diff options
author | joshua <joshua@joshuayun.com> | 2023-12-31 00:00:47 -0500 |
---|---|---|
committer | joshua <joshua@joshuayun.com> | 2023-12-31 00:00:47 -0500 |
commit | 8cb4eb28a2aaa8f8bffcc280dc70b85546df1104 (patch) | |
tree | 6648e76ef0d9c018a63ba8f5c9813aacf5d5de5e | |
parent | 3a9b26f8f52d8d99d3dd85130a221b5aab30e7ef (diff) | |
download | wiki-8cb4eb28a2aaa8f8bffcc280dc70b85546df1104.tar.gz |
Added syncthing to wiki
-rw-r--r-- | docs/server/server.md | 4 | ||||
-rw-r--r-- | docs/server/syncthing.md | 35 | ||||
-rw-r--r-- | mkdocs.yml | 1 | ||||
-rw-r--r-- | site/404.html | 21 | ||||
-rw-r--r-- | site/about/index.html | 21 | ||||
-rw-r--r-- | site/desktop/desktop/index.html | 23 | ||||
-rw-r--r-- | site/desktop/thunderbird/index.html | 21 | ||||
-rw-r--r-- | site/index.html | 21 | ||||
-rw-r--r-- | site/search/search_index.json | 2 | ||||
-rw-r--r-- | site/server/cgit/index.html | 21 | ||||
-rw-r--r-- | site/server/ddns/index.html | 23 | ||||
-rw-r--r-- | site/server/server/index.html | 24 | ||||
-rw-r--r-- | site/server/syncthing/index.html | 674 | ||||
-rw-r--r-- | site/sitemap.xml | 5 | ||||
-rw-r--r-- | site/sitemap.xml.gz | bin | 257 -> 265 bytes |
15 files changed, 893 insertions, 3 deletions
diff --git a/docs/server/server.md b/docs/server/server.md index a5381f4..22dc551 100644 --- a/docs/server/server.md +++ b/docs/server/server.md @@ -45,6 +45,10 @@ Disable remote root login PermitRootLogin no +Disable root account + + $ sudo chsh -s /sbin/nologin root + ## DDNS Setup [Dyanmic DNS (ddns) with Porkbun and ddns-updater](ddns.md). diff --git a/docs/server/syncthing.md b/docs/server/syncthing.md new file mode 100644 index 0000000..9a6402e --- /dev/null +++ b/docs/server/syncthing.md @@ -0,0 +1,35 @@ +# Syncthing Setup + +I am currently using syncthing for my music to be synced across devices. + +## Installation + +Install the [Syncthing](https://apt.syncthing.net/) package from upstream repositories. + +## Reverse proxy setup [[Ref]](https://docs.syncthing.net/users/reverseproxy.html) + +Example syncthing reverse proxy setup. + + sync.joshuayun.com { + handle_path /* { + reverse_proxy http://localhost:8384 { + header_up Host {upstream_hostport} + } + } + } + +Optional: Add a htpasswd to block unauthorized access to the syncthing. + +## Syncthing system service [[Ref]](https://docs.syncthing.net/users/autostart.html#linux) + +Enable the syncthing user service. + + systemctl enable syncthing@myuser.service + systemctl start syncthing@myuser.service + + + +## Syncthing configuration + +Done all through the gui. +It is recommended to setup a user login, **especially** if you are making a syncthing that is exposed to the open internet. @@ -6,6 +6,7 @@ nav: - Server Setup: server/server.md - Cgit with gitolite: server/cgit.md - DDNS: server/ddns.md + - Syncthing: server/syncthing.md - Desktop: - Desktop: desktop/desktop.md - Thunderbird: desktop/thunderbird.md diff --git a/site/404.html b/site/404.html index 2969afa..eaf399b 100644 --- a/site/404.html +++ b/site/404.html @@ -295,6 +295,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="/server/syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> diff --git a/site/about/index.html b/site/about/index.html index 31f04f1..761cfdc 100644 --- a/site/about/index.html +++ b/site/about/index.html @@ -304,6 +304,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="../server/syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> diff --git a/site/desktop/desktop/index.html b/site/desktop/desktop/index.html index 3396fa9..14c59b4 100644 --- a/site/desktop/desktop/index.html +++ b/site/desktop/desktop/index.html @@ -11,7 +11,7 @@ <link rel="canonical" href="https://wiki.joshuayun.com/desktop/desktop/"> - <link rel="prev" href="../../server/ddns/"> + <link rel="prev" href="../../server/syncthing/"> <link rel="next" href="../thunderbird/"> @@ -306,6 +306,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="../../server/syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> diff --git a/site/desktop/thunderbird/index.html b/site/desktop/thunderbird/index.html index 5015d1b..28c86b6 100644 --- a/site/desktop/thunderbird/index.html +++ b/site/desktop/thunderbird/index.html @@ -306,6 +306,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="../../server/syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> diff --git a/site/index.html b/site/index.html index 5b6e92f..db0e512 100644 --- a/site/index.html +++ b/site/index.html @@ -314,6 +314,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="server/syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> diff --git a/site/search/search_index.json b/site/search/search_index.json index 8c87758..d44c716 100644 --- a/site/search/search_index.json +++ b/site/search/search_index.json @@ -1 +1 @@ -{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Welcome to Joshua's Wiki","text":"<p>This is where I will be putting my stuff on how to configure things</p>"},{"location":"about/","title":"About this wiki","text":"<p>This is where I will be putting my stuff on how to configure things as well as some other personal references.