ben/diyhosting
ben
/
diyhosting
1
0
Fork 1
Code Issues 1 Pull Requests Projects Releases Wiki Activity

tweaks, standalone, openalias link imgs

This commit is contained in:
Luke Smith 2021-07-02 02:55:20 -04:00
parent 197f05d127
commit 932666ceed
No known key found for this signature in database
GPG Key ID: 4C50B54A911F6252
5 changed files with 101 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
index.html
View File

@ -54,6 +54,7 @@
<li><a href="auth.html">Password-protecting Webpages (HTTP Authentication)</a></li>
<li><a href="ufw.html">Using ufw as a firewall.</a></li>
<li><a href="gemini.html">Create a Gemini Capsule.</a></li>
<li><a href="standalone.html">Standalone Certbot Certificates</a></li>
</ul>
<h3 id=platform>"Build your own platform!"</h3>

12
openalias.html
View File

@ -20,7 +20,7 @@
</p>
<ul>
<li>84RXmrsE7ffCe1ADprxLMHRpmyhZuWYScDR4YghE8pFRFSyLtiZFYwD6EPijVzD3aZiEpg57MfHEr1pGJNPXyJgENMnWrSh</li>
<li><code class=crypto>84RXmrsE7ffCe1ADprxLMHRpmyhZuWYScDR4YghE8pFRFSyLtiZFYwD6EPijVzD3aZiEpg57MfHEr1pGJNPXyJgENMnWrSh</code></p>
</ul>
<p>
@ -67,7 +67,7 @@
Note here that I have create two entries:
</p>
<img src="pix/openalias-01.png" alt="openalias">
<a href=pix/openalias-01.png><img src="pix/openalias-01.png" alt="openalias"></a>
<p>
One entry's "Host" is left empty, this will allow people to send Monero by merely typing <code>landchad.net</code>.
@ -83,13 +83,13 @@
Let's check to see if it works.
In the Monero wallet, we can now type in <code>landchad.net</code> as a recipient:
</p>
<img src="pix/openalias-02.png" alt="checking">
<a href=pix/openalias-02.png><img src="pix/openalias-02.png" alt="checking"></a>
<p>
And once we press the "Resolve" button, it automatically turns into that address we gave to the DNS!
</p>
<img src="pix/openalias-03.png" alt="It works!">
<a href=pix/openalias-03.png><img src="pix/openalias-03.png" alt="It works!"></a>
<p>
Now people can donate Monero to you without having to worry about QR codes or copying-and-pasting super-long public addresses!
@ -106,12 +106,12 @@
<p>Add the TXT entries in and save:</p>
<img src="pix/openalias-04.png" alt="bitcoin openalias entries">
<a href=pix/openalias-04.png><img src="pix/openalias-04.png" alt="bitcoin openalias entries"></a>
<p>And we can then check that it's working by trying to send money to <code>landchad.net</code> in Electrum.
See that it automatically appends the address!
</p>
<img src="pix/openalias-05.png" alt="electrum resolves an openalias">
<a href=pix/openalias-05.png><img src="pix/openalias-05.png" alt="electrum resolves an openalias"></a>
<p>
And that's it. Now users can easily send your website or email address Bitcoin or Monero without having to worry about hard to read addresses and QR codes.

