first-class, low-maintenance development tool. read more...

Logging Docker containers output through journald to syslog

by Sebastien Mirolo on Fri, 24 Dec 2021

So far the fast path to notify developers when a logic error (500) appears in production relies on text files and logrotate. Here we will see how to forward Docker logs through journald to syslog. read more...

Triggering a script on uploads to AWS S3

by Sebastien Mirolo on Thu, 23 Dec 2021

The main reason to implement a fast path to upload logs is to be able to process them quicker than through the daily batch process. Fortunately AWS S3 can generate events into a SQS queue and/or trigger Lambda function when a new file is created in an S3 bucket. read more...

Logging gunicorn messages through journald to syslog-ng

by Sebastien Mirolo on Wed, 22 Dec 2021

We are interested here to log messages from a gunicorn application to journald, eventually forwarding the messages to syslog-ng. read more...

Debugging logrotate scripts

by Sebastien Mirolo on Tue, 21 Dec 2021

Many times debugging logrotate scripts rely on making changes and waiting for the next day to check the results. Today we will see how to be more efficient and debug logrotate scripts until they work. read more...

Fast-tracking server errors to a log aggregator on S3

by Morgan Shorter on Tue, 29 Jun 2021

Setting up log monitoring with DjaoDjin is now easier than ever thanks to the latest logging feature. Integrating alerts into your app configuration will be supplanted by a more cleanly separated plug-and-play design that handles log backups, log rotation, and monitoring for server errors without developers having to worry about setting up and testing email logins. read more...

Starting with a base AMI

by Sebastien Mirolo on Wed, 19 May 2021

Before you start any DevOps workflow, you will need to pick an OS distribution (and image) to base the servers on. read more...

Mix Vue.js with Django templates

by Sebastien Mirolo on Thu, 11 Jun 2020

We have an application written in Django that we want to piece-wise migrate to a Vue and API architecture. This post explores how we managed to combine Vue development inside a Django project, and all the frustrating dead-end along the way. Hopefully saving you time in your own process. read more...

Building Git Pull Requests with Jenkins

by Sebastien Mirolo on Wed, 15 Apr 2020

Through the years and Jenkins releases, we build Jenkins jobs that are able to run tests on the master branch. With more and more casual contributors, we want to be able to run tests on Pull Requests, automatically adding annotations for the test results. read more...

Building CSS/JS static assets and Django

by Sebastien Mirolo on Thu, 4 Jul 2019

In the early days of the Internet, you added your .css and .js files in a static/ folder under your Django project and you were done. Things have evolved. Getting the User Interface static assets to a browser is a lot more complex now. read more...

testing a Django 2.2 website with SQLite3 on CentOS 7

by Sebastien Mirolo on Wed, 8 May 2019

Django 2.2 was released on Apr 1st 2019. Since it is the most recent as well a Long Term Support (LTS) version, it was time to update the Jenkins bot infrastructure to include Django 2.2 in the Django versions tested. read more...

Integrating Django i18n with Jinja2 and Vue.js

by Dima Knivets on Tue, 16 Apr 2019

It is straightforward to add translations to a Django project with built in Django templates. However, if you are using other template engines like Jinja2, it might take more effort to make those work together. Things can get tricky if you want to manage translations for both the frontend and the backend using the same Django tools. I'm not going to cover the basics of i18n in Django hereas there is already a great deal of information on the Django website, but instead talk about the out of the box stuff that is not integrated. read more...

Documenting an API implemented with Django Rest Framework

by Sebastien Mirolo on Wed, 24 Oct 2018

With growth comes many support issues, one of them being able to efficiently answer questions for developers and prospective customers. The API doc hosted on Read-the-Docs were showing their limitations. So we embark onto surveying the landscape for API documentation, looking for a solution that fits DjaoApp APIs implemented with Django Rest Framework. read more...

