From 99da64c96339f6ac7820909330f34205ae9c9fe0 Mon Sep 17 00:00:00 2001 From: lidia pereira Date: Wed, 14 Aug 2019 16:28:03 +0200 Subject: [PATCH] some minor changes to css + preliminary ordering of articles --- content/fundamentals/hardware.md | 4 ++- content/fundamentals/intro.md | 4 ++- content/fundamentals/manifesto.md | 4 ++- content/fundamentals/nas.md | 4 ++- content/fundamentals/port_forwarding.md | 23 ++++++------- content/fundamentals/ssh.md | 4 ++- content/fundamentals/webserver.md | 41 +++++++++++++++++------- themes/homebrewtheme/static/css/main.css | 6 ++-- 8 files changed, 60 insertions(+), 30 deletions(-) diff --git a/content/fundamentals/hardware.md b/content/fundamentals/hardware.md index 373befb..7482a89 100644 --- a/content/fundamentals/hardware.md +++ b/content/fundamentals/hardware.md @@ -1,9 +1,11 @@ Title: Considerations for server hardware Date: 2019-7-10 Tags: hardware, sbc, -Slug: choosing-a-homebrew-server +url: choosing-a-homebrew-server +save_as: choosing-a-homebrew-server.html Summary: What makes a suitable homebrew server and where to get it? Category: fundamentals +slug: 002 [TOC] diff --git a/content/fundamentals/intro.md b/content/fundamentals/intro.md index 1b266e9..fb23074 100644 --- a/content/fundamentals/intro.md +++ b/content/fundamentals/intro.md @@ -1,10 +1,12 @@ Title: Introduction Date: 2019-06-17 -Slug: fundamentals-intro +url: fundamentals-intro +save_as: fundamentals-intro.html Description: why you want to get in to homeserving Summary: Introduction to homebrewserver.club fundamentals Status: published Category: fundamentals +slug: 001 This series is a starting point for people looking to host their own on-line services from home. A good place to start is by reading the [homebrewserver.club principles]({filename}manifesto.md) on to understand why we make the choices we do. Then have a look at the [hardware guide](hwguide) or [setting up a server behind your home router.]({filename}portforwarding.md) diff --git a/content/fundamentals/manifesto.md b/content/fundamentals/manifesto.md index 819a799..8e22e63 100644 --- a/content/fundamentals/manifesto.md +++ b/content/fundamentals/manifesto.md @@ -1,9 +1,11 @@ Date: 2019-06-17 Title: The homebrewserver.club principles -Slug: fundamentals-manifesto +url: fundamentals-manifesto +save_as: fundamentals-manifesto.html Summary: The homebrewserver.club principles Status: published Category: fundamentals +slug: 006 ## THE HOMEBREWSERVER.CLUB: diff --git a/content/fundamentals/nas.md b/content/fundamentals/nas.md index 304ab33..97588da 100644 --- a/content/fundamentals/nas.md +++ b/content/fundamentals/nas.md @@ -1,9 +1,11 @@ Title: Networked Backups over VPN Date: 2018-7-25 Tags: NAS, diy, vpn -Slug: network-backups-over-vpn +url: network-backups-over-vpn +save_as: network-backups-over-vpn.html Summary: How to set up a spare olimex board as a networked backup disk Category: fundamentals +slug: 007 #Introduction diff --git a/content/fundamentals/port_forwarding.md b/content/fundamentals/port_forwarding.md index ed489d1..ae1b812 100644 --- a/content/fundamentals/port_forwarding.md +++ b/content/fundamentals/port_forwarding.md @@ -1,19 +1,20 @@ Title: Port Forwarding configuration for your home router Date: 2019-01-14 Tags: port forwarding, router, introduction, lan, wan -Slug: fundamentals-port-forwarding +url: fundamentals-port-forwarding +save_as: fundamentals-port-forwarding.html Summary: How to make your homebrew server reachable over the internet using your home router. Author: hbsc & friends Image: images/port_forwarding.svg Status: published - +slug: 005 # UNDER CONSTRUCTION ##Introduction -The whole premise of the homebrewserver.club is the simple — yet often overlooked — fact that your home internet subscription theoretically also allows you to host services. The internet is in its essence a bi-directional medium. Anyone with an internet connection can not only look up on-line content but also host it! +The whole premise of the homebrewserver.club is the simple — yet often overlooked — fact that your home internet subscription theoretically also allows you to host services. The internet is in its essence a bi-directional medium. Anyone with an internet connection can not only look up on-line content but also host it! In times of 'cloud providers' and 'virtual private servers' it is an easy thing to forget, and internet service providers don't make it easy on you either, but a homebrew server can be as simple as an old laptop connected directly to your home router. However, you do need to change some settings on the router to make that happen! @@ -32,18 +33,18 @@ To begin serving from home you need the following: ![A schematic representation depicting network address translation between a local area network and a wide area network, where ports are being forwarded from the WAN to home server on the LAN]({attach}images/port_forwarding.svg) -By default