Skip to main content

6 posts tagged with "service"

View All Tags

· 6 min read
Wildan Mubarok

This January 2024 bring many improvements into security and developer experiences!

Security Enforcement

Last six months has been a roller coaster for us since more users came in and put some resource-intensive background tasks that depletes server resources.

We introduced a background task killer which kills processes that's left spawn detached from main process (coming from PHP-FPM or Passenger Phusion). This task killer runs every 5 minutes and kills all background process running more than 60 seconds. Of course, this exclude users who currently logging in via SSH so things like VS Code server can still run unaffected.

We also running a routine check to make sure that no user-made cron job is running no more than hourly.

Lastly, we made a decision to mandatorily enable firewall for all free users. This effectively disables any ability that leads to spam and proxy bot, keeping our server clean while still continuing to provide a generous free plan.

Experimental Docker Support

Docker support is tricky as it's requiring root access. Now, we're able to utilize docker by using Podman in rootless mode. However, some tricky setup is required to make it work.

Docker feature can be enabled via runner. But in order to do it you need to be in Kit plan or above. This is because we need to disable our background task killer and allows the software to run 24/7.

You can read more about the Docker feature in the documentation.

Deploy key GitHub

Last time we showcased that you can clone project from GitHub to our websites. What about private repositories?

Private repositories are tricky because you need an access before able to read the code. In the past we've used to request Full Access token but it's risky for our users as the whole user's private projects is exposed. We need a way to be able exposing only one private project not the whole private repo.

Enter deploy keys. Deploy keys are public keys which used like SSH logins to authenticate from automatic scripts. When we detect that your repo URL is private during prompting a new website with clone option, we ask you to install a public key into the repo.

deploy key

This public key is generated from a pair of private-public key that's just generated for you. While the public key is inserted into repository, the private key is installed into the server. The key generated is created from this command:

ssh-keygen -t ecdsa -b 256 -C -f $file -q -N ''

Backup System

We all have times where we need to prepare a backup in case things broke our website in future. This is why we introduce a backup system.

Our new backup system leveraged by S3-like storage object which is very cheap in terms of cloud cost. When you create a backup, all website data including files and databases are zipped into one backup file then uploaded into our S3-like storage. You can download the backup or ask us to restore it. Backups will not be removed in case the origin website instance is deleted.

To access backup go the Backup tab in portal. Backup creation can only be done for subscribing users at no additional cost.

Plan Adjustments

We've increased monthly data cap to enable larger traffic within the same plan:

  • Lite: 15GB -> 20GB / month
  • Kit: 50GB -> 100GB/ month
  • Pro: 150GB -> 500GB / month

We also reduce minimum payment from 10$ to 4.5$. This allows you to purchase a Lite plan for 3 months instead of 7 months.

Web Portal Improvements

  • The Web SSH interface is changed to webssh2 enabling secure login using POST.
  • Filestash Web Admin is available for easier web-based file uploads
  • When uploading template files from local folder, binary files is now filtered
  • Our portal email communications is now using fully localized language
  • Our registrar-related email communications is now using english
  • You can create a new template from existing websites
  • You can now change a website's password
  • You can see NGINX and App logs from portal
  • You can print invoices for any purchases
  • DNS is now automatically turned on/off when renaming domains
  • Improved localization coverage, including adding spanish language
  • Improved check connection detection
  • Stroger registration requirement when registering using email

Server Improvements

  • We have enabled three new server locations 🎉
    • Osaka, Japan
    • Bangalore, India
    • Sao Paolo, Brazil
  • Singapore and New York is now upgraded to 2 vCPU and 2GB RAM
  • PHP default upload file size is now set to 512 MB
  • Rocky Linux OS has been upgraded from 9.2 to 9.3
  • NGINX has been upgraded from 1.20 to 1.22
  • PHP 8.3 is available and should be the default
  • Fail2Ban retry limit increased from 3 to 10 attempts
  • Let's Encrypt schedule will stop retrying if fail multiple times
  • Added Discord, VSCode, PayPal, Google SiteKit as whitelisted firewall sites
  • Installed awscli, nvim and btop

Deployment System Improvements

  • Overall script duration limit is increased from 10 to 15 minutes.
  • Rate limit throttles to 60 per day instead of 5 per hour
  • Commands now has dotglob enabled, enabling rm -rf automatically includes dotfiles
  • *.domcloud.dev and *.dom.my.id will use shared SSL to avoid depleting Let's Encrypt limit
  • All user processes will be killed before deleting websites
  • You can now place a .tar.gz file as a source URL
  • In NGINX config, a passenger set_header_list can be set to include custom header info like proxy_set_header
  • Fixed handling root and ssl for subdomain
  • Added ssl self-sign feature to enable self signing SSL
  • nginx handling is now executed first before scripts
  • java install feature is available, we use dotnet build for the binary
  • Another install feature includes zig, bun, dotnet deployment instructions
  • ftp is no longer available. Use SFTP (FTP over SSH) which is always available

That's a lot of improvements in last six months! We hope you enjoy our services, and we'll see you in the next update!