</p>"},{"location":"desktop/desktop/","title":"Desktop Wiki","text":"<p>This page describes several useful tips and configurations that I've used.</p> <p>Thunderbird</p>"},{"location":"desktop/thunderbird/","title":"Thunderbird","text":""},{"location":"desktop/thunderbird/#setting-dateformat","title":"Setting dateformat","text":"<p>Usually the date format is not in AM/PM. Unfortunately, I'm American, so here's how I change it.</p> <ol> <li>Go to settings in Thunderbird.</li> <li>Change Date and Time Formatting to Regional settings locale.</li> <li>Go to config editor at the bottom of general settings.</li> <li>Create new config string intl.date_time.pattern_overrite.time_short.</li> <li>Format follows datetime format, I use hh:mmaaaa.</li> <li>Restart Thunderbird.</li> </ol> <p>References:</p> <p>Linux Mint formum detailing these instructions</p> <p>Datetime Reference</p> <p>Mozilla Article on customizing formats</p>"},{"location":"server/cgit/","title":"Cgit with gitolite and caddy","text":""},{"location":"server/cgit/#setup","title":"Setup","text":"<p>Install dependencies.</p> <pre><code># apt install cgit python-is-python3 python3-pygments python3-markdown docutils-common groff perl\n</code></pre> <p>Make a git user.</p> <pre><code>sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git\n</code></pre> <p>Allow ssh passwordless login.</p> <pre><code>usermod -p '*' username\n</code></pre>"},{"location":"server/cgit/#gitolite","title":"Gitolite","text":"<p>Install the gitolite package from the repository directly.</p>"},{"location":"server/cgit/#configuration-with-cgit","title":"Configuration with cgit","text":"<p>Configuration of gitolite is done by modifying <code>$HOME/.gitolite.rc</code>.</p> <p>To work correctly with cgit, gitweb and cgit configuration options need to work with gitolite.</p> <p>Change:</p> <pre><code>GIT_CONFIG_KEYS => '',\n</code></pre> <p>To:</p> <pre><code>GIT_CONFIG_KEYS => '.*',\n</code></pre> <p>To have permissions work correctly,</p> <p>Change:</p> <pre><code>UMASK => 0077,\n</code></pre> <p>To:</p> <pre><code>UMASK => 0027,\n</code></pre> <p>In the <code>ENABLE</code> field, add gitweb and cgit to the list.</p>"},{"location":"server/cgit/#usage","title":"Usage","text":"<p>Detailed usage of gitolite can be found here</p>"},{"location":"server/cgit/#repository-ignore","title":"Repository ignore","text":"<p>After cgit is configured, cgit can be told to ignore a repo with this syntax.</p> <pre><code>repo gitolite-admin\n config cgit.ignore=1\n</code></pre>"},{"location":"server/cgit/#adding-hooks-to-gitolite","title":"Adding Hooks to gitolite","text":"<p>This page details how to add hooks to your repositories.</p> <p>Example hook that updates a website every git push. Make sure this directory is owned by git.</p> <pre><code>#!/bin/sh\nGIT_WORK_TREE=/desired/website/directory git checkout -f\n</code></pre>"},{"location":"server/cgit/#cgit","title":"Cgit","text":""},{"location":"server/cgit/#running-cgit-with-caddy","title":"Running cgit with caddy","text":"<p>Install the fcgiwrap package.</p> <p>Create a systemd service that wraps cgit with FastCGI.</p> <pre><code># systemctl edit --full --force cgit.service\n</code></pre> <pre><code>[Unit]\nDescription=CGI web interface to the Git SCM\nAfter=network.target\n\n[Service]\nType=exec\nExecStart=fcgiwrap -f -p \"/usr/lib/cgit/cgit.cgi\" -s tcp:127.0.0.1:8999\n\n[Install]\nWantedBy=multi-user.target\n</code></pre> <pre><code># systemctl start cgit\n</code></pre> <p>Add cgit configuration to caddy.</p> <pre><code>git.joshuayun.com {\n handle_path /cgit-css/* {\n root * /usr/share/cgit/\n file_server\n }\n\n handle {\n reverse_proxy localhost:8999 {\n transport fastcgi {\n env DOCUMENT_ROOT /usr/lib/cgit/\n env SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi\n }\n }\n }\n}\n</code></pre>"},{"location":"server/cgit/#cgit-configuration","title":"Cgit configuration","text":"<p>More detailed documentation can be found on the cgitrc(5) manual.</p> <p>enable-git-config is used to allow for gitweb.* configurations in gitolite, e.g. description, owner.</p> <pre><code>enable-git-config=1\n</code></pre> <p>project-list sets where cgit looks for projects, this list is the one updated by gitolite</p> <pre><code>project-list=/home/git/projects.list\n</code></pre> <p>scan-path sets where the actual git repositories live</p> <pre><code>scan-path=/home/git/repositories\n</code></pre>"},{"location":"server/cgit/#references","title":"References","text":"<p>SixFoisNeuf Used this blog to run cgit using fcgiwrap rather than a caddy plugin. The entire cgit with caddy section was using his work.</p> <p>Mateja Maric Used this blog to help configure cgitrc, gitolite.rc</p> <p>Luke Hsiao Used the git user creation command from this blog.</p> <p>Omar Polo (yumh) Used this blog to help configure cgitrc for hidden repos.</p> <p>Bryan Brattlof Not much used here, kept as reference.