143
pleroma.html
View File

@ -13,7 +13,7 @@
<nav></nav>
<main>
<p>Hopefully by now you won't have to be sold on the invasive practices that social media companies conduct. Websites such as Facebook and Twitter aquire so much data on users that they often know more about you than you know about yourself.
<p>Hopefully by now you won't have to be sold on the invasive practices that social media companies conduct. Websites such as Facebook and Twitter aquire so much data on users that they often know more about you than you know about yourself.
The simple solution to this is to not use social media. However, that just isn't an option for most people. So the next best thing is to setup a self-hosted and federalised social media site so that you have full control over your data.
@ -26,7 +26,7 @@ I've previously made<a href="https://www.youtube.com/watch?v=l7mVsLSsotU"> a vid
<h2>Installation</h2>
<h3>Setting Up and Configuring</h3>
<p>First things first you'll need to make sure that you've hardened you SSH so that password authentication is disabled and you'll also want to setup Fail2Ban.
@ -34,109 +34,99 @@ There's a great tutorial on how to do this <a href="https://landchad.net/sshkeys
</p>
<p>
Next we'll need to determine which OS flavour you're using. You'll need this for later simply run the below command:
Next we'll install the required packages:
</p>
<pre><code>arch="$(uname -m)";if [ "$arch" = "x86_64" ];then arch="amd64";elif [ "$arch" = "armv7l" ];then arch="arm";elif [ "$arch" = "aarch64" ];then arch="arm64";else echo "Unsupported arch: $arch">&2;fi;if getconf GNU_LIBC_VERSION>/dev/null;then libc_postfix="";elif [ "$(ldd 2>&1|head -c 9)" = "musl libc" ];then libc_postfix="-musl";elif [ "$(find /lib/libc.musl*|wc -l)" ];then libc_postfix="-musl";else echo "Unsupported libc">&2;fi;echo "$arch$libc_postfix"</code></pre>
<p>
Next we'll install the required packages. Run the below comman:
</p>
<pre><code>sudo apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot libmagic-dev
</code></pre>
<pre><code>apt install -y curl unzip libncurses5 postgresql postgresql-contrib nginx certbot libmagic-dev</code></pre>
<p>
You can manually configure postgreSQL to suit your system better. <a href="https://docs-develop.pleroma.social/backend/configuration/postgresql/">Check out the documentation here</a> and then run the below command:
</p>
<pre><code>sudo systemctl restart postgresql
</code></pre>
<pre><code>systemctl restart postgresql</code></pre>
<h3>Installing the Pleroma App</h3>
<h4>First as the root user</h4>
<p>
Pleroma is not in the Debian app repositories, so we will install it manually.
First create the Pleroma user by running the below command:
</p>
<pre><code>adduser --system --shell /bin/false --home /opt/pleroma pleroma
</code></pre>
<pre><code>useradd -m -s /bin/bash -d /opt/pleroma pleroma</code></pre>
<p>
Next you'll need to set the FLAVOUR variable to whatever your OS flavour was from the first step using this command:
Then, still as root, we will create the required directories and give the Pleroma user ownership of them.
</p>
<pre><code>export FLAVOUR="amd64-musl"
</code></pre>
<p>
Using the Pleroma user previously created clone the Pleroma app:
</p>
<pre><code>su pleroma -s $SHELL -lc "
curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip
unzip /tmp/pleroma.zip -d /tmp/
"
</code></pre>
<p>
Then run the next list of commands to move the files the the right locations, set the permissions etc... :
</p>
<pre><code>su pleroma -s $SHELL -lc "
mv /tmp/release/* /opt/pleroma
rmdir /tmp/release
rm /tmp/pleroma.zip
"
mkdir -p /var/lib/pleroma/uploads
<pre><code>mkdir -p /var/lib/pleroma/uploads
chown -R pleroma /var/lib/pleroma
mkdir -p /var/lib/pleroma/static
chown -R pleroma /var/lib/pleroma
mkdir -p /etc/pleroma
chown -R pleroma /etc/pleroma
chown -R pleroma /etc/pleroma</code></pre>
su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen --output /etc/pleroma/config.exs --output-psql /tmp/setup_db.psql"
<h4>Now, as the new Pleroma user</h4>
su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
<p>
Now run <code>su -l pleroma</code> to login as the Pleroma user.
Now use the <code>curl</code> command below to download the Pleroma software and unzip it.
</p>
su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
<pre><code>curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=<strong>amd64</strong>' -o /tmp/pleroma.zip
unzip /tmp/pleroma.zip -d /tmp/</code></pre>
<aside><p>Note that we are downloading the <strong>amd64</strong> version here. If you know you have a different CPU architecture, replace that with whatever your architecture is.</p></aside>
su pleroma -s $SHELL -lc "./bin/pleroma daemon"
<pre><code>mv /tmp/release/* /opt/pleroma
rmdir /tmp/release
rm /tmp/pleroma.zip
./bin/pleroma_ctl instance gen --output /etc/pleroma/config.exs --output-psql /tmp/setup_db.psql</code></pre>
sleep 20 && curl http://localhost:4000/api/v1/instance
<p>We need to briefly return to the root user so we can run the following command (via the postgres user) to set up the database.
