This is the multi-page printable view of this section. Click here to print.
News About RKey Tech
VPS Migration
Going to jail
Matching blog post to Going to jail @ RKey.Tech/Docs/
Getting thrown in jail
This was a fairly stressful venture as I did it while at my day job working as a medical receptionist (I’ve been unsuccessful so far, getting back into IT after being laid off). So this was done while answering phones, booking appointments, and checking clients out. Needless to say the stress level was a bit high for making a mistake there or here. But I’m addicted to IT and technology so I have to play 24/7/365 or I will probably just die of boredom.
I will create docs and post on how I setup the database jail and NextCloud© jail in future installments. My goal here was to just get things moved off a host instance and into jails and consolidate things a bit as I use Cox Communications at home for internet and they are notoriously slow on upload speeds, so that really slowed down my NextCloud service. The server at home is awesome having 72GB of ram and 8TB of mirrored ZFS disk. But all the power in the world does you no good if your internet provider throttles your upload to less than 6 Mbs. (That’s not a typo) Here is a word of advice; never run an OONI probe1 on your internet provider in case they hold grudges. All stories for another day. And with an 80G 128G NVMe, I think I’m good for a while as I mostly just use CalDAV and WebDAV services. My photos still reside on Google© for now. That will be another project to document in the future.
So far I pretty happy with Vultr©, my configuration thus far and the performance; yes I need to compress some images and convert to .webp and there are some tweaks I could make elsewhere I’m sure. But things are looking good so far.
I know everything below is in the docs section as well: But how else can I convey my excitement when I finished the migration and ……………………..
At this point I say “Hold onto your butts” and reboot the VPS instance.
Within about a second I browse to rkey.tech, rkey.online and nc.rkey.tech and all 3 sites were up and operational. I then ssh into the host
ssh -p 5000 titaniaand then ssh into the jailssh caddyand this all worked as well.
Then I jumped out of my char and screamed “Holy fucking Shit!!!” Yeah, I was surprised it worked. There were a lot of moving pieces and not shutting down before taring up a jail, hell using tar instead of bastille export for that matter. So many configs to make typos on. Yes I’m a happy camper :)
-
Born in 2012, the Open Observatory of Network Interference (OONI) is a non-profit free software project that aims to empower decentralized efforts in documenting internet censorship around the world. ↩︎
Creating Vultr Instance
Matching blog post to Creating Vultr Instance @ RKey.Tech/Docs/
Creating instance at Vultr & setting up DNS
I initially created a “High Frequency” instance running FreeBSD 13 with 32GB NVMe, 1 vCores, 1G ram and 1GB bandwidth For testing. But my testing quickly became live and so I upgraded to 2 vCores, 80GB NVMe, 2GB RAM and 3 GB bandwidth.
Before the upgrade, I migrated my test only domain bootstraps.tech over from Digital Ocean to Vultr. My domains are over at HostGator, so moving the domains simply meant that I created DNS entries for boostraps.tech, opekkt.tech and opekktar.online at Vultr and then point HostGator from DigitalOcean to Vultr. I use ProtonMail for my mail servers so I have to plug that into those DNS entries as well. One thing I see missing on many web sites is CAA entries. I always add CAA entries to my DNS configuration.
I use a Caddy server that auto-magically takes care of my SSL certs for me. I like lazy solutions that work.
When Vultr© sets up initial DNS entry you select the instance to point it to and then Vultr creates a wild card ‘*’ entry. I initially did not like this solution because,,,,,,,,Well I don’t know why, but I’m finding I like the solutions as it only requires I create a Caddy entry in my web server and then I’m done. Again the lazy solution thing.
Before changing the DNS pointers I need to migrate my Caddy© server at Digital Ocean (DO) over to Vultr.