</p>"},{"location":"server/ddns/","title":"DDNS Setup","text":""},{"location":"server/ddns/#porkbun-api","title":"Porkbun API","text":"<p>Follow this porkbun guide on enabling the api for your domain.</p>"},{"location":"server/ddns/#ddns-updater","title":"ddns-updater","text":"<p>ddns-updater is the program used to update Porkbun's A record of your domain.</p>"},{"location":"server/ddns/#docker-install","title":"Docker install","text":"<p>Install the docker package from official docker repositories.</p>"},{"location":"server/ddns/#setup","title":"Setup","text":"<p>Create a directory with config.json inside, and make sure that its owner has a uid of 1000.</p> <pre><code>mkdir data\ntouch data/config.json\n# Owned by user ID of Docker container (1000)\nchown -R 1000 data\n# all access (for creating json database file data/updates.json)\nchmod 700 data\n# read access only\nchmod 400 data/config.json\n</code></pre> <p>Configuration for porkbun in config.json</p> <pre><code>{\n \"settings\": [\n {\n \"provider\": \"porkbun\",\n \"domain\": \"domain.com\",\n \"host\": \"@\",\n \"api_key\": \"PORKBUN SECRET KEY\",\n \"secret_api_key\": \"PORKBUN API KEY\",\n \"ip_version\": \"ipv4\"\n }\n ]\n}\n</code></pre> <p>Optional <code>\"ttl\"</code> paramter specifing A record TTL not included.</p>"},{"location":"server/ddns/#usage","title":"Usage","text":"<pre><code>docker run -d -p 8000:8000/tcp -v \"$(pwd)\"/data:/updater/data qmcgaw/ddns-updater\n</code></pre> <p>This will start a docker container that will start updating the DNS records. Status updates can be seen in a web server by going to localhost:8000.</p>"},{"location":"server/server/","title":"Homelab Server Setup","text":"<p>This page describes how I setup my personal webserver</p> <p>I'm hosting a website, wiki, caldav using Radicale, git using cgit and Gitolite, and webdav support</p>"},{"location":"server/server/#linux-distribution-used","title":"Linux Distribution Used","text":"<p>Debian 12 Bookworm.</p> <p>Update the system.</p> <pre><code># apt update\n# apt upgrade\n</code></pre>"},{"location":"server/server/#ssh","title":"SSH","text":"<p>Generate ssh keys</p> <pre><code>ssh-keygen -t [keytype]\n</code></pre> <p>Add ssh keys to <code>~/.ssh/authorized_keys</code></p> <pre><code>ssh-copy-id -i /path/to/pubkey [user@]machine\n</code></pre>"},{"location":"server/server/#optional-security-enhancements","title":"Optional security enhancements","text":"<p>Change the port in <code>/etc/sshd_config</code> to a nonstandard port to harden security.</p> <pre><code>Port 1234\n</code></pre> <p>Disable password login in <code>/etc/sshd_config/</code></p> <pre><code>PubkeyAuthentication yes\nChallengeResponseAuthentication no\nPasswordAuthentication no\nKbdInteractiveAuthentication no\nUsePAM no\n</code></pre> <p>Disable XForwarding</p> <pre><code>X11Forwarding no\n</code></pre> <p>Disable remote root login</p> <pre><code>PermitRootLogin no\n</code></pre>"},{"location":"server/server/#ddns","title":"DDNS","text":"<p>Setup Dyanmic DNS (ddns) with Porkbun and ddns-updater.</p>"},{"location":"server/server/#caddy","title":"Caddy","text":"<p>Install the Caddy package from Caddy directly.</p>"},{"location":"server/server/#cgit-gitolite","title":"Cgit & gitolite","text":"<p>Setup cgit with gitolite and caddy.</p>"},{"location":"server/server/#radicale","title":"Radicale","text":"<p>Install the Radicale package.</p> <p>Start the Radicale service.</p> <pre><code>systemctl enable radicale.service\nsystemctl start radicale.service\n</code></pre> <p>Generate secure passwords using htpasswd.</p> <pre><code># Create a new htpasswd file with the user \"user1\"\n$ htpasswd -c /path/to/users user1\nNew password:\nRe-type new password:\n# Add another user\n$ htpasswd /path/to/users user2\nNew password:\nRe-type new password:\n</code></pre> <p>Edit configuration to add users</p> <pre><code>[auth]\ntype = htpasswd\nhtpasswd_filename = /path/to/users\n# encryption method used in the htpasswd file\nhtpasswd_encryption = md5\n</code></pre> <p>Add configuration to caddy.</p> <pre><code>caldav.joshuayun.com {\n handle_path /* {\n reverse_proxy localhost:5232 {\n header_up X-Script-Name /radicale\n }\n }\n handle_path /radicale/* {\n reverse_proxy localhost:5232 {\n header_up X-Script-Name /radicale\n }\n }\n}\n</code></pre>"},{"location":"server/server/#webdav","title":"Webdav","text":"<p>Add the Webdav module to Caddy.</p> <pre><code>sudo caddy add-package github.com/mholt/caddy-webdav\nsudo systemctl restart caddy\n</code></pre> <p>Add Webdav to the Caddy configuration</p> <p>Example configuration with protected file browsing, see the github for more configurations.</p> <pre><code>webdav.joshuayun.com {\n @get method GET\n root * WEBDAV_PATH\n route {\n basicauth {\n joshua CADDY_HASH\n }\n file_server @get browse\n webdav\n }\n}\n</code></pre> <p>To generate the hash:</p> <pre><code>caddy hash-password\n</code></pre>"}]}
