Prezentacja

PDF: prezentacja

Jakie są Twoje wrazenia z prezentacji?

Linki

Społeczności

• r/homelab - główna społeczność homelabbers
• r/VPS
• r/sysadmin

Osoby i profile

• Pieter Levels na X

Homelab i self-hosting

• The Homelabber
• selfh.st - Self-hosted content and software
• Awesome Self-Hosted
• Mikr.us
• Hetzner Cloud

Tanie VPS-y i darmowe limity

• VPS Price Tracker: Cheap VPS Lists & Prices
• freetier.co
• freetiers.com
• Free for Developers

Chmury i platformy

• Azure - darmowe limity
• Google Cloud Free Program
• Google Cloud Run
• Oracle Cloud Always Free
• IBM Cloud Free Tier
• Vercel - pricing
• Netlify - pricing and plans
• Railway
• Supabase - pricing
• Cloudflare
• Cloudflare Workers - limits
• Cloudflare R2
• Cloudflare CDN
• Cloudflare Tunnel
• Backblaze B2
• Bunny CDN

Monitoring, obserwowalność i bezpieczeństwo

• Better Stack
• Sentry
• UptimeRobot
• Grafana Cloud
• Uptime Kuma
• Netdata
• GlitchTip
• UFW
• fail2ban
• Authentik
• Authelia
• SOPS
• age
• CrowdSec
• 1Password Developer

Technologie i narzędzia

• PostgreSQL
• SQLite
• Litestream
• GraalVM
• Docker
• Docker Compose
• Caddy
• nginx
• Raspberry Pi 5
• Linux kernel
• Coolify
• CasaOS
• Amazon S3
• Certbot
• restic
• Kubernetes
• Redis
• n8n

Sieć i dostęp

• Tailscale

Usługi i produkty

• Google Workspace
• Spotify Duo
• YouTube Premium
• JetBrains IntelliJ IDEA
• Revolut
• ZEN
• Wise
• Temp Mail
• JuicySMS
• iCloud Hide My Email

Materiały, inspiracje i incydenty

• Podcast PatoArchitekci.io - #155 Bieda-hosting, czyli miejsce na MVP, Side Projects i inne nasze zabawki
• Jakub Mrugalski - A gdyby tak zrobić startup w weekend?
• GitLab.com outage 2017 - postmortem
• Pożar OVHcloud Strasbourg 2021
• Lenny’s Product Pass
• promptowy
• oliwier1pl

Michał Mazur

LinkedIn: https://www.linkedin.com/in/michmzr/ Blogi: https://www.geekowojazer.pl/ i https://cybershu.eu/ Kluby Junto: Warszawski Klub Junto Link.tree: https://linktr.ee/michal.mazur

I wouldn’t walk away from developer-led, line-by-line code review, because:

1. For a review to be actually good, it needs multiple perspectives: technical correctness, adherence to coding standards, business correctness (logic), and architecture. I doubt a single prompt can cover all of that.

2. To do a proper review, an AI agent would have to analyze dependencies, understand requirements, build code/logic diagrams, and then review—otherwise you’d need to dump half the repo into context and it’ll blow up in your face. As the saying goes: “It’s a recipe for disaster.”

I see AI review as support—maybe even a replacement for small changes—but it won’t replace the eyes of an experienced developer who knows the domain and the system.

The bigger problem I see is organizational culture. AI spits out code in large volumes, and (generally) devs won’t thoroughly review PRs. And we, as developers, will be—are—pushed harder and harder to produce more and more code, faster, using AI. Today we’re told to use one agent; soon we’ll be expected to run at least five in parallel.

Doing it right? Still hard. It still requires knowledge and skills. But it’s easier than ever.

I put together a few practical tips for builders of new era.

Presentation

Download PDF

Fast tips for you

Security

• Keep API keys secret: Never hardcode keys in your app. Store secrets in environment variables or a free secrets manager to keep them safe. 1Password has some interesting features that are worth looking at!
• Scan for vulnerabilities: Run a free Snyk scan (or enable GitHub Dependabot) to catch known security flaws in your code/dependencies early.
• HTTPS everywhere: Always serve your app over HTTPS. Tools like Let’s Encrypt give free SSL certificates!
• Lock your accounts: Enable 2-factor authentication on critical services (GitHub, cloud platforms, AI tools etc.). It’s free and prevents easy hacks on your accounts.
• Set hard budget limits in all tools that charge for usage, like Chat-GPT. It might save you a lot of money!

