Our Blog

Reducing page load times: Cloudflare and caching with ASP.NET

By Juan Pablo Ventoso
January 14, 2025

When designing the architecture for a new website, it’s important to keep caching in mind. Caching allows you to store a copy of the pages or resources used by your web application in your local browser. Content distribution networks such as Cloudflare also leverage cache directives to distribute content to users more efficiently.

If we are going to use response caching on our web application, we should not include anything that depends on the identity context for the user in the page content in the response. Instead, we should render the same content to every user that hits the same URL. If we include any identity-specific content, the CDN will reuse it for other requests, which is a security and privacy risk.

A simple example is an ecommerce site where the customer logs in to make a purchase: If the homepage shows the user name and icon at the top bar, that content should be rendered from a non-cached request. Otherwise, CDN caching will show the same user and icon to other visitors. And worse: depending on the validations applied to the website, the profile page could even display personal information to other users!

When dealing with these situations, I often rely on …

Learning Vue 3 composables by creating an invoice generator

By Bimal Gharti Magar
January 6, 2025

The latest major version of Vue, Vue 3, has new features that are not present in Vue 2, such as Teleport, Suspense, and support for multiple root elements per template. Vue 3 provides smaller bundle sizes, better performance, better scalability, and better TypeScript IDE support.

What are Vue 3 composables?

Writing repetitive code can be a real pain in the frontend development realm. We can use Vue 3 composables to encapsulate and reuse stateful logic in our components. In this blog post, we will look at how we can use composables to reuse business logic by building an invoice generator.

An invoice generator, simply said, is an application that creates and manages invoices. We will focus on creating Vue 3 composables to properly separate business logic while reusing it across different features.

Core functionalities for invoice generator

• Adding, editing, and removing invoices and items
• Calculating totals with discounts, taxes, and shipping
• Generating PDF invoices

To implement these functionalities, we’ll focus on:

• Creating composables to handle business logic
• Reusing this logic across features and components

Prerequisites

Basic understanding of:

• Vue 3 and Composition …

Studying “The Mythical Man-Month” in Collaboration with a Client

By TJ Christofferson
December 23, 2024

Here at End Point we did an enlightening and fun eleven-week study group in collaboration with one of our clients. We worked through Frederick Brooks Jr.’s book The Mythical Man-Month: Essays on Software Engineering, which was originally published in 1975, with an expanded edition published in 1995. In certain ways this book is still applicable to our time, and it was a delight to discuss it in a structured study group with coworkers and peers. This particular study group even piqued the curiosity of the owners of both our companies who participated throughout the course!

As part of our effort to continually improve our abilities and awareness, and thus build a strong technical company culture, End Point has done many study groups over the years, such as the Ruby Fight Club and the You Don’t Know JS study group. Participation in these groups is voluntary, and they have covered a range of other topics including PostgreSQL, terminal fluency skills, and regular expressions. The opportunity to step away from regular work duties for an hour during the week, and to have meaningful discourse between coworkers has been invaluable for building relationships across teams.

For this …

Migration from Struts 1 to Struts 2

By Kürşat Kutlu Aydemir
October 4, 2024

Apache Struts is an open source web framework. Struts 1 was first released in 2000 and its latest version (1.3.10) was released in December 2008, marking the EOL of Struts 1. So Struts 1 is an ancient, dead version. Organizations still using it need to move away from Struts 1.

Apache adapted the WebWork framework as Struts 2. Its architecture significantly differs from that of Struts 1. There are key points and obvious differences provided by Apache to cover a migration plan from Struts 1 to Struts 2.

The market share of Apache Struts is around 0.01%, which gives relatively lower relevance to Apache Struts. However, there are companies still using Apache Struts 1 in their legacy applications, which may not be counted in market share statistics.

A Comparison of Struts 1 and Struts 2

Struts 1 and Struts 2 differ significantly in their approach to handling web requests. Struts 1 follows a more rigid structure where Action classes must extend an abstract base class, limiting flexibility. In contrast, Struts 2 is more dynamic, allowing Action classes to implement interfaces or even function as simple POJOs, enhancing adaptability. Struts 2 also includes the ActionSupport class, which …

Using a Containerized Nginx Proxy to Serve a Multi-Application .NET System

By Kevin Campusano
September 24, 2024

We recently blogged about how we deployed a system made of multiple .NET applications using Docker containers. In order to make them accessible over the internet, we created a reverse proxy using Nginx.

