From 8fb106ff43550bbc8b0a6c8973c576458394878a Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Sun, 22 May 2022 23:03:31 +0100 Subject: [PATCH 01/58] WIP: server setup guide --- blog/debian-server-setup.html | 99 ++++++++++++++++++++++++++ blog/guide-to-server-hosting.html | 112 ++++++++++++++++++++++++++++++ blog/index.html | 7 ++ 3 files changed, 218 insertions(+) create mode 100644 blog/debian-server-setup.html create mode 100644 blog/guide-to-server-hosting.html diff --git a/blog/debian-server-setup.html b/blog/debian-server-setup.html new file mode 100644 index 0000000..5c9a49a --- /dev/null +++ b/blog/debian-server-setup.html @@ -0,0 +1,99 @@ + + + + + + + + + + + + + + Debian Server Setup + + + +
+

Debian Server Setup

+
+ +
+
+ +
+
+

This section assumes you have a fresh Debian 11 install on a server (either physical or VPS)

+

It will cover installing the essentials for access, and basic security so you don't need to worry in the future. This section may seem a little daunting for a first-time linux user, but most of it is copy/paste, hopefully with enough description to understand what is being done.

+
+ +
+

This first section will be done on the physical PC, or on the VPS via their website

+

Update the OS

+

Even with a fresh install of Debian from the latest ISO, there may be some updates you're missing, and it's a good idea to have these, especially in case they're security updates.

> + 
+					
+						root# apt update && apt upgrade	
+					
+
+ +

Install essential packages

+

These are packages that are needed for accessing, and controlling the server

+ 
+					
+						root# apt install sudo ssh	
+					
+
+

Some useful packages too

+ 
+					
+						root# apt install vim htop wget curl tmux	
+					
+
+ +

Add a user, and give super user privilleges

+

You want to avoid using root as much as possible in regular use, so a new user for yourself is a must

+ 
+					
+						root# adduser 	
+						root# usermod -aG sudo 
+					
+
+

*replace with the user you want to create, e.g. nathan

+ +

Set static IP

+

TODO: Homeserver. If the server is a physical PC in your home you will need to set a static IP, otherwise your router could assign a differnent IP on reboot, and this would mess with port forwarding, and internal DNS.

+ +

Secure ssh

+ +

Setup UFW

+ +

Set hostname

+

Setting the name for a server is an important step, but the name doesn't need to be serious

+ +
+ +
+

This next section can be done via a terminal, or a SSH client else you can secure shell with e.g. PuTTY for Windows

+

Create an SSH key

+

SSH into the server

+ + +
+
+ + + + + diff --git a/blog/guide-to-server-hosting.html b/blog/guide-to-server-hosting.html new file mode 100644 index 0000000..8e0b125 --- /dev/null +++ b/blog/guide-to-server-hosting.html @@ -0,0 +1,112 @@ + + + + + + + + + + + + + + Aney's guide to server hosting + + + +
+

Aney' guide to server hosting

+
+ +
+
+ +
+
+

If you want to start getting into server hosting, system administration, or just want to get a basic minecraft/web server up for you and your friends, then welcom. We all start somewhere, and I would love if I could get your foot in the door.
I'll be adding to this guide whenever I get time, and will update it's readibility once it's 'complete'.

+ +

Basic Server setup

+ +

Now you officially own a server, but currently all you can do is SSH into it, so let's get some services on there

+ +

Nginx Webserver

+

A great first service for any server is a website, even if it's just a little page to let people know you own the server

+
    +
  • Install nginx
    • +
  • Setup your first website
    • +
  • Add an SSL certificate w/Certbot
    • +
  • Nginx web hardening
    • +
  • Add PHP to your webserver (optional)
    • +
+ +

MariaDB Database

+

A database is a great tool to store, access, and filter data. Typically used alongside a website, or other services, but can be useful standalone if you know what you're doing

+
    +
  • Install mariaDB
    • +
  • SQL cheatsheet
    • +
  • Adminer install
    • +
  • Backup databases (optional)
    • +
+ +

Backup your server!

+

Backups are super useful. If something breaks, or gets accidentally deleted you can always use a backup to get back to operational

+
    +
  • Setup rsync
    • +
  • Setup rdiff-backup
    • +
  • Setup backup cronjob(s)
    • +
+ +

Run virtual machines

+

Virtual machines allow you to use your server as multiple servers at once, with different operating systems, services, files, etc.

+
    +
  • Setup Qemu/KVM
    • +
  • Setup a bridged adapter
    • +
  • Setup a virtual machine
    • +
  • Virsh cheatsheet
    • +
+ +

Proxy services to port 80/433

+

Many services you install will be accessible via the web, but will use a different ports. Proxying these allows access (and security) without the need to append a port to the server address

+ +

Additional services/potential guides

+
    +
  • Install debain on home server
    • +
  • Self hosting and port forwarding
    • +
  • Password protect webpages
    • +
  • git
    • +
  • samba
    • +
  • Open Media Vault
    • +
  • minecraft
    • +
  • terraria
    • +
  • umami
    • +
  • uptime kuma
    • +
  • torrentbox
    • +
  • jellyfin
    • +
  • VPN
    • +
  • mailserver
    • +
  • cockpit for noob-friendly server management
    • +
+ +
+
+ + + + + diff --git a/blog/index.html b/blog/index.html index cb2910f..f022bff 100644 --- a/blog/index.html +++ b/blog/index.html @@ -31,10 +31,17 @@
+ +