Version Control

• Stop emailing zip files: Use Git for version control. It tracks every change so you can undo mistakes and never lose code again.
• Free cloud backup: Push your code to GitHub or GitLab (free private repos) for safekeeping. If your laptop crashes, your code stays safe in the cloud.
• Branch for safety: Experiment on a new branch instead of directly on main. Merge when it’s working, or delete it if not — no harm done to your main codebase.
• GitHub Desktop helps: If the command line scares you, use the free GitHub Desktop app. It’s a point-and-click way to commit, push, and pull code – no terminal needed. Most coding editors have already build-in graphic interface for GIT.
• Automate testing & deploys: Use GitHub Actions (free) to run checks or deploy your app on every push. Automation catches issues early and saves manual effort.

Deployment

• One-click hosting: Deploy your app on platforms like Railway Vercel. You just push code and chill.
• No server? No problem: Firebase offers hosting, database, and auth with a free plan. Great way to get backend features without managing any servers.
• Static site hero: Use Netlify, Vercel, or GitHub Pages for a static website or frontend app. They’re free – just connect your repo or drop your files to go live.
• Continuous deploy: Link your code repo to your host (Railway, Vercel, etc.). Every time you push changes, the service auto-deploys your app. No more manual uploads!
• Serverless functions: Need a bit of backend logic? Use cloud functions on a free tier (Firebase Functions, Vercel, Netlify, AWS, GCP, Azure). Your code runs on demand.

Rules

• Split project into smaller tasks – Easier to manage, debug, and parallelize.
• Write detailed documentation first – Force model/agent to follow it. Include goals, edge cases, and examples.
• Monitor token and compute costs – Large files or loops can explode usage. If your app is using AI, then integrate your app with LangSmith or a similar observability tool.
• Limit workspace scope – Restrict to relevant directories or files only for each task.
• Define clear input/output format – Avoid ambiguity. Keep structure strict and predictable. Define all details and rules in each prompt.
• Use isolated test cases – Help the model validate logic step-by-step. Ask the model to create tests according to BDD (Behavior Driven Development).
• Fail fast, retry smart – Catch issues early, and design fallback or retry logic.

Wrap-up

I hope the article at least intrigued you, you learned something new. If you would like to see more of such articles, please let me know!

Contact

Please leave any comments to let me know. If you have any questions, please feel free to contact me directly on:

• Twitter: https://twitter.com/MichalMzr
• LinkedIn: https://www.linkedin.com/in/michmzr/

You can also find my posts on my second blog Geekowojażer.pl

After the last presentations, I felt tired of PowerPoint and decided to do something different.

Why I got tired of PowerPoint

Form, form, form. I was tired of the form. PowerPoint forces to focus on form, layouts, colors, and pixels etc. I don’t like frontend development, I’m not a designer. I prefer to focus on the content, not the layout, pixels. I a presentation that was simple and minimalistic.

Marp - a simple solution

I used Markdown - a text format for creating presentations. Without using any AI :P

It’s simple because all you need is a Markdown text file and a tool to display such a file, such as the Marp for VS Code plugin. Then you can export the presentation to HTML, PDF. IF you don’t use visual studio code, then you can use for example CLI to generate a presentation in PDF/HTML format.

The simplicity of this solution convinced me.

Example of Marp presentation

---
marp: true
theme: default
paginate: true
backgroundColor: #fff
style: |
  .columns {
    display: grid;
    grid-template-columns: repeat(2, minmax(0, 1fr));
    gap: 1rem;
  }
  .small-text {
    font-size: 0.75em;
  }
  .center {
    text-align: center;
  }

  header,
  footer {
    padding:20px
  }

  img {
    max-width: 100%;
    max-height: 100%;
  }
---

# :popcorn:Dependabot: Automated Dependency Updates
![bg right](./dp_logo.png)

<small>
Michał Mazur
</small>

---
<!-- headingDivider: 0-->


# What is Dependabot? 🤖

Imagine having a dedicated team member who:

- Never sleeps and its fully automated
- Checks your dependencies 24/7
- Creates perfect pull requests
- Knows about security issues before you do
- Supports multiple ecosystems:
  - github actions, npm, pip, Maven, NuGet, Bundler...

