Group items tagged

Nginx is one of the most popular web servers in the world. It can successfully handle high loads with many concurrent client connections, and can easily function as a web server, a mail server, or a reverse proxy server.

The main server block directives that Nginx is concerned with during this process are the listen directive, and the server_name directive.

The listen directive typically defines which IP address and port that the server block will respond to.

Nginx translates all “incomplete” listen directives by substituting missing values with their default values so that each block can be evaluated by its IP address and port.

In any case, the port must be matched exactly.

If there are multiple server blocks with the same level of specificity matching, Nginx then begins to evaluate the server_name directive of each server block.

Nginx checks the request’s “Host” header. This value holds the domain or IP address that the client was actually trying to reach.

Nginx will first try to find a server block with a server_name that matches the value in the “Host” header of the request exactly.

If no exact match is found, Nginx will then try to find a server block with a server_name that matches using a leading wildcard (indicated by a * at the beginning of the name in the config).

If no match is found using a leading wildcard, Nginx then looks for a server block with a server_name that matches using a trailing wildcard (indicated by a server name ending with a * in the config)

If no match is found using a trailing wildcard, Nginx then evaluates server blocks that define the server_name using regular expressions (indicated by a ~ before the name).

If no regular expression match is found, Nginx then selects the default server block for that IP address and port.

If no modifiers are present, the location is interpreted as a prefix match.

=: If an equal sign is used, this block will be considered a match if the request URI exactly matches the location given.

~: If a tilde modifier is present, this location will be interpreted as a case-sensitive regular expression match.

~*: If a tilde and asterisk modifier is used, the location block will be interpreted as a case-insensitive regular expression match.

^~: If a carat and tilde modifier is present, and if this block is selected as the best non-regular expression match, regular expression matching will not take place.

Keep in mind that if this block is selected and the request is fulfilled using an index page, an internal redirect will take place to another location that will be the actual handler of the request

Keeping in mind the types of location declarations we described above, Nginx evaluates the possible location contexts by comparing the request URI to each of the locations.

Nginx begins by checking all prefix-based location matches (all location types not involving a regular expression).

First, Nginx looks for an exact match.

If no exact (with the = modifier) location block matches are found, Nginx then moves on to evaluating non-exact prefixes.

After the longest matching prefix location is determined and stored, Nginx moves on to evaluating the regular expression locations (both case sensitive and insensitive).

by default, Nginx will serve regular expression matches in preference to prefix matches.

regular expression matches within the longest prefix match will “jump the line” when Nginx evaluates regex locations.

The exceptions to the “only one location block” rule may have implications on how the request is actually served and may not align with the expectations you had when designing your location blocks.

The index directive always leads to an internal redirect if it is used to handle the request.

In the case above, if you really need the execution to stay in the first block, you will have to come up with a different method of satisfying the request to the directory.

one way of preventing an index from switching contexts, but it’s probably not useful for most configurations

the try_files directive. This directive tells Nginx to check for the existence of a named set of files or directories.

the rewrite directive. When using the last parameter with the rewrite directive, or when using no parameter at all, Nginx will search for a new matching location based on the results of the rewrite.

The error_page directive can lead to an internal redirect similar to that created by try_files.

when certain status codes are encountered.

{% ... %} for Statements

{{ ... }} for Expressions to print to the template output

use a dot (.) to access attributes of a variable

the outer double-curly braces are not part of the variable, but the print statement.

if an object has an item and attribute with the same name. Additionally, the attr() filter only looks up attributes.

Variables can be modified by filters. Filters are separated from the variable by a pipe symbol (|) and may have optional arguments in parentheses.

Multiple filters can be chained

Tests can be used to test a variable against a common expression.

add is plus the name of the test after the variable.

to find out if a variable is defined, you can do name is defined, which will then return true or false depending on whether name is defined in the current template context.

strip whitespace in templates by hand. If you add a minus sign (-) to the start or end of a block (e.g. a For tag), a comment, or a variable expression, the whitespaces before or after that block will be removed

not add whitespace between the tag and the minus sign

mark a block raw

Template inheritance allows you to build a base “skeleton” template that contains all the common elements of your site and defines blocks that child templates can override.

The {% extends %} tag is the key here. It tells the template engine that this template “extends” another template.

access templates in subdirectories with a slash

can’t define multiple {% block %} tags with the same name in the same template

put the name of the block after the end tag for better readability

if the block is replaced by a child template, a variable would appear that was not defined in the block or passed to the context.

setting the block to “scoped” by adding the scoped modifier to a block declaration

Jinja2 functions (macros, super, self.BLOCKNAME) always return template data that is marked as safe.