Type <code>ctrl-d</code> or run <code>exit</code> to return to the root user, then run:
</p>
su pleroma -s $SHELL -lc "./bin/pleroma stop"
</code></pre>
<pre><code>su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"</code></pre>
<p>Then return to the pleroma user with <code>su -l pleroma</code> and we will test to see that Pleroma can run:</p>
<pre><code>./bin/pleroma_ctl migrate
./bin/pleroma daemon</code></pre>
<p>
That will initialize Pleroma. It might take as long as a minute to get started, so wait a bit, then run the following:
</p>
<pre><code>curl http://localhost:4000/api/v1/instance</code></pre>
<p>If everything is working, this command will give you a long line of messy output. If it is not, you will get a connection error message.
Once it is working successfully, stop the Pleroma daemon and we will interface Pleroma with the web server.</p>
<pre><code>./bin/pleroma stop</code></pre>
<h3>Setup and Configure Nginx</h3>
<p>
For your domain name you'll need to install an SSL certificat for security. There's a guide <a href="https://landchad.net/certbot.html">here that will walk you through the steps.</a>
Once you've got your cert setup copy over the Nginx configuration with the below command:
<p>
Return again to the root user. Let's copy Pleroma's Nginx configuration file from the template given in the installation and enable it:
</p>
<pre><code>cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.conf
ln -s /etc/nginx/sites-available/pleroma.conf /etc/nginx/sites-enabled/pleroma.conf</code></pre>
ln -s /etc/nginx/sites-available/pleroma.conf /etc/nginx/sites-enabled/pleroma.conf
</code></pre>
<p>Edit the <code>etc/nginx/sites-available/pleroma.conf</code> file and replace <strong>example.tld</strong> with your domain name.</p>
<p>
Next you'll need to go into the <strong>etc/nginx/sites-enabled/pleroma.conf</strong> file and replace <strong>example.tld</strong> with your domain name. In my case my pleroma instance is shiteposting.com.
A quick tip is you can verify if the config is valid with the below command:
We now have to get a SSL certificate to enable encryption, since we have a model configuration that already includes SSL information,
just check the brief <a href="standalone.html">the standalone certificate page</a> to get the needed certificate.
Once you've got your cert setup, copy over the Nginx configuration with the below command:
</p>
<pre><code>nginx -t
</code></pre>
<p>
Then simply restart the Nginx service with this command:
Once everything, including your Cerbot certificate is ready, simply reload Nginx with this command:
</p>
<pre><code>sudo systemctl restart nginx
</code></pre>
<pre><code>systemctl reload nginx</code></pre>
<h3>Setting up the service</h3>
@ -146,10 +136,8 @@ Pleroma itself runs on a SystemD service similar to other things running on your
</p>
<pre><code>cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
systemctl start pleroma
systemctl enable pleroma
</code></pre>
systemctl enable pleroma</code></pre>
<p>
If everything worked then when you go to your domain in the web browser you should see a bare-bones Pleroma instance.
@ -161,29 +149,20 @@ If everything worked then when you go to your domain in the web browser you shou
<p>You'll be able to create new accounts on the Pleroma instance in the login section on the website but the easiest way to setup an admin account is with the CLI. Simply run the below command replaced with your username:
</p>
<pre><code>cd /opt/pleroma
su pleroma -s $SHELL -lc "./bin/pleroma_ctl user new <USERNAME> <USERNAME>@<YOURDOMAIN> --admin"
</code></pre>
<pre><code>su -l pleroma
./bin/pleroma_ctl user new <strong>username</strong> <strong>username</strong>@<strong>example.org</strong> --admin</code></pre>
<p>
If you run into any issues then <a href="https://docs-develop.pleroma.social/backend/installation/otp_en/">feel free to checkout the documentation</a> or send me an email or message. My details are below.
</p>
<p>
<b>My Website:</b> https://biasedriot.co
</p>
<ul>
<li><a href="https://biasedriot.co">biasedriot.co</a></li>
<li><a href="https://www.youtube.com/channel/UCehh50T6qtDpt_kEUF33GJw">youtube</a></li>
<li>Bitcoin: <code class=crypto>1Dmn9jEtWAhdLk1HHWkUVNeDdAaBCwNajm</code></li>
<li>Monero: <code>84Y4FZiTbLeR5qc1fBrBhB1yq5agKtEdoixq2w1ysXJv486MiBCz3czGT15bqeXDPpdLoNyF93inxY3BCk6g8mrDMNKoArS</code></li>
</ul>
<p>
<b>My Youtube Channel:</b> https://www.youtube.com/channel/UCehh50T6qtDpt_kEUF33GJw
</p>
<p>
<b>Monero:</b> 84Y4FZiTbLeR5qc1fBrBhB1yq5agKtEdoixq2w1ysXJv486MiBCz3czGT15bqeXDPpdLoNyF93inxY3BCk6g8mrDMNKoArS
</p>
<p>
<b>Bitcoin:</b> 1Dmn9jEtWAhdLk1HHWkUVNeDdAaBCwNajm
</p>
</main>
<footer><a href="https://landchad.net">LandChad.net</a></br>Because Everyone should be an Internet LandChad.</br><li><a href="index.html"><img src="pix/chad.gif" alt="chad"></a></li><li><a href="rss.xml"><img src="pix/rss.svg" alt="RSS"></a></li><li><a href="pix/btc.png"><img src="pix/btc.svg" alt="BTC"></a></li><li><a href="pix/xmr.png"><img src="pix/xmr.svg" alt="XMR"></a></li><li><a href="https://github.com/lukesmithxyz/landchad"><img src="pix/git.svg" alt="Github"></a></footer>
</body>

