crimsontome.com/posts/VPS-setup-2-electric-boogal...

84 lines
6.2 KiB
Markdown
Raw Normal View History

2022-09-04 02:22:26 +01:00
---
2022-09-17 03:03:22 +01:00
title: VPS setup 2, electric boogaloo
2022-09-04 02:22:26 +01:00
description: An update on services I'm running on my VPS
date: 2022-09-04
tags:
- self-hosting
- linux
2022-09-04 04:12:58 +01:00
- vps-series
2022-09-04 02:22:26 +01:00
layout: layouts/post.njk
2022-09-04 02:45:59 +01:00
---
2022-09-04 04:12:58 +01:00
![](/img/cloud.png)
2022-09-04 02:45:59 +01:00
2022-09-04 04:12:58 +01:00
## Preface
Back in July, I wrote a post detailing [what I run on my VPS](https://blog.crimsontome.com/posts/my-current-vps-setup), some things have changed since then so I thought I'd come back with an update. If you haven't read the previous post I suggest you do. p.s. Sorry in advance for any awful puns.
## A change to be made
Firstly, I switched VPS providers from Digital Ocean (DO) to [OVH](ovhcloud.com/). This was for a few reasons, the prices for droplets at DO were going up, meaning my free credits from the [GitHub student developer pack](https://education.github.com/pack) would not last me as long as I first thought. In addition to this, at around the time the price increase was announced OVH was having a summer sale, dramatically decreaseing the prices of some of their tiers. The VPS I run now is (on paper) twice as fast as the DO droplet I was using. With a dual core CPU and 4GB of RAM, compared to a single core with 2GB of RAM. The OVH VPS also comes with a larger 50GB SSD. In theory these specs are more than good enough for what I am plan to run and what I currently use it for.
## Saving the (digital) ocean
To save myself a lot of time before I could say goodbye to my Digital Ocean droplet, I had to back up my important files so I could have access to them when I switched to OVH. To accomplish this I saved them to either public or private Git repositories on GitHub (Yes I know I could have probably done it much quicker with `scp` but 🤫).
## Hello world - again
I decided to choose [Ubuntu Server 22.04](https://ubuntu.com/download/server) for the new server as I had used that with the DO one, and have had experience with the Ubuntu ecosystem before. Next I had setup my user account, allowed access from my laptop via SSH keys, disabled root and password authenticated SSH and set up [sshguard](https://sshguard.net/) - You can install sshguard with `sudo apt install sshguard` on Debian based distros like Ubuntu, and should be available in most package managers - all of this is probably a bit overkill 🤔. Then it was time to recover my DO files.
## Gitting my files back
To clone all the repos I needed to get back up and running, I uploaded an SSH key to github to authenticate the cloning of my private repositories. There is a guide to adding SSH keys to GitHub [here](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account). You can then append the following to your `.gitconfig` file to prioritise using SSH for git actions.
```shell
[url "git@github.com:"]
insteadOf = https://github.com/
[url "ssh://git@github.com:"]
insteadOf = https://github.com/
```
2022-09-17 03:03:22 +01:00
There is however perhaps a more efficient way of doing this, instead of manually cloning all of your repos one by one, using the [GitHub CLI](https://cli.github.com/) and a small shell script. Once `gh` is linked to your GitHub account you can run the following script to clone every repo you own.
2022-09-04 04:12:58 +01:00
```shell
gh repo list --limit num-of-repos |awk '{print $1}' | xargs -L1 gh repo clone
```
2022-09-17 03:03:22 +01:00
Once all my repos had been cloned, I moved them to their appropriate directories and could more or less just run them as I would normally with minimal tweaking. The main things that needed work was Cloudflare DNS and Nginx Proxy Manager but that was just updating the IP address to the new server.
2022-09-04 04:12:58 +01:00
## What has stayed the same
I am still running [Nginx Proxy Manager](https://nginxproxymanager.com/) to manage subdomains of my site and [lock sites that don't come with their own authentication methods](https://blog.crimsontome.com/posts/locking-sites-with-nginx-proxy-manager/).
I still run my blog on the new server (of course), built with [11ty](https://www.11ty.dev/) and containerised with [Docker](https://www.docker.com/).
I still run an open source version of Linktree on my server called [littlelink](https://github.com/techno-tim/littlelink-server), you can see it [here](https://links.crimsontome.com/) though it isnt always kept up to date - oops.
My [git server](https://git.crimsontome.com) is still alive but doesn't see much use, and is only really used to store very important mirrors of repos from GitHub.
## What has changed
### Saying goodbye
2022-09-17 03:03:22 +01:00
I no longer run a [PrivateBin](https://privatebin.info/) server as I could never get it to function properly, but am still looking for other similar variations. I'll get one to work eventually.
2022-09-04 04:12:58 +01:00
I have also stopped using [Dashy](https://dashy.to/) and [Netdata](https://github.com/netdata/netdata) for my server dashboard and metrics respectively. I found I didn't have much of a use for the dashboard and NetData was too memory intensive on the old server so I never bothered setting it up on this server, though it would probably work just fine.
### Welcoming the new additions
Perhaps the most helpful addition to my server is [Ouroboros](https://github.com/pyouroboros/ouroboros), it is used to automate the updating of containers. I wrote a [blog post](https://blog.crimsontome.com/posts/automating-container-updates-with-ouroboros/) about it if you are interested.
2022-09-17 03:03:22 +01:00
Instead of NetData's advanced metrics, I decided to go with something much more lightweight called [Glances](https://github.com/nicolargo/glances), it functions quite like `top` but has some more details and can be viewed in a browser too.
2022-09-04 04:12:58 +01:00
2022-09-17 03:03:22 +01:00
As a form of secret manageent, I use [vaultwarden](https://github.com/dani-garcia/vaultwarden/), though this has not seen a lot of use recently, so I may scrap this.
2022-09-04 04:12:58 +01:00
[Uptime Kuma](https://github.com/louislam/uptime-kuma) is used to monitor some sites hosted by friends and Freeside and can be seen [here](https://uptime.crimsontome.com/status/uptime)
### Things I may come back to
2022-09-17 03:03:22 +01:00
- Honeypots including [Honeyport](https://github.com/securitygeneration/Honeyport)
- A [factorio map site](https://github.com/ProkopRandacek/FactorioFotograf) inspired by [sbrl's world](https://public.mooncarrot.space/Mazeworld64/)
- A [Spotify profile dashboard](https://github.com/Yooooomi/your_spotify)
- A Discord bot for fetching information about Magic The Gathering cards