Rewrite of the website in Flask

author: Jacob McDonnell <jacob@simplelittledream.com> 2023-05-03 13:13:47 -0400
committer: Jacob McDonnell <jacob@simplelittledream.com> 2023-05-03 13:13:47 -0400
commit: 97a8370caea2fae4a0a67165036aae2dc2d05900 (patch)
tree: eb3c80ce24a66d342e3ba4143e88d6893a5f49b2 /articles/rss.xml
parent: 79352a7fe3a64021b8c39db2a78a22cdd58abb1e (diff)
1 files changed, 0 insertions, 204 deletions
diff --git a/articles/rss.xml b/articles/rss.xml
deleted file mode 100644
index e280062..0000000
--- a/articles/rss.xml
+++ /dev/null
@@ -1,204 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
-
-<channel>
-<title>Jacob McDonnell</title>
-<description>Articles from Jacob McDonnell.</description>
-<language>en-us</language>
-<link>https://jacobmcdonnell.com/rss.xml</link>
-<atom:link href="https://jacobmcdonnell.com/rss.xml" rel="self" type="application/rss+xml" />
-<image>
-<title>Jacob McDonnell</title>
-<url>https://jacobmcdonnell.com/favicon.ico</url>
-<link>https://jacobmcdonnell.com/rss.xml</link>
-</image>
-
-<!-- LB -->
-
-
-
-
-
-
-
-<item>
-<title>Hosting a Website on the Raspberry Pi with Rocky Linux</title>
-<guid>https://jacobmcdonnell.com/articles/RpiRockyLinuxServer/</guid>
-<link>https://jacobmcdonnell.com/articles/RpiRockyLinuxServer/</link>
-<pubDate>Sun, 19 Feb 2022 15:00:00 -0500</pubDate>
-<description><![CDATA[
-			<p>First Download Rocky Linux for the Raspberry Pi 3 &amp; 4 from <a href='https://rockylinux.org/alternative-images'>their website</a>.</p>
-			<center><img class="imgs" src="img/Screen Shot 2022-02-19 at 2.15.13 PM.png" referrerpolicy="no-referrer" alt="Screen Shot 2022-02-19 at 2.15.13 PM"></center>
-			<p>Next you want to burn this image to the sd card that you are going to use. Now start up the Raspberry Pi and login with the default user <code>rocky</code> and the password is <code>rockylinux</code>. </p>
-			<p>To make the image take up the whole drive, run:</p>
-			<pre><code class='language-shell' lang='shell'>sudo rootfs-expand
-			</code></pre>
-			<p>Now, you should create a new user:</p>
-			<pre><code class='language-shell' lang='shell'>sudo useradd -m -g users -G wheel userName
-sudo passwd username
-			</code></pre>
-			<p>Next, we should delete the default user so logout and login to your new user:</p>
-			<pre><code class='language-shell' lang='shell'>sudo userdel rocky
-			</code></pre>
-			<p>&nbsp;</p>
-			<hr />
-			<h2 id='setting-a-static-ip-address'>Setting a static IP address </h2>
-			<p>The easiest way is to run:</p>
-			<pre><code class='language-shell' lang='shell'>sudo nmtui
-			</code></pre>
-			<center><img class="imgs" src="img/Screen Shot 2022-02-19 at 2.18.39 PM.png" referrerpolicy="no-referrer" alt="Screen Shot 2022-02-19 at 2.18.39 PM"></center>
-			<p>Select <strong>Edit</strong> a connection and select your network interface. </p>
-			<center><img class="imgs" src="img/Screen Shot 2022-02-19 at 2.23.20 PM.png" referrerpolicy="no-referrer" alt="Screen Shot 2022-02-19 at 2.23.20 PM"></center>
-			<p>Select <strong>Show</strong> for <strong>IPv4 CONFIGURATION</strong> and enter the IP you want to set. Then select <strong>OK</strong> at the bottom, and quit the program.</p>
-			<h2 id='securing-the-pi'>Securing the PI</h2>
-			<h3 id='ssh-key-authorization'>SSH Key Authorization</h3>
-			<p>The best way to secure the pi is to use an SSH key to login instead of a password. First you want to generate an SSH key by running on your computer:</p>
-			<pre><code class='language-shell' lang='shell'>ssh-keygen -t rsa
-			</code></pre>
-			<p>Next, to copy your SSH key to your server, run:</p>
-			<pre><code class='language-shell' lang='shell'>ssh-copy-id -i ~/.ssh/mykey user@host
-			</code></pre>
-			<p>To test that it works, run:</p>
-			<pre><code class='language-shell' lang='shell'>ssh -i ~/.ssh/mykey user@host
-			</code></pre>
