Translated by ChatGPT, with slight manual adjustments.
LLMs make recording basic knowledge somewhat redundant, but for customized complex environment setups, it’s still better to keep notes—saves you from re-researching everything later.
Server
- Choose a server: location, price, backups; vultr $6/m
- Configure quick local ssh connection:
.ssh/config
Host vultr
HostName xx.xx.xx.xx
User root
Port xx
- Change ssh port:
/etc/ssh/sshd_config Port - Copy local public key to
authorized_keys ufw enable $new_port; ufw disable $old_port- Get a domain via cloudflare
- DNS
- A @
- A www
- DNS settings: enable DNSSEC and multi-signatures
- Enable email routing & DMARC to avoid managing your own mail server
- Set SSL/TLS to Full Strict, generate an origin server certificate
- External visitors use cloudflare’s certificate, cloudflare uses the generated origin cert to talk to the server
- No need to manage external certs, and the internal cert lasts for 15 years
- DNS
hugo
Change dns-nameservers in /etc/network/interfaces.d/50-cloud-init to 8.8.8.8 1.1.1.1
apt update; apt install golang git
useradd -m -s /bin/zsh username; usermod -aG sudo username
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
brew install sass/sass/sass hugo
hugo new site WhiteDew --format yaml
cd WhiteDew
# git init
# git submodule add --depth=1 https://github.com/adityatelange/hugo-PaperMod.git themes/PaperMod
# git submodule update --init --recursive # needed when recloning, submodules may not clone automatically
hugo new --kind post content/posts/vps_setup.md
hugo --cleanDestinationDir server --buildDrafts
Image processing
brew install imagemagick
mogrify -strip -format webp -quality 70 *b.JPG
xattr -rc *.webp
nginx
hugo
cp -r public /var/www/whitedew
apt install nginx
emacs /etc/nginx/sites-available/whitedew
server {
listen 443 ssl default_server;
ssl_certificate /root/bailu.dev.pem;
ssl_certificate_key /root/bailu.dev.key;
root /var/www/whitedew;
index index.html;
server_name bailu.dev www.bailu.dev;
location / {
try_files $uri $uri/ =404;
}
}
ln -s /etc/nginx/sites-available/whitedew /etc/nginx/sites-enabled/
nginx -t
nginx -s reload
systemctl status nginx
ufw allow 'Nginx HTTPS'