Hosting and serving

From XPUB & Lens-Based wiki

Hosting and Serving

Different server practices

self-hosting, home brewing, DIY/DIWO servers

federated networks of servers, Fediverse, Activity Pub Protocol

“autonomous”/“radical”/“community”/“feminist”/“art“ servers

A traversal Network of Feminist Servers (ATNOFS), https://hub.vvvvvvaria.org/rosa/atnofs/

A catalog of formats for digital discomfort..., by Jara Rocha

Are you being served?, multidisciplinary festival/work days organised by Constant in December 2013

Artists running there own personal server (at home or rented from a data center) to publish their web pages and projects.

Shared servers! Like the Sandbox servers in XPUB.

What is a server?

A server is someone else computer. that is connected to the network

“There is no cloud, just other people’s computers”

-- Free Software Foundation, https://fsf.org

returns data after request

For example, when loading the https://xpub.nl web page, you are sending a request to the XPUB server.

See: inspector > Network > Request + inspector > Network > Response


Renting a physical "dedicated" server

expensive, around 100 or more per month

Renting a VPS (virtual private server)

Virtual Private Server

HTTP(port80)/HTTPS(port 443)

Protocol you need to surf the web

Companies that offer VPS services:

saving computing resources, reliability

Homebrewing

Self hosting at home or somewhere physically (needs hardware, electricty, internet connection, …)

Maybe not the most environmental friendly server, as running it in a data center costs less energy.

port forwarding

it is good but not so reliable

is it environmental friendly or not . it is something we can discuss on

it can create the possibility to learn by doing, to take it slow

Use the XPUB hub (VPN)

soupboat uses this to connect

https://hub.xpub.nl/

https://pzwiki.wdka.nl/mediadesign/HUB

soupboat connects through the xpub.hub to the public internet

HOW DO WE RUN A SERVER?

We need a computer + operating system basicially.

sandbox for today

Het IPv4-adres van uw VPS: 141.95.17.44

De naam van uw VPS: vps-cdfc3f33.vps.ovh.net

Het volgende administrator-account is geconfigureerd op de VPS:

  • Gebruikersnaam: debian
  • Wachtwoord/password: rkknFKKZQJ54

Connect to the server with SSH

SSH = secure shell

$ ssh debian@141.95.17.44

TOFU = Trust on first use (i love tofu)

It’s not trustworthy to use easy password. eheh.. so do not use easy password

so many cooking ref. -> another reason why we should cook

TEMPE = Trust except malicious pep e

$ whoami

Q. Jian, how can I record the history of terminal?

history log..? the command is called history

$ sudo adduser USERNAME

sudo = super user do

Now switch to your own user!

$ exit

And log in again, now with your own user.

$ ssh USERNAME@141.95.17.44

will add you in sudo group_sudo have big big power… eheh

$ cat /etc/group
* note for chae: /**etc**/: getting all the configuration of the following. Interesting. 

Imagine that you are now in 1970s, and you are working on a mainframe computer. It’s a very busy time, time sharing day in and out. And you want to tell everyone that you want to reboot the mainframe, what do you do?

wall: send a message to all the users being logged in

$ wall Hello everyone!

there is always something wrong

tricks and tips in case you need a joke or smth like that

$ cowsay
$ figlet
$ toilet
$ lolcat
$ sl

ssh is a protocol (make a connection to another ___sudo ) and also the name of the program

security

change the default SSH port

$ cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
$ sudo systemctl restart sshd.service
$ ssh <user>@<host> -p <port>
$ sudo nano /etc/ssh/sshd_config

  • We changed the SSH port to 42123
  • To connect with SSH using this port:

to get out: CTRL + x

$ ssh USERNAME@141.95.17.44 -p 42123

now you need to specify the port number(which is -p 42123) as well.

disable root logins

$ sudo nano /etc/ssh/sshd_config
PermitRootLogin no

before it was commented out, but now we enable it.

use strong passwords

tip: use a password manager!

Q. what is a password manager?

start using SSH keys

$ ssh-keygen -t ed25519
$ ssh-copy-id -i ~/.ssh/YOURKEY.pub -p 42123 USERNAME@141.95.17.44

type your user pwd

/.ssh/ is the default folder to store ssh keys

for Windows:

ssh-copy-id does not work in the Windows Powershell.

Instead you can use the following commands to add your ssh key to the server:

From your own computer:

$ scp -P 42123 ~/.ssh/YOURKEY.pub USERNAME@141.95.17.44:

(the colon at the end is important!!)

$ ssh USERNAME@141.95.17.44
$ ls

Now you see your key in your home folder.

Move it to a folder called .ssh. Which we first need to make.

$ mkdir .ssh

$ mv YOURKEY.pub .ssh

Also you need to add your key to a file called “authenticated hosts”

$ cat YOURKEY.pub

See also SSH

Make a SSH config file

$ nano ~/.ssh/config
Host xpubtest 
HostName 141.95.17.44 
User joak 
Port 42123 
IdentityFile ~/.ssh/joak_xpub_test 

(control x to get out)

allow only login via SSH keys

$ sudo nano /etc/ssh/sshd_config

PubkeyAuthentication yes
PasswordAuthentication no

keep the server software updated

$ sudo apt update
$ sudo apt upgrade

using autoupdate

$ sudo apt install unattended-upgrades
$ sudo dpkg-reconfigure –priority=low unattended-upgrades
$ sudo systemctl status unattended-upgrades.service

use SFTP instead of FTP

example filezilla

install fail2ban

$ sudo apt install fail2ban
$ sudo nano /etc/fail2ban/jail.local

What to do with our servers?

Let’s serve some websites.

$ sudo apt install nginx

By default it only serves from the following folder:

$ nano /var/www/html

To configure the public_html folders on the webserver:

$ sudo nano /etc/nginx/sites-enabled/default
location ~ ^/~(.+?)(/.*)?$ {
    alias /home/$1/public\_html$2;
    index index.html index.htm;
    autoindex on;
}

After changing the nginx config file, you need to reload nginx:

$ sudo service nginx reload

Command line tools

https://pzwiki.wdka.nl/mediadesign/Shell_Cheat_Sheet

Q: How do I know where i am?

$ pwd

pwd = print current working directory

Moving around:

$ cd (change directory)
$ ls (list)

For more, see Shell Cheat Sheet.

Questions

Q. how do we set a terminal background color for a different server?

Add this to your ~/.ssh/config file, to one of your server configs:

$ nano ~/.ssh/config
localcommand xtermcontrol --bg "#dabbff"

You can change the hex color.

And add this to your ~/.bashrc:

function ssh(){
  BG=$(xtermcontrol --get-bg)
  $(which ssh) "$@"
  xtermcontrol --bg="$BG"
}

Q: Who is Debian?

Debian is a Linux distribution which is used quite a lot as OS for servers, because of its reliability.

Who is behind Debian? ombination of volunteers + companies.

Q: How to get out of wall?

to get outside of the wall, ctl C

Links

This wiki page emerged from: https://pad.xpub.nl/p/hosting-and-serving