Tag: hetzner

  • Rebuilding Cricalix.Net – Part 4

    While on holiday, I read a forum post that mentioned a “new” web server called Caddy. I took a look at it, and was intrigued by the integrated TLS certificate renewal using Let’s Encrypt. With NGINX or Apache, I have to run Certbot or similar to maintain the certificates, and I have to deal with […]

  • Rebuilding Cricalix.Net – Part 3

    Rebuilding Cricalix.Net – Part 3

    Stumbling blocks and annoyances NGINX and certbot’s default permissions EFF’s certbot writes certificates to /etc/letsencrypt/live/<certificate hostname>/<files>.pem, and sets the permissions to only allow root to read the files. This makes sense from the perspective of a system where processes that need certificates will probably spawn as root, read the certificates to memory, and then spawn […]

  • Rebuilding Cricalix.Net – Part 2

    Rebuilding Cricalix.Net – Part 2

    LXD’s Documentation It’s mostly decent. It’s got a lot of detail on what all of the configuration sections are and generally provides examples. What I find missing is a set of practical documentation that guides someone through getting started with LXD – weaving together all of the configuration for devices, proxies, storage volumes, profiles and […]

  • Rebuilding Cricalix.Net – Part 1

    Rebuilding Cricalix.Net – Part 1

    I’ve been hosting cricalix.net and other domains on Linode for years. There have been a few hiccups over that time-frame, but it’s generally been smooth sailing. The current VPS runs NGINX for web hosting (it was Apache until earlier this year), Postfix for SMTP, Courier for IMAP, and OpenVPN for VPN. Everything runs on one […]