Imagine what you could do
if you read this book
Improve as a web developer and a software engineer
Follow your curiosity and get answers on what it takes to take a web application to production. Improve your understanding of networking and security to stand out.
Self-host your startups and side-projects to save money
You'll learn how to self-host anything from an application server to a database. Your first startup can start on a $5 a month virtual machine in the cloud.
Start a career in Site Reliability Engineering and related fields
The book goes through a wide range of topics and thus is ideal as a first step towards the hottest and highest paying careers today.
Tear the black box down
More than 13 years ago, deploying web applications was a black box for me. I had many questions.
It wasn't always clear to me whether running an application server with the rails s command is enough for production. And how to properly deploy a database. Or secure a server. Yet it was something I always wanted to understand and I never stopped asking the relevant questions. And over the years, I found my answers.
Now I want to share them with you so you can bring your applications to life.
I cover a lot of corners of system administration, server configuration and deployment of web applications. It's everything from network theory to encrypting database backups.
At the end, we'll take that black box and tear it down.
As heard on:
“I had a chance to read through the alpha version of the book and there's a lot of really good information in there. I think it's something that I wish I had had when I was first starting out, because there's so much that's not really talked about.”
Co-host, Software Engineering Radio
26 chapters of awesome content
A bird's eye view of high-level concepts when it comes to provisioning, configuration management, and application deployment.
Before dispatching to clouds, we buckle up and get everyone familiar with standard streams, pipes, and other shell basics.
The theoretical foundation for understanding a multi-server setup, networking utilities, webserver configuration, and firewalls. A local and Internet addressing.
Connecting to our first virtual private server. Getting familiar with the SSH protocol and its public key encryption. Configuring SSH on client and server.
A hands-on exploration of a newly created virtual machine with a focus on networking. We'll learn about network interfaces, IP addresses, ports, and sockets in a more practical way.
Installation and configuration of software from package repositories. Automating configuration management with Bash.
A brief look at what filesystems are and the filesystem layout in Linux. Where do files go, and where will our applications live?
Priviledged and unprivileged access. Implementing user roles with Linux users and groups.
Exploring the Linux discreet permission system and Access Control List to set ownership and limit access for services on the system.
A closer look at Linux processes. CPU and virtual memory, background processes, monitoring, debugging, systemd, system logging, and scheduled processes.
Kinds of web servers. Setting up NGINX as a web server and a reverse proxy. Automating log rotation.
A closer look at DNS services and working with TLS certificates. Self-signed and Let's Encrypt.
Building imaginary walls with firewalld. Editing and defining zones to manage risk expectations.
Building a simple convention over configuration Bash framework to configure servers.
Exploring version managers of popular programming languages, isolating application dependencies.
Concurrency, threading, logging, and other considerations for a good application server configuration. Notes on Puma and Gunicorn configuration.
Learning to write systemd unit files to run application services. Working with cgroups. System and user systemd services.
Running PostgreSQL and Redis in production. Installation, configuration, client configuration. Backups and restores.
A closer look at often overlooked Security-Enhanced Linux. Understanding the targeted policy and contexts. Fixing SELinux violations.
Discussing local, block, and object storage. Implementing network filesystems with NFS.
Data collection, compression, and encryption for frictionless data backups and restores.
Secret management. Environment files and Rails Encrypted Credentials.
Discussing deployment and post-deployment tasks. Making a Heroku-like git-push deployment.
Sending and receiving email. Discussing email delivery and implementation.
A primer on Linux containers. Building and running containers with Docker and Podman. Rootless and caching considerations.
What did you learn and where to go next from here?
A lot of resources are limited in scope, but this one has you covered on
Code to get you started
A static website
A static website with automatic Let's Encrypt certificates and system updates. A separate configuration and rootless deployment script.
Add server-side analytics and beat the pricing of hosted solutions.
A database-backed Ruby on Rails application
with Action Cable
A single server running a full-featured web application with UNIX sockets, PostgreSQL ident system authentication, Web Sockets, and Let's Encrypt certificates. A git-push deployment with helpful administration scripts for connecting to the server or handeling file and database backups.
