author Jake Morrison

Spinning up a server is easy enough, just go to Digital Ocean and push a button. But now you are responsible for your server. What does that mean?

author Jake Morrison

The security principle of "least privilege" means that apps should only have the permissions that they need to do their job, nothing more. If an attacker compromises your app, then they can't do anything outside of what the app would normally do. They may be able to break the application …

author Jake Morrison

This is a gentle introduction to getting your Phoenix app up and running on a $5/month server at Digital Ocean. It starts from zero, assuming minimal experience with servers.

author Jake Morrison

I have been using Linux since 1993, so I will give a bit of a history lesson to explain the motivation behind the popular distributions. There are two main families, RedHat and Debian. RedHat traditionally comes from the corporate world, and Debian from the free software community.

author Jake Morrison

Just for fun, I decided to benchmark the performance of the elixir deploy template running on a $5/month Digital Ocean Droplet.

Following Saša Jurić's post, I set up wrk on my Mac and on some Digital Ocean instances in the same data center.

I made a simple request function …

author Jake Morrison

Figuring out how to deploy your Elixir app can be confusing, as it's a bit different from other languages. This post describes how we deploy apps with the reasons behind our decisions.

We have created a working example template which puts all the pieces together to get you started quickly …

author Jake Morrison

Database migrations are used to automatically keep the database in sync with the code that uses it. Elixir apps should be deployed as releases, supervised by systemd. Here is an example of how to run migrations when deploying Elixir releases.

It's tempting to automatically run database migrations when the app …

author Jake Morrison

We normally deploy Elixir apps as releases, supervised by systemd.

After we have deployed the new release, we restart the app to make it live:

sudo /bin/systemctl restart foo

The user account needs sufficient permissions to restart the app, though. Instead of giving the deploy account full sudo permissions …

author Jake Morrison

When your app is running behind a proxy like Nginx, then the request will look like it's coming from Nginx, i.e. the IP will be 127.0.0.1. Similarly, If Nginx is behind a CDN, then all the requests will come from the IP of the CDN.

In …

author Jake Morrison

Normally, in order to listen on a port less than 1024, an app needs to be running as root or have elevated capabilities. That's a security problem waiting to happen, though. We run the app on a normal port, e.g. 4000, and redirect traffic in the firewall from port …