Date/time, back and forth between Javascript, Django and PostgreSQL

by Dima Knivets on Tue, 17 Apr 2018

DjaoDjin caters to micro-SaaS products. These are specialized and local products. As an example, A1Ceus targets compliance with New York State professional certification requirements. Usually the teams behind those websites are small (1-3 people), with their thumb on the pulse on daily business numbers. Reporting graphs in UTC did not cut it. Questions kept piling up in the customer support inbox about discrepancies between what those micro-SaaS entrepreneurs were experiencing and what the report charts were saying. Reports had to be presented midnight to midnight local time. Here is the journey of what that meant technically to show revenue reports in local time. read more...

PostgreSQL, encryption and AWS RDS instance

by Sebastien Mirolo on Sat, 19 Aug 2017

Sometime ago, I wrote about installing postgresql on an encrypted volume and running postgresql on an ebs volume encrypted with keys managed by AWS KMS. Today let's see how we can quickly deploy postgresql on an RDS instance with both encryption at-rest and in-transit. read more...

Export Python Code Coverage from a Docker Container to Jenkins

by Sebastien Mirolo on Wed, 17 May 2017

The full tests workflow is presented in the diagram below. We presented the steps to build a Docker container and upload it to ECR in another post. Here we will focus on generating Python coverage results and getting the files to be presented into Jenkins. read more...

Jenkins, Docker build and Amazon EC2 Container Registry

by Sebastien Mirolo on Tue, 16 May 2017

The major features released in Jenkins v2 are Jenkinsfile and Pipelines. Today, we will see how to create a Jenkins job to build a docker container out of a source repository then upload it to an Amazon EC2 Container Registry. read more...

First day with Docker

by Sebastien Mirolo on Sun, 14 May 2017

(This post was updated for running Docker on Fedora 25) Since Docker was released as open-source, it has spread like wildfire. Both Amazon and Google have been quick to support Docker on their respective cloud. read more...

Nginx, Jetty and Jenkins (updated)

by Sebastien Mirolo on Sat, 13 May 2017

It has been a while since we setup Nginx, Jetty and Jenkins together the first time around. Fedora is on version 25, Jetty on version 9 and Jenkins on version 2.60. read more...

Create an EC2 AMI with Ansible

by Sebastien Mirolo on Thu, 30 Mar 2017

Time to boot EC2 instances has significantly improved over the years but it still takes in the order of tens of minutes to do a system update and configuration. As a result, we always create a base image, fully configure and that is then instantiated as necessary. Of course, we use Ansible to setup and register that AMI. read more...

Elements of a good receipt

by Sebastien Mirolo on Tue, 31 Jan 2017

Charge receipts are an essential part of payments online, both for selling physical goods (e-commnerce) and subscriptions for Software-as-a-Service (SaaS). A good receipt will help customers build trust in your business as well as avoid chargebacks. In this post, let's review the elements needed for a good receipt. read more...

Porting a Django app to Jinja2 templates

by Sebastien Mirolo on Wed, 26 Oct 2016

Jinja2 has many nice features over native Django templates, one being a more strict sand-box security model and second template macros. Fortunately Django 1.8 introduced support for Jinja2 templates. In this post we will see how we ported our Django code base to Jinja2 templates. read more...

Resizing an EBS disk

by Sebastien Mirolo on Fri, 21 Oct 2016

Sometimes you underestimated the disk size required to setup and run a service on AWS. The quickest way to keep moving forward is to resize the EBS storage associated with the EC2 instance. read more...

Logrotate, S3 storage, and AWStats

by Sebastien Mirolo on Wed, 24 Aug 2016

Today we are going to push the rotated logs to a S3 bucket, the download those logs and process them with awstats. read more...

SubfieldBase has been deprecated Django warning for DurationField

by Sebastien Mirolo on Sun, 24 Jul 2016

As we are getting ready for a Django 1.10 upgrade, it is time to take care of one of the most baffling warning in the code base RemovedInDjango110Warning: SubfieldBase has been deprecated. This lead to a long journey through code, documentation, and release notes. read more...