\ No newline at end of file +{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Welcome to Joshua's Wiki","text":"<p>This is where I will be putting my stuff on how to configure things</p>"},{"location":"about/","title":"About this wiki","text":"<p>This is where I will be putting my stuff on how to configure things as well as some other personal references.</p>"},{"location":"desktop/desktop/","title":"Desktop Wiki","text":"<p>This page describes several useful tips and configurations that I've used.</p> <p>Thunderbird</p>"},{"location":"desktop/thunderbird/","title":"Thunderbird","text":""},{"location":"desktop/thunderbird/#setting-dateformat","title":"Setting dateformat","text":"<p>Usually the date format is not in AM/PM. Unfortunately, I'm American, so here's how I change it.</p> <ol> <li>Go to settings in Thunderbird.</li> <li>Change Date and Time Formatting to Regional settings locale.</li> <li>Go to config editor at the bottom of general settings.</li> <li>Create new config string intl.date_time.pattern_overrite.time_short.</li> <li>Format follows datetime format, I use hh:mmaaaa.</li> <li>Restart Thunderbird.</li> </ol> <p>References:</p> <p>Linux Mint formum detailing these instructions</p> <p>Datetime Reference</p> <p>Mozilla Article on customizing formats</p>"},{"location":"server/cgit/","title":"Cgit with gitolite and caddy","text":""},{"location":"server/cgit/#setup","title":"Setup","text":"<p>Install dependencies.</p> <pre><code># apt install cgit python-is-python3 python3-pygments python3-markdown docutils-common groff perl\n</code></pre> <p>Make a git user.</p> <pre><code>sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git\n</code></pre> <p>Allow ssh passwordless login.</p> <pre><code>usermod -p '*' username\n</code></pre>"},{"location":"server/cgit/#gitolite","title":"Gitolite","text":"<p>Install the gitolite package from the repository directly.</p>"},{"location":"server/cgit/#configuration-with-cgit","title":"Configuration with cgit","text":"<p>Configuration of gitolite is done by modifying <code>$HOME/.gitolite.rc</code>.</p> <p>To work correctly with cgit, gitweb and cgit configuration options need to work with gitolite.</p> <p>Change:</p> <pre><code>GIT_CONFIG_KEYS => '',\n</code></pre> <p>To:</p> <pre><code>GIT_CONFIG_KEYS => '.*',\n</code></pre> <p>To have permissions work correctly,</p> <p>Change:</p> <pre><code>UMASK => 0077,\n</code></pre> <p>To:</p> <pre><code>UMASK => 0027,\n</code></pre> <p>In the <code>ENABLE</code> field, add gitweb and cgit to the list.</p>"},{"location":"server/cgit/#usage","title":"Usage","text":"<p>Detailed usage of gitolite can be found here</p>"},{"location":"server/cgit/#repository-ignore","title":"Repository ignore","text":"<p>After cgit is configured, cgit can be told to ignore a repo with this syntax.</p> <pre><code>repo gitolite-admin\n config cgit.ignore=1\n</code></pre>"},{"location":"server/cgit/#adding-hooks-to-gitolite","title":"Adding Hooks to gitolite","text":"<p>This page details how to add hooks to your repositories.</p> <p>Example hook that updates a website every git push. Make sure this directory is owned by git.</p> <pre><code>#!/bin/sh\nGIT_WORK_TREE=/desired/website/directory git checkout -f\n</code></pre>"},{"location":"server/cgit/#cgit","title":"Cgit","text":""},{"location":"server/cgit/#running-cgit-with-caddy","title":"Running cgit with caddy","text":"<p>Install the fcgiwrap package.</p> <p>Create a systemd service that wraps cgit with FastCGI.</p> <pre><code># systemctl edit --full --force cgit.service\n</code></pre> <pre><code>[Unit]\nDescription=CGI web interface to the Git SCM\nAfter=network.target\n\n[Service]\nType=exec\nExecStart=fcgiwrap -f -p \"/usr/lib/cgit/cgit.cgi\" -s tcp:127.0.0.1:8999\n\n[Install]\nWantedBy=multi-user.target\n</code></pre> <pre><code># systemctl start cgit\n</code></pre> <p>Add cgit configuration to caddy.</p> <pre><code>git.joshuayun.com {\n handle_path /cgit-css/* {\n root * /usr/share/cgit/\n file_server\n }\n\n handle {\n reverse_proxy localhost:8999 {\n transport fastcgi {\n env DOCUMENT_ROOT /usr/lib/cgit/\n env SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi\n }\n }\n }\n}\n</code></pre>"},{"location":"server/cgit/#cgit-configuration","title":"Cgit configuration","text":"<p>More detailed documentation can be found on the cgitrc(5) manual.</p> <p>enable-git-config is used to allow for gitweb.* configurations in gitolite, e.g. description, owner.</p> <pre><code>enable-git-config=1\n</code></pre> <p>project-list sets where cgit looks for projects, this list is the one updated by gitolite</p> <pre><code>project-list=/home/git/projects.list\n</code></pre> <p>scan-path sets where the actual git repositories live</p> <pre><code>scan-path=/home/git/repositories\n</code></pre>"},{"location":"server/cgit/#references","title":"References","text":"<p>SixFoisNeuf Used this blog to run cgit using fcgiwrap rather than a caddy plugin. The entire cgit with caddy section was using his work.</p> <p>Mateja Maric Used this blog to help configure cgitrc, gitolite.rc</p> <p>Luke Hsiao Used the git user creation command from this blog.