-			<p>If it worked, you should be able to connect without needing a password.</p>
-			<p>To force an SSH key to login, edit <code>/etc/ssh/sshd_config</code> using nano or vim.</p>
-			<p>Change <code>PermitRootLogin yes</code> to <code>PermitRootLogin no</code> and <code>PasswordAuthentication yes</code> to <code>PasswordAuthentication no</code>.</p>
-			<h3 id='setting-up-fail2ban'>Setting up fail2ban</h3>
-			<p>First start and enable firewalld to run at boot:</p>
-			<pre><code class='language-shell' lang='shell'>sudo systemctl start firewalld
-sudo systemctl enable firewalld
-			</code></pre>
-			<p>Now, enable the EPEL repository for Rocky Linux and install fail2ban:</p>
-			<pre><code class='language-shell' lang='shell'>sudo dnf install epel-release -y
-sudo dnf install fail2ban fail2ban-firewalld -y
-			</code></pre>
-			<p>Start and enable fail2ban to run at boot:</p>
-			<pre><code class='language-shell' lang='shell'>sudo systemctl start fail2ban
-sudo systemctl enable fail2ban
-			</code></pre>
-			<p>Now, we have to make fail2ban work with firewalld, run:</p>
-			<pre><code class='language-shell' lang='shell'>sudo mv /etc/fail2ban/jail.d/00-firewalld.conf /etc/fail2ban/jail.d/00-firewalld.local
-sudo systemctl restart fail2ban
-			</code></pre>
-			<p>To create an SSH jail, edit the ssh config file with vim or nano:</p>
-			<pre><code class='language-shell' lang='shell'>sudo nano /etc/fail2ban/jail.d/sshd.local
-			</code></pre>
-			<p>Paste the following into the file and change the values as you see fit:</p>
-			<pre><code>[sshd]
-enabled = true
-bantime = 1d
-maxretry = 3
-			</code></pre>
-			<p>Save and close the file and restart fail2ban:</p>
-			<pre><code class='language-shell' lang='shell'>sudo systemctl restart fail2ban
-			</code></pre>
-			<h2 id='setting-up-dynamic-dns-with-google-domains'>Setting up Dynamic DNS with Google Domains</h2>
-			<h3 id='configuring-google-domains'>Configuring Google Domains</h3>
-			<p>First, on <a href='https://domains.google.com/'>Domains.google.com</a> go the DNS page for your domain. Scroll down and click on <strong>Show advanced settings</strong>, Click <strong>Manage dynamic DNS</strong>, and then click <strong>Create new record</strong>. Enter your subdomain or leave it black for the domain itself. Finally, click Save.</p>
-			<h3 id='installing-ddclient'>Installing ddclient</h3>
-			<p>To install ddclient you need to enable the PowerTools Repo for the perl dependency.</p>
-			<p>First, install <code>dnf-plugins-core</code>:</p>
-			<pre><code class='language-shell' lang='shell'>sudo dnf -y install dnf-plugins-core
-sudo dnf upgrade
-			</code></pre>
-			<p>Next, enable PowerTools:</p>
-			<pre><code class='language-shell' lang='shell'>sudo dnf config-manager --set-enabled powertools
-			</code></pre>
-			<p>Then, you can install ddclient:</p>
-			<pre><code class='language-shell' lang='shell'>sudo dnf install ddclient
-			</code></pre>
-			<p>Now, we want to edit the config file for ddclient:</p>
-			<pre><code class='language-shell' lang='shell'>sudo nano /etc/ddclient.conf
-			</code></pre>
-			<p>You&#39;ll want to look for where it says <code>protocol=dyndns2</code>, and enter your information:</p>
-			<pre><code>##
-## nsupdate.info IPV4(https://www.nsupdate.info)
-##
-protocol=dyndns2
-use=web, web=http://ipv4.nsupdate.info/myip
-server=domains.google.com
-login=username
-password=password
-domain.tld
-			</code></pre>
-			<p>Wait about 5 minutes and on the Google Domains website, under Dynamic DNS you should see your IP address under <strong>Data</strong>.</p>
-			<h2 id='setting-up-nginx-and-lets-encrypt'>Setting up NGINX and Let&#39;s Encrypt</h2>
-			<h3 id='installing-nginx'>Installing NGINX</h3>
-			<p>First, install nginx Webserver:</p>
-			<pre><code class='language-shell' lang='shell'>sudo dnf install nginx
-			</code></pre>
-			<p>Next, start and enable nginx to run at boot:</p>