2022

+ +

2021

+
From 192cbf9cd561654e99329907d793af02ecf4b064 Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 11:22:17 +0100 Subject: [PATCH 02/58] Add bare beginnings to server hosting guide/blog posts --- blog/add-domain-to-server.html | 69 ++++++++++++++++++++ blog/debian-server-setup.html | 101 +++++++++++++++++++++++++++--- blog/guide-to-server-hosting.html | 50 ++++++++------- blog/index.html | 9 ++- 4 files changed, 194 insertions(+), 35 deletions(-) create mode 100644 blog/add-domain-to-server.html diff --git a/blog/add-domain-to-server.html b/blog/add-domain-to-server.html new file mode 100644 index 0000000..a3ec673 --- /dev/null +++ b/blog/add-domain-to-server.html @@ -0,0 +1,69 @@ + + + + + + + + + + + + + Link your domain name to your server + + + +
+

Link your domain name to your server

+
+ +
+
+ +
+
+

To avoid needing to remember an IP, this guide will help to link your domain name to your server.

+

Login to your domain name registrar

+

Login to the registrar, and select the domain name you want to point at your server.

+ +

Find the section for DNS

+

The domain name should have a section named, "DNS", "Custom DNS records", or something similar to this. Find, and open it, there should be a bunch of boxes and an option to add a new record

+ +

Add the A record

+

There will likely be many option for adding records, but all we need is to add a singular A record

+

Find the box that allows you to "Add a new record" and input the below, changing and with your IP address, and domain name

+ 
+					
+					
+
+ +

If there are not multiple boxes, but instead a single box to input your record into, this will be what you add instead

+ 
+					
+					
+
+ +

Wait for propagation

+

Now there's a bit of a waiting game, as you need to wait for the new DNS record to propagate (get updated) for all nameservers. This can be anywhere from instantly to 72 hours, but typically takes an hour or two.

+ +

Check your domain has propagated

+

Pinging the domain name will let you know when the IP has propagated, as when the ping command shows your IP, you're all set

+ +
+
+ + + + + diff --git a/blog/debian-server-setup.html b/blog/debian-server-setup.html index 5c9a49a..4937ae3 100644 --- a/blog/debian-server-setup.html +++ b/blog/debian-server-setup.html @@ -32,16 +32,17 @@

This section assumes you have a fresh Debian 11 install on a server (either physical or VPS)

-

It will cover installing the essentials for access, and basic security so you don't need to worry in the future. This section may seem a little daunting for a first-time linux user, but most of it is copy/paste, hopefully with enough description to understand what is being done.

+

It will cover installing the essentials for access, and basic security so you don't need to worry in the future. This section may seem a little daunting for a first-time linux user, but most of it is copy/paste, hopefully with enough description to understand what is being done. Just remember not to copy the $/root$ they're there to show what user/directory we're in.

-

This first section will be done on the physical PC, or on the VPS via their website

+

This first section will be done on the physical PC, or on the VPS via their website, or SSH'd as root if that's the option given.

+

Update the OS

Even with a fresh install of Debian from the latest ISO, there may be some updates you're missing, and it's a good idea to have these, especially in case they're security updates.

> 
 					
-						root# apt update && apt upgrade	
+						root$ apt update && apt upgrade
@@ -49,13 +50,13 @@

These are packages that are needed for accessing, and controlling the server

 					
-						root# apt install sudo ssh	
+						root$ apt install sudo ssh

Some useful packages too

 					
-						root# apt install vim htop wget curl tmux	
+						root$ apt install vim htop wget curl tmux
@@ -63,29 +64,109 @@

You want to avoid using root as much as possible in regular use, so a new user for yourself is a must

 					
-						root# adduser 	
-						root# usermod -aG sudo 
+						root$ adduser 	
+						root$ usermod -aG sudo

*replace with the user you want to create, e.g. nathan

-

Set static IP

-

TODO: Homeserver. If the server is a physical PC in your home you will need to set a static IP, otherwise your router could assign a differnent IP on reboot, and this would mess with port forwarding, and internal DNS.

+

(Local server) Set static IP

+

If the server is a physical PC in your home you will need to set a static IP, otherwise your router could assign a differnent IP on reboot, and this would mess with port forwarding, and internal DNS.

Secure ssh

+

Although this is optional, I recommend it, as SSH (secure shell) will be the primary means of access to the server.

+ 
+					
+						root$ vim /etc/ssh/sshd_config
+					
+
+

Within the editor you will need to search for PermitRootLogin and set it to no, this prevents ssh as root

+

Search for Port and set it to a different port to 22, a port over 1024 prevents basic nmap scans, and therefor a lot of bruteforcing, so let's go with 2020 so it's easy to remember

+

Below the Port line, add a new line with Protocol 2 this enables ssh2, which is more secure

+

(Optional) Comment/Add a # to the beginning of the passwordlogin line. This will prevent sshing to the server from any PC that doesn't have it's SSH key on the server already. I recommend only doing this if your sshkeys are on the server, or you're comfortable adding them.