</p> <p>Omar Polo (yumh) Used this blog to help configure cgitrc for hidden repos.</p> <p>Bryan Brattlof Not much used here, kept as reference.</p>"},{"location":"server/ddns/","title":"DDNS Setup","text":""},{"location":"server/ddns/#porkbun-api","title":"Porkbun API","text":"<p>Follow this porkbun guide on enabling the api for your domain.</p>"},{"location":"server/ddns/#ddns-updater","title":"ddns-updater","text":"<p>ddns-updater is the program used to update Porkbun's A record of your domain.</p>"},{"location":"server/ddns/#docker-install","title":"Docker install","text":"<p>Install the docker package from official docker repositories.</p>"},{"location":"server/ddns/#setup","title":"Setup","text":"<p>Create a directory with config.json inside, and make sure that its owner has a uid of 1000.</p> <pre><code>mkdir data\ntouch data/config.json\n# Owned by user ID of Docker container (1000)\nchown -R 1000 data\n# all access (for creating json database file data/updates.json)\nchmod 700 data\n# read access only\nchmod 400 data/config.json\n</code></pre> <p>Configuration for porkbun in config.json</p> <pre><code>{\n \"settings\": [\n {\n \"provider\": \"porkbun\",\n \"domain\": \"domain.com\",\n \"host\": \"@\",\n \"api_key\": \"PORKBUN SECRET KEY\",\n \"secret_api_key\": \"PORKBUN API KEY\",\n \"ip_version\": \"ipv4\"\n }\n ]\n}\n</code></pre> <p>Optional <code>\"ttl\"</code> paramter specifing A record TTL not included.</p>"},{"location":"server/ddns/#usage","title":"Usage","text":"<pre><code>docker run -d -p 8000:8000/tcp -v \"$(pwd)\"/data:/updater/data qmcgaw/ddns-updater\n</code></pre> <p>This will start a docker container that will start updating the DNS records. Status updates can be seen in a web server by going to localhost:8000.</p>"},{"location":"server/server/","title":"Homelab Server Setup","text":"<p>This page describes how I setup my personal webserver</p> <p>I'm hosting a website, wiki, caldav using Radicale, git using cgit and Gitolite, and webdav support</p>"},{"location":"server/server/#linux-distribution-used","title":"Linux Distribution Used","text":"<p>Debian 12 Bookworm.</p> <p>Update the system.</p> <pre><code># apt update\n# apt upgrade\n</code></pre>"},{"location":"server/server/#ssh","title":"SSH","text":"<p>Generate ssh keys</p> <pre><code>ssh-keygen -t [keytype]\n</code></pre> <p>Add ssh keys to <code>~/.ssh/authorized_keys</code></p> <pre><code>ssh-copy-id -i /path/to/pubkey [user@]machine\n</code></pre>"},{"location":"server/server/#optional-security-enhancements","title":"Optional security enhancements","text":"<p>Change the port in <code>/etc/sshd_config</code> to a nonstandard port to harden security.</p> <pre><code>Port 1234\n</code></pre> <p>Disable password login in <code>/etc/sshd_config/</code></p> <pre><code>PubkeyAuthentication yes\nChallengeResponseAuthentication no\nPasswordAuthentication no\nKbdInteractiveAuthentication no\nUsePAM no\n</code></pre> <p>Disable XForwarding</p> <pre><code>X11Forwarding no\n</code></pre> <p>Disable remote root login</p> <pre><code>PermitRootLogin no\n</code></pre> <p>Disable root account</p> <pre><code>$ sudo chsh -s /sbin/nologin root\n</code></pre>"},{"location":"server/server/#ddns","title":"DDNS","text":"<p>Setup Dyanmic DNS (ddns) with Porkbun and ddns-updater.</p>"},{"location":"server/server/#caddy","title":"Caddy","text":"<p>Install the Caddy package from Caddy directly.</p>"},{"location":"server/server/#cgit-gitolite","title":"Cgit & gitolite","text":"<p>Setup cgit with gitolite and caddy.</p>"},{"location":"server/server/#radicale","title":"Radicale","text":"<p>Install the Radicale package.</p> <p>Start the Radicale service.</p> <pre><code>systemctl enable radicale.service\nsystemctl start radicale.service\n</code></pre> <p>Generate secure passwords using htpasswd.</p> <pre><code># Create a new htpasswd file with the user \"user1\"\n$ htpasswd -c /path/to/users user1\nNew password:\nRe-type new password:\n# Add another user\n$ htpasswd /path/to/users user2\nNew password:\nRe-type new password:\n</code></pre> <p>Edit configuration to add users</p> <pre><code>[auth]\ntype = htpasswd\nhtpasswd_filename = /path/to/users\n# encryption method used in the htpasswd file\nhtpasswd_encryption = md5\n</code></pre> <p>Add configuration to caddy.</p> <pre><code>caldav.joshuayun.com {\n handle_path /* {\n reverse_proxy localhost:5232 {\n header_up X-Script-Name /radicale\n }\n }\n handle_path /radicale/* {\n reverse_proxy localhost:5232 {\n header_up X-Script-Name /radicale\n }\n }\n}\n</code></pre>"},{"location":"server/server/#webdav","title":"Webdav","text":"<p>Add the Webdav module to Caddy.</p> <pre><code>sudo caddy add-package github.com/mholt/caddy-webdav\nsudo systemctl restart caddy\n</code></pre> <p>Add Webdav to the Caddy configuration</p> <p>Example configuration with protected file browsing, see the github for more configurations.