Django Rest Framework, AngularJS and permissions

by Sebastien Mirolo on Mon, 25 Apr 2016

We are building an AngularJS application that will talk to a backend API written with Django Rest Framework (DRF for short). Let's see how we do that nicely and securely. read more...

Serving static assets in a micro-services environment

by Sebastien Mirolo on Sat, 5 Sep 2015

While deploying code on a production server can be tricky due to prerequisites, version drift, etc. Serving static assets, commonly called Plain Old Data (POD) has its own set of challenges. Often static assets are "compiled" (gzip, minification), moved around the filesystem and served to a browser by completely different services (ex: nginx) than during development. In practice it means a lot of things can potentially go wrong. read more...

Nginx authenticated files access

by Stephane Robino on Tue, 7 Jul 2015

When dealing with large files (2Gb+), we would prefer nginx to serve those files directly. The trick is we want nginx to serve those files solely to authenticated users. We will see in this post how to have nginx serve the files directly, yet keep the authorized access logic inside our web application. read more...

Browser direct upload to S3

by Sebastien Mirolo on Wed, 10 Jun 2015

Dealing with large files over HTTP has always been challenging, Doing so in the context of access control and user authentication even more so. Once faced with that first (too) big file, you will most likely search for Nginx direct file upload without passing them through backend or if you rely on AWS, look into S3 direct upload from browser. We will see in this post how to do the latest. read more...

Django, Gunicorn and Syslog-ng

by Sebastien Mirolo on Fri, 29 May 2015

As we add more customers, traffic and infrastructure grow, centralized logging becomes more of a pressing need. We configure the Gunicorn/Django service to log messages through the local syslog-ng and have syslog-ng forwards logs to an aggregator machine. read more...

Jenkins, SELinux and Python Coverage

by Sebastien Mirolo on Thu, 28 May 2015

Time for an upgrade of the Jenkins machine. This time we are setting up Jenkins with Jetty 9 on Fedora 21 to continuously run CasperJS tests against the Django web application. read more...

PostgreSQL, encrypted EBS volume and Key Management Service

by Sebastien Mirolo on Wed, 27 May 2015

A little while ago, I wrote about installing postgres on an encrypted volume. The approach is very secure and uses standard Linux tools but it has two drawbacks. read more...

How New EC2 Instances Lead to Re-write PDF Tools

by Sebastien Mirolo on Mon, 11 May 2015

Amazon announced new T2 instances in July 2014. A little later it became clear that AWS free tier for StartUps was only for T2 instances. The free tier offer did not extend to the previous T1 generation (We found out on the first bill). read more...

Two background colors on a nvd3 line chart

by Stephane Robino on Sat, 9 May 2015

NVD3 (running with d3.js) is a great plug-in to easily create nice chart. Here we will see how to set two different background colors that visually separate past results and future predictions on a line chart. read more...

Organizing Ansible Playbooks

by Sebastien Mirolo on Thu, 2 Apr 2015

In this post I will describe how we organize DjaoDjin Ansible playbooks for deployment on AWS as well as the rationale that lead to it. read more...

Single sign-on through OpenLDAP on Fedora 21

by Sebastien Mirolo on Tue, 31 Mar 2015

Whether you work with a lot of contractors that come and go or you are dealing with the pains of a growing business, there is a point where copying ssh keys around on your EC2 instances does not cut it anymore. Time for a centralized login solution. read more...

Postfix, Dovecot and OpenLDAP on Fedora 21

by Sebastien Mirolo on Mon, 30 Mar 2015

So far we had run the mail server with static hash files. As we add contributors and machines in the mix, it is about time to introduce a central account service (i.e. OpenLDAP). Since Rackspace and Amazon deprecated their first generation instances, re-building the mail infrastructure from scratch on a new system seemed appropriate - plus, it is fun! read more...