With the default syntax, control structures appear inside {% ... %} blocks.

the dictsort filter

loop.cycle

use loops recursively

whether the value changed at all,

use it to test if a variable is defined, not empty and not false

Macros are comparable with functions in regular programming languages.

If a macro name starts with an underscore, it’s not exported and can’t be imported.

pass a macro to another macro

caller()

a single trailing newline is stripped if present

other whitespace (spaces, tabs, newlines etc.) is returned unchanged

caller(user)

call(user)

This is a simple dialog rendered by using a macro and a call block.

Filter sections allow you to apply regular Jinja2 filters on a block of template data.

Assignments at top level (outside of blocks, macros or loops) are exported from the template like top level macros and can be imported by other templates.

using namespace objects which allow propagating of changes across scopes

use block assignments to capture the contents of a block into a variable name.

The extends tag can be used to extend one template from another.

Blocks are used for inheritance and act as both placeholders and replacements at the same time.

The include statement is useful to include a template and return the rendered contents of that file into the current namespace

Included templates have access to the variables of the active context by default.

putting often used code into macros

imports are cached and imported templates don’t have access to the current template variables, just the globals by default.

Macros and variables starting with one or more underscores are private and cannot be imported.

By default, included templates are passed the current context and imported templates are not.

Integers and floating point numbers are created by just writing the number down

Everything between two brackets is a list.

Tuples are like lists that cannot be modified (“immutable”).

A dict in Python is a structure that combines keys and values.

// Divide two numbers and return the truncated integer result

(expr) group an expression.

The is and in operators support negation using an infix notation

in Perform a sequence / mapping containment test.

| Applies a filter.

~ Converts all operands into strings and concatenates them.

use inline if expressions.

always an attribute is returned and items are not looked up.

default(value, default_value=u'', boolean=False)¶ If the value is undefined it will return the passed default value, otherwise the value of the variable

dictsort(value, case_sensitive=False, by='key', reverse=False)¶ Sort a dict and yield (key, value) pairs.

format(value, *args, **kwargs)¶ Apply python string formatting on an object

indent(s, width=4, first=False, blank=False, indentfirst=None)¶ Return a copy of the string with each line indented by 4 spaces. The first line and blank lines are not indented by default.

join(value, d=u'', attribute=None)¶ Return a string which is the concatenation of the strings in the sequence.

map()¶ Applies a filter on a sequence of objects or looks up an attribute.

pprint(value, verbose=False)¶ Pretty print a variable. Useful for debugging.

reject()¶ Filters a sequence of objects by applying a test to each object, and rejecting the objects with the test succeeding.

replace(s, old, new, count=None)¶ Return a copy of the value with all occurrences of a substring replaced with a new one.

round(value, precision=0, method='common')¶ Round the number to a given precision

even if rounded to 0 precision, a float is returned.

select()¶ Filters a sequence of objects by applying a test to each object, and only selecting the objects with the test succeeding.

sort(value, reverse=False, case_sensitive=False, attribute=None)¶ Sort an iterable. Per default it sorts ascending, if you pass it true as first argument it will reverse the sorting.

striptags(value)¶ Strip SGML/XML tags and replace adjacent whitespace by one space.

tojson(value, indent=None)¶ Dumps a structure to JSON so that it’s safe to use in <script> tags.

trim(value)¶ Strip leading and trailing whitespace.

unique(value, case_sensitive=False, attribute=None)¶ Returns a list of unique items from the the given iterable

urlize(value, trim_url_limit=None, nofollow=False, target=None, rel=None)¶ Converts URLs in plain text into clickable links.

defined(value)¶ Return true if the variable is defined

in(value, seq)¶ Check if value is in seq.

mapping(value)¶ Return true if the object is a mapping (dict etc.).

number(value)¶ Return true if the variable is a number.

sameas(value, other)¶ Check if an object points to the same memory address than another object

undefined(value)¶ Like defined() but the other way round.

A joiner is passed a string and will return that string every time it’s called, except the first time (in which case it returns an empty string).

namespace(...)¶ Creates a new container that allows attribute assignment using the {% set %} tag

The with statement makes it possible to create a new inner scope. Variables set within this scope are not visible outside of the scope.

activate and deactivate the autoescaping from within the templates

With both trim_blocks and lstrip_blocks enabled, you can put block tags on their own lines, and the entire block line will be removed when rendered, preserving the whitespace of the contents

After the block type keyword and any labels, the block body is delimited by the { and } characters

Identifiers can contain letters, digits, underscores (_), and hyphens (-). The first character of an identifier must not be a digit, to avoid ambiguity with literal numbers.