-			<pre><code class='language-shell' lang='shell'>sudo systemctl start nginx
-sudo systemctl enable nginx
-			</code></pre>
-			<p>Then, check the status to see if it is running:</p>
-			<pre><code class='language-shell' lang='shell'>sudo systemctl status nginx
-			</code></pre>
-			<center><img class="imgs" src="img/Screen Shot 2022-02-19 at 2.56.21 PM.png" referrerpolicy="no-referrer" alt="Screen Shot 2022-02-19 at 2.56.21 PM"></center>
-			<p>Now, we have to allow HTTP traffic through the firewall:</p>
-			<pre><code class='language-shell' lang='shell'>sudo firewall-cmd --add-service=http --permanent
-sudo firewall-cmd --add-service=https --permanent
-sudo firewall-cmd --reload
-			</code></pre>
-			<p>In a web browser, go to the local ip of the server and you should see the nginx welcome page.</p>
-			<center><img class="imgs" src="img/Screen Shot 2022-02-19 at 2.58.29 PM.png" referrerpolicy="no-referrer" alt="Screen Shot 2022-02-19 at 2.58.29 PM"></center>
-			<h3 id='configuring-nginx'>Configuring NGINX</h3>
-			<p>First, make your folder for the website, this is where your website will live:</p>
-			<pre><code class='language-shell' lang='shell'>sudo mkdir -p /var/www/websiteName
-			</code></pre>
-			<p>Next, we need to set the proper permissions to make sure everything works:</p>
-			<pre><code class='language-shell' lang='shell'>sudo chown -R nginx /var/www/websiteName
-sudo chmod -R 755 /var/www/websiteName
-			</code></pre>
-			<p>Now, we will create the config file for website:</p>
-			<pre><code class='language-shell' lang='shell'>sudo nano /etc/nginx/conf.d/websiteName.conf
-			</code></pre>
-			<p>and paste the following into the file:</p>
-			<pre><code>server {
-	listen 80;
-	server_name domain.tld www.domain.tld;
-	root /var/www/websiteName;
-	index index.php index.html index.htm;
-	access_log /var/log/nginx/websiteName.access.log;
-	error_log /var/log/nginx/websiteName.error.log;
-}
-			</code></pre>
-			<p>Now, confirm that the nginx configuration is ok:</p>
-			<pre><code class='language-shell' lang='shell'>sudo nginx -t
-			</code></pre>
-			<p>Restart nginx:</p>
-			<pre><code class='language-shell' lang='shell'>sudo systemctl restart nginx
-sudo systemctl status nginx
-			</code></pre>
-			<p>Next, set SELinux to permissive mode:</p>
-			<pre><code class='language-shell' lang='shell'>sudo setenforce permissive
-sudo getenforce
-			</code></pre>
-			<p>Now, we will need to set SELinux to permissive mode permanently:</p>
-			<pre><code class='language-shell' lang='shell'>sudo sed -i --follow-symlinks &#39;s/SELINUX=enforcing/SELINUX=permissive/g&#39; /etc/sysconfig/selinux
-			</code></pre>
-			<h3 id='installing-and-running-certbot'>Installing and Running Certbot</h3>
-			<p>To install Certbot run:</p>
-			<pre><code class='language-shell' lang='shell'>sudo dnf install certbot python3-certbot-nginx
-			</code></pre>
-			<p>To get SSL certificates for your websites run:</p>
-			<pre><code class='language-shell' lang='shell'>sudo certbot --nginx
-			</code></pre>
-			<p>Answer the prompts that show up on screen as you wish.</p>
-			<p>To configure auto renewal of the SSL certificate run:</p>
-			<pre><code class='language-shell' lang='shell'>crontab -e
-			</code></pre>
-			<p>and add the following line:</p>
-			<pre><code>0 12 * * * /usr/bin/certbot renew --quiet
-			</code></pre>
-			<p>This will check everyday at noon to see if the certificate will expire in the next month, if so it will renew the certificate.</p>
-			<p>Now your website should be operational. </p><br>
-]]></description>
-</item>
-
-
-
-</channel>
-
-</rss>
author	Jacob McDonnell <jacob@simplelittledream.com>	2023-05-03 13:13:47 -0400
committer	Jacob McDonnell <jacob@simplelittledream.com>	2023-05-03 13:13:47 -0400
commit	97a8370caea2fae4a0a67165036aae2dc2d05900 (patch)
tree	eb3c80ce24a66d342e3ba4143e88d6893a5f49b2 /articles/rss.xml
parent	79352a7fe3a64021b8c39db2a78a22cdd58abb1e (diff)