At DO I had a mixed setup I had a Caddy server that ran on the host, not in a jail breaking all my own rules. Then I had another server running only jails, which consisted of a WIKI and a couple of Ghost blogs. Everything else was just files in a directory on the host running the Caddy server. So my initial migration was just from an instance on Digital Ocean to Vultr running at the host level. Since I deploy static web sites via rsync from my Archlabs Fedora workstation at home I simply added the new host to my script and deployed to both instances for rkey.tech and rkey.online
Of course prior to synching things over and with any new VPS I generally do two things first.
- I turn off password login in ssh. Since I keep my public ID at DO and Vultr© and Linode© for that matter. when I create a VPS the first thing I do is add a new user, then I rsync my keys over from root that the VPS provider added when I created the instance to my user account.
Note in the document section there is no slash on .ssh but there is at the end of user/ The is not necessary but a habit of mine. When syncing directories if you leave off the trailing / then the whole directory gets synced. Since my user does not have an .ssh directory yet I leave off the slash. The / at the end of user/ is more about habits in this particular case. It does not need to be there. But when you have backed up terabytes of data to a server and forgot the slash on either end, you tend to be fussy about such things.
-
I make sure the new user can su to root. Linux is a mess sometimes adding to
wheelworks and sometimes there not even awheelgroup so you have to add tosudoersand then modify the sudoers file viavisudogenerally Linux has some lame editor like Nano and I screw everything up usingvikeys. So if I’m only doing things once I usually justvithe file. On BSD I just make sure the user belongs to wheel when creating the account and then I usually installdoas, and configure/usr/local/etc/doas.confhonestly just for muscle memory I usually installopendoason my Linux boxes as well. Mydoas.conffile is super freaking simple. -
After verifying that my user can ssh in. I turn off password authentication and root user login
Most VPS providers already have PasswordAuthentication no unless you do not have your keys on site or do not select to add during creation. Of course until you create a user and verify you can login you will most certainly find that PermitRootLogin is yes since the default is now no. You could just comment it out but I like the feel of an explicit statement in a config that affects security. It’s a mental thing for me.
My Caddy configuration on the host is just running a file server for now so the entries are very basic. Because I can not for the life of me figure out why the “Congo” theme does not follow basic Hugo rules for inserting images into markdown documents. I have a catch all entry for two things. One is a fake 404, which is just a redirect for funsies and gamesies and the other is a place to put my images in documents, which is actually a good thing now that I think of it because it saves drive space when I re-use images. Funny how problems become solutions.
Solved (I told you it would be stupid simple, I omitted the full path) For images there is a img directory under wtf that I just point my pages to. So instead of  which should work but does not; I have  If anyone knows why having the image in a Hugo bundle block does not work on Congo, please feel free to let me know. I’m sure it’s something stupid simple.
My other web sites are just directories named after the web site so rkey.tech for this site and r0bwk3y.comrkey.online for my personal site. So far it’s all just child’s play and pretty boring stuff even for the process of migrating VPS providers and sites over. I even made sure my deploy scripts deployed to DO and Vultr so when the DNS hit with the new site everything was in sync and up to date. For this migration process. I did not even have to shut down my monitors.
Later on when I migrated NextCloud from a home server to the cloud and even migrated my Caddy to a jail, things did not feel as much like child’s play. Nor did I do so without taking hits on my up-time monitor.
Yes, Yes, I know the status page says 100% as of today 8-March-22. But it was a migration and I should have paused the monitors anyway. So I feel justified in resetting the counters :)
Why Government Social
Why World Governments Need to Enter the Social Media Space
I do not know if other countries are disillusioned with the idea that corporations make better governments that governments do; Like we seem to be here in the United States. We seem to have forgotten that in a democratic country the government is by the people and for the people. Now in the United States we have a system of bribery and so our government is corrupted by those who have the most money. Even our supreme court ruled that money is speech and the more money you have the louder your speech is within that government. And somehow that seemed fair to many. I work for people that consider themselves socially liberal and financially conservative. That point always confused me. I consider myself extremely liberal socially and financially. I don’t think society should put itself in dept socially or financially. But I do believe there is a need for the people to share the burden and expense to better their lives, the species and the environment around them. In the US both the left and right think to fix things is to throw money at things. We also tend to worship those that have the most money to throw. No matter if they are socially, morally or ironically financially bankrupt. My employer once made a comment to the effect that they supported the view that only those with property should have rights to run things. How is that socially liberal?
