Cogini Blog

Jake Morrison

Improving app security with the principle of least privilege

The security principle of "least privilege" means that apps should only have the permissions that they need to do their job, nothing more. If an attacker compromises your app, then they can't do anything outside of what the app would normally do. They may be able to break the application … Read more…

Jake Morrison

Running special versions of Erlang with ASDF and kerl

Configuring the ASDF version manager and kerl build release candidate and other special versions of Erlang Read more…

Jake Morrison

Deploying your Phoenix app to Digital Ocean for beginners

This is a gentle introduction to getting your Phoenix app up and running on a $5/month server at Digital Ocean. It starts from zero, assuming minimal experience with servers. Read more…

Jake Morrison

Benchmarking Phoenix on Digital Ocean

Just for fun, I decided to benchmark the performance of the elixir deploy template running on a $5/month Digital Ocean Droplet. Read more…

Jake Morrison

SaaS pricing: users are not all the same

It's popular these days to use hosted applications instead of running your own infrastructure. It's frustrating as a customer, though, when the pricing model is not sophisticated enough to match your actual usage. In a SaaS product, your pricing should scale with the value the customer gets from the product … Read more…

Jake Morrison

Avoiding GenServer bottlenecks

GenServers are the standard way to create services in Elixir. They are very useful, but when used incorrectly they can cause unnecessary problems. This is particularly an issue for developers coming from object oriented languages, who attempt to treat GenServers as object instances. Instead we should think in functional terms … Read more…

Jake Morrison

Database migrations in the cloud

Database migrations are used to automatically keep the database in sync with the code that uses it. Elixir apps should be deployed as releases, supervised by systemd. Here is an example of how to run migrations when deploying Elixir releases. It's tempting to automatically run database migrations when the app … Read more…

Jake Morrison

Deploying Elixir apps without sudo

We normally deploy Elixir apps as releases, supervised by systemd. After we have deployed the new release, we restart the app to make it live: sudo /bin/systemctl restart foo The user account needs sufficient permissions to restart the app, though. Instead of giving the deploy account full sudo permissions … Read more…

Jake Morrison

Getting the client public IP address in Phoenix

When your app is running behind a proxy like Nginx or a CDN, then the requests will all look like they are coming from the proxy. Use the X-Forwarded-For header to set the remote_ip correctly. Read more…

Jake Morrison

Port forwarding with iptables

In order to listen on a TCP port less than 1024, an app traditionally needs to be started as root. Over the years this has resulted in many security problems. A better solution is to run the application on a normal port such as 4000, and redirect traffic in the … Read more…


Development DevOps Products