favicon here hometagsblogmicrobio cvtech cvgpg keys

Self hosting is fun but...

#life #technology

uncomfyhalomacro | 2024-06-02 | reading time: ~7min

Hi!§

Hello there!

I have decided to start self-hosting my website! My current plans after this is to start donating to Codeberg, starting July. The reason why I decided to self-host is page load. My website, despite being a static website, is slow to load because of Codeberg Pages. Codeberg Pages is fine actually, but at some points in time it does a bit weird. This is probably because the data centers are in Germany or somewhere in Europe while I am in the Philippines.

The self-hosting provider I use for here is Linode. But I plan to change after a month. I think I am looking at Contabo next. More reasons why below.

About Linode§

Linode. Hmm. I can't give much opinions about it. This is my first time trying out self-hosting after all.

The pricing is in my opinion, could be better? Not sure. Now that I found out about Contabo, I plan to ditch this instance and move over.

Documentation is actually there in Linode but most of it is either outdated or possibly wrong? I have a lot of things I read from the docs that did not work well for me so I read official sources instead aka the documentation of the software I am going to use. They could have done it better I guess and they lack docs for openSUSE too 😢.

I plan to have two compute instances in Contabo because I plan to use the other instance for a database, and also self-hosting Woodpecker CI. Possibly I will add other services as well such as

  • NextCloud
  • VaultWarden (Bitwarden basically) or I just use password-store.
  • Collabora Office

I might share one of these services to my family or friends I guess.

The reason being, for experience and it's also very fun.

What I learned so far§

Experimenting Forgejo§

It would be a waste to not use the remaining compute resources so I decided to give Forgejo a Go. 😉

Forgejo is available now in openSUSE. Although, I am quite confused by the systemd service but now I understand the implications for why it was decided not to use the home directory of whatever invokes the forgejo binary. This was discussed in the https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort.

Anyhow, I had a lot of hiccups configuring Forgejo but I just decided to just use whatever that systemd script has and just edit the file to point to a custom config by running

EDITOR=kak systemctl edit --full forgejo.service

specifically, I edited the line containing ExecStart=.

EDITOR=kak is so annoying. openSUSE does have a way to set this by adding that to /etc/profile.local. Local configs or those that are suffixed with *.local is unique to openSUSE. Users are encouraged to edit the local configs rather than the defaults. This is how I got so confused at first when trying it out the first time. Also, this explains why I also edit the apache config at a different file instead of the httpd.conf file. Specifically, by editing /etc/sysconfig/apache2 🥴.

Anyway, the site is up at https://forgejo.uncomfyhalomacro.pl. Feel free to take a look around. However, registrations are closed so if you want to make an account, you are not able to unless we are friends. ⚠️ If you are my friend, do keep in mind that this is experimental and still possible that I will kill this instance. Once I get the hang of it, I will start putting my projects to the self-hosted vm.

Another issue I have is setting the [mailer] configuration. Because it seems to be not working to be honest and I am not sure why. I filed a ticket to my mail provider if MTA is part of their service because I might be mistaken.

Nginx§

To manage redirects and subdomain URLs, I tried my hand at Nginx. I read it as ngeenx and not like 'engine X' or like how I read Lynx.

First Impressions§

The language looks like KDL. I actually do not know what Nginx use but whatever. The syntax confuses me a lot to be honest and I really don't like how it looks when configuring. Some of you might find the language simple. But what really confused me a lot is doing redirects. I guess I didn't read enough documentation 🥴.

Certbot Integration Impressions§

Certbot integration is nice. The pressing issue is when certbot rewrites files for Nginx. This causes a lot of confusion to me because the rewritten configs to point to the SSL certificates are faulty and can cause misredirects. I have to manually edit the files to be honest.

Apache§

I am not sure why but after the onslaught of trying Nginx, I decided to use Apache.

First Impressions§

I got pampered by openSUSE because it contains templates at /etc/apache2/vhosts.d. At first, I was so confused because when I read the default config at /etc/apache2/httpd.conf, the documentation from Linode and other sources conflict because openSUSE's default config has a lot of comments to discourage the use of it. Instead, I have to edit /etc/sysconfig/apache2 and add a new file /etc/apache2/httpd.conf.local. This file is added to /etc/sysconfig/apache2, specifically, APACHE_CONF_INCLUDE_FILES. Here is a snippet of the updated sysconfig.

# Here you can name files, separated by spaces, that should be Include'd from 
# httpd.conf. 
#
# This allows you to add e.g. VirtualHost statements without touching 
# /etc/apache2/httpd.conf itself, which makes upgrading easier. 
#
APACHE_CONF_INCLUDE_FILES="/etc/apache2/httpd.conf.local"

Better syntax, plugins, and tooling§

I am not saying that I did not have difficulty using Apache. But as I roamed around the Internet, I just found out that it uses utility tools that helps installs plugins. As of writing, I have added the filter and deflate module. The latter was already added by default but the filter module was not. This was to enhance page loads (yeah I know it's a static site 🤣) but a small speed up helps 🤪.

It's also easy to just add additional subdomains as well in /etc/apache2/vhosts.d. You just have to configure if what you want is a reverse proxy and a redirect or serve directly the directory specifically those in /srv/www/vhosts.

Certbot Integration Impressions§

I am just going to say that the integration with certbot is amazing. Even as to correctly configure my configs. Running certbot --apache -d mydomain.com -d other.mydomain.com is a breeze. It will add a new file corresponding to the config name with -le-ssl.conf suffix. I just add a small modification but so far only to the one that contains www.mydomain.com.

DNS§

In regards to DNS, I have some issues configuring it. I manage to learn more about A/AAAA and CNAME records. So far, it's all good and working.