---

# Short Live Demo Time! 🎬

In a result you can get sth like that in PDF format: pdf

Links

• Marpit: https://marpit.marp.app/
• Marp for VS Code: https://marketplace.visualstudio.com/items?itemName=marp-team.marp-vscode

Wrap-up

I hope the article at least intrigued you, you learned something new.

Contact

Please leave any comments to let me know. If you have any questions, please feel free to contact me directly on:

• Twitter: https://twitter.com/MichalMzr
• LinkedIn: https://www.linkedin.com/in/michmzr/

You can also find my posts on my second blog Geekowojażer.pl

I was recently working on signing Docker images and found a performance issue. In order to sign the image, I had to pull the image from the registry, calculate the hash and create the signature file, and push the new tag to artifactory. This process took a lot of time, especially if the image was large. I was looking for a way to optimise this process. I found a hack to remotely create new tags on JFrog and AWS ECR docker repositories without pulling and pushing the image. It’s a simple trick, but it can save you a lot of time. I will show you an example of how to do it on Github Actions

Classic method

docker pull artifactory.example.com/my-image:1.0.0
docker tag artifactory.example.com/my-image:1.0.0 artifactory.example.com/my-image:1.0.1
docker push artifactory.example.com/my-image:1.0.1

JFrog

Below exampl pipeline steps uses JFrog API to fetch the image manifest and add new tag to the image $ tagged $.

Pipeline configuration

env:
  DEVHUB_REGISTRY_URL: artifactory.example.com # JFrog registry url
  DEVHUB_REPO_NAME: docker # JFrog docker repository name
  IMAGE_NAME: my-image # Docker image name
  SEMVER: 1.0.0 # Current image tag
  TARGET_SEMVER: 1.0.1 # New image tag

Secrets:

• ARTIFACTORY_USERNAME
• ARTIFACTORY_TOKEN

Pipeline steps

AWS ECR

Pipeline configuration

env:
  AWS_REGION: "" # AWS region name i.e us-east-1
  AWS_WORKFLOW_ROLE: "" # AWS role arn
  AWS_ROLE_SESSION_NAME: "" # AWS role session name

  IMAGE_NAME: my-image # Docker image name
  SEMVER: 1.0.0 # Current image tag
  TARGET_SEMVER: 1.0.1 # New image tag

Pipeline steps

Warning: Authentication with AWS ECR requires AWS credentials. Please make sure you have configured AWS credentials in your pipeline. My example uses one of the possible methods to configure AWS credentials in GitHub Actions.

Wrap-up

I hope the article at least intrigued you, you learned something new.

Contact

Please leave any comments to let me know. If you have any questions, please feel free to contact me directly on:

• Twitter: https://twitter.com/MichalMzr
• LinkedIn: https://www.linkedin.com/in/michmzr/

You can also find my posts on my second blog Geekowojażer.pl

As I was diving into “The Software Engineer’s Guidebook,” by Gergely Orosz I stumbled upon a game-changing tip: keeping a work log.

This practice has been a revelation for me—it’s more than just tracking daily tasks. A work log helps you:

✅ Track Your Progress: Stay on top of your projects and see how far you’ve come.

🎉 Celebrate Wins: Big or small, every achievement counts. Documenting them keeps your morale high.

🔄 Learn from Mistakes: Reflect on challenges and turn them into growth opportunities.

💼 Prepare for Promotions: When it’s time to discuss your next career move, having a detailed record of your contributions is invaluable.

Want to start your own work log? I’ve put together a simple template to get you going:

My weekly template

- What work do I feel most proud of?
- Are there themes in these projects I should be thinking about? What’s the big picture of what I’m working on? (am I working a lot on security? localization?).
- What do I wish I was doing more / less of?
- Which of my projects had the effect I wanted, and which didn’t? Why might that have been?
- What could have gone better with project X? What might I want to do differently next time?