The # single-line comment style is the default comment style and should be used in most cases.

he idiomatic style is to use the Unix convention

Indent two spaces for each nesting level.

align their equals signs

Use empty lines to separate logical groups of arguments within a block.

Use one blank line to separate the arguments from the blocks.

"meta-arguments" (as defined by the Terraform language semantics)

Avoid separating multiple blocks of the same type with other blocks of a different type, unless the block types are defined by semantics to form a family.

Resource names must start with a letter or underscore, and may contain only letters, digits, underscores, and dashes.

By convention, resource type names start with their provider's preferred local name.

Most publicly available providers are distributed on the Terraform Registry, which also hosts their documentation.

The Terraform language defines several meta-arguments, which can be used with any resource type to change the behavior of resources.

use precondition and postcondition blocks to specify assumptions and guarantees about how the resource operates.

Some resource types provide a special timeouts nested block argument that allows you to customize how long certain operations are allowed to take before being considered to have failed.

Timeouts are handled entirely by the resource type implementation in the provider

Most resource types do not support the timeouts block at all.

A resource block declares that you want a particular infrastructure object to exist with the given settings.

Destroy resources that exist in the state but no longer exist in the configuration.

Destroy and re-create resources whose arguments have changed but which cannot be updated in-place due to remote API limitations.

Expressions within a Terraform module can access information about resources in the same module, and you can use that information to help configure other resources. Use the <RESOURCE TYPE>.<NAME>.<ATTRIBUTE> syntax to reference a resource attribute in an expression.

resources often provide read-only attributes with information obtained from the remote API; this often includes things that can't be known until the resource is created, like the resource's unique random ID.

data sources, which are a special type of resource used only for looking up information.

some dependencies cannot be recognized implicitly in configuration.

local-only resource types exist for generating private keys, issuing self-signed TLS certificates, and even generating random ids.

The count meta-argument accepts a whole number, and creates that many instances of the resource or module.

the count value must be known before Terraform performs any remote resource actions. This means count can't refer to any resource attributes that aren't known until after a configuration is applied

Within nested provisioner or connection blocks, the special self object refers to the current resource instance, not the resource block as a whole.

use all rules keywords, like if, changes, and exists, in the same rule. The rule evaluates to true only when all included keywords evaluate to true.

use parentheses with && and || to build more complicated variable expressions.

Use workflow to specify which types of pipelines can run.

every push to an open merge request’s source branch causes duplicated pipelines.

avoid duplicate pipelines by changing the job rules to avoid either push (branch) pipelines or merge request pipelines.

For behavior similar to the only/except keywords, you can check the value of the $CI_PIPELINE_SOURCE variable

commonly used variables for if clauses

rules:changes expressions to determine when to add jobs to a pipeline

Use !reference tags to reuse rules in different jobs.

Use except to define when a job does not run.

only or except used without refs is the same as only:refs / except/refs

If you change multiple files, but only one file ends in .md, the build job is still skipped.

If you use multiple keywords with only or except, the keywords are evaluated as a single conjoined expression.

only includes the job if all of the keys have at least one condition that matches.

except excludes the job if any of the keys have at least one condition that matches.

To specify a job as manual, add when: manual to the job in the .gitlab-ci.yml file.

Use protected environments to define a list of users authorized to run a manual job.

Use when: delayed to execute scripts after a waiting period, or if you want to avoid jobs immediately entering the pending state.

To split a large job into multiple smaller jobs that run in parallel, use the parallel keyword

run a trigger job multiple times in parallel in a single pipeline, but with different variable values for each instance of the job.

The @ symbol denotes the beginning of a ref’s repository path. To match a ref name that contains the @ character in a regular expression, you must use the hex character code match \x40.

Compare a variable to a string

Check if a variable is undefined

Check if a variable is empty

Check if a variable exists

Check if a variable is empty

Matches are found when using =~.

Matches are not found when using !~.

