Hey thanks I’m sure they will be!

Awesome thanks!

I wasn’t aware of the Github pages being free that’s neat. It is fully static (running on nginx but generated with hugo) and I use freedns.afraid.org for the domains. Good to know thanks for the tip :)

My site is also statically generated from templates I keep in a private git repo hosted on github I keep local backups of, but I do the generating directly on the server. I just pull the site and generate it manually whenever I do an update. I like the sound of your setup better thanks for the pointers!

Thanks for the tip I’ll definitely take a look! That’s not bad at all and I prefer yearly payments.

That’s not bad at all gonna have to check it out. I host my site on digital ocean it’s on the smallest single core 1gb ram droplet. I run crowdsec and nginx and a couple other little things and it sits around 40% ram usage. Costs 6$ a month and I added 4 weeks worth of automatic weekly backups for $1.50 a month.

I can deal with $7.50 for a little static web server.

They do offer a free $200/60 day credit if you get in with one of the free Linux Foundation cloud classes which is plenty to play with.

I had no idea it was standard. I had heard they had issues with it not being able to handle certain constructs so they were working on getting it to a place it would perform better. Has this changed? I’m not a rust person, but I intend to be. I’ve barely made it 1/4th way into the book (just started in the past month and I’ve been busy), but I have a good background in programming and so far it’s been super easy. I’m really enjoying how specific the compiler is, and the binary sizes vs Go.

gofumpt and gofmt are the best. One of the reasons if I have a choice I’ll code in go. I heard rumblings that rust was working towards having rustfmt be a standard crate.

Just to keep it short. I was debating adding another article continuing this one using nginx for that part. I could add a section to this one though. Or would you use something other than nginx, I’m open to suggestions. I checked yours out, it’s a bit snappier than mine :) . What are you running?

I know you said preferably no docker, but greenbone community edition is nice. It’s a fork from nessus back in the day. They don’t really put any restrictions on the community version. If you want to see it in action I have a test server up and running.

Excellent thank you! I’ll check this out.

Awesome I’ll look into it for sure!

Oh gotcha. It was late when I replied :p. You absolutely get security with a layer of separation from hosting remotely. I monitor my home network and have a similar setup but I don’t host anything from here. I never get attacked or probed at all compared to my remote server. Just having those open ports makes you a target. Once a few scanners pick up on you hosting content you will absolutely start getting attacked. Another benefit is you don’t have to have any passwords on your remote host, just an ssh key. They can bruteforce all they want, good luck without a zero day. You also keep your personal IP address out of peoples scope by not hosting from the local network.

I used to run much heavier protection on my home network, but after keeping an eye on all the logs and alerts for a while I realized I was just wasting ram and storage space mostly. Sane firewall settings is enough for a typical home, and something like crowdsec is probably overkill.

Now if you are hosting stuff it’s a different story. I would actually harden my local network MORE than I did the remote one due to much more of my personal stuff being on my local network. My remote host being compromised would be a mild hassle at most, It does self backups once a week, and I have my entire site in a private git repo I sync to. It would take a few minutes to throw up another server, if my home stuff got compromised a lot more damage could be done.

Hah did not know about that thanks!

I’ve got plenty of experience with docker and I’ve heard of traefik but never used it. Thanks, I’m gonna look into it.

I know I know. If you wanna install certbot another way feel free. Share it with me I’m sure it’ll take up less space. I only did it that way because it’s the certbot official©®™ instructions. That and I had issues with the other method I tried.

My site is on a rented server at digital ocean. Some providers do more or less to protect you themselves though. I don’t think digital ocean does much monitoring or protecting, I’ve had servers on there compromised in the past that would have been caught by my current setup. It can’t hurt in any case.

I also run crowdsec on my home setup but I don’t have any open ports at home and never get alerts. I had suricata running and plugged into crowdsec as well so it would handle blocking for both, but suricata never got to get any action with crowdsec blocking malicious activity, so I disabled it to save resources.

They aren’t exactly CLI but I really like obsidian for taking notes. It’s not open source though. Logseq is good too and is OSS. Both use markdown for formatting so if you are familiar with writing pages on GitHub you’ll have no trouble. Even if not markdown is super easy to learn. That and all of your data stays local and in open formats. I edit my stuff in a terminal anyway.

Just look up obsidian OSINT on YouTube you’ll find some good stuff on how to use it.

Another thought is just use markdown files and a directory structure in a private git repo. You’d be able to interact with it locally entirely in the terminal with vim etc and have the option of going online and searching or organizing etc. You could probably even use a cli browser for that part if you wanted.

I’m not sure where this software comes from, but you should try to get a merge to fix this to default. I’d give it a thumbs up after some testing for sure.

I remember when Ubuntu came out I was working in a PC repair shop. Not gonna give any opinion on this but the standard procedure for people wanting a fresh XP but didn’t have a license key was “well it’s $90 for a fresh install, or we can put a pirate pro corporate on it”. I e-mailed canonical and they sent me a whole stack of Ubuntu CDs in nice branded sleeves. I kept it by the register and started offering that as an alternative to piracy for people that didn’t have a license key and didn’t wanna fork over the cash for one, Not many people chose that option, but I had a lot of good talks with people and plenty of people took a CD to try the live Ubuntu. I hope some of them ended up making the switch. I’m kinda disgruntled with conical these days but I’m an old greybeard who grew up in Slackware. I still recommend Ubuntu to beginners along with fedora.