Poznámky
Poznámky a průvodci pokrývající různé technologie a osvědčené postupy.
DevOps inženýrství
DevOps Engineering Guide This comprehensive guide covers essential DevOps tools and practices including containerization, infrastructure as code, CI/CD pipelines, version management, and environment management. Docker Containerization Docker provides containerization technology for packaging applications with their dependencies into standardized units. Basic Docker Commands Container Management: # Run container docker run <image-name> docker run -d <image-name> # Detached mode docker run -it <image-name> /bin/bash # Interactive terminal docker run -p 8080:80 <image-name> # Port mapping # List containers docker ps # Running containers docker ps -a # All containers # Container operations docker start <container-id> docker stop <container-id> docker restart <container-id> docker rm <container-id> # Remove container docker rm -f <container-id> # Force remove # Execute into running container docker exec -it <container-name> /bin/bash Image Management:
Hugo - generátor statických stránek
Hugo is a fast and flexible static site generator built in Go, designed for building websites quickly and efficiently with excellent performance and developer experience. Quick Start Guide Installation macOS: brew install hugo Windows: winget install Hugo.Hugo.Extended Linux: sudo apt install hugo # Ubuntu/Debian sudo dnf install hugo # Fedora Create Your First Site # Create new site hugo new site my-website cd my-website # Initialize Git repository git init # Add a theme (Ananke example) git submodule add https://github.
Kubernetes (K8S)
Kubernetes Guide This comprehensive guide covers Kubernetes (K8s) operations, from basic pod management to advanced deployment strategies and cluster administration. Core Concepts Kubernetes Architecture Control Plane: API Server, etcd, Controller Manager, Scheduler Worker Nodes: Kubelet, Kube Proxy, Container Runtime Pods: Smallest deployable unit, containing one or more containers Services: Network abstraction for pods Deployments: Declarative way to manage pod replicas ConfigMaps/Secrets: Configuration and sensitive data management Pod Management Basic Pod Commands # Get pods kubectl get pods kubectl get pods -o wide # Detailed view kubectl get pods -w # Watch mode kubectl get pods -o yaml # YAML output # Pod operations kubectl describe pod <pod-name> # Detailed information kubectl logs <pod-name> # View logs kubectl logs -f <pod-name> # Follow logs kubectl exec -it <pod-name> -- /bin/bash # Execute into pod # Pod lifecycle kubectl delete pod <pod-name> # Delete pod kubectl edit pod <pod-name> # Edit pod Pod Creation # Create pod from image kubectl run <pod-name> --image=<image-name> # Create pod with port and expose as service kubectl run <pod-name> --image=<image-name> --port=<port> --expose # Generate pod YAML kubectl run <pod-name> --image=<image-name> --dry-run=client -o yaml > pod.
Návrhové vzory - design patterns
Design Patterns Guide This comprehensive guide covers essential design patterns and principles for software development, with practical examples and Drupal-specific implementations. SOLID Principles in Drupal SOLID is an acronym for five design principles that make software designs more understandable, flexible, and maintainable. 1. Single-Responsibility Principle (SRP) Definition: “There should never be more than one reason for a class to change” - Each class should have only one central responsibility. Benefits in Drupal:
Průvodce vývojem AI
This guide consolidates AI concepts, tools, and practical implementation techniques for developers. It covers foundational principles, generative AI, embeddings, RAG, local AI serving with Ollama, Python libraries, AI in Drupal, and machine learning fundamentals. 1. Generative AI Fundamentals 1.1 Vector Databases and Embeddings Vector databases store high-dimensional vectors for efficient semantic searches. Unlike traditional keyword-based databases, they allow similarity searches using embeddings. Key Concepts: Embeddings: Numerical representations of text, images, or audio in vector space.
Průvodce vývojem AWS
This guide covers Amazon Web Services (AWS) tools and services essential for modern cloud development. It provides practical commands and configurations for managing AWS resources effectively, following AWS best practices. Identity and Access Management (IAM) IAM is AWS’s service for controlling access to AWS resources. It allows you to manage users, groups, roles, and permissions. IAM Concepts Users: Individual identities with credentials. Groups: Collections of users with shared permissions.
Průvodce vývojem databází
This guide provides a comprehensive overview of database technologies, including SQL and NoSQL systems, with practical examples for developers working with data storage, retrieval, and optimization. 1. NoSQL Databases NoSQL databases offer flexible schemas and are designed to handle large volumes of unstructured or semi-structured data. 1.1 MongoDB MongoDB is a document-oriented NoSQL database storing JSON-like documents with dynamic schemas. Connection & Authentication # Local connection mongo mongosh # New MongoDB shell # Remote connection mongo "mongodb://username:password@hostname:27017/database_name" mongosh "mongodb://username:password@hostname:27017/database_name" # Connection with options mongo --host hostname --port 27017 --username user --password --authenticationDatabase admin Database Operations
Verzování s Gitem
Git Version Control Guide This guide covers essential Git commands, workflows, and best practices for effective version control in software development projects. Git Configuration Local Configuration # View local configuration git config --local --list git config --local user.email git config --local user.name # Set local configuration git config --local user.name "Ludek Kvapil" git config --local user.email "kvapilludek@gmail.com" Global Configuration # Set global configuration git config --global user.name "Your Name" git config --global user.