32
standalone.html Normal file
View File

@ -0,0 +1,32 @@
<!DOCTYPE html>
<html lang=en>
<head>
<title>Certbot on Standalone Domains and Subdomains &ndash; LandChad.net</title>
<meta charset="utf-8"/>
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
<link rel='stylesheet' type='text/css' href='style.css'>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel='alternate' type='application/rss+xml' title='Land Chad RSS' href='/rss.xml'>
</head>
<body>
<header><h1>Certbot on Standalone Domains and Subdomains</h1></header>
<nav></nav>
<main>
<p>The command <code>certbot --nginx</code> will take an unencrypted website on an Nginx configuration file, get a certificate for it and change the configuration to use that certificate and thus HTTPS.</p>
<p>Sometimes, however, you are given an Nginx configuration template that already has encryption/HTTPS, so running the automated <code>certbot --nginx</code> is not possible, as it will simply give an error saying that the certicate that Nginx is looking for doesn't already exist and thus the Nginx config is broken.</p>
<p>So suppose you want to get a certificate for <strong>pleroma.example.org</strong> because you are installing Pleroma and the configuration file presupposes a certificate.
In this case you would want to run this:</p>
<pre><code>systemctl stop nginx
certbot certonly --standalone -d <strong>pleroma.example.org</strong>
systemctl start nginx</code></pre>
<p>What we do here is temporarily turn of Nginx, then run a <code>certonly</code> subcommand that generates a certificate for the domain without changing or caring about the Nginx configuration. Then we reactivate Nginx, thus turning back on our webserver.</p>
<p>The reason we deactivate Nginx is that it uses the ports that Certbot will want to bind to, and thus we must temporarily turn Nginx off to let Certbot use those ports. (What it actually does is spin up a dummy webserver that doesn't need to think about the Nginx configuration.)</p>
<p>This is just a little note of something that might confuse people, but the three commands above should suffice. If your site is still managed by Nginx, it should still be able to renew with simple <code>certbot renew --nginx</code> without a problem.</p>
</main>
<footer><a href="https://landchad.net">LandChad.net</a></br>Because Everyone should be an Internet LandChad.</br><li><a href="index.html"><img src="pix/chad.gif" alt="chad"></a></li><li><a href="rss.xml"><img src="pix/rss.svg" alt="RSS"></a></li><li><a href="pix/btc.png"><img src="pix/btc.svg" alt="BTC"></a></li><li><a href="pix/xmr.png"><img src="pix/xmr.svg" alt="XMR"></a></li><li><a href="https://github.com/lukesmithxyz/landchad"><img src="pix/git.svg" alt="Github"></a></footer>
</body>
</html>

2
style.css
View File

@ -184,7 +184,7 @@ aside.callout {
padding-left: 10px ;
padding-right: 10px ;
}
.cryptoinfo code {
.cryptoinfo code,.crypto {
font-size: small ;
overflow-wrap: break-word ;
}