+ 
+					
+						root$ systemctl reload sshd
+					
+
+

This reloads the ssh daemon, and enables all the changes we've made

Setup UFW

+

UFW (Uncomplicated Firewall) is a simple to use firewall, that can be used to easily open/close ports on your server.

+

We'll install ufw, deny access inwards to all ports, but allow our server to access any ports outwards. We will then manually allow inwards traffic to the SSH port we set, in this case 2020

+ 
+					
+						root$ apt install ufw
+						root$ ufw deny incoming
+						root$ ufw allow outgoing
+						root$ ufw allow 2020
+						root$ ufw enable
+					
+
+

If there are any other ports that need to be opened in the future this can be done with:

+ 
+					
+						root$ ufw allow 
+					
+					or
+					
+						root$ sudo ufw allow 
+					
+

Set hostname

Setting the name for a server is an important step, but the name doesn't need to be serious

+ 
+					
+						root$ vim /etc/hosts
+						root$ vim /etc/hostname
+					
+
+

Within both of these files the hostname should be changed to the same thing

-

This next section can be done via a terminal, or a SSH client else you can secure shell with e.g. PuTTY for Windows

+

This next section can be done via a terminal, or an SSH client e.g. PuTTY for Windowss. For the sake of the guide, this assume you're using a Unix terminal

Create an SSH key

+

We'll create an ed25519 ssh-key, as it's more secure, and performant than the defaultrsa

+ 
+					
+						$ ssh-keygen -t ed25519
+					
+

SSH into the server

+

This is a two part section, and I recommend using this every time you SSH into a server from a new PC

+ 
+					
+						$ ssh @ -p 2020
+					
+
+

This will likely display a message asking to verify the key for the server. This is to prevent man-in-the-middle attacks, so I reccommend verifying this whenever asked.

+

To check the key for the server, you need to run this command on the server.

+ 
+					
+						$ ssh-keygen -l -f /etc/ssh/ssh_host__key.pub	
+					
+
+

Replace with the key the message is asking about. Then if key the server shows matches that on your PC you are SSHing from, type yes and hit enter

+ +

TODO:(Optional) Fail2Ban

+ +

TODO:(Optional) Unattended Upgrades

+

Updates to a server typically want to be done by a human in case things go wrong, but smaller updates can be set to be done automatically

+ +

TODO:(Optional) Setup User preferences

+

These are a few things I personally like to have on a basic server

+

Vi mode bash

+

Aliases

+

Ctrl-L clear-screen

+

BashRC PS1

+

Server maintance notes

+

Keep the server up-to date as much as possible

+

Only install things that you need. If this is a server for learning, half ignore this, but for production servers only install services, and make changes that are required.

+

diff --git a/blog/guide-to-server-hosting.html b/blog/guide-to-server-hosting.html index 8e0b125..72d613f 100644 --- a/blog/guide-to-server-hosting.html +++ b/blog/guide-to-server-hosting.html @@ -5,7 +5,7 @@ - + @@ -31,57 +31,59 @@
-

If you want to start getting into server hosting, system administration, or just want to get a basic minecraft/web server up for you and your friends, then welcom. We all start somewhere, and I would love if I could get your foot in the door.
I'll be adding to this guide whenever I get time, and will update it's readibility once it's 'complete'.

+

If you want to start getting into server hosting, system administration, or just want to get a basic minecraft/web server up for you and your friends, then welcome. We all start somewhere, and I would love if I could get your foot in the door.

+

This is a WIP, so I'll be adding to this guide whenever I get time, and will update it's readibility once it's 'complete'.

Basic Server setup

-

Now you officially own a server, but currently all you can do is SSH into it, so let's get some services on there

+

Now you officially own, and have setup a server. Currently all you can do is SSH into it though, so let's get some services on there

Nginx Webserver

-

A great first service for any server is a website, even if it's just a little page to let people know you own the server

+

A great first service for any server is a website, even if it's just a little page to let people know you own the server/domain name

    -
  • Install nginx
    • -
  • Setup your first website
    • -
  • Add an SSL certificate w/Certbot
    • -
  • Nginx web hardening
    • -
  • Add PHP to your webserver (optional)
    • +
  • TODO:Install nginx
    • +
  • TODO:Setup your first website
    • +
  • TODO:Add an SSL certificate w/Certbot
    • +
  • TODO:Nginx web hardening
    • +
  • TODO:Add PHP to your webserver (optional)

MariaDB Database

A database is a great tool to store, access, and filter data. Typically used alongside a website, or other services, but can be useful standalone if you know what you're doing

    -
  • Install mariaDB
    • -
  • SQL cheatsheet
    • -
  • Adminer install
    • -
  • Backup databases (optional)
    • +
  • TODO:Install mariaDB
    • +
  • TODO:SQL cheatsheet
    • +
  • TODO:Adminer install
    • +
  • TODO:Backup databases (optional)

Backup your server!