Join variable expressions together with && or ||

Modifiers and matchers

Matcher rules determine if a particular request should be forwarded to a backend

if any rule matches

if all rules match

Use a *Prefix* matcher if your backend listens on a particular base path but also serves requests on sub-paths. For instance, PathPrefix: /products would match /products but also /products/shoes and /products/shirts. Since the path is forwarded as-is, your backend is expected to listen on /products

Use Path if your backend listens on the exact path only. For instance, Path: /products would match /products but not /products/shoes.

A backend is responsible to load-balance the traffic coming from one or more frontends to a set of http servers

wrr: Weighted Round Robin

drr: Dynamic Round Robin: increases weights on servers that perform better than others.

A circuit breaker can also be applied to a backend, preventing high loads on failing servers.

To proactively prevent backends from being overwhelmed with high load, a maximum connection limit can also be applied to each backend.

Sticky sessions are supported with both load balancers.

When sticky sessions are enabled, a cookie is set on the initial request.

The check is defined by a path appended to the backend URL and an interval (given in a format understood by time.ParseDuration) specifying how often the health check should be executed (the default being 30 seconds). Each backend must respond to the health check within 5 seconds.

The static configuration is the global configuration which is setting up connections to configuration backends and entrypoints.

We only need to enable watch option to make Træfik watch configuration backend changes and generate its configuration automatically.

a comma-separated key/value pair where both key and value must be literals.

namespacing of your backends happens on the basis of hosts in addition to paths

Modifiers will be applied in a pre-determined order regardless of their order in the rule configuration section.

customize priority

Custom headers can be configured through the frontends, to add headers to either requests or responses that match the frontend's rules.

Security related headers (HSTS headers, SSL redirection, Browser XSS filter, etc) can be added and configured per frontend in a similar manner to the custom headers above.

Servers are simply defined using a url. You can also apply a custom weight to each server (this will be used by load-balancing).

Maximum connections can be configured by specifying an integer value for maxconn.amount and maxconn.extractorfunc which is a strategy used to determine how to categorize requests in order to evaluate the maximum connections.

native database constraints

client-side validations

controller-level validations

Database constraints and/or stored procedures make the validation mechanisms database-dependent and can make testing and maintenance more difficult

Client-side validations can be useful, but are generally unreliable

combined with other techniques, client-side validation can be a convenient way to provide users with immediate feedback

it's a good idea to keep your controllers skinny

Active Record uses the new_record? instance method to determine whether an object is already in the database or not.

Creating and saving a new record will send an SQL INSERT operation to the database. Updating an existing record will send an SQL UPDATE operation instead. Validations are typically run before these commands are sent to the database

The bang versions (e.g. save!) raise an exception if the record is invalid.

save and update return false

create just returns the object

be used with caution

update_all

save also has the ability to skip validations if passed validate: false as argument.

valid? triggers your validations and returns true if no errors

After Active Record has performed validations, any errors found can be accessed through the errors.messages instance method

By definition, an object is valid if this collection is empty after running validations.

validations are not run when using new.

invalid? is simply the inverse of valid?.

To verify whether or not a particular attribute of an object is valid, you can use errors[:attribute]. I

Every time a validation fails, an error message is added to the object's errors collection,

All of them accept the :on and :message options, which define when the validation should be run and what message should be added to the errors collection if it fails, respectively.

validates that a checkbox on the user interface was checked when a form was submitted.

agree to your application's terms of service

use this helper when your model has associations with other models and they also need to be validated

valid? will be called upon each one of the associated objects.

work with all of the association types

Don't use validates_associated on both ends of your associations.

each associated object will contain its own errors collection

errors do not bubble up to the calling model

when you have two text fields that should receive exactly the same content

This validation creates a virtual attribute whose name is the name of the field that has to be confirmed with "_confirmation" appended.

To require confirmation, make sure to add a presence check for the confirmation attribute

this set can be any enumerable object.

The exclusion helper has an option :in that receives the set of values that will not be accepted for the validated attributes.

:in option has an alias called :within

validates the attributes' values by testing whether they match a given regular expression, which is specified using the :with option.

attribute does not match the regular expression by using the :without option.

validates that the attributes' values are included in a given set

:in option has an alias called :within

specify length constraints

:minimum

:maximum

:in (or :within)

:is - The attribute length must be equal to the given value.

:wrong_length, :too_long, and :too_short options and %{count} as a placeholder for the number corresponding to the length constraint being used.

split the value in a different way using the :tokenizer option:

validates that your attributes have only numeric values

By default, it will match an optional sign followed by an integral or floating point number.

set :only_integer to true.

allows a trailing newline character.

