Author Archives: Adam Z

Checking/Cleaning Disk Space on Linux

Check the disk space (may need to install ncdu first):

sudo ncdu /

Clean up unused stuff:

sudo apt-get clean
sudo apt-get autoclean
sudo apt-get autoremove

clean: clean clears out the local repository of retrieved package files. It removes everything but the lock file from /var/cache/apt/archives/ and /var/cache/apt/archives/partial/. When APT is used as a dselect(1) method, clean is run automatically. Those who do not use dselect will likely want to run apt-get clean from time to time to free up disk space.

autoclean: Like clean, autoclean clears out the local repository of retrieved package files. The difference is that it only removes package files that can no longer be downloaded, and are largely useless. This allows a cache to be maintained over a long period without it growing out of control. The configuration option APT::Clean-Installed will prevent installed packages from being erased if it is set to off.

autoremove: is used to remove packages that were automatically installed to satisfy dependencies for some package and that are no more needed.

See a related question on askubuntu:

Country Blocking with Rails and Cloudflare

Enable IP Geolocation in your Cloudflare panel – it should be in the Network tab.

The country code will come in HTTP_CF_IPCOUNTRY header.

Now we can add a before_action filter to block or redirect the users from a specific country (in the example below we redirect all EU countries… because who has the time to figure out GDPR):

class ApplicationController < ActionController::Base
  before_action :block_gdpr_countries

    'BE', 'EL', 'LT', 'PT',
    'BG', 'ES', 'LU', 'RO',
    'CZ', 'FR', 'HU', 'SI',
    'DK', 'HR', 'MT', 'SK',
    'DE', 'IT', 'NL', 'FI',
    'EE', 'CY', 'AT', 'SE',
    'IE', 'LV', 'PL', 'UK'

  def block_gdpr_countries
    return unless GDPR_COUNTRIES.include?(request.env['HTTP_CF_IPCOUNTRY'])
    redirect_to gdpr_path

Remember to skip this action in the corresponding controller (in our case gdpr_controller) if you use a redirect:

skip_before_action :block_gdpr_countries

Python with VSCode (using Anaconda)

Let’s install Anaconda from

Update your .bashrc or .zshrc with

export PATH="$HOME/anaconda3/bin:$PATH"

To change VS Code Python version:

Cmd Shift P -> Python - select interpreter (python 3)

Install auto-formatting and linting packages

conda install pylint
conda install autopep8

Create a Python debug configuration
stopOnEntry option is buggy with Python as of this post writing and makes it impossible to create breakpoints – so we set it to false for now.
Setting pythonPath to anaconda only necessary if your default VS code interpreter is different from Anaconda’s (and assuming you want to use Anaconda’s interpreter). Otherwise, you can leave it pointing to “${config:python.pythonPath}”

      "name": "Python conda",
      "type": "python",
      "request": "launch",
      "stopOnEntry": false,
      "pythonPath": "~/anaconda3/bin/python",
      "program": "${file}",
      "cwd": "${workspaceFolder}",
      "env": {},
      "envFile": "${workspaceFolder}/.env",
      "debugOptions": ["RedirectOutput"],
      "args": ["-i"]

Elixir Phoenix Cache

An implementation with ets.

Let’s start with implementation

defmodule SimpleCache do
  @table :simple_cache

  def init(_) do, [
      read_concurrency: true,
      write_concurrency: true

    {:ok, %{}}

  def start_link do
    GenServer.start_link(__MODULE__, [], name: __MODULE__)

  def fetch(key, expires_in_seconds, fun) do
    case lookup(key) do
      {:hit, value} ->

      :miss ->
        value = fun.()
        put(key, expires_in_seconds, value)

  defp lookup(key) do
    case :ets.lookup(@table, key) do
      [{^key, expires_at, value}] ->
        case now < expires_at do
          true -> {:hit, value}
          false -> :miss

      _ ->

  defp put(key, expires_in_seconds, value) do
    expires_at = now + expires_in_seconds
    :ets.insert(@table, {key, expires_at, value})

  defp now do

Update application.ex

 def start(_type, _args) do
    import Supervisor.Spec

    children = [
      supervisor(SimpleCache, [])
    opts = [strategy: :one_for_one, name: Supervisor]
    Supervisor.start_link(children, opts)

Finally, use it

    cache_for_seconds = 60
    key = 'key'

    SimpleCache.fetch(key, cache_for_seconds, fn ->
      {:ok, some_expensive_operation}

Relavent links:

Setting up VS Code with Rails, Elixir, JavaScript

Let’s make sure we can start VS Code from the terminal:

Command + Shift + P
Type Shell
Select Command : Install code in PATH






Other stuff

Personal Settings

"editor.formatOnSave": true,
  "editor.fontLigatures": true,
  "editor.fontFamily": "FiraCode-Retina",
  "editor.fontSize": 18,
  "editor.renderIndentGuides": true,
  "files.exclude": {
    "**/.git": true,
    "**/node_modules": true,
    "**/bower_components": true,
    "**/tmp": true,
    "tmp/**": true,
    "**/vendor": true,
    "vendor": true,
    ".bundle": true,
    ".github": true,
    ".sass-cache": true,
    "features/reports": true

  "editor.tabSize": 2,
  "prettier.singleQuote": true,
  "workbench.colorTheme": "Monokai",
  "window.zoomLevel": 0,
  "editor.renderWhitespace": "boundary",
  "editor.renderControlCharacters": true,

  "ruby.lint": {
    "rubocop": true,
    "ruby": true,
    "fasterer": true,
    "reek": false,
    "ruby-lint": false
  "editor.quickSuggestions": {
    "strings": true

  "cucumberautocomplete.steps": [
  "cucumberautocomplete.syncfeatures": "features/*feature"

Some common exclusions for .solagraph.yml (can place it in the root of your project)

- "app/**/*.rb"
- "lib/**/*.rb"
- "engines/engine_name/app/**/*.rb"
- "engines/engine_name/lib/**/*.rb"
- "config/**/*.rb"
- app/javascript/**/*
- node_modules/**/**
- spec/**/*
- test/**/*
- vendor/**/*
- ".bundle/**/*"
- .bundle/**/*
- uploads/**/*
- .bundle/**/*
- .git/**/*
- engines/engine_name/.bundle/**/*
- engines/engine_name/vendor/**/*
- coverage/**/*
require: []
domains: []
- rubocop
- require_not_found
plugins: []
require_paths: []
max_files: 5000
- runtime

Elixir Phoenix Deployment with Distillery

OS: Ubuntu 17.04/zesty

We’ll be deploying using a git hook. This is not intended to be used in a production environment, but works just fine for a personal side project.

Let’s start with the server setup

#Add Erlang Solutions repo
wget && sudo dpkg -i erlang-solutions_1.0_all.deb

sudo apt-get update

#Install Erlang/OTP
sudo apt-get install esl-erlang

We’ll be using kiex for Elixir

#Install Elixir
\curl -sSL | bash -s

#Add to .bashrc
test -s "$HOME/.kiex/scripts/kiex" && source "$HOME/.kiex/scripts/kiex"

kiex install 1.4.0
kiex use 1.4.0
kiex default 1.4.0

Let’s init a repo

apt-get install git-core
mkdir repos && cd repos
mkdir my_repo 
cd my_repo
git init --bare

Add a remote to your local repo:

git remote add some_name [email protected]_ADDRESS:repos/your_repo.git

Go back to the server and create a post-deploy hook. This will generate a new release after each git push.

Create post-receive file inside of your git hooks directory with this content:

#!/bin/bash -l

[[ -s "$HOME/.kiex/scripts/kiex" ]] && source "$HOME/.kiex/scripts/kiex"



PORT=4000 _build/prod/rel/{app_name}/bin/{app_name} stop
cd $HOME

mix deps.get
cd assets
npm install
brunch build --production
cd ..
MIX_ENV=prod mix do compile, phx.digest, release --env=prod

MIX_ENV=prod mix ecto.migrate
PORT=4000 _build/prod/rel/{app_name}/bin/{app_name} start

This will stop your existing elixir app, remove old code, compile and release your new code, run the migration, and start the app on port 4000.

If you run it behind NGINX, set it up as a reverse proxy:

server {
  listen 80;
  listen [::]:80;


  location / {
     proxy_redirect off;

Let’s go back to your Phoenix project and add distillery
Add to mix.exs deps:

  {:distillery, "~> 1.5"}

Initialize reliase config:

mix release.init

Update config/prod.exs

  config :app_name, AiPhoenixWeb.Endpoint,
    http: [port: {:system, "PORT"}],
    url: [host: "localhost", port: {:system, "PORT"}], # This is critical for ensuring web-sockets properly authorize.
    cache_static_manifest: "priv/static/cache_manifest.json",
    server: true,
    root: ".",
    version: Mix.Project.config[:version]

If using PostgreSQL, let’s install Postgresql and create a deploy user for our database:

sudo apt-get install postgresql postgresql-contrib libpq-dev
sudo su - postgres
createuser --pwprompt deploy
createdb -O deploy my_app_name_production

Auto-start your phoenix app on reboot:
Create a new file:


cd $HOME/phoenix_app_location
PORT=4001 _build/prod/rel/phoenix_name/bin/phoenix_name start

Make it an executable
chmod +x

Schedule it as a cron task:
Crontab -e

@reboot /root/path_to_script/

The last step to to “git push” and verify that everything works.

NGINX Subdomains

In the example below we serve index.html from /var/www/html/your_site directory when accessing “”; and we send all requests to local application server running locally on port 4000 when accessing

File: /etc/nginx/sites-enabled/default

server {
        listen 80;
        listen [::]:80;


        location / {
                root /var/www/html/your_site;
                try_files $uri /index.html;

server {
  listen 80;
  listen [::]:80;


  location / {
     proxy_redirect off;

Deploying React to Linux Server with Git Push

Selected VPS: Linode, 1GB Ram, 20 GB SSD, 1 TB transfer
OS: Ubuntu 17.04
Web Server: Ngnix
If you’d like to try Linode, I would greatly appreciate using this referral link – Linode: SSD Cloud Hosting & Linux Servers

Start with regular updates

apt-get update && apt-get upgrade

Set up fail2ban and Firewall

I’m installing fail2ban 0.10 since it supports ipv6. At the time of this post, it is not available as a regular package.

tar -xvzf 0.10.0.tar.gz
python3 install

#To enable fail2ban as an automatic service, copy the script for your distro from the files directory to /etc/init.d.

cp files/debian-initd /etc/init.d/fail2ban
update-rc.d fail2ban defaults
service fail2ban start

#Add local jail
awk '{ printf "# "; print; }' /etc/fail2ban/jail.conf | sudo tee /etc/fail2ban/jail.local
vim /etc/fail2ban/jail.local

uncomment sshd section and add
enabled = true

sudo apt-get install sendmail iptables-persistent
sudo service fail2ban start

Firewall ( allow established connections, traffic generated by the server itself, traffic destined for our SSH and web server ports. We will drop all other traffic):

sudo service fail2ban stop
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
sudo iptables -A INPUT -j DROP

# easy way to rate-limit ssh with ufw:
# technically, we could do all of the iptables stuff with ufw
ufw enable
ufw limit ssh

If using IPv6:

ip6tables -A INPUT -p tcp --dport 80 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 443 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT # (replace with your undisclosed port)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A INPUT -j REJECT
ip6tables -A FORWARD -j REJECT

View iptables rules:

sudo iptables -S

Save iptables rules:

sudo dpkg-reconfigure iptables-persistent
sudo service fail2ban start


vim /etc/ssh/sshd_config

#Add or uncomment (if using Ubuntu < 17.04)
protocol 2

#Add allowed ciphers
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
MACs hmac-sha2-256,hmac-sha2-512

Restart and test ssh config:

service sshd restart
#returns nothing if everything configured properly
sshd -t


sudo apt-get install software-properties-common
sudo add-apt-repository ppa:nginx/stable
sudo apt-get install nginx
service nginx status

Update /etc/nginx/sites-enabled/default

root /var/www/html/your_site;

location / {
# Some comments...
try_files $uri /index.html;   # ADD THIS

sudo service nginx restart

Installing React Dependencies

# install yarn
curl -sS | sudo apt-key add -
echo "deb stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install yarn
#install node (apt-get repo has an older version of Node)
curl -sL | sudo -E bash -
sudo apt-get install -y nodejs
sudo apt-get install -y build-essential

GIT Push Deploy

Let’s set up git on the server

apt-get install git-core
mkdir repos && cd repos
mkdir your_site.git
cd your_site.git
git init --bare

Set up a post-push hook
cd /repos/your_app.git/hooks
touch post-receive

#!/bin/bash -l


yarn install
yarn build
rm -rf $PUBLIC_WWW/your_app_bup
mv $PUBLIC_WWW/your_app $PUBLIC_WWW/your_app_bup
cp -a build/. $PUBLIC_WWW/your_app

Run on post-receiv:

chmod +x post-receive

On your local machine:

git remote add linode [email protected]_server_address:repos/your_app.git
git push linode master