· 4 min read
Wildan Mubarok

This June 2023 update brings so much improvements to make things easier for newcomers!

Aside from our welcome page above, here's all the improvements since last March:

Directly Upload Project Files

Previously, we only can import existing project via external Git repo. Today, we introduce a small utility that allows you to uploads your project from local files, and converting it to a public ZIP url:

Why it's useful? This utility eradicates to need of going to Webmin tool just to upload project files, and then adjusting the script needed depending on the framework used in that project. A huge time saver! Right?

The upload script also automatically strips unnecessary files. In the video above, a project with over 400 MB get uploaded into 5 MB Zip file! This is because most of the heavy stuff from node_modules are stripped before upload.

The uploaded ZIP file will be erased 3 days automatically after upload.

More Templates

We introduced more templates to the start wizard (previously it's only 8). These templates consist of CMS or popular web framework by following each respective documentation. Templates are useful if you want to start a new website then continue editing it either via their CMS or directly in the files itself.

Connection Check API

Troubleshooting why a website can't be accessed can be confusing for some users. The Connection Check API can be used to detect and fix common DNS and HTTPS if found, possibly with a fix button. This API can be accessed in Check -> Connection menu.

More Web Portal Improvements

  • The logo is slighly adjusted for brevity.
  • Webhook via GitHub Actions is available as alternative to GitHUb webhook API.
  • The Visual Studio Code button now open ~/public_html by default.
  • Espanol language is added (contributed by our user!).
  • The website list is sortable by clicking any column.
  • Using better and more safe name random generator.
  • Free plan renewal is extended to 2 months instead of 1 month after last login.
  • If using email to register an account, that email must be verified before creating websites.
  • Better error handling in YAML deploy script, also in many other parts of input validations.
  • Many bugfixes, including PayPal payment support.

Server Improvements

As more people using NYC (New York) and FRA (France) servers, both RAM capacity is increased to 2 GB. Now all three servers (SGA, NYC and FRA) are using 1 vCPU and 2 GB RAM.

All plans now approximately has 2x more bandwidth capacity, also the free plan has increased its bandwidth limit to 2GB from 1.5GB.

We also increased the server security by use hidepid=2 to protect potentially sensitive information generated from CLI arguments.

The operating system has been updated to Rocky Linux 9.2 from 9.1.

The system firewall now allows additional Social Media APIs and Email APIs.

Deployment System Improvements

  • The deployment system now supports go, rust and deno installation.
  • Installation of ruby and python gets quicker now because it's prefer compiled binary if possible.
  • Removal of language compilers like node off, python off, etc.
  • Part of NGINX config like ssl [always|on|off] and http [1|2] is configurable with features.
  • Many more small bugfixes

That's a lot of improvements in last quarter! We hope you enjoy our services, and we'll see you in the next update!

· 3 min read
Wildan Mubarok

DOM Cloud runs with Rocky Linux 8, which was migrated from CentOS 8 from sometime ago. Rocky Linux 9.1 is available since about three months ago, and I think it's matured enough to update the OS.

This update brings modern versions into system packages, notably PHP from 7.4 to 8.0, Node.js from 14 to 16, Python from 3.6 to 3.9, and many more. This update also fixes some parts of the system that is not working properly, such as the WebSSH service which was broken in some servers.

We would like to highlight some other major updated for the last three months:

New Server in France

Available since January, this eliminates latency issues for European users who plan to use our services. It gains enough upvotes in the issue page and as of today there are dozens of websites hosted in this server.

As of this writing, there are 3 servers in total, each one in Asia, Europe, and North America. There are no plan to add more servers in the near future, as probably additional budget will be allocated to increase computational power instead. Time will tell.

Force Recalculation of Disk Usage

Since limit enforcement is based on disk usage is running since three months ago... some of our users wondering if there's a way to instantly recalculate the disk usage, as it's not updated automatically (takes schedule about 3 days to update). We have added a button to force recalculation of disk usage via a new button in bottom right of the Team page.

It is useful if you already run out of disk space and has deleted some files, so the website can be accessed again.

To analyze which files are taking up the most disk space, you can use the ncdu command. It's available in all servers, and you can run it via SSH.