-

Backups are super useful. If something breaks, or gets accidentally deleted you can always use a backup to get back to operational

+

Backups are super useful. If something breaks, or gets accidentally deleted you can always use a backup to get back it back

    -
  • Setup rsync
    • -
  • Setup rdiff-backup
    • -
  • Setup backup cronjob(s)
    • +
  • TODO:Setup rsync
    • +
  • TODO:Setup rdiff-backup
    • +
  • TODO:Setup backup cronjob(s)

Run virtual machines

Virtual machines allow you to use your server as multiple servers at once, with different operating systems, services, files, etc.

    -
  • Setup Qemu/KVM
    • -
  • Setup a bridged adapter
    • -
  • Setup a virtual machine
    • -
  • Virsh cheatsheet
    • +
  • TODO:Setup Qemu/KVM
    • +
  • TODO:Setup a bridged adapter
    • +
  • TODO:Setup a virtual machine
    • +
  • TODO:Virsh cheatsheet

Proxy services to port 80/433

Many services you install will be accessible via the web, but will use a different ports. Proxying these allows access (and security) without the need to append a port to the server address

Additional services/potential guides

+

Unless there is an anchor, these are all "TODO", and may just be omitted from this guide

  • Install debain on home server
  • Self hosting and port forwarding
    • diff --git a/blog/index.html b/blog/index.html index f022bff..ebde55b 100644 --- a/blog/index.html +++ b/blog/index.html @@ -31,10 +31,17 @@
    + +

    Pinned

    +

    2022

    2021

    From 2d46fa95b389761326d69f9ef9ed9b4cc1c92948 Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 11:57:49 +0100 Subject: [PATCH 03/58] Remove "noreferrer" from all links It doesn't make sense to not show my domain in others' analytics, in fact, I'd like them to know if I got them traffic. --- blog/debian-server-setup.html | 2 +- blog/index.html | 2 +- blog/ive-started-a-blog.html | 2 +- cv.html | 12 ++++++------ equipment.html | 6 +++--- index.html | 2 +- projects.html | 4 ++-- sitemap.html | 2 +- support.html | 4 ++-- websites.html | 34 +++++++++++++++++----------------- 10 files changed, 35 insertions(+), 35 deletions(-) diff --git a/blog/debian-server-setup.html b/blog/debian-server-setup.html index 4937ae3..5e08dc7 100644 --- a/blog/debian-server-setup.html +++ b/blog/debian-server-setup.html @@ -173,7 +173,7 @@ diff --git a/blog/index.html b/blog/index.html index ebde55b..790e22d 100644 --- a/blog/index.html +++ b/blog/index.html @@ -54,7 +54,7 @@ diff --git a/blog/ive-started-a-blog.html b/blog/ive-started-a-blog.html index 3a7e762..5fa6237 100644 --- a/blog/ive-started-a-blog.html +++ b/blog/ive-started-a-blog.html @@ -47,7 +47,7 @@ diff --git a/cv.html b/cv.html index 7b87afc..ee44055 100644 --- a/cv.html +++ b/cv.html @@ -37,27 +37,27 @@

    Experience/Employment History

    -

    TJS

    +

    TJS

    April 2021 - Current

    Position: Developer

    My time at TJS online is spent developing, and maintaining both the front, and back-end of the dozens of client websites, primarily using a Symfony based stack.

    Skills: PHP Symfony SCSS Git Linux NGINX SEO

    -

    Advantage Finance Ltd

    +

    Advantage Finance Ltd

    Time: October 2018 - March 2021

    Position: System Developer and Technician

    I worked as part of the DevOps team at the car financing company, Advantage Finance. Whilst there I worked full-stack on the numerous bespoke systems; adding features, working on bug fixes and rewriting legacy code for both desktop and web applications. I also assumed the position of IT support, aiding with general AD and PC issues, along with assisting in the training of new starters.

    Skills: VB6 VB.net ASP Classic SVN SQL Active Directory

    -

    Oxfam

    +

    Oxfam

    Time: January 2014 - September 2018

    Position: Volunteer

    While at the renowned charity organisation’s store I handled a multitude of tasks; ranging from working the till, cash handling, tidying and stocking the shop. I was also entrusted with additional tasks such as making bank deposits, opening the store and supervising Saturday’s staff tasks. I also enjoyed holding conversations with many of the customers, helping them feel welcome in the store.

    -

    Tesco

    +

    Tesco

    Time: March 2014 - April 2014

    Position: Personal Picker

    Whilst on the Prince's Trust I did a month’s work experience at a large Tesco store. This involved making 'picks' that were all completed without any errors or customer complaints. I also assisted a number of customers find their desired products and way around the shop.

    @@ -81,7 +81,7 @@

    Misc

    -

    Prince's Trust

    +

    Prince's Trust

    Time: April 2014 - July 2014

    @@ -127,7 +127,7 @@ diff --git a/equipment.html b/equipment.html index 33a6744..3a3c046 100644 --- a/equipment.html +++ b/equipment.html @@ -65,7 +65,7 @@

    Gaming PC

    Red, a custom built machine sporting an R5 2600X, 16GB RAM, a 500GB EVO 970 NVME, and a Vega 64. This is my only device running Windows.

    I don't use this anywhere near as much as I used to, but when I want to play a game I've got this PC that I know will perform, regardless of the title.

    -

    I am heavily considering selling it when the Steamdeck releases, however.

    +

    I am heavily considering selling it when the Steamdeck releases, however.