There is a movement among the haves that they and they alone have the intelligence to run society. Rarely are they scientist or engineers that understand how the world works. Sometimes they are, but then seem to be mentally bankrupt in all other areas of their lives.
The point is the world needs social and moral capital to survive. If you want to throw in financial capital to that equation, so be it. But finance, as we have all seem to have forgotten is a tool. Social and moral capital are assets to our humanity. Finance and things are not. They are tools, not assets.
Do not get me wrong as long as the world is a capitalistic society, I have no issues with private super rich snowballs helping humanity to accomplish things. But we should have no illusion that it is somehow for anything other than adding to the bottom line financially. When the betterment of humanity is the actual goal then the bottom line is irrelevant with the exception of sustainability in the capitalistic society we have built. I would also like to remind everyone, that in spite of what neoliberals preach to you. Capitalism is not something natural that follows the rules of the universe or even the rules of supply and demand, once corrupted or all encompassing. It is a man made construct designed to make bartering easier. With procedures and planning and with all of humanity working for the good of it’self, both bartering and it’s modern day equivalent become not only irrelevant but a weight on society pulling it down and preventing humanity from reaching the next level in it’s evolution. I by no means think we are even close to being there yet, but know feel it is the future.
There are things that should not be done for profit. Things that all of humanity needs to grow and prosper. These things require that the people working together as a single entity for the betterment of themselves, their lives and fellow beings on the planet are accomplished in spite of the bottom line. Where the bottom line does not matter beyond ensuring the resources exist to accomplish the goals humanity sets out to better it’self and it’s environment.
Those things are planned and started by the people. If we really believed that privatizing everything for profit was the only way to do things we would have never gone to the moon, built space stations, produced life saving treatments. One wonders if we would just now start building roads and rail lines to improve commerce and off course it would only be available to the corporations and extremely wealthy. If not for the government and people of that government paying for and planning on knowing the bottom line did not matter (to it’s logical extent). It is a little frightening to think how far regressed society would be.
That is why I feel that now is the time we must create our online public squares not from corporations trying to build the bottom line with advertisers and algorithms that help those advertisers and the bottom line. But from the people.
Think of the recent chain of events from the geniuses man child. We had an online square which was a cesspool built to fatten the bottom line. At times I wonder if it was sincerely built to be a public square, but of course in a capitalistic society the only way to garner and support the resources is to generate revenue. I can not totally blame the man child for the actions he took after all his intent is to save humanity (only his version of a just humanity). But hey even if your morally and socially bankrupt at least trying to save the property and asset owners has to count for something.
But what if instead of having to make a profit, we as a society paid for and built our own online public square. I think we have a pretty decent test ground and I have belonged to it for a while. But I was inactive for years, because the conversation was happening on Facebook until I and everyone younger than me became disillusioned with it. I liked the pre man child version of twitter. It was the only social media platform I used. And by use, I mean trolling and listening as I rarely have anything of value to add to society. The occasion exception like this post here. Don’t get me wrong I have nothing against corporations creating and making things for profit. Some of the best trashy, mediocre things in life happen this way. But it always seems the best things in life happen when people try to fill a need outside the bottom line. Things like: Linux; Free/Open/NetBSD; Federated apps like Hubzilla, GnuSocial, Mastodon, which I’m familiar with and many others I am not are things that come to mind for me because I’m a computer nerd. People can and still do make money from those free things. But they seem to fuck it up when they do. The value add seems minimal at best because the technology and benefit to humanity start to take a back seat to profits. Don’t get me wrong I still like RedHat and Conical, but it always seems to move away from the utopian Star Trek universe when money becomes the deciding factor, the goal and not just the tool.