# Developer Work Log

## Week of [Month Day, Year]

### Goals
- [ ]
- [ ]
- [ ]


### Monday, [Date]
#### Tasks
- [ ]

#### 🚀 Achievements
-

#### 🛠️ Challenges
-

#### 💡 Learnings
-

#### 🎯 Goals for Tomorrow
-


### Tuesday, [Date]
#### Tasks
- [ ]

#### 🚀 Achievements
-

#### 🛠️ Challenges
-

#### 💡 Learnings
-

#### 🎯 Goals for Tomorrow
-



### Wednesday, [Date]
#### Tasks
- [ ]

#### 🚀 Achievements
-

#### 🛠️ Challenges
-

#### 💡 Learnings
-

#### 🎯 Goals for Tomorrow
-

### Thursday,  [Date]
#### Tasks
- [ ]

#### 🚀 Achievements
-

#### 🛠️ Challenges
-

#### 💡 Learnings
-

#### 🎯 Goals for Tomorrow
-


### Friday, [Date]
#### Tasks
- [ ]

#### 🚀 Achievements
-

#### 🛠️ Challenges
-

#### 💡 Learnings
-

#### 🎯 Goals for Tomorrow
-


---

## Weekly Summary

### 🎯 Weekly Goals
- [Goal 1]
- [Goal 2]
- [Goal 3]

### 🚀 Achievements
- [Major achievement 1]
- [Major achievement 2]
- [Major achievement 3]

### 🛠️ Challenges
- [Significant challenge 1]
- [Significant challenge 2]
- [Significant challenge 3]

### 💡 Learnings
- [Key learning 1]
- [Key learning 2]
- [Key learning 3]

### 📅 Planning for Next Week
- [Objective 1]
- [Objective 2]
- [Objective 3]

Hello ✋, I was tasked with integrating a Java class for data generation into our CI/CD pipeline. The goal was to create a shaded JAR that could run directly from the pipeline.

The challenge was that the class was in the tests directory, which Maven doesn’t support for building JARs. I resolved this by using the maven-shade-plugin and maven-resources-plugin to build a shaded JAR, including necessary resources like SQL schema files.

I hope this example saves you time during development! 🚀

Code

Maven

This Maven configuration uses two key plugins to build and run a JAR file with an executable Java class (MainTest) in the tests directory: the Maven Shade Plugin and the Maven Resources Plugin.

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <groupId>eu.cybershu</groupId>
  <artifactId>mvn-test-jar</artifactId>
  <version>1.0-SNAPSHOT</version>

  <properties>
    <maven.compiler.source>17</maven.compiler.source>
    <maven.compiler.target>17</maven.compiler.target>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  </properties>

  <profiles>
    <profile>
      <id>test-jar</id>
      <build>
        <plugins>
          <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-shade-plugin</artifactId>
            <version>3.6.0</version>
            <executions>
              <execution>
                <goals>
                  <goal>shade</goal>
                </goals>
                <configuration>
                  <shadedArtifactAttached>true</shadedArtifactAttached>
                  <transformers>
                    <transformer implementation=
                                   "org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
                      <mainClass>eu.cybershu.MainTest</mainClass>
                    </transformer>
                  </transformers>
                </configuration>
              </execution>
            </executions>
          </plugin>

          <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-resources-plugin</artifactId>
            <version>3.3.1</version>
            <executions>
              <execution>
                <id>copy-test-classes</id>
                <phase>process-test-classes</phase>
                <goals>
                  <goal>copy-resources</goal>
                </goals>
                <configuration>
                  <outputDirectory>${project.build.outputDirectory}
                  </outputDirectory>
                  <resources>
                    <resource>
                      <directory>${project.build.testOutputDirectory}
                      </directory>
                      <includes>
                        <include>**/*.class</include>
                      </includes>
                    </resource>
                  </resources>
                </configuration>
              </execution>
            </executions>
          </plugin>
        </plugins>
      </build>
    </profile>
  </profiles>
</project>

Maven Shade Plugin

The Maven Shade Plugin is used to package the project into an executable JAR file. This plugin performs several tasks, such as combining dependencies into a single JAR and modifying the manifest file to specify the main class.