Software-as-a-Service Lighting Talk at Sourcegraph

by Sebastien Mirolo on Mon, 20 Oct 2014

These are the slides about djaodjin-saas I presented at Sourcegraph in October. read more...

Deploying on EC2 with Ansible

by Sebastien Mirolo on Sat, 18 Oct 2014

Ansible is a great piece of software to write IT automation scripts. The fact that Ansible is written in Python makes it even sweeter for us. read more...

Multi-tier Implementation in Django

by Sebastien Mirolo on Thu, 16 Oct 2014

These are the notes from the lightning talk I gave at the SF Django Meetup on September 24th. read more...

jQuery plugin to annotate images

by Stephane Robino on Sun, 31 Aug 2014

For the past months, we have been using a workflow to communicate layout changes on the site that includes an in-browser screen capture, followed by a screenshot annotate step and concluded by a todo item in the backend database. read more...

Email Notifications with Amazon SES

by Sebastien Mirolo on Tue, 5 Aug 2014

Today we are setting up email notification for the Django webapp through Amazon SES, not to be confused with Amazon SNS (Simple Notification Service) and Amazon SQS (Simple Queue Service) which are other useful notification services from Amazon. read more...

Triggering the VersionEye API

by Sebastien Mirolo on Wed, 30 Jul 2014

Today we are going to mechanically upload DjaoDjin's requirements file to VersionEye through a git post-update hook. read more...

Postgres on an Encrypted EBS Volume

by Sebastien Mirolo on Wed, 30 Jul 2014

There are only two kinds of people, those who encrypt and those who wish they encrypted. The way EC2 instances boot, it is almost impossible to do full disk encryption. Here we will store the postgres database files on a separate encrypted EBS volume, and thus tweak the default postgres installation along the way. read more...

Schema Migration with Django

by Sebastien Mirolo on Tue, 29 Jul 2014

Database schema migration is a fact of life and South has imposed itself as the de facto solution within the Django community (at least until Django 1.7). The south docs are explicit, yet it is good to read the excellent south-explained post before diving in. read more...

Docker on Amazon Elastic Beanstalk

by Sebastien Mirolo on Sat, 26 Jul 2014

We have recently played with Docker on a Fedora 20 Virtual Machine. What we are looking to achieve Today is to run a Docker container on Amazon Elastic Beanstalk (AEB). read more...

How we setup pylint on a git pre-receive hook

by Sebastien Mirolo on Wed, 14 May 2014

We have worked as a cohesive team of Python developers for a long time. Either it is underscore variable names, spacing conventions or the 80-column rule, most of them had no problem. All the code written could be pretty much guaranteed to be PEP-8 compliant. read more...

Multiple step form with jQuery validation

by Stephane Robino on Fri, 25 Oct 2013

We will see how we can easily validate a multiple step form thanks to jQuery and jQuery validation plugin. The aim is to validate each step of the form one by one and post a clean form. read more...

Continuous Integration for a Javascript-heavy Django Site

by Sebastien Mirolo on Sat, 25 May 2013

In the popular series on how technical decisions are made, we will see Today why DjaoDjin picked django-jenkins, phantomjs, casperjs and django-casper to build its continuous integration infrastructure on. read more...

How we picked d3js to draw SaaS metrics

by Sebastien Mirolo on Fri, 1 Mar 2013

There are only few webapps that can do without displaying nice looking charts. This is even more so when you are running a Software-as-a-Service (SaaS) website. If you believe we are living in a knowledge economy as I previously described in Open source business models, this means we must search and are bound to find already made solutions. read more...

Behavior-Driven Development (BDD) in Python

by Michael Armida on Fri, 12 Oct 2012

We've adopted Behave over Lettuce for our BDD needs here at Djaodjin. Below I'll present a summary of the motivations for this, and some criticisms of Behave. read more...

