A howto guide on setting up a simple and secure blog server using haproxy to serve https, hugo to serve the website, cerbot to generate the tls certificate, and crowdsec for defense
This is my first post on my new site, I hope someone finds it helpful!
Yeah it took a while for me to find as well, Debian moved to managing alot of packages you used to install with pip. In many cases you can just prefix pip packages with python3- and find them via apt.
I knew that worked for a lot of stuff. That used to be what I’d try first but I honestly just use a venv for pretty much anything that uses pip nowadays. Still helpful to know there is a package though thanks! I intend to test it out.
Another thing you could check out is Caddy, comes with a lot of stuff onboard and has an optional crowdsec module (though I should point out that I never used that module myself so I can’t make guarantees how well it works) https://caddyserver.com/
Or a docker image with Nginx Proxy Manager. You get a working reverse proxy, an automatically renewing certbot, easy to use UI, plus a working nginx install that you can use for serving static files, forward proxy etc.
first thing is to install snapd an a perfectly fine debian 12???
I know I know. If you wanna install certbot another way feel free. Share it with me I’m sure it’ll take up less space. I only did it that way because it’s the certbot official©®™ instructions. That and I had issues with the other method I tried.
apt install python3-certbot :)
Hah did not know about that thanks!
Yeah it took a while for me to find as well, Debian moved to managing alot of packages you used to install with pip. In many cases you can just prefix pip packages with python3- and find them via apt.
I knew that worked for a lot of stuff. That used to be what I’d try first but I honestly just use a venv for pretty much anything that uses pip nowadays. Still helpful to know there is a package though thanks! I intend to test it out.
Another thing you could check out is Caddy, comes with a lot of stuff onboard and has an optional crowdsec module (though I should point out that I never used that module myself so I can’t make guarantees how well it works) https://caddyserver.com/
Excellent thank you! I’ll check this out.
I can really recommend acme.sh if you wanted to try a certbot alternative.
Awesome I’ll look into it for sure!
Or a docker image with Nginx Proxy Manager. You get a working reverse proxy, an automatically renewing certbot, easy to use UI, plus a working nginx install that you can use for serving static files, forward proxy etc.
I like docker and traefik, traefik has let’s encrypt built-in.
I’ve got plenty of experience with docker and I’ve heard of traefik but never used it. Thanks, I’m gonna look into it.
It is in the official repos
sudo apt-get install certbot
You also can use a container
I could have swore I tried it. facepalm I’ll check that out then I might edit that part.