    @@ -79,7 +79,7 @@

    Amazon Echo 3

    -

    I don't use this for anything other than playing music. It stays next to the TV waiting for me to say "Alexa, play We like to party, by the Vengaboys." +

    I don't use this for anything other than playing music. It stays next to the TV waiting for me to say "Alexa, play We like to party, by the Vengaboys."

    @@ -105,7 +105,7 @@ diff --git a/index.html b/index.html index fe9943e..b4b4a0a 100644 --- a/index.html +++ b/index.html @@ -51,7 +51,7 @@ diff --git a/projects.html b/projects.html index 92fbf71..5218a21 100644 --- a/projects.html +++ b/projects.html @@ -33,7 +33,7 @@

    Current Projects

    -

    Personal Website

    +

    Personal Website

    A basic website to let me have my own little place on the internet.
    You may recognise it, because you're using it right now!

    Skills: HTML CSS

    @@ -43,7 +43,7 @@ diff --git a/sitemap.html b/sitemap.html index a6efaca..501362e 100644 --- a/sitemap.html +++ b/sitemap.html @@ -56,7 +56,7 @@ diff --git a/support.html b/support.html index 5a27e47..41fca77 100644 --- a/support.html +++ b/support.html @@ -36,7 +36,7 @@

    Ko-fi

    -

    Donate me a hot choccy +

    Donate me a hot choccy

    BAT (Brave)

    If you use the Brave browser, this site is setup to accept BAT.

    @@ -48,7 +48,7 @@ diff --git a/websites.html b/websites.html index 3b9bfa1..25ba859 100644 --- a/websites.html +++ b/websites.html @@ -34,7 +34,7 @@

    Websites I frequent

    I use these, but maybe I should stop.

    @@ -42,12 +42,12 @@

    Useful Websites

    These websites make things easier for me.

    @@ -55,28 +55,28 @@

    Websites that Inspire me

    Either their site, or their content. Ideally both.

    My websites

    From 399e3cd732dd67ed24e0abc1dec5e8e2adf01eae Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 12:08:16 +0100 Subject: [PATCH 04/58] Add link to server hosting guide to homepage --- index.html | 1 + 1 file changed, 1 insertion(+) diff --git a/index.html b/index.html index b4b4a0a..0a8fcf1 100644 --- a/index.html +++ b/index.html @@ -42,6 +42,7 @@
  • What's in your onebag?
  • Why does your website look like that?
  • Anime recommendations?
    • +
  • How can I setup a server?

Where are the pictures?

I've written this website with the intention to keep it minimal, quick, small, and easily self-hosted. I decided that there was little reason to bloat the pages with images, that add little value, as all they will do is prevent people with poor internet from visiting.

