summaryrefslogtreecommitdiff
path: root/guides/cloud/vps.org
diff options
context:
space:
mode:
Diffstat (limited to 'guides/cloud/vps.org')
-rw-r--r--guides/cloud/vps.org35
1 files changed, 32 insertions, 3 deletions
diff --git a/guides/cloud/vps.org b/guides/cloud/vps.org
index b649fa8..f097ee8 100644
--- a/guides/cloud/vps.org
+++ b/guides/cