*ARGS.TECH | BLOG

How to install and configure Fail2ban with SSH and Nginx

What is Fail2ban? This is software for protecting services, connected to network, like Apache, Nginx, OpenSSH, Postfix, Asterisk, and so on. Fail2ban protect from brute-force attacks, incorrect authentication attempts, bad-bots crawling, etc...

1. First of all you need to install Fail2ban:

In Debian/Ubuntu:

sudo apt update && sudo apt upgrade -y
apt install fail2ban -y

In CentOS/CentOS Stream:

yum update -y && yum install epel-release -y
yum install fail2ban -y

2. Start and enable …

DETAILS

#Linux #Fail2ban #Protection #Security #Debian #CentOS

Writing search view for Django application

This tutorial shows, how to build search view for your Django application with SearchVector class.

Why SearchQuery? SearchQuery translates the terms the user provides into a search query object that the database compares to a search vector. By default, all the words the user provides are passed through the stemming algorithms, and then it looks for matches for all of the resulting terms (documentation).

1. Configure DATABASE dictionary for using PostgreSQL database management system in your …

DETAILS

#Python #Django #PostgreSQL #Database

Implementing user authentication in Django

For protecting some views from anonymous users you need to use authentication system. Django provides built-in functions for auth implementation (documentation).

What is authentication? Authentication passes in two steps:

- User identification - searching in database entered username.

- Authentication. If username from first step exists, system comparing password from "password" field with password, saved in database. Before comparison password must be hashed, because database not storing raw…

DETAILS

#Django #Authentication

How to containerize Django application with Docker compose

When you want to run your Django applications on any machine and start in one click, you may use Docker. This way called as "serverless architecture". Docker allows you to run applications on any computer. It's very convenient and simple.

Complete structure of project:

demo_project/
    |
    |-- manage.py
    |
    |-- env/
    |
    |-- backend/
    |     |
    |&n…

DETAILS

#Linux #Docker #Nginx #Django #PostgreSQL #Example

Generating SECRET_KEY for production deployment of Django project

Django SECRET_KEY need for providing cryptographic signing (documentation). This value is stored in <your_app>/settings.py file. When you start new project it will be generated from built-in function (source code). For production deployment SECRET_KEY must be strong and reliably protected.

These steps help you for generating new SECRET_KEY value:

1. Activate your project's virtual environment:

source env/bin/activate

2. Enter in Django's manage.py shell:

python3 manage.py shell

3. Import get_ra…

DETAILS

#Security #Python #Django

Sending message from Telegram bot to users

Telegram provides API for sending messages to users as bot. You may send messages via HTTP POST method using any programming language. I use Python and Requests library.

URL address for sending message:

https://api.telegram.org/bot<token_from_botfather>/sendMessage

Body of message:

{
"chat_id": chat_id,
"text": "Hello World!"
}

If you want to markup your message with Markdown - add "parse_mode" parameter in body of JSON:

{
"chat_id": chat_id,…

DETAILS

#Python #API #HTTP #HTTPS #HTTP-requests #Telegram

Configuring Django project to storing sensitive data in YAML file

Hardcoding tokens, database credentials and other sensitive data in .py files is not secure. Many people use django-environ library, but I think it inconvenient. So I use yaml files for storing sensitive data and pyyaml library for reading data of them.

Create project folder:

mkdir myproject

Switch in created folder:

cd myproject

Create virtual environment:

python3 -m venv env

Activate virtual environment:

source env/bin/activate

Install Django and pyyaml:

pip3 install django pyyaml

Start new django proje…

DETAILS

#Python #Django #YAML #pyyaml

Docker containers managing cheat sheet

# Docker overview

Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker's methodologies for shipping, testing, and deploying code, you can significantly reduce the delay between writing code and running it in production. Documentation.

# Ba…

DETAILS

#Linux #Docker #cheat-sheet

Disable "InsecureRequestWarning: Unverified HTTPS request" warning in Python Request

When you send HTTP request to WEB-server with self-signed certificate, Python Requests library display «InsecureRequestWarning: Unverified HTTPS request» warning.

/usr/lib/python3/dist-packages/urllib3/connectionpool.py:1048: InsecureRequestWarning: Unverified HTTPS request is being made to host '192.168.0.150'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(

Request example:

user@localhost:~$ python3…

DETAILS

#Python #HTTP #HTTPS #HTTP-requests

How to run Python script or other job in Docker container with CRON

In fact running cron jobs more comfortable when you work in host system. But some cases need to run scripts in containers.

Create folder with your project's name and create there four text files with following names:

myproject/
- my_script.py
- cronjob
- Dockerfile
- docker-compose.yaml

File my_script.py need for run periodically. It may contain any code for your job. For example:

import requests
r = requests.get(url='https://example.com/')
if r.status_code == 200:
…

DETAILS

#Linux #Docker #Dockerfile #cron