Country Input Field

As you can see from above screenshot, we have added a new field in the Team page to specify the country of your team. This is mostly used for analytics purpose, as we can see which country has the most users, and better features tailored for them.

There's also input for currency (for payment purposes) and default server, which automatically selected based on selected country during the first login.

Pricing Adjustments

We keep adjust pricing based on total usage and demand. As of today, the price tag is changed as follows:

  • Lite plan: from 3 USD/month to 1.5 USD/month
  • Kit plan: from 10 USD/month to 5 USD/month
  • Pro plan: from 25 USD/month to 12.5 USD/month

This price change is already reflected in other currencies as well. So the difference in value should be small. We hope a lot of users will be able to get on board faster with our services with this competitive price change.

Other Niche Features

Although is still a work in progress, we have improved small things incrementally, such as the documentation and the website itself. There's also features requests that has been backlogged for a long time. We'll get there in time!


That's all for this update. We hope you enjoy our services, and we'll see you in the next update!

· 3 min read
Wildan Mubarok

Hi, long time I haven't do some updates. I want to point out some statistics and key actions on what to do next for DOM Cloud.

stat.png

By number of statistics, our platform usage are steadily increasing. We also gotten some feedback from users, and guided with data and some reasoning, we would like to bring some changes to our plans:

Change in Plans

Free Plan

The free plan storage cap is increased from 1 GB to 1.5 GB, while total of website is reduced from 4 to 3. I think this is a fair tradeoff, because most websites nowadays are quite heavy with depedencies, and storage is quite cheap compared to computing power.

Lite Plan

Due to high processing fees, I think it's make sense to increase the price from 2 USD to 3 USD a month. With that in mind, these limits are increased:

  • Storage cap is increased from 2 GB to 3 GB.
  • Data transfer is increased from 2 GB to 5 GB.
  • Total of website is increased from 5 to 6.

The Enforcing of Limits

Limits in the past is not enforced because how little the users was and support was very limited. Now with more users, I think it's time to enforce the limits so I can keep the platform stay on good performance.

Here's how it works:

  • If storage or data cap is reached, all website will be instantly disabled and the user will be notified with email. Current option is to upgrade the plan or delete some files (only works if the storage cap reached).
  • If paid user has exceeded the expiry date, it will return back to free plan automatically.
  • Free user also has expiry date too, but it's 30 days after the last login. If the user has not logged in for 30 days, all website will be disabled and the user is notified before all website data is erased permanently within 2 weeks.
  • If free user's website has used a noticeable data cap (it means getting enough traffic), that user doesn't need to login for another 30 days (the expiration date is extended automatically, as a thank you because it means free marketing for us too).

Upcoming new Features

There maybe not a lot of new features upcoming, because I will focus on providing good documentation.

Nonetheless, there maybe some minor new features or UI improvements in this month. Check back later!

· 2 min read
Wildan Mubarok

In few days ago Heroku announced it will no longer provide free plans, which is also means a free marketing for us. I tell people people about this service in dev.to and free-for.dev and the result is a recent spike of traffic.

Traffic stat increased dramatically

To get prepared for this spike, I need to adjust a few things:

  • The New York server just been upgraded to 2 GB RAM and 2 vCPU immediately. This capacity is equal with what I use in Singapore server. Later if spike of usage still continue, I will use a separate mount drive for /home directory.
  • I will continue to complete writing the documentation, but there will be few changes: We'll remove the optional tools we've had installed (Ruby, Go, etc.) and the only things that preinstalled will be php (all major/version supported), node and python with specific version provided from OS. This will make our documentation clear and removing the dangerous depedency with OS environment which can change at anytime.

There's also a few improvements in features and security that I would like to talk for the next month:

  • The home directory will change into some random unique string rather than what you provided from the UI. This is because anybody can do ls /home and get all username list from the server. This might need take time because it may break existing scripts. Another option is to use jailkit but I'm not so sure it will not break anything.
  • we will provide a way to pipe the logs from server into portal UI. Right now the only way to open logs is from the Webmin UI.
  • The documentation, again.

So that's it, see you next month!

· One min read
Wildan Mubarok

In a very narrow free time window I successfully redesign (again) the landing page, in fewer than 24 hours!

The new design reflects more about what this service about: it's for the niche, but packed with lots of server tooling that (hopefully) makes your dev life easier.

I captured the screenshot (in video) below. I like the dark mode button!

If you wonder, this new landing site is built using Docusaurus, replacing our old simple website that's powered by Jekyll. I saved the old site in archive.org if you wanted to see the difference.

Anyway, I feel sorry that the proper blog and docs are just live today. Actually, a lot has gotten since 2 years I've been making this platform. Let's hope it get better every time!