</p> <pre><code>webdav.joshuayun.com {\n @get method GET\n root * WEBDAV_PATH\n route {\n basicauth {\n joshua CADDY_HASH\n }\n file_server @get browse\n webdav\n }\n}\n</code></pre> <p>To generate the hash:</p> <pre><code>caddy hash-password\n</code></pre>"},{"location":"server/syncthing/","title":"Syncthing Setup","text":"<p>I am currently using syncthing for my music to be synced across devices.</p>"},{"location":"server/syncthing/#installation","title":"Installation","text":"<p>Install the Syncthing package from upstream repositories.</p>"},{"location":"server/syncthing/#reverse-proxy-setup-ref","title":"Reverse proxy setup [Ref]","text":"<p>Example syncthing reverse proxy setup. </p> <pre><code>sync.joshuayun.com {\n handle_path /* {\n reverse_proxy http://localhost:8384 {\n header_up Host {upstream_hostport}\n }\n }\n}\n</code></pre> <p>Optional: Add a htpasswd to block unauthorized access to the syncthing.</p>"},{"location":"server/syncthing/#syncthing-system-service-ref","title":"Syncthing system service [Ref]","text":"<p>Enable the syncthing user service.</p> <pre><code>systemctl enable syncthing@myuser.service\nsystemctl start syncthing@myuser.service\n</code></pre>"},{"location":"server/syncthing/#syncthing-configuration","title":"Syncthing configuration","text":"<p>Done all through the gui. It is recommended to setup a user login, especially if you are making a syncthing that is exposed to the open internet.</p>"}]}
\ No newline at end of file diff --git a/site/server/cgit/index.html b/site/server/cgit/index.html index 5337dcc..c9b840e 100644 --- a/site/server/cgit/index.html +++ b/site/server/cgit/index.html @@ -450,6 +450,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="../syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> diff --git a/site/server/ddns/index.html b/site/server/ddns/index.html index deec4aa..19abf31 100644 --- a/site/server/ddns/index.html +++ b/site/server/ddns/index.html @@ -14,7 +14,7 @@ <link rel="prev" href="../cgit/"> - <link rel="next" href="../../desktop/desktop/"> + <link rel="next" href="../syncthing/"> <link rel="icon" href="../../assets/images/favicon.png"> @@ -399,6 +399,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="../syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> diff --git a/site/server/server/index.html b/site/server/server/index.html index 993330a..3c2f02c 100644 --- a/site/server/server/index.html +++ b/site/server/server/index.html @@ -426,6 +426,27 @@ + + + + + + + <li class="md-nav__item"> + <a href="../syncthing/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + </li> + + + + </ul> </nav> @@ -691,6 +712,9 @@ UsePAM no <p>Disable remote root login</p> <pre><code>PermitRootLogin no </code></pre> +<p>Disable root account</p> +<pre><code>$ sudo chsh -s /sbin/nologin root +</code></pre> <h2 id="ddns">DDNS</h2> <p>Setup <a href="../ddns/">Dyanmic DNS (ddns) with Porkbun and ddns-updater</a>.</p> <h2 id="caddy">Caddy</h2> diff --git a/site/server/syncthing/index.html b/site/server/syncthing/index.html new file mode 100644 index 0000000..edbd05c --- /dev/null +++ b/site/server/syncthing/index.html @@ -0,0 +1,674 @@ + +<!doctype html> +<html lang="en" class="no-js"> + <head> + + <meta charset="utf-8"> + <meta name="viewport" content="width=device-width,initial-scale=1"> + + + + <link rel="canonical" href="https://wiki.joshuayun.com/server/syncthing/"> + + + <link rel="prev" href="../ddns/"> + + + <link rel="next" href="../../desktop/desktop/"> + + + <link rel="icon" href="../../assets/images/favicon.png"> + <meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.1"> + + + + <title>Syncthing - Joshua's Wiki</title> + + + + <link rel="stylesheet" href="../../assets/stylesheets/main.45e1311d.min.css"> + + + + + + + + + + + + + <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> + <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"> + <style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style> + + + + <script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script> + + + + + + + </head> + + + <body dir="ltr"> + + + <input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off"> + <input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off"> + <label class="md-overlay" for="__drawer"></label> + <div data-md-component="skip"> + + + <a href="#syncthing-setup" class="md-skip"> + Skip to content + </a> + + </div> + <div data-md-component="announce"> + + </div> + + + + + + +<header class="md-header md-header--shadow" data-md-component="header"> + <nav class="md-header__inner md-grid" aria-label="Header"> + <a href="../.." title="Joshua's Wiki" class="md-header__button md-logo" aria-label="Joshua's Wiki" data-md-component="logo"> + + + <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg> + + </a> + <label class="md-header__button md-icon" for="__drawer"> + + <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg> + </label> + <div class="md-header__title" data-md-component="header-title"> + <div class="md-header__ellipsis"> + <div class="md-header__topic"> + <span class="md-ellipsis"> + Joshua's Wiki + </span> + </div> + <div class="md-header__topic" data-md-component="header-topic"> + <span class="md-ellipsis"> + + Syncthing + + </span> + </div> + </div> + </div> + + + <script>var media,input,key,value,palette=__md_get("__palette");if(palette&&palette.color){"(prefers-color-scheme)"===palette.color.media&&(media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']"),palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent"));for([key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script> + + + + <label class="md-header__button md-icon" for="__search"> + + <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg> + </label> + <div class="md-search" data-md-component="search" role="dialog"> + <label class="md-search__overlay" for="__search"></label> + <div class="md-search__inner" role="search"> + <form class="md-search__form" name="search"> + <input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required> + <label class="md-search__icon md-icon" for="__search"> + + <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg> + + <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg> + </label> + <nav class="md-search__options" aria-label="Search"> + + <button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1"> + + <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg> + </button> + </nav> + + </form> + <div class="md-search__output"> + <div class="md-search__scrollwrap" data-md-scrollfix> + <div class="md-search-result" data-md-component="search-result"> + <div class="md-search-result__meta"> + Initializing search + </div> + <ol class="md-search-result__list" role="presentation"></ol> + </div> + </div> + </div> + </div> +</div> + + + </nav> + +</header> + + <div class="md-container" data-md-component="container"> + + + + + + + <main class="md-main" data-md-component="main"> + <div class="md-main__inner md-grid"> + + + + <div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" > + <div class="md-sidebar__scrollwrap"> + <div class="md-sidebar__inner"> + + + + +<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0"> + <label class="md-nav__title" for="__drawer"> + <a href="../.." title="Joshua's Wiki" class="md-nav__button md-logo" aria-label="Joshua's Wiki" data-md-component="logo"> + + + <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg> + + </a> + Joshua's Wiki + </label> + + <ul class="md-nav__list" data-md-scrollfix> + + + + + + + + <li class="md-nav__item"> + <a href="../.." class="md-nav__link"> + + + <span class="md-ellipsis"> + Home + </span> + + + </a> + </li> + + + + + + + + + + + + + + + + + <li class="md-nav__item md-nav__item--active md-nav__item--nested"> + + + + + <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" checked> + + + <label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="0"> + + + <span class="md-ellipsis"> + Server + </span> + + + <span class="md-nav__icon md-icon"></span> + </label> + + <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="true"> + <label class="md-nav__title" for="__nav_2"> + <span class="md-nav__icon md-icon"></span> + Server + </label> + <ul class="md-nav__list" data-md-scrollfix> + + + + + + + + <li class="md-nav__item"> + <a href="../server/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Server Setup + </span> + + + </a> + </li> + + + + + + + + + + + <li class="md-nav__item"> + <a href="../cgit/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Cgit with gitolite + </span> + + + </a> + </li> + + + + + + + + + + + <li class="md-nav__item"> + <a href="../ddns/" class="md-nav__link"> + + + <span class="md-ellipsis"> + DDNS + </span> + + + </a> + </li> + + + + + + + + + + + + + <li class="md-nav__item md-nav__item--active"> + + <input class="md-nav__toggle md-toggle" type="checkbox" id="__toc"> + + + + + + <label class="md-nav__link md-nav__link--active" for="__toc"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + <span class="md-nav__icon md-icon"></span> + </label> + + <a href="./" class="md-nav__link md-nav__link--active"> + + + <span class="md-ellipsis"> + Syncthing + </span> + + + </a> + + + +<nav class="md-nav md-nav--secondary" aria-label="Table of contents"> + + + + + + + <label class="md-nav__title" for="__toc"> + <span class="md-nav__icon md-icon"></span> + Table of contents + </label> + <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix> + + <li class="md-nav__item"> + <a href="#installation" class="md-nav__link"> + <span class="md-ellipsis"> + Installation + </span> + </a> + +</li> + + <li class="md-nav__item"> + <a href="#reverse-proxy-setup-ref" class="md-nav__link"> + <span class="md-ellipsis"> + Reverse proxy setup [Ref] + </span> + </a> + +</li> + + <li class="md-nav__item"> + <a href="#syncthing-system-service-ref" class="md-nav__link"> + <span class="md-ellipsis"> + Syncthing system service [Ref] + </span> + </a> + +</li> + + <li class="md-nav__item"> + <a href="#syncthing-configuration" class="md-nav__link"> + <span class="md-ellipsis"> + Syncthing configuration + </span> + </a> + +</li> + + </ul> + +</nav> + + </li> + + + + + </ul> + </nav> + + </li> + + + + + + + + + + + + + + + <li