From 0aeca7d954a753627d0c7487fce3d57be4d9c2f7 Mon Sep 17 00:00:00 2001 From: lsof Date: Sat, 2 May 2026 00:51:20 +0200 Subject: blog: selfhosting --- content/w/5-selfhosting.md | 83 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 content/w/5-selfhosting.md (limited to 'content/w/5-selfhosting.md') diff --git a/content/w/5-selfhosting.md b/content/w/5-selfhosting.md new file mode 100644 index 0000000..0ad5357 --- /dev/null +++ b/content/w/5-selfhosting.md @@ -0,0 +1,83 @@ +--- +title: "Transitioning to self-hosting" +date: 2026-05-01 +taxonomies: + tags: ["web", "self-hosting"] +--- + +I have migrated this site from [Codeberg Pages](https://codeberg.page/) (and +before that, [sourcehut pages](https://srht.site/)[^1]) to a VPS. This is something +I've been considering for a long time and finally got around to it this week, +in no small part encouraged by recent discourse (see: [one], [two], [three]). + +Git +=== + +I already moved off many GitHub years ago, seeing the, uh, direction, it was taking +after the Microsoft acquisition... I remember when GitHub used to be a good +example of a lightweight website, but much ink has been spilled already on its +overall degradation (see above, also [four]). + +I've also set up my server to host [my git repos], inspired by the post [Git +without a forge]. This amounts to a bunch of bare repos and [cgit] as a +frontend. + +However, for now I will continue using [Codeberg](https://codeberg.org/lsof/) +for public projects for exposure, reachability, ease for potential contributors, +etc. + +Setup +===== + +This site and everything in this domain is running in a cheap VPS (1 vCPU, 1GB +RAM) with nginx. Using [Tailscale], I can very easily access it remotely. I use +[Zola] for the static site, building it on my computer and scp'ing the +generated HTML over to the remote server[^2]. + +For the git 'server', I created a `git` user with its home in `/srv/git/`, +where the bare repos live. This gives me write access to it via ssh with a +remote like `git@:`. I have the actual VPS +firewalled to reject all traffic except for HTTP (port 80) and HTTPS (port +443), so I can only SSH to it via tailscale, which is good for security +(probably). I also support regular HTTPS cloning. For the frontend I use [cgit] +as mentioned. It integrates easily with nginx, is lightweight, and has a +configurable cache. I've lightly customised its CSS. + +TODOs, Future Plans +====================== + +1. Contingency measures to deal with higher traffic load (nginx cache? rate + limiting? anti-crawler blockers ([Anubis](https://anubis.techaro.lol/)? + [Iocaine](https://iocaine.madhouse-project.org/)?). + +2. Performance/load monitoring tools (Grafana?). + +3. A personal fediverse server, considering some lightweight options: + + - [Akkoma](https://akkoma.social), well established. Elixir + postgres. + - [GoToSocial](https://gotosocial.org/), more frugal. Go + sqlite/postgres. + - [snac](https://codeberg.org/grunfink/snac2), very minimalistic. C + UNIXy filesystem-based DB. + +4. Run the actual server locally (I have an old Raspberry Pi around, or an old + laptop..) and keep the VPS just as a reverse proxy that essentially tunnels + the local server over tailscale, maybe with caching and anti-bot filters on + top of that. That way I get to run the server locally without exposing my + home IP. I like the idea of my servers being something I can physically + access. + +[one]: https://technomancy.us/204 +[two]: https://lonami.dev/blog/ditching-github/ +[three]: https://dbushell.com/2026/04/29/github-is-sinking/ +[four]: https://mitchellh.com/writing/ghostty-leaving-github +[Git without a forge]: https://www.chiark.greenend.org.uk/~sgtatham/quasiblog/git-no-forge/ +[my git repos]: https://git.lemon.rip +[cgit]: https://git.zx2c4.com/cgit/about/ +[Zola]: https://www.getzola.org/ +[Tailscale]: https://tailscale.com/ + +[^1]: And before *that*, GitHub Pages. I gotta keep this one around for + [something I made that the OoT speedrunners + use](https://lemon32767.github.io/ootfname.html), or at least just that page. + +[^2]: I *could* automate this step by having a post-receive hook in the server + that runs `zola build` when `push`ed to, but it's fine like this. -- cgit v1.2.3