Hosting and Serving

Different server practices

self-hosting, home brewing, DIY/DIWO servers

federated networks of servers, Fediverse, Activity Pub Protocol

“autonomous”/“radical”/“community”/“feminist”/“art“ servers

• https://riseup.net/en/security/resources/radical-servers
• https://gendersec.tacticaltech.org/wiki/index.php/Servers:_From_autonomous_servers_to_feminist_servers
• https://web.archive.org/web/20220321111153/http://feral.earth/

A traversal Network of Feminist Servers (ATNOFS), https://hub.vvvvvvaria.org/rosa/atnofs/

A catalog of formats for digital discomfort..., by Jara Rocha

Are you being served?, multidisciplinary festival/work days organised by Constant in December 2013

Artists running there own personal server (at home or rented from a data center) to publish their web pages and projects.

Shared servers! Like the Sandbox servers in XPUB.

What is a server?

A server is someone else computer. that is connected to the network

“There is no cloud, just other people’s computers”

-- Free Software Foundation, https://fsf.org

returns data after request

For example, when loading the https://xpub.nl web page, you are sending a request to the XPUB server.

See: inspector > Network > Request + inspector > Network > Response

My web hosting space

Use the sandbox

You can of course always use the sandbox of your group, but remember the Sandbox#Sandbox protocol, it will be archived after your 2 years at XPUB.

Renting web space

There are a lot of options here!

• servus.at is an organisation in Linz Austria that provides hosting for artists/designers/cultural organisations, they also organise the bi-yearly AMRO (Art Meets Radical Opennes) festival
• OVH: just a simple company in France/Luxembourgh
• Chatons.org: an index of many more web hosting initiatives in the EU (mostly in France, as this is a French initiative)

Convivial web space

• run a VPS with friends!
• Tilde servers, such as https://tilde.town, https://tilde.club, https://club1.fr, ...
• neocities: inspired by the history of geocities.com, a place for hand made web pages

Website making tools plus hosting

• hotglue: a tool and hosting service in one, made by people at Networked Media back in the days

My server

Use the sandbox

You can of course always use the sandbox of your group, but remember the Sandbox#Sandbox protocol, it will be archived after your 2 years at XPUB.

Renting a physical "dedicated" server

expensive, around 100 or more per month

Renting a VPS (virtual private server)

A VPS is basically one of many virtual servers that run on a larger dedicated server.

When you rent a VPS, you basically have access to a full operating system, which is something you would need to run your own Wiki, Flask application, Django application, Node application, an Etherpad, ... basically anything that involved a bit more complicated/custom server side stuff. When you just want to run something like a Wordpress, you can often find web hosting services that offer this for you.

Pro's to use a VPS (compared to self-hosting):

• lots of options, you can really make your own space online
• saving computing resources
• reliability

To take in consideration:

• you need to maintain and update this server yourself
• you need to take care of backups yourself

Organisations/community initiatives that offer VPS services:

• servus.at is an organisation in Linz Austria that provides hosting for artists/designers/cultural organisations, they also organise the bi-yearly AMRO (Art Meets Radical Opennes) festival
• Chatons.org: an index of many more VPS options at hosting initiatives in the EU (mostly in France, as this is a French initiative)

Some companies that offer VPS services:

• OVH: just a simple company in France/Luxembourgh
• https://gandi.net/
• https://greenhost.net/
• https://uberspace.de/en/

Each of them probably offers something slightly different, so check their offers closely.

Homebrewing

Self hosting at home or somewhere physically (needs hardware, electricty, internet connection, and admin access to the router).

It creates the possibility to learn A LOT. You will encounter lots of things about servers, routers, how the internet is working, etc.

Maybe not the most environmental friendly way to run a server, as running it in a data center costs less energy. This point can be discussed.

Also, it can be less reliable, as daily life can interfere.

Some links to help you to get started:

• https://homebrewserver.club/
• https://self-hosting.guide/
• https://things.bleu255.com/runyourown/Main_Page
• https://slrpnk.net/c/selfhosting
• https://varia.zone/ATNOFS/

Use the XPUB hub (VPN)

You can set up a server and connect it to the internet through the XPUB vpn.

All the servers that are using the HUB are listed here: https://hub.xpub.nl/.

More information can be found at the HUB page.

Each of the sandboxes connect through the HUB to the public internet.

HOW DO WE RUN A SERVER?

We need a computer + operating system basicially.

sandbox for today

Het IPv4-adres van uw VPS: 141.95.17.44

De naam van uw VPS: vps-cdfc3f33.vps.ovh.net

Het volgende administrator-account is geconfigureerd op de VPS:

• Gebruikersnaam: debian
• Wachtwoord/password: rkknFKKZQJ54

Connect to the server with SSH

SSH = secure shell

$ ssh debian@141.95.17.44

TOFU = Trust on first use (i love tofu)

It’s not trustworthy to use easy password. eheh.. so do not use easy password

so many cooking ref. -> another reason why we should cook

TEMPE = Trust except malicious pep e

$ whoami

Q. Jian, how can I record the history of terminal?

history log..? the command is called history

$ sudo adduser USERNAME

sudo = super user do

Now switch to your own user!