Adjust for your application based on the knowledge from the book. Deploy within the same day!
A standalone PostgreSQL server
A self-sufficient PostgreSQL cluster demo with automatic system upgrades, log rotation, and TLS. Scripts for cluster-wide backups and restores.
Run a standalone database when you need more power or to host all your projects' databases in one place.
Don't just take my word for it
“These last years I have seen how virtualization has brought all the advantages of powerful dedicated servers with the flexibility and features of managed services. As a tech entrepreneur, this hit the sweet spot with prices being dirty cheap but with the problem of cooking your own meal. You have to manage your DevOps.
While I was learning on my own I bumped into the Deployment from Scratch book from Josef Strzibny. The book is amazing because it covers every piece of knowledge you need to follow in a very practical way, providing all the snippets of code that you need but keeping in mind the big picture and why you do the things you do.
I was fighting to deploy my Ruby on Rails application. Now, I deploy my application to a production server with 4 CPU cores, 16 GB of RAM, and automated backups for barely €15 a month. The same would be €500 on Heroku. I now deploy with a single command, too. For me, this is a real competitive advantage.
I cannot recommend the book enough!”
Executive Director, Redvi
Gumroad rating from selling 970+ copies
For some people, there is a blank spot in starting their IT journey. A person who is not an insider nor studied IT, or hasn't worked in an information technology company, that person will have a hard time trying to enter that world.
Yes, you can google some concepts, but what to google? You firstly have to know what questions you should google for. For people like me learning web programming, all stuff outside programming courses looks like a black box. It's hard to know what is going on behind the code.
This book helps sort it all out and prepares you for real-life IT infrastructure, shining a light into those not well known parts of real world computing. Thanks Josef.
I've long had a strong hunch that there is both room and a strong need for something between the we'll just hack together a few simple shell scripts of the (very good!) Deployment from Scratch and the aircraft carrier that is Kubernetes.
I haven't gone through the whole book yet, but what I have read so far has been top notch! Good work!
Hosting a production web app was super intimidating for me because as I was afraid to leave out something critical regarding security or data integrity. Your book gave me clear answers and an actionable guide while I felt overwhelmed by the documentation of each individual moving parts of my server. It is clear and comprehensive and I now have confidence to deploy and manage apps myself. This is truly empowering. Thank you!
I am using some scripts that I downloaded from Josef Strzibny's book that is setting up Rails deployment via Git and automatically installing a PostgreSQL server. I am also using Dokku – but I like the idea of controlling what is happening on the server.
Why self-hosting if there is Heroku?
There are few good reasons for being more independent on your hosting provider. If your account gets locked, you can easily move your virtual machines to other providers or on-premise. The others being cost, flexibility, or ability to provide a self-hosting option for enterprise customers.
Maybe staying with managed services like Heroku or Render is the right choice for you. This book is not about convincing you to self-host, but to show you how it's done.
Is this about on-premise?
The book's focus is on self-hosting on virtual machines within a cloud provider where people can conveniently combine self-hosting with hosted services.
While everything applies to on-premise self-hosting as well, I don't talk about provisioning the hardware for the virtual machines themselves.
What operating system is it for?
The book targets Fedora family of systems, mainly the stable CentOS 8 and Rocky Linux 8.
If you are using other systemd-based operating systems such as Ubuntu, most of the book will still apply as only the package management is truly different (DNF vs APT).
I don't use Ruby or Python. Is this for me?
I wanted to write a general book, but writing in an abstract way wouldn't be that useful. I chose Ruby and Python as popular programming languages for my examples, but before diving into a specific application server setting, I go through everything in theory.
If you are using another programming language, you'll have to find these details yourself, but you'll know what to look for. And even then it's probably less than 10% of the book.
While Bash doesn't seem like an ideal choice at first, it's surprisingly ubiquitous. Linux packages' specification files are in Bash, version managers like chruby and pyenv are in Bash, Dockerfiles and their entrypoints are practically Bash.
Above all, I chose Bash to show everything without deep abstractions, so you know what's going on every step of the way.