I am just surprised that I don't know how long it will really propagate. One hiccup I made before was a mistypo of configuring spam reputation for a mail provider I use for my custom domain. And yes, it did propagate the domain and because of that, I have or had an ephemeral URL domain autoconfig.mydomain.com which points to my atuin instance. It's gone now.

Closing Thoughts§

Self-hosting is a fun idea. Although, I might be looking at other hosting solutions like Contabo. I heard they have a good price over ratio but I also heard mixed reviews from different communities e.g. they lower the quality of network bandwidth (?) but I can't seem to see what's the issue yet so I might have to experience that myself.

Articles from blogs I follow around the net

Package Managers are Evil

n.b. This is a written version of a dialogue from a YouTube video: 2 Language Creators vs 2 Idiots | The Standup Package managers (for programming languages) are evil1. To start, I need to make a few distinctions between concepts a lot of programmers mix u…

via Articles on gingerBillSeptember 08, 2025

Podcast: Netstack.fm, story of Rust's networking with hyper

Last week I was a guest on the Netstack podcast. We talked abit about how I got into Rust, how async Rust developed, and the story behind hyper and its surrounding ecoystem. We started (and ended) with my goal of better software: On your about page, y…

via seanmonstarSeptember 02, 2025

Recently

I missed last month’s Recently because I was traveling. I’ll be pretty busy this weekend too, so I’ll publish this now: a solid double-length post to make up for it. Listening It’s been a really good time for music: both discovering new albums by bands I…

via macwright.comAugust 29, 2025

It’s a Cold Day in Developer Hell, So I Must Roll My Own Crypto

I have several projects in-flight, and I wanted to write a quick status update for them so that folks can find it easier to follow along. Please bear in mind: This is in addition to, and totally separate from, my full-time employment. Hell Frozen Over A wh…

via Dhole MomentsAugust 27, 2025

i'm bored, so here's a useless 0day

i either want my US$2.5k professional-grade device backdoored or not at all

via maia blogAugust 20, 2025

Embedding Wren in Hare

I’ve been on the lookout for a scripting language which can be neatly embedded into Hare programs. Perhaps the obvious candidate is Lua – but I’m not particularly enthusiastic about it. When I was evaluating the landscape of tools which are “like Lua, but …

via Drew DeVault's blogAugust 20, 2025

Status update, August 2025

Hi! This month I’ve spent quite some time working on vali, a C library and code generator for the Varlink IPC protocol. It was formerly named “varlinkgen”, but the new name is shorter and more accurate (the library can be used without the code generator). …

via emersionAugust 16, 2025

PRs taking too long to be reviewed

Introduction I think there's something every developer working in an environment where PR must be reviewed has experienced: PRs taking too long to be reviewed. Every company has its own process for assigning reviews and setting the amount of minimum…

via Christian Visintin BlogAugust 14, 2025

The PoC Pollution Problem: How AI-Generated Exploits Are Poisoning Detection Engineering

As detection engineers, we live and breathe the cycle of vulnerability disclosure, proof-of-concept (PoC) analysis, and signature development. When CVE-2024-XXXXX drops on a Tuesday morning, we’re already pulling GitHub repositories, scanning blog posts, a…

via GreyNoise LabsJuly 30, 2025

Testing multiple versions of Python in parallel

Daniel Roy Greenfeld wrote about how to test your code for multiple versions of Python using `uv`. I follow up with a small improvement to the Makefile.

via Technically PersonalJuly 21, 2025

LLDB's TypeSystems Part 2: PDB

In my previous post, I described implementing PDB parsing as a can of worms. That might have been a bit of an understatement. PDB has been one "oh, it's gonna be twice as much work as I thought" after another. Implementing it has revealed many of the same …

via Cracking the ShellJuly 07, 2025

Contra Ptacek's Terrible Article On AI

A few days ago, I was presented with an article titled “My AI Skeptic Friends Are All Nuts” by Thomas Ptacek. I thought it was not very good, and didn't give it a second thought. To quote the formidable Baldur Bjarnason: “I don’t recommend reading it, but…

via LudicityJune 19, 2025

Elevate hover/focus effects with transitions across multiple elements

You can elevate hover/focus effects by triggering transitions on more than one element. With the right orchestration, you can create more nuanced effects.

via Rob O'Leary | BlogJune 01, 2025

Generative AI will probably make blogs better

Generative AI will probably make blogs better. Have you ever searched for something on Google and found the first one, two, or three blog posts to be utter nonsense? That's because these blog posts have been optimized not for human consumption, but rather …

via pcloadletterMay 30, 2025

#Rx Writing Challenge 2025

This is a short reflection on my experience of the recent writing challenge I took part in. Over the past two weeks, I have participated in the #RxWritingChallenge 1—a daily, 30-minute writing group starting at 9 AM every morning. Surrounded by fellow doct…

via Ul-lingaApril 05, 2025

My coffee workflow

My coffee workflow by Clement Delafargue on April 1, 2025 Tagged as: coffee, espresso, flair58, v60. It is my first April cools’ and I guess I could start by talking about coffee. If you’ve seen me in person, it won’t be a surprise, I guess. This po…

via Clément Delafargue - RSS feedApril 01, 2025

Simple Web Augmented Generation

A guide to building a simple web application using augmented generation.

via Ishan WritesMarch 10, 2025

Backup Yubikey Strategy

After a local security meetup where I presented about Webauthn, I had a really interesting chat with a member about a possible Yubikey management strategy. Normally when you purchase a yubikey it's recommended that you buy two of them - one primary and one…

via Firstyear's blog-a-logFebruary 28, 2025

Generated by openring-rs

favicon here hometagsblogmicrobio cvtech cvgpg keys