Nginx, Gunicorn and Django

by Sebastien Mirolo on Fri, 22 Jun 2012

I decided today to bring a new web stack consisting of nginx, gunicorn and django on a fedora 17 system. We are also throwing django-registration in the mix since the service requires authentication. read more...

Setting-up PAM and LDAP

by Sebastien Mirolo on Tue, 15 May 2012

I wanted to setup my web app to authenticate through PAM as a general authentication mechanism. Since users are allowed to register and update password through the web app directly, I indented to use LDAP to hold user profile information. So I delve into setting-up PAM and LDAP. read more...

Redmine plugins

by Sebastien Mirolo on Tue, 15 Nov 2011

Today I browsed through the redmine plugins directory and selected a few that might be fun to use in our projects. read more...

Redmine is very slow

by Sebastien Mirolo on Mon, 14 Nov 2011

I setup redmine recently run through thin behind a nginx on a rackspace cloud machine. The interface is great and it seems like a very useful application if it was not so slow to respond. Simple http requests take forever even on a machine that experiences only minor traffic. read more...

Nginx, Jetty, Lift and Scala

by Sebastien Mirolo on Wed, 2 Nov 2011

After setting-up a php stack, a python stack and a ruby stack for web applications in the last couple weeks, I decided to go with nginx / jetty / Lift / scala next. read more...

Setting-up Modx CMS

by Sebastien Mirolo on Sun, 16 Oct 2011

Modx is a CMS system written in PHP. As a result, unless you install the not-yet-released PHP 5.4, you will need a PHP-enabled front web server. If you planned to use nginx you will have to do so through FastCGI (remember no built-in http server before PHP 5.4) which if, out-of-luck, you are running a PHP version below 5.3 will require a patch in the PHP source tree. Modx supports mysql as a database backend but there are no mention of postgresql. As a result, I have sticked with a "traditional" LAMP stack for now. read more...

Setting-up Redmine

by Sebastien Mirolo on Sun, 9 Oct 2011

After a few days battling with trac, I decided to give redmine a shot. read more...

Authentication using OpenLDAP

by Sebastien Mirolo on Sat, 8 Oct 2011

In the most part I followed the ubuntu 11.04 openldap tutorial. The wikipedia article is also useful to understand some of the basics. I later stumbled upon LDAP for Rocket Scientists which definitely helped clarify some. read more...

Setting-up Trac

by Sebastien Mirolo on Sun, 2 Oct 2011

I needed to setup a forum for developers on a recent project. That included a source control repository (git), a wiki, a blog, a buildbot and an issue tracking system. To provide the last components I decided to setup trac and a few trac plug-ins. read more...

Stubbing Java Classes

by Sebastien Mirolo on Wed, 7 Sep 2011

Many times while validating a software product, you have to substitute a few parts in order to enable automated testing. This was again the case recently when I was confronted with a java application built as a jar file. The application relied on a complex subsystem of components that needed to be stubbed out in the test runner. read more...

Continuous builds with Jenkins

by Sebastien Mirolo on Wed, 7 Sep 2011

Jenkins is another continuous integration server written as a java webapp just like cruisecontrol. Jenkins seems to be the most popular continuous integration package today. There is extensive documentation to install it on many different operating systems and it comes with lots of plugins. read more...

Denying comment spam bots

by Sebastien Mirolo on Sat, 23 Apr 2011

It is kind of fun to look through your application logs and find traces of a hacker trying to break in. It might even be intellectually stimulating to play this game of hide and seek with another human being. Unfortunately most malicious attempts hitting your server will come from bots. Those don't get discouraged. Those don't change tactics. They keep trying to brute force passwords, even when you only allow private key login in your ssh daemon. They keep trying to access PHP scripts, even when you do not have any PHP stack running on your web server. Worse, if you allow people to leave comments on your web site, you are almost guarantee to attract spam bots that will waste precious bandwidth and mess up statistics you use to learn about your audience. read more...


Receive news about DjaoDjin in your inbox.

Bring fully-featured SaaS products to production faster.

Follow us on