Shading phase packs the project into a JAR file that includes dependencies.

Configuration:

• shadedArtifactAttached: When set to true, this ensures the shaded JAR is attached as an additional artifact.
• transformers: This section modifies the JAR manifest. The ManifestResourceTransformer is used to specify the main class ( eu.cybershu.MainTest).

Maven Resources Plugin

The Maven Resources Plugin is employed here to ensure that the compiled test classes are included in the final build output. This is necessary because the main class (MainTest) resides in the tests directory.

Key Elements:

• Execution ID (copy-test-classes): Identifies this specific execution of the plugin.
• Phase (process-test-classes): Specifies when this plugin should run during the build lifecycle.

Configuration:

• outputDirectory: Specifies where the resources should be copied to, typically the main output directory of the build.
• resources: Defines which resources to copy. Here, it includes all .class files from the test output directory.

By configuring this plugin, the build process ensures that the compiled test classes (including MainTest.class) are copied to the main output directory. This step is crucial for including the MainTest class in the final shaded JAR file.

Java

MainTest.java - Executable Class

public class MainTest {
  public static void main(String[] args) {
    System.out.println("Let's print a file......");

    BufferedReader reader = new BufferedReader(new InputStreamReader(
      MainTest.class.getClassLoader().getResourceAsStream("any_file.txt")));
    reader.lines().forEach(System.out::println);
  }
}

Build and running

How to build:

mvn package -P test-jar

How to run:

java -jar ./target/mvn-test-jar-1.0-SNAPSHOT-shaded.jar

Contact

I hope you find this useful! 😊 Please leave comments or contact me directly if you have any questions:

• Twitter: https://twitter.com/MichalMzr
• LinkedIn: https://www.linkedin.com/in/michmzr/

Check out more of my posts on my second blog: Geekowojażer.pl

Method 1: Bad

Let’s say you want to copy and change a shell script into a Dockerfile. The solution below won’t work because of the line RUN . /venv/bin/activate. The virtual environment is activated, but it won’t be available in subsequent commands because RUN commands run in separate processes.

FROM alpine:latest

RUN apk add --no-cache python3 py3-pip

# Create and use a virtual environment
RUN python3 -m venv /venv

# This is wrong!
RUN . /venv/bin/activate

COPY . .

RUN pip install -r ./requirements.txt
RUN python main.py

I get build error:

#0 building with "default" instance using docker-container driver

#1 [internal] load build definition from Dockerfile
#1 transferring dockerfile: 276B done
#1 DONE 0.0s

#2 [internal] load metadata for docker.io/library/alpine:latest
#2 DONE 0.2s

#3 [internal] load .dockerignore
#3 transferring context: 2B done
#3 DONE 0.0s

#4 [1/7] FROM docker.io/library/alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b
#4 resolve docker.io/library/alpine:latest@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b done
#4 DONE 0.0s