$ exit

And log in again, now with your own user.

$ ssh USERNAME@141.95.17.44

will add you in sudo group_sudo have big big power… eheh

$ cat /etc/group

* note for chae: /**etc**/: getting all the configuration of the following. Interesting. 

Imagine that you are now in 1970s, and you are working on a mainframe computer. It’s a very busy time, time sharing day in and out. And you want to tell everyone that you want to reboot the mainframe, what do you do?

wall: send a message to all the users being logged in

$ wall Hello everyone!

there is always something wrong

tricks and tips in case you need a joke or smth like that

$ cowsay

$ figlet

$ toilet

$ lolcat

$ sl

ssh is a protocol (make a connection to another ___sudo ) and also the name of the program

security

change the default SSH port

$ cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
$ sudo systemctl restart sshd.service
$ ssh <user>@<host> -p <port>
$ sudo nano /etc/ssh/sshd_config

• We changed the SSH port to 42123

• To connect with SSH using this port:

to get out: CTRL + x

$ ssh USERNAME@141.95.17.44 -p 42123

now you need to specify the port number(which is -p 42123) as well.

disable root logins

$ sudo nano /etc/ssh/sshd_config

PermitRootLogin no

before it was commented out, but now we enable it.

use strong passwords

tip: use a password manager!

Q. what is a password manager?

start using SSH keys

$ ssh-keygen -t ed25519

$ ssh-copy-id -i ~/.ssh/YOURKEY.pub -p 42123 USERNAME@141.95.17.44

type your user pwd

/.ssh/ is the default folder to store ssh keys

for Windows:

ssh-copy-id does not work in the Windows Powershell.

Instead you can use the following commands to add your ssh key to the server:

From your own computer:

$ scp -P 42123 ~/.ssh/YOURKEY.pub USERNAME@141.95.17.44:

(the colon at the end is important!!)

$ ssh USERNAME@141.95.17.44
$ ls

Now you see your key in your home folder.

Move it to a folder called .ssh. Which we first need to make.

$ mkdir .ssh

$ mv YOURKEY.pub .ssh

Also you need to add your key to a file called “authenticated hosts”

$ cat YOURKEY.pub

See also SSH

Make a SSH config file

$ nano ~/.ssh/config

Host xpubtest 
HostName 141.95.17.44 
User joak 
Port 42123 
IdentityFile ~/.ssh/joak_xpub_test 

(control x to get out)

allow only login via SSH keys

$ sudo nano /etc/ssh/sshd_config

PubkeyAuthentication yes
PasswordAuthentication no

keep the server software updated

$ sudo apt update
$ sudo apt upgrade

using autoupdate

$ sudo apt install unattended-upgrades
$ sudo dpkg-reconfigure –priority=low unattended-upgrades
$ sudo systemctl status unattended-upgrades.service

use SFTP instead of FTP

example filezilla

install fail2ban

$ sudo apt install fail2ban

$ sudo nano /etc/fail2ban/jail.local

What to do with our servers?

Let’s serve some websites.

$ sudo apt install nginx

By default it only serves from the following folder:

$ nano /var/www/html

To configure the public_html folders on the webserver:

$ sudo nano /etc/nginx/sites-enabled/default

location ~ ^/~(.+?)(/.*)?$ {
    alias /home/$1/public\_html$2;
    index index.html index.htm;
    autoindex on;
}

After changing the nginx config file, you need to reload nginx:

$ sudo service nginx reload

Command line tools

https://pzwiki.wdka.nl/mediadesign/Shell_Cheat_Sheet

Q: How do I know where i am?

$ pwd

pwd = print current working directory

Moving around:

$ cd (change directory)

$ ls (list)

For more, see Shell Cheat Sheet.

Questions

Q. how do we set a terminal background color for a different server?

Add this to your ~/.ssh/config file, to one of your server configs:

$ nano ~/.ssh/config

localcommand xtermcontrol --bg "#dabbff"

You can change the hex color.

And add this to your ~/.bashrc:

function ssh(){
  BG=$(xtermcontrol --get-bg)
  $(which ssh) "$@"
  xtermcontrol --bg="$BG"
}

Q: Who is Debian?

Debian is a Linux distribution which is used quite a lot as OS for servers, because of its reliability.

Who is behind Debian? ombination of volunteers + companies.

Q: How to get out of wall?

to get outside of the wall, ctl C

Links

This wiki page emerged from: https://pad.xpub.nl/p/hosting-and-serving