In that case, we installed and configured the Nginx instance directly in the server, as opposed to the rest of the applications, which ran within containers. That approach did and still does work well for us.

In this article, we’re going to explore an alternative strategy. One where we push the containerization aspect further and deploy and run the Nginx instance itself in a Docker container.

Reintroducing the demo project

Like I said, our system has multiple runtime components, each one of them running in their own container. We have two ASP.NET Core web applications: an Admin Portal and a Web API. They live in this Git repository. And we also have a Postgres database, which the apps interact with.

We also have another repository where the deployment-related files are stored. Among others, there are the expected compose.yaml and Dockerfiles that describe the entire infrastructure.

Throughout this post we will update those deployment configuration files to add an Nginx …

Deploying and Troubleshooting Self-Hosted MicroBin

By Muhammad Najmi bin Ahmad Zabidi
September 13, 2024

Note: This write-up was based on the installation done on Rocky Linux 9. You may need to adjust this example for other distros with their package manager commands.

In the world of collaboration between our team members and the public, secure and efficient ways to share text and files are essential. While there are many cloud-based options available, some might prefer to keep their data in their own hands. If you’re one of those individuals, MicroBin might be just the solution you’re looking for.

What is MicroBin?

MicroBin is a Rust-based software that acts as a self-hosted pastebin alternative. It allows users to share publicly accessible text or encrypted text files, putting you in control of your data sharing needs. Users can choose whether to share the data/text publicly or privately. MicroBin also has syntax highlighting capabilities.

Installation

There are several ways to install MicroBin. In this case, we will install it directly on a Rocky Linux server. You might need to install git, Rust packages, and cargo before starting.

Cargo

For those comfortable with Rust and its package manager, Cargo, installing MicroBin is a breeze. Simply use the following command as …

Automating DNS Management with GitLab CI/CD

By Kannan Ponnusamy
September 6, 2024

Photo by Simon Kadula

At End Point, managing DNS records across multiple domains has historically been a manual task. This blog post details our journey from manual processes to an automated workflow using GitLab CI/CD.

Our Initial Approach

With multiple domains and frequent updates necessary to manage the servers, manual handling of DNS changes became a bottleneck. Initially, our process looked like this:

• Make changes to the OpenTofu configuration files
• Create a merge request (MR) in GitLab
• They would run tofu plan manually and paste the plan output into the MR for review
• A coworker would review the MR and approve the changes
• Once merged, the engineer would manually run tofu apply to implement the changes

While this process worked, automating it could enhance our productivity and minimize errors, integrating our DNS management directly into our CI/CD pipeline.

The Solution: Automating with GitLab CI/CD

• Change Submission: Engineers make changes to the OpenTofu files and submit a merge request
• Plan Creation: A GitLab CI/CD job automatically generates an OpenTofu plan when changes are proposed
• Review Process: A coworker reviews the automatically generated plan in the MR
• Applying …

Streamlining SELinux Policies: From Policy Modules to Modules and Silent SELinux Denials

By Bharathi Ponnusamy
August 26, 2024

Introduction

SELinux (Security-Enhanced Linux) provides a robust security layer that enforces security policies to control system access. When dealing with SELinux, you often encounter the terms “policy_module” and “module”. Understanding the difference between these and knowing how to convert between them is crucial for efficient system administration.

What is a policy_module?

A policy_module in SELinux is a type of module used to define additional policies. These modules encapsulate specific security rules that can be loaded into the SELinux policy to grant or restrict permissions. Policy modules are particularly useful for adding or modifying policies without changing the base SELinux policy.

policy_module(my_policy, 1.0)

require {
    type my_app_t;
}

#============= my_app_t ==============
allow my_app_t my_log_t:file read;

What is a module?

A module in SELinux is a compiled version of a policy module. The compilation process translates the high-level policy rules into a binary format that SELinux can enforce. Modules are loaded into the SELinux policy store to extend or modify the active policy.

module my_module 1.0;

require {
    type my_app_t; …