home routers have configured the firewall so that the devices behind your router are inaccessible to the internet. This is to prevent your private network from being public. +By default home routers have configured the firewall so that the devices behind your router are inaccessible to the internet. This is to prevent your private network from being public. Machines behind your router (called your local area network or `LAN`) can make connections to the wider internet (known as `WAN`), but not the other way around. -However, when hosting a server at home, we do want that server to be reachable from the internet. In order to do that we need to open so-called *network ports*. +However, when hosting a server at home, we do want that server to be reachable from the internet. In order to do that we need to open so-called *network ports*. Ports are logical 'gates' that are open or closed to connections. These ports have numbers and are [standardized](https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers#Well-known_ports) for specific protocols or applications. For example, HTTP traffic from a website would default to port `80`. HTTPS defaults to `443` and SSH defaults to port `22`. To make our server accessible over the internet we need to open the ports on the router and forward them to our server. This is called port-forwarding. -The exact method (and terminology) of port-forwarding differs from router to router. However, it always follows a similar scheme where you designate inbound traffic on a certain port to be forwarded to the your server's IP-address and port on the local area network. +The exact method (and terminology) of port-forwarding differs from router to router. However, it always follows a similar scheme where you designate inbound traffic on a certain port to be forwarded to the your server's IP-address and port on the local area network. For this you need to have access to the administrative panel of your router. @@ -93,7 +94,7 @@ The basic process is to determine which external port to open and to which IP ad You might be asked a few things, including the name of the rule, the protocol (TCP, UDP or both), the external port and the internal port. Sometimes you are given the option to open a range of ports. -To open the ports for the web server, we're opening two separate ports, one for plain HTTP and one for secure HTTP. +To open the ports for the web server, we're opening two separate ports, one for plain HTTP and one for secure HTTP. Open the external port `80` for plain HTTP and redirect it to the local IP-address of the homeserver: ``` @@ -125,14 +126,14 @@ Port to device: 22 ## Concluding -Now that you have opened the corresponding ports you should be able to type your external IP-address in your browser and should be automatically redirected to the website on your home server. +Now that you have opened the corresponding ports you should be able to type your external IP-address in your browser and should be automatically redirected to the website on your home server. ### How to find out which ports to open? While a majority of applications will work on `80` and `443` you might need to open different port for different applications. For example in the series describing [self-hosted chat over XMPP]({filename}../instant-messaging/configuring_an_xmpp_server_prosody_0.11.md#set-up-firewall-and-dns) ports `5000`, `5222`, `5269` and `5281` are opened and forwarded. -Most installation guides for software will tell you whether you need to open ports. However it is also possible to see what applications are listening to what port using: +Most installation guides for software will tell you whether you need to open ports. However it is also possible to see what applications are listening to what port using: -`$ netstat -tulp`. +`$ netstat -tulp`. -[^1]: [https://portforward.com/](https://portforward.com/router.htm) has a large list of routers and visual instructions on how to set up port forwarding on them. +[^1]: [https://portforward.com/](https://portforward.com/router.htm) has a large list of routers and visual instructions on how to set up port forwarding on them. diff --git a/content/fundamentals/ssh.md b/content/fundamentals/ssh.md index 3c48e17..763b612 100644 --- a/content/fundamentals/ssh.md +++ b/content/fundamentals/ssh.md @@ -1,12 +1,14 @@ Title: Demystifying SSH Date: 2019-06-17 Tags: ssh -Slug: demystifying-ssh +url: demystifying-ssh +save_as: demystifying-ssh.html Description: Setting up and understanding remote terminal connections to your server using SSH for fun and not-for-profit Summary: Setting up and understanding remote terminal connections to your server using SSH for fun and not-for-profit Author: decentral1se Status: published Category: fundamentals +slug: 003 ## Introduction diff --git a/content/fundamentals/webserver.md b/content/fundamentals/webserver.md index 3ad057d..058e8a9 100644 --- a/content/fundamentals/webserver.md +++ b/content/fundamentals/webserver.md @@ -1,27 +1,27 @@ Title: Setting up a web server -Date: 2019-01-14 +Date: 2019-08-14 Category: fundamentals Tags: server, router, introduction, lan, wan -Slug: fundamentals-webserver-website +url: fundamentals-webserver-website +save_as: fundamentals-webserver-website Summary: Installing a web server on your homebrew server Author: hbsc & friends Status: published +slug: 004 -TODO: -* add good dns registry reference -* certificate renewal certbot +[TOC] ##Introduction Ever wanted to host your own website from the comfort of your own house? Ever wondered how to achieve this? Search no further! This guide will help you with the installation and configuration of web server software, which is what allows a computer to start handling HTTP requests and serve web content in response. -Besides helping you with the installation, this guide will help you getting the right certificates, configuring your server and publishing your homebrewserved website. +Besides helping you with the installation, this guide will help you getting the right certificates, configuring your server and publishing your homebrew served website. -## Some background knowledge. +## Some background knowledge -So first off, what is the web, what is a web site and what is a web server? +First off: what is the web, what is a web site and what is a web server? -The web is the single most known part of the internet. Because of that, it often happens that 'the web' and 'the internet' become conflated. Therefor it often becomes a bit hazy to state what the difference is between the internet and the web. Generally speaking 'the web' is only the part of the internet that we interact with with a web browser. More technically speaking, the web is the part of the internet that runs on port 80 and port 443 and that uses the HTTP and HTTPS protocols. +The web is the single most known part of the internet. Because of that, it often happens that 'the web' and 'the internet' become conflated. Therefore, it often becomes a bit hazy to state what the difference is between the internet and the web. Generally speaking 'the web' is only the part of the internet that we interact with with a web browser. More technically speaking, the web is the part of the internet that runs on port 80 and port 443 and that uses the HTTP and HTTPS protocols. Websites are text documents that are formatted through HTML, CSS and JS. These three technologies tell the webbrowser what the structure of the page is, how it should be laid out and what kind of interactions are possible. Websites are transmitted using Hyper Text Transfer Protocol, which is why we usually type them like so `http://homebrewserver.club`. @@ -34,9 +34,9 @@ So in essence the web is a network of webservers which runs on top of the intern - A spare computer. - A basic understanding of the command line. - An [ssh server and client](demystifying-ssh.html) installed -- A registered domain name +- A [registered domain name](https://www.pcworld.com/article/241722/how-to-register-your-own-domain-name.html) - Have an available power socket next to your router. -- An ethernet cable to connect your server to the router. +- An ethernet cable to connect your server to the router. The instructions on this guide were run on a Debian Stretch distribution. @@ -265,11 +265,28 @@ If the required ssl_module is not listed, run: $ sudo a2enmod ssl ``` +### Certificate renewal + +Your certificates expire after a period of time. You can, however, automate renewal by adding a [cron job](https://www.ostechnix.com/a-beginners-guide-to-cron-jobs/) that schedules when the specific renewal command should be run. + +Start by running: +```bash +sudo crontab -e +``` + +Add the following: +```bash +5 55 0 * 5 /usr/bin/certbot renew +``` + +This means the certificates will be renewed every week on Friday at 05:55. You can of course edit these times according to your preferences! + +Save your changes and exit the editor. Time to restart Apache and load all of these changes! ## index.html -At this point, when typing https://mydomain.org into your browser, you're greeted with a page that looks a little something like this: +At this point, when typing https://mydomain.org into your browser, you should be greeted with a page that looks a little something like this: ![Default apache on debian index.html page](http://assets.digitalocean.com/how-to-install-lamp-debian-9/small_apache_default_debian9.png) diff --git a/themes/homebrewtheme/static/css/main.css b/themes/homebrewtheme/static/css/main.css index 6d122dd..a9decc9 100644 --- a/themes/homebrewtheme/static/css/main.css +++ b/themes/homebrewtheme/static/css/main.css @@ -294,6 +294,10 @@ blockquote { margin-bottom:0px; } +.category-intro { + width:85%; +} + .divider { font-size:12px; width:100%; @@ -317,8 +321,6 @@ blockquote { } - - .footnote{ font-size:14px; margin:auto;