#5 [internal] load build context
#5 transferring context: 91B done
#5 DONE 0.0s

#6 [2/7] RUN apk add --no-cache python3 py3-pip
#6 CACHED

#7 [3/7] RUN python3 -m venv /venv
#7 CACHED

#8 [4/7] RUN . /venv/bin/activate
#8 CACHED

#9 [5/7] COPY . .
#9 CACHED

#10 [6/7] RUN pip install -r ./requirements.txt
#10 0.587 error: externally-managed-environment
#10 0.587
#10 0.587 × This environment is externally managed
#10 0.587 ╰─>
#10 0.587     The system-wide python installation should be maintained using the system
#10 0.587     package manager (apk) only.
#10 0.587
#10 0.587     If the package in question is not packaged already (and hence installable via
#10 0.587     "apk add py3-somepackage"), please consider installing it inside a virtual
#10 0.587     environment, e.g.:
#10 0.587
#10 0.587     python3 -m venv /path/to/venv
#10 0.587     . /path/to/venv/bin/activate
#10 0.587     pip install mypackage
#10 0.587
#10 0.587     To exit the virtual environment, run:
#10 0.587
#10 0.587     deactivate
#10 0.587
#10 0.587     The virtual environment is not deleted, and can be re-entered by re-sourcing
#10 0.587     the activate file.
#10 0.587
#10 0.587     To automatically manage virtual environments, consider using pipx (from the
#10 0.587     pipx package).
#10 0.587
#10 0.587 note: If you believe this is a mistake, please contact your Python installation or OS distribution provider. You can override this, at the risk of breaking your Python installation or OS, by passing --break-system-packages.
#10 0.587 hint: See PEP 668 for the detailed specification.
#10 ERROR: process "/bin/sh -c pip install -r ./requirements.txt" did not complete successfully: exit code: 1
------
 > [6/7] RUN pip install -r ./requirements.txt:
0.587     deactivate
0.587
0.587     The virtual environment is not deleted, and can be re-entered by re-sourcing
0.587     the activate file.
0.587
0.587     To automatically manage virtual environments, consider using pipx (from the
0.587     pipx package).
0.587
0.587 note: If you believe this is a mistake, please contact your Python installation or OS distribution provider. You can override this, at the risk of breaking your Python installation or OS, by passing --break-system-packages.
0.587 hint: See PEP 668 for the detailed specification.
------
Dockerfile:13
--------------------
  11 |     COPY . .
  12 |
  13 | >>> RUN pip install -r ./requirements.txt
  14 |     RUN python main.py
  15 |
--------------------

The system Python environment is triggered when importing dependencies from requirements.txt, not the created /venv/!

Method 2: Ugly

You can directly call /venv/’s Python and pip. It’s a better solution, but it still has caveats. First, you need to do tedious work adding the prefix path. Secondly, when Python triggers a subprocess, it won’t have access to /venv/ dependencies. So, can we do better?

FROM alpine:latest

RUN apk add --no-cache python3 py3-pip

# Create and use a virtual environment
RUN python3 -m venv /venv

COPY . .

RUN /venv/bin/pip install -r ./requirements.txt
RUN /venv/bin/python main.py

Method 3: Good

Yes, we can. The good solution is to add /venv/bin to the system PATH environment variable.

FROM alpine:latest

RUN apk add --no-cache python3 py3-pip

# Create and use a virtual environment
RUN python3 -m venv /venv
ENV PATH="/venv/bin:$PATH"

COPY . .
RUN pip install -r ./requirements.txt
RUN python main.py

As a result, we achieve an elegant solution!

The virtualenv documentation even states that activating the environment is “purely a convenience.”

If you read the code for activate, it does several things:

1. Figures out what shell you’re running.
2. Adds a deactivate function to your shell, which can interfere with pydoc.
3. Changes the shell prompt to include the virtualenv name.
4. Unsets the PYTHONHOME environment variable, if it was set.

5. Sets two environment variables: VIRTUAL_ENV and PATH.

6. From Docker’s perspective, points 1-4 are irrelevant. We only need to take care of VIRTUAL_ENV and PATH, which we can define manually.

Wrap-up

I hope what I wrote is useful :). Please leave any comments to let me know. If you have any questions, please feel free to contact me directly on:

• Twitter: https://twitter.com/MichalMzr
• LinkedIn: https://www.linkedin.com/in/michmzr/

You can also find my posts on my second blog Geekowojażer.pl

In this article, we will explore the use of Kaniko and JFrog with GitHub Actions to build and push a Docker image to JFrog Artifactory. This solution addressed issues I encountered while working on a project in my company. I hope it proves useful for you as well.

Prerequisites

You must have:

• GitHub project with Dockerfile
• JFrog Artifactory account with created docker repository

Assumptions

Your artifactory repository is called docker-local and you have created a user with username docker and password(api token) docker-password. Full path is https://artifactory.example.com/artifactory/docker-images and you want to build and push image with name my-image:latest.

Configuration

I use kaniko action to build and push image to JFrog Artifactory.