From 7c21c216a63e81d89f6389bd2de9a5a6006b958b Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 12:10:36 +0100 Subject: [PATCH 05/58] Add v0.6.0 readme updates Forgot to do in the release, but eh --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index f71b1df..0310594 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,12 @@ semantic, accessable, and snappy. ## Release Notes +### v0.6.0 + +- Add blog +- Update URLS +- Update list styling + ### v0.5.0 - Update styling From bc8630d6a1280780f834ed310653283ac529a726 Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 12:41:05 +0100 Subject: [PATCH 06/58] Remove meta name="title" from webpages This isn't a thing, and I don't know why I thought it was at the time --- TODO | 1 + blog/debian-server-setup.html | 1 - blog/guide-to-server-hosting.html | 1 - blog/index.html | 1 - blog/ive-started-a-blog.html | 1 - equipment.html | 3 +-- index.html | 1 - projects.html | 3 +-- sitemap.html | 1 - support.html | 1 - websites.html | 1 - 11 files changed, 3 insertions(+), 12 deletions(-) create mode 100644 TODO diff --git a/TODO b/TODO new file mode 100644 index 0000000..b4c3aa1 --- /dev/null +++ b/TODO @@ -0,0 +1 @@ +change @Aney URL from www.aney.co.uk to aney.co.uk diff --git a/blog/debian-server-setup.html b/blog/debian-server-setup.html index 5e08dc7..4fb6ca1 100644 --- a/blog/debian-server-setup.html +++ b/blog/debian-server-setup.html @@ -3,7 +3,6 @@ - diff --git a/blog/guide-to-server-hosting.html b/blog/guide-to-server-hosting.html index 72d613f..db85724 100644 --- a/blog/guide-to-server-hosting.html +++ b/blog/guide-to-server-hosting.html @@ -3,7 +3,6 @@ - diff --git a/blog/index.html b/blog/index.html index 790e22d..8f89b1a 100644 --- a/blog/index.html +++ b/blog/index.html @@ -3,7 +3,6 @@ - diff --git a/blog/ive-started-a-blog.html b/blog/ive-started-a-blog.html index 5fa6237..9538352 100644 --- a/blog/ive-started-a-blog.html +++ b/blog/ive-started-a-blog.html @@ -3,7 +3,6 @@ - diff --git a/equipment.html b/equipment.html index 3a3c046..31321cc 100644 --- a/equipment.html +++ b/equipment.html @@ -3,7 +3,6 @@ - @@ -11,7 +10,7 @@ - Hardware + Computng equipment, and Hardware diff --git a/index.html b/index.html index 0a8fcf1..80fa3d8 100644 --- a/index.html +++ b/index.html @@ -3,7 +3,6 @@ - diff --git a/projects.html b/projects.html index 5218a21..c75636d 100644 --- a/projects.html +++ b/projects.html @@ -3,7 +3,6 @@ - @@ -11,7 +10,7 @@ - Projects + Project List diff --git a/sitemap.html b/sitemap.html index 501362e..ea2bf46 100644 --- a/sitemap.html +++ b/sitemap.html @@ -3,7 +3,6 @@ - diff --git a/support.html b/support.html index 41fca77..0aaafe0 100644 --- a/support.html +++ b/support.html @@ -3,7 +3,6 @@ - diff --git a/websites.html b/websites.html index 25ba859..a907c9f 100644 --- a/websites.html +++ b/websites.html @@ -3,7 +3,6 @@ - From ab6be4807e664042b6aff8184526c94326467e8f Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 13:38:54 +0100 Subject: [PATCH 07/58] Replace www.aney.co.uk with aney.co.uk and change to https:// sed -i -- 's/www.aney.co.uk/aney.co.uk/g' *.html sed -i -- 's/http:\/\/aney.co.uk/https:\/\/aney.co.uk/g' *.html --- blog/add-domain-to-server.html | 2 +- blog/debian-server-setup.html | 2 +- blog/guide-to-server-hosting.html | 2 +- blog/index.html | 2 +- blog/ive-started-a-blog.html | 2 +- cv.html | 2 +- equipment.html | 2 +- index.html | 2 +- projects.html | 4 ++-- sitemap.html | 2 +- support.html | 2 +- websites.html | 4 ++-- 12 files changed, 14 insertions(+), 14 deletions(-) diff --git a/blog/add-domain-to-server.html b/blog/add-domain-to-server.html index a3ec673..5bfc9bb 100644 --- a/blog/add-domain-to-server.html +++ b/blog/add-domain-to-server.html @@ -62,7 +62,7 @@ diff --git a/blog/debian-server-setup.html b/blog/debian-server-setup.html index 4fb6ca1..48f9635 100644 --- a/blog/debian-server-setup.html +++ b/blog/debian-server-setup.html @@ -172,7 +172,7 @@ diff --git a/blog/guide-to-server-hosting.html b/blog/guide-to-server-hosting.html index db85724..c8104f1 100644 --- a/blog/guide-to-server-hosting.html +++ b/blog/guide-to-server-hosting.html @@ -106,7 +106,7 @@ diff --git a/blog/index.html b/blog/index.html index 8f89b1a..21e1473 100644 --- a/blog/index.html +++ b/blog/index.html @@ -53,7 +53,7 @@ diff --git a/blog/ive-started-a-blog.html b/blog/ive-started-a-blog.html index 9538352..716f87a 100644 --- a/blog/ive-started-a-blog.html +++ b/blog/ive-started-a-blog.html @@ -46,7 +46,7 @@ diff --git a/cv.html b/cv.html index ee44055..af53f9c 100644 --- a/cv.html +++ b/cv.html @@ -127,7 +127,7 @@ diff --git a/equipment.html b/equipment.html index 31321cc..af4c978 100644 --- a/equipment.html +++ b/equipment.html @@ -104,7 +104,7 @@ diff --git a/index.html b/index.html index 80fa3d8..171fb0c 100644 --- a/index.html +++ b/index.html @@ -51,7 +51,7 @@ diff --git a/projects.html b/projects.html index c75636d..78eabf6 100644 --- a/projects.html +++ b/projects.html @@ -32,7 +32,7 @@

Current Projects

-

Personal Website

+

Personal Website

A basic website to let me have my own little place on the internet.
You may recognise it, because you're using it right now!

Skills: HTML CSS

@@ -42,7 +42,7 @@ diff --git a/sitemap.html b/sitemap.html index ea2bf46..8cc2779 100644 --- a/sitemap.html +++ b/sitemap.html @@ -55,7 +55,7 @@ diff --git a/support.html b/support.html index 0aaafe0..f1eb8be 100644 --- a/support.html +++ b/support.html @@ -47,7 +47,7 @@ diff --git a/websites.html b/websites.html index a907c9f..55f5463 100644 --- a/websites.html +++ b/websites.html @@ -68,14 +68,14 @@

My websites

From c490bce3848f925cabd3cd07b3d41f71d8e8b84a Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 15:12:38 +0100 Subject: [PATCH 08/58] Space out li so they can be used as touch targets --- main.css | 3 +++ 1 file changed, 3 insertions(+) diff --git a/main.css b/main.css index 177f60c..9d00b59 100644 --- a/main.css +++ b/main.css @@ -93,6 +93,9 @@ main{ nav>a:first-child{ border: none; } + ul li{ + margin: 0.35rem; + } } @media screen and (max-width: 600px) and (prefers-color-scheme: dark){ From a0dfc133093768aa5be872344e90968ffcec1262 Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 16:18:48 +0100 Subject: [PATCH 09/58] Add basic styling to pre element --- main.css | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/main.css b/main.css index 9d00b59..9c2a4df 100644 --- a/main.css +++ b/main.css @@ -29,6 +29,12 @@ li > ul{ footer p{ margin: 0; } +pre{ + background-color: #191919; + color: white; + white-space: pre-wrap; + overflow-x: auto; +} /* Special Design */ .tag{ From 5ed8623295f4d02d56a42b3f2dfbdccabc214b68 Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 16:21:46 +0100 Subject: [PATCH 10/58] Correct prefix > preface on first blog post --- blog/ive-started-a-blog.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/ive-started-a-blog.html b/blog/ive-started-a-blog.html index 716f87a..0c8604e 100644 --- a/blog/ive-started-a-blog.html +++ b/blog/ive-started-a-blog.html @@ -30,7 +30,7 @@
-