:greater_than

:greater_than_or_equal_to

:equal_to

:less_than

:less_than_or_equal_to

:odd - Specifies the value must be an odd number if set to true.

:even - Specifies the value must be an even number if set to true.

validates that the specified attributes are not empty

if the value is either nil or a blank string

validate associated records whose presence is required, you must specify the :inverse_of option for the association

an association is present, you'll need to test whether the associated object itself is present, and not the foreign key used to map the association

false.blank? is true

ensure the value will NOT be nil

validates that the specified attributes are absent

not either nil or a blank string

be sure that an association is absent

false.present? is false

validate the absence of a boolean field you should use validates :field_name, exclusion: { in: [true, false] }.

validates that the attribute's value is unique right before the object gets saved

a :scope option that you can use to specify other attributes that are used to limit the uniqueness check

a :case_sensitive option that you can use to define whether the uniqueness constraint will be case sensitive or not.

There is no default error message for validates_with.

To implement the validate method, you must have a record parameter defined, which is the record to be validated.

passes the record to a separate class for validation

validates attributes against a block

The block receives the record, the attribute's name and the attribute's value. You can do anything you like to check for valid data within the block

will let validation pass if the attribute's value is blank?, like nil or an empty string

the :message option lets you specify the message that will be added to the errors collection when validation fails

skips the validation when the value being validated is nil

specify when the validation should happen

raise ActiveModel::StrictValidationFailed when the object is invalid

You can do that by using the :if and :unless options, which can take a symbol, a string, a Proc or an Array.

use the :if option when you want to specify when the validation should happen

using eval and needs to contain valid Ruby code.

Using a Proc object gives you the ability to write an inline condition instead of a separate method

have multiple validations use one condition, it can be easily achieved using with_options.

implement a validate method which takes a record as an argument and performs the validation on it

validates_with method

implement a validate_each method which takes three arguments: record, attribute, and value

combine standard validations with your own custom validators.

:expiration_date_cannot_be_in_the_past,    :discount_cannot_be_greater_than_total_value

By default such validations will run every time you call valid?

errors[] is used when you want to check the error messages for a specific attribute.

Returns an instance of the class ActiveModel::Errors containing all errors.

lets you manually add messages that are related to particular attributes

using []= setter

errors[:base] is an array, you can simply add a string to it and it will be used as an error message.

use this method when you want to say that the object is invalid, no matter the values of its attributes.

clear all the messages in the errors collection

calling errors.clear upon an invalid object won't actually make it valid: the errors collection will now be empty, but the next time you call valid? or any method that tries to save this object to the database, the validations will run again.

the total number of error messages for the object.

.errors.full_messages.each

.field_with_errors

mount multiple API implementations inside another one

mount on a path, which is similar to using prefix inside the mounted API itself.

four strategies in which clients can reach your API's endpoints: :path, :header, :accept_version_header and :param

clients should pass the desired version as a request parameter, either in the URL query string or in the request body.

clients should pass the desired version in the HTTP Accept head

clients should pass the desired version in the UR

clients should pass the desired version in the HTTP Accept-Version header.

add a description to API methods and namespaces

Parameters are automatically populated from the request body on POST and PUT

route string parameters will have precedence.

Grape allows you to access only the parameters that have been declared by your params block

By default declared(params) includes parameters that have nil values

type: File

JSON objects and arrays of objects are accepted equally

any class can be used as a type so long as an explicit coercion method is supplied

As a special case, variant-member-type collections may also be declared, by passing a Set or Array with more than one member to type

Parameters can be nested using group or by calling requires or optional with a block

relevant if another parameter is given

Parameters options can be grouped

allow_blank can be combined with both requires and optional

Parameters can be restricted to a specific set of values

Parameters can be restricted to match a specific regular expression

Never define mutually exclusive sets with any required params

Namespaces allow parameter definitions and apply to every method within the namespace

define a route parameter as a namespace using route_param

create custom validation that use request to validate the attribute

rescue a Grape::Exceptions::ValidationErrors and respond with a custom response or turn the response into well-formatted JSON for a JSON API that separates individual parameters and the corresponding error messages

custom validation messages

Request headers are available through the headers helper or from env in their original form

define requirements for your named route parameters using regular expressions on namespace or endpoint

mix in a module

define reusable params

using cookies method

a 201 for POST-Requests

204 for DELETE-Requests

200 status code for all other Requests

use status to query and set the actual HTTP Status Code

raising errors with error!

rescue_from will rescue the exceptions listed and all their subclasses.