Vývoj v Drupalu
Drupal Development Guide This comprehensive guide covers Drupal CMS development, including installation, module development, theming, security, and best practices for building robust Drupal applications. Drupal Overview Drupal is a free, open-source content management system (CMS) written in PHP. It’s known for its flexibility, scalability, and extensive customization capabilities through modules and themes. Key Features Modular Architecture: Extensive module ecosystem Flexible Content Types: Custom content structures Powerful Taxonomy: Hierarchical classification system User Management: Role-based permissions Multilingual Support: Built-in internationalization API-First: Headless capabilities with JSON:API Security: Strong security track record Installation and Setup System Requirements PHP: 8.
Vývoj v Node.js
Node.js Development Guide Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine that allows you to run JavaScript on the server side. This guide covers essential concepts, tools, and best practices for Node.js development. Table of Contents Version Management NPM Package Manager Express.js Framework Package.json Configuration Debugging and Development Vite Build Tool Next.js Framework Nodemon Development Tool Version Management Node Version Manager (nvm) Node Version Manager allows you to install and switch between multiple Node.
Vývoj v PHP
PHP Development Guide This comprehensive guide covers PHP development from junior to expert levels, including frameworks, best practices, testing, and deployment strategies. PHP Developer Levels Overview Senior PHP Developer Core Competencies: PHP runtime, I/O, error handling, PHP-FPM, garbage collection, performance optimization Frameworks: Symfony, Laravel Data structures and algorithms (Graphs, Trees, Arrays, Collections) Authentication & Authorization: JWT, OAuth Non-functional requirements (security, performance, scalability, resilience) Development Tools: IDE: PHPStorm DevTools: Postman, DataGrip Service Communication:
Vývoj v Pythonu
Python Development Guide This comprehensive guide covers Python programming, focusing on data science, machine learning, and general development practices. It includes key libraries and frameworks essential for modern Python development. Core Python Concepts Data Structures and Operations Lists: # Creating and manipulating lists my_list = [1, 2, 3, 4, 5] my_list.append(6) # Add element my_list.insert(0, 0) # Insert at position my_list.remove(3) # Remove element my_list.pop() # Remove last element my_list.sort() # Sort in place sorted_list = sorted(my_list) # Return sorted copy Dictionaries:
Vývoj v TypeScriptu
TypeScript Development Guide This comprehensive guide covers TypeScript programming, including core concepts, advanced features, tooling, and best practices for modern web development. Getting Started with TypeScript Installation and Setup Global Installation: npm install -g typescript Project Setup: # Initialize npm project npm init -y # Install TypeScript locally npm install --save-dev typescript # Initialize TypeScript configuration npx tsc --init Basic tsconfig.json: { "compilerOptions": { "target": "ES2020", "module": "commonjs", "outDir": "./dist", "rootDir": ".
Webová bezpečnost
Web Security Guide This comprehensive guide covers web application security, penetration testing methodologies, and defensive security practices based on OWASP standards and real-world security assessments. OWASP Web Security Testing Guide (WSTG) The OWASP Web Security Testing Guide provides a comprehensive framework for testing web applications. The methodology is organized into the following main categories: Information Gathering Purpose: Understand application structure, technologies, and attack surface Techniques: Subdomain enumeration Technology fingerprinting Input discovery API endpoint mapping Configuration and Deployment Management Testing Server Configuration Issues: Default credentials Debug information disclosure Unnecessary services running Security headers misconfiguration Identity Management Testing Registration Process: Weak password policies Email verification bypass Account enumeration Credential Recovery: Weak security questions Token predictability Rate limiting bypass Authentication Testing Login Mechanisms: Brute force protection Session management Multi-factor authentication bypass Common Vulnerabilities: Username enumeration Credential stuffing Authentication bypass Authorization Testing Access Control Issues: Insecure Direct Object References (IDOR) Privilege escalation Horizontal/vertical access violations Role-Based Access Control: Missing authorization checks Business logic flaws Session Management Testing Cookie Security: Secure/HttpOnly flags SameSite attributes Domain restrictions Session Handling: Session fixation attacks Session hijacking Concurrent session management Input Validation Testing Injection Attacks: SQL Injection (SQLi) Cross-Site Scripting (XSS) Command Injection LDAP Injection Input Sanitization: Improper encoding Filter bypass techniques Unicode normalization issues Error Handling Testing Information Disclosure: Stack traces in production Database error messages Internal path disclosure Error Response Analysis: Verbose error messages Debug information leakage Cryptography Testing Weak Algorithms: Deprecated encryption methods Insufficient key lengths Predictable random number generation Implementation Flaws: Improper key management Side-channel attacks Padding oracle attacks Business Logic Testing Logic Flaws: Application flow bypass Parameter manipulation Race conditions Business Rule Violations: Price manipulation Quantity limitations bypass Step skipping in workflows Client-Side Testing JavaScript Security: DOM-based XSS Client-side validation bypass Sensitive data in client storage UI Manipulation: Hidden field modification Client-side controls bypass API Testing REST API Security: Authentication mechanisms Authorization checks Input validation Rate limiting GraphQL Security: Query complexity limits Introspection abuse Schema exposure Cross-Site Request Forgery (CSRF) CSRF attacks force authenticated users to perform unwanted actions on web applications.