Example Github action job file:

  name: Build and push Docker image to JFrog Artifactory
  jobs:
  container-test-job:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Kaniko build
        uses: aevea/action-kaniko@master
        with:
          image: docker-images/my-image
          registry: artifactory.example.com
          username: "docker"
          password: "docker-password"
          tag: latest
          path: Dockerfile
      - run: docker images ls

you can alternatively use docker build command:

  name: Build and push Docker image to JFrog Artifactory
  jobs:
  container-test-job:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: docker build
        uses: docker/build-push-action@v5
        with:
          push: false
          tags: my-image:latest
          file: Dockerfile
      - name: Login to DevHub Docker Hub
        uses: docker/login-action@v3
        with:
          registry: "artifactory.example.com"
          username: "docker"
          password: "docker-password"
      - run: docker image ls
      - run: docker tag my-image:latest artifactory.example.com/docker-images/my-image:latest
      - run: docker push artifactory.example.com/docker-images/my-image:latest

Contact

I hope what I wrote is useful :). Please leave any comments to let me know. If you have any questions, please feel free to contact me directly on:

• Twitter: https://twitter.com/MichalMzr
• LinkedIn: https://www.linkedin.com/in/michmzr/

You can also find my posts on my second blog Geekowojażer.pl

A few months ago, I came across an interesting tool for process automation. In its functionalities, it is very similar to Zapier, IFTT, or make.com. It’s called N8N.

I base my automations, such as an “AI” assistant or managing Todoist, which I use for task and project management, on n8n. Some processes are still kept on make.com. What sets it apart from make.com is its free self-hosted version. It means that if you have your server, you can install and use it for free. Make can become very costly after exceeding a certain number of operations per month, and there is also a privacy aspect because the data is kept by them.

In the article, I’m going to show how to use docker compose to set up the application for yourself. It will require basic skills in Linux administration and Docker. You can also use any other platform where Docker images will work or a virtual machine.

Screenshot one of my automations

1. Install docker

Follow below links: Ubuntu: https://docs.docker.com/engine/install/ubuntu/ Debian: https://docs.docker.com/engine/install/debian/ other platforms: https://docs.docker.com/engine/install/

2. Create docker-compose.yml file

Create docker-compose.yml file in one of directories. I file in my case is located in /var/lib/n8n/docker-compose.yml

version: '3.1'

services:
  n8n:
    image: docker.n8n.io/n8nio/n8n
    restart: unless-stopped
    container_name: n8n
    ports:
      - "5678:5678"
    environment:
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER=foo-user
      - N8N_BASIC_AUTH_PASSWORD=very-long-password
      - N8N_HOST=[host IP or domain]
      - N8N_PORT=5678
      - WEBHOOK_URL=[your webhook url]
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./n8n:/home/node/.n8n

where: foo-user - is your username
very-long-password - is your password
[host IP or domain] - is your server IP i.e 127.0.0.1 or domain
[your webhook url] - is your webhook url i.e https://n8n.domain.com

3. Configure reverse proxy (nginx)

N8n config file path: /etc/nginx/sites-available/n8n.conf

server {
    server_name [server name];
    location / {
        proxy_pass [server ip with port 5678];
        proxy_http_version 1.1;

        # WebSocket support
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400; # This can be set higher, necessary for WebSocket

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # Other settings
        chunked_transfer_encoding off;
        proxy_buffering off;
        proxy_cache off;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/n8n.cybershu.eu/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/n8n.cybershu.eu/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}server {
    if ($host = n8n.cybershu.eu) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

I use certbot to generate and manage ssl certificates. You can find more information here: https://certbot.eff.org/instructions

Run docker-compose

docker-compose up -d

Enable n8n proxy service

cd sites-enabled
sudo ln -s ../sites-available/n8n.conf .
ls -l

and restart nginx

sudo systemctl restart nginx

Login to your n8n instance

Go to https://n8n.domain.com and login with your credentials.

Useful links

• https://docs.n8n.io/hosting/
• https://www.cyberciti.biz/faq/nginx-restart-ubuntu-linux-command/
• https://community.n8n.io/t/websockets-and-sse-connection-lost/27137/6

Wrap-up

I hope the article at least intrigued you, you learned something new. I

Contact

Please leave any comments to let me know. If you have any questions, please feel free to contact me directly on:

• Twitter: https://twitter.com/MichalMzr
• LinkedIn: https://www.linkedin.com/in/michmzr/

You can also find my posts on my second blog Geekowojażer.pl