class="md-nav__item md-nav__item--nested"> + + + + + <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" > + + + <label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="0"> + + + <span class="md-ellipsis"> + Desktop + </span> + + + <span class="md-nav__icon md-icon"></span> + </label> + + <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false"> + <label class="md-nav__title" for="__nav_3"> + <span class="md-nav__icon md-icon"></span> + Desktop + </label> + <ul class="md-nav__list" data-md-scrollfix> + + + + + + + + <li class="md-nav__item"> + <a href="../../desktop/desktop/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Desktop + </span> + + + </a> + </li> + + + + + + + + + + + <li class="md-nav__item"> + <a href="../../desktop/thunderbird/" class="md-nav__link"> + + + <span class="md-ellipsis"> + Thunderbird + </span> + + + </a> + </li> + + + + + </ul> + </nav> + + </li> + + + + + + + + + + <li class="md-nav__item"> + <a href="../../about/" class="md-nav__link"> + + + <span class="md-ellipsis"> + About + </span> + + + </a> + </li> + + + + </ul> +</nav> + </div> + </div> + </div> + + + + <div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" > + <div class="md-sidebar__scrollwrap"> + <div class="md-sidebar__inner"> + + +<nav class="md-nav md-nav--secondary" aria-label="Table of contents"> + + + + + + + <label class="md-nav__title" for="__toc"> + <span class="md-nav__icon md-icon"></span> + Table of contents + </label> + <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix> + + <li class="md-nav__item"> + <a href="#installation" class="md-nav__link"> + <span class="md-ellipsis"> + Installation + </span> + </a> + +</li> + + <li class="md-nav__item"> + <a href="#reverse-proxy-setup-ref" class="md-nav__link"> + <span class="md-ellipsis"> + Reverse proxy setup [Ref] + </span> + </a> + +</li> + + <li class="md-nav__item"> + <a href="#syncthing-system-service-ref" class="md-nav__link"> + <span class="md-ellipsis"> + Syncthing system service [Ref] + </span> + </a> + +</li> + + <li class="md-nav__item"> + <a href="#syncthing-configuration" class="md-nav__link"> + <span class="md-ellipsis"> + Syncthing configuration + </span> + </a> + +</li> + + </ul> + +</nav> + </div> + </div> + </div> + + + + <div class="md-content" data-md-component="content"> + <article class="md-content__inner md-typeset"> + + + + +<h1 id="syncthing-setup">Syncthing Setup</h1> +<p>I am currently using syncthing for my music to be synced across devices.</p> +<h2 id="installation">Installation</h2> +<p>Install the <a href="https://apt.syncthing.net/">Syncthing</a> package from upstream repositories.</p> +<h2 id="reverse-proxy-setup-ref">Reverse proxy setup <a href="https://docs.syncthing.net/users/reverseproxy.html">[Ref]</a></h2> +<p>Example syncthing reverse proxy setup. </p> +<pre><code>sync.joshuayun.com { + handle_path /* { + reverse_proxy http://localhost:8384 { + header_up Host {upstream_hostport} + } + } +} +</code></pre> +<p>Optional: Add a htpasswd to block unauthorized access to the syncthing.</p> +<h2 id="syncthing-system-service-ref">Syncthing system service <a href="https://docs.syncthing.net/users/autostart.html#linux">[Ref]</a></h2> +<p>Enable the syncthing user service.</p> +<pre><code>systemctl enable syncthing@myuser.service +systemctl start syncthing@myuser.service +</code></pre> +<h2 id="syncthing-configuration">Syncthing configuration</h2> +<p>Done all through the gui. +It is recommended to setup a user login, <strong>especially</strong> if you are making a syncthing that is exposed to the open internet.</p> + + + + + + + + + + + + + + </article> + </div> + + +<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script> + </div> + + </main> + + <footer class="md-footer"> + + <div class="md-footer-meta md-typeset"> + <div class="md-footer-meta__inner md-grid"> + <div class="md-copyright"> + + + Made with + <a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener"> + Material for MkDocs + </a> + +</div> + + </div> + </div> +</footer> + + </div> + <div class="md-dialog" data-md-component="dialog"> + <div class="md-dialog__inner md-typeset"></div> + </div> + + + <script id="__config" type="application/json">{"base": "../..", "features": [], "search": "../../assets/javascripts/workers/search.f886a092.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script> + + + <script src="../../assets/javascripts/bundle.d7c377c4.min.js"></script> + + + </body> +</html>
\ No newline at end of file diff --git a/site/sitemap.xml b/site/sitemap.xml index 66ee4ae..2be839b 100644 --- a/site/sitemap.xml +++ b/site/sitemap.xml @@ -35,4 +35,9 @@ <lastmod>2023-12-31</lastmod> <changefreq>daily</changefreq> </url> + <url> + <loc>https://wiki.joshuayun.com/server/syncthing/</loc> + <lastmod>2023-12-31</lastmod> + <changefreq>daily</changefreq> + </url> </urlset>
\ No newline at end of file diff --git a/site/sitemap.xml.gz b/site/sitemap.xml.gz Binary files differindex 81dd1ad..75f7f0a 100644 --- a/site/sitemap.xml.gz +++ b/site/sitemap.xml.gz |