To prefix, I am not an author. In fact my skill with the pen was much more proficient when I was a youngling, but alas I have returned to write.

+

To preface, I am not an author. In fact my skill with the pen was much more proficient when I was a youngling, but alas I have returned to write.

Why?

There are many reasons, although I don't believe there even needs to be one. If you want to blog, blog!

To improve my writing skills

From 0bc29fd29c82cc97515564335d9fe55dd0f75ef1 Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Tue, 24 May 2022 17:08:17 +0100 Subject: [PATCH 11/58] Fix trailing > in blog post --- blog/debian-server-setup.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/debian-server-setup.html b/blog/debian-server-setup.html index 48f9635..3a4e57a 100644 --- a/blog/debian-server-setup.html +++ b/blog/debian-server-setup.html @@ -38,7 +38,7 @@

This first section will be done on the physical PC, or on the VPS via their website, or SSH'd as root if that's the option given.

Update the OS

-

Even with a fresh install of Debian from the latest ISO, there may be some updates you're missing, and it's a good idea to have these, especially in case they're security updates.

> +

Even with a fresh install of Debian from the latest ISO, there may be some updates you're missing, and it's a good idea to have these, especially in case they're security updates.

 					
 						root$ apt update && apt upgrade	

From 1fba0381a289013887158f721bf66314679a99ad Mon Sep 17 00:00:00 2001
From: Nathan Steel 
Date: Tue, 24 May 2022 17:10:33 +0100
Subject: [PATCH 12/58] Add padding to pre tag

---
 main.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/main.css b/main.css
index 9c2a4df..2ef34e5 100644
--- a/main.css
+++ b/main.css
@@ -34,6 +34,7 @@ pre{
 	color: white;
 	white-space: pre-wrap;
 	overflow-x: auto;
+	padding: 12px;
 }
 
 /* Special Design */

From b7d1394d0842cff49c3f029598e23e9b1fa5367b Mon Sep 17 00:00:00 2001
From: Nathan Steel 
Date: Wed, 25 May 2022 09:17:55 +0100
Subject: [PATCH 13/58] Make all 
 tags contain no unwanted whitespace

---
 blog/add-domain-to-server.html |  12 ++--
 blog/debian-server-setup.html  | 108 +++++++++++----------------------
 2 files changed, 41 insertions(+), 79 deletions(-)

diff --git a/blog/add-domain-to-server.html b/blog/add-domain-to-server.html
index 5bfc9bb..c46d70b 100644
--- a/blog/add-domain-to-server.html
+++ b/blog/add-domain-to-server.html
@@ -40,16 +40,12 @@
 				
Add the A record

 				
There will likely be many option for adding records, but all we need is to add a singular A record

 				
Find the box that allows you to "Add a new record" and input the below, changing  and  with your IP address, and domain name

-				
-					
-					
-				

+
+				

 
 				
If there are not multiple boxes, but instead a single box to input your record into, this will be what you add instead

-				
-					
-					
-				

+
+				

 
 				
Wait for propagation

 				
Now there's a bit of a waiting game, as you need to wait for the new DNS record to propagate (get updated) for all nameservers. This can be anywhere from instantly to 72 hours, but typically takes an hour or two.

diff --git a/blog/debian-server-setup.html b/blog/debian-server-setup.html
index 3a4e57a..7acae7b 100644
--- a/blog/debian-server-setup.html
+++ b/blog/debian-server-setup.html
@@ -39,34 +39,23 @@
 
 				
Update the OS

 				
Even with a fresh install of Debian from the latest ISO, there may be some updates you're missing, and it's a good idea to have these, especially in case they're security updates.

-				
-					
-						root$ apt update && apt upgrade	
-					
-				

+
+				
apt update && apt upgrade

 
 				
Install essential packages

 				
These are packages that are needed for accessing, and controlling the server

-				
-					
-						root$ apt install sudo ssh	
-					
-				

+
+				
apt install sudo ssh

+
 				
Some useful packages too

-				
-					
-						root$ apt install vim htop wget curl tmux	
-					
-				

+				
apt install vim htop wget curl tmux

 
 				
Add a user, and give super user privilleges

 				
You want to avoid using root as much as possible in regular use, so a new user for yourself is a must

-				
-					
-						root$ adduser 	
-						root$ usermod -aG sudo 
-					
-				

+
+
adduser 	
+usermod -aG sudo 

+
 				
*replace  with the user you want to create, e.g. nathan

 
 				
(Local server) Set static IP

@@ -74,53 +63,38 @@
 
 				
Secure ssh

 				
Although this is optional, I recommend it, as SSH (secure shell) will be the primary means of access to the server.