Think if governments (ideally ruled by the people, but even if not) were the creators of the public square online. I look at Mastodon for the almost perfect model and federated protocols for the glue to hold it all together. Nations could be instances. Bad nations could be de-federated (hopefully only temporarily). You could still have your instances for special interest. I like computer security https://infosec.exchange/ and like the BSD variants of operating systems https://bsd.network/ and I’m liberal and want a semi safe space from those who are not https://freeradical.zone/ You can still have your semi-profit motivated sites, people have to pay the bills after all. https://counter.social/ Though I doubt I would ever join you always have mastodon copied code trying to pass itself off as original 100% for profit and power https://truthsocial.com/ I can and only want to imagine what a shit show that must be.
Some people don’t trust governments and thats OK, neither do I. But unlike many at least in my country, I absolutely do not trust corporations. I always feel it’s better if people make the product rather than people be the product. I have heard things in the past that I would not trust the government with my data. Spoiler alert they already have it, staring from the time you were born to present. Then there is the concern that a corrupt government is controlling the instance you are on. Really? have you seen what corporations do? Places like China and Russia control the narrative and the people online already. In the US the corporations do the same. Other countries have varying states from both ends of the spectrum.
There needs to be a place for citizens of each country and ultimately federated up to citizens of the planet to have a place to discuss our desires, goals and dreams and it would really be nice if those discussions were paid for by the people through their governments instead of being manipulated for emotion and add revenue or even check mark subscriptions.
Ghost Blog
Matching blog post to Setup Ghost Blog In FreeBSD Jail @ RKey.Tech/Docs/
So I was going to let my msrobota.online domain expire it would have been domain 3 of 5 I’m letting go, but I decided to have something that was not branded with myself or rkey.online to spew thoughts. Which I have a difficult time doing. I’m good at spewing thoughts, just not good at deciding to keep the incriminating evidence online for all to see. But this gives me an excuse to play with Ghost. So there is that.
Setup GitLab Repo
Matching blog post for Setup GitLab Repo @ RKey.Tech/Docs/
I suppose having worked in the disaster recovery industry, I have developed the mind set that, hardware always fails, services always fail, power always fails, service providers always go down. Now eliminating all variables is impossible, unless the money, time, and knowledge is vast and endless. For me being unemployed, having what money I do make being garnished and not even having enough for the basics that most in this country enjoy. I am very limited on my options. I use rsync to a local NAS server in my apartment, then I mirror to another server with external drives I can unplug and take off site and I have two workstations that are identical kept that way via rsync as well. Of course for development work my primary repo is GitLab (Private) and then I mirror to GitHub (public) depending on files. Of course depending on where I start my project from this is sometimes reversed :)
Build RKey Tech
Matching blog post to Build RKey Tech @ RKey.Tech/Docs/
I’ve only recently started building websites using markdown and processing through Hugo. So for a while I was trying out several different themes, trying to find the right fit. I liked Ananke theme and then tried Docsy, but found Docsy felt like a mess trying to setup. I finally discovered that simpler is better and have settle on my two favorite themes. Congo and Dimension. Because I mirror this site with another under my real name they are both using the Congo theme. I then build out pages for this site using Atom VSCodium and then while still in Atom VSCodium, just copy the page over to the other site and change the names to protect the guilty. I suppose if you were to look at the source code for the other site, you would discover this one. But honestly, until I change some fake 404 links under different domains, it’s a pretty obvious discovery anyway. It only takes looking at the shared personal productivity site. My personal site is using the Dimension theme and though it is a very cool theme. It seems that it would not work well for documenting things or rather for reading those documented things.
Update 05 September 2022
As you will notice I’m no longer using Congo or Dimension. Seems Docsy has grown on me a bit.