-				
-					
-						root$ vim /etc/ssh/sshd_config
-					
-				

+
+				
vim /etc/ssh/sshd_config

+
 				
Within the editor you will need to search for PermitRootLogin and set it to no, this prevents ssh as root

 				
Search for Port and set it to a different port to 22, a port over 1024 prevents basic nmap scans, and therefor a lot of bruteforcing, so let's go with 2020 so it's easy to remember

 				
Below the Port line, add a new line with Protocol 2 this enables ssh2, which is more secure

-				
(Optional) Comment/Add a # to the beginning of the passwordlogin line. This will prevent sshing to the server from any PC that doesn't have it's SSH key on the server already. I recommend only doing this if your sshkeys are on the server, or you're comfortable adding them.

-				
-					
-						root$ systemctl reload sshd
-					
-				

+				
(Optional) Comment/Add a # to the beginning of the passwordlogin line. This will prevent sshing to the server from any PC that doesn't have it's SSH key on the server already. I recommend only doing this if your sshkeys are on the server, or you're comfortable adding them.

+
+				
systemctl reload sshd

+
 				
This reloads the ssh daemon, and enables all the changes we've made

 
 				
Setup UFW

 				
UFW (Uncomplicated Firewall) is a simple to use firewall, that can be used to easily open/close ports on your server.

 				
We'll install ufw, deny access inwards to all ports, but allow our server to access any ports outwards. We will then manually allow inwards traffic to the SSH port we set, in this case 2020

-				
-					
-						root$ apt install ufw
-						root$ ufw deny incoming
-						root$ ufw allow outgoing
-						root$ ufw allow 2020
-						root$ ufw enable
-					
-				

+
+
apt install ufw
+ufw deny incoming
+ufw allow outgoing
+ufw allow 2020
+ufw enable

 				
If there are any other ports that need to be opened in the future this can be done with:

-				
-					
-						root$ ufw allow 
-					
-					or
-					
-						root$ sudo ufw allow 
-					
-				

+				
ufw allow 

+				
or

+				
sudo ufw allow 

 
 				
Set hostname

 				
Setting the name for a server is an important step, but the name doesn't need to be serious

-				
-					
-						root$ vim /etc/hosts
-						root$ vim /etc/hostname
-					
-				

+
+
vim /etc/hosts
+vim /etc/hostname

+
 				
Within both of these files the hostname should be changed to the same thing
@@ -129,25 +103,17 @@

This next section can be done via a terminal, or an SSH client e.g. PuTTY for Windowss. For the sake of the guide, this assume you're using a Unix terminal

Create an SSH key

We'll create an ed25519 ssh-key, as it's more secure, and performant than the defaultrsa

- 
-					
-						$ ssh-keygen -t ed25519
-					
-
+ 
ssh-keygen -t ed25519
+

SSH into the server

This is a two part section, and I recommend using this every time you SSH into a server from a new PC

- 
-					
-						$ ssh @ -p 2020
-					
-
+ 
ssh @ -p 2020
+

This will likely display a message asking to verify the key for the server. This is to prevent man-in-the-middle attacks, so I reccommend verifying this whenever asked.

To check the key for the server, you need to run this command on the server.

- 
-					
-						$ ssh-keygen -l -f /etc/ssh/ssh_host__key.pub	
-					
-
+ + 
ssh-keygen -l -f /etc/ssh/ssh_host__key.pub
+

Replace with the key the message is asking about. Then if key the server shows matches that on your PC you are SSHing from, type yes and hit enter

TODO:(Optional) Fail2Ban

From 2a0afcb173b64b8461d3d027982ddfaee2b8dfec Mon Sep 17 00:00:00 2001 From: Nathan Steel Date: Thu, 26 May 2022 10:29:46 +0100 Subject: [PATCH 14/58] Rename debian-server-setup to initial-server-setup This is in case I wish to add a freeBSD, centOS, etc. section without needing to rename and 301 --- blog/guide-to-server-hosting.html | 2 +- blog/index.html | 2 +- .../{debian-server-setup.html => initial-server-setup.html} | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) rename blog/{debian-server-setup.html => initial-server-setup.html} (97%) diff --git a/blog/guide-to-server-hosting.html b/blog/guide-to-server-hosting.html index c8104f1..c3303c9 100644 --- a/blog/guide-to-server-hosting.html +++ b/blog/guide-to-server-hosting.html @@ -36,7 +36,7 @@

Basic Server setup

diff --git a/blog/index.html b/blog/index.html index 21e1473..e853ea8 100644 --- a/blog/index.html +++ b/blog/index.html @@ -39,7 +39,7 @@

2022

diff --git a/blog/debian-server-setup.html b/blog/initial-server-setup.html similarity index 97% rename from blog/debian-server-setup.html rename to blog/initial-server-setup.html index 7acae7b..a24336c 100644 --- a/blog/debian-server-setup.html +++ b/blog/initial-server-setup.html @@ -3,19 +3,19 @@ - + - Debian Server Setup + Initial Server Setup
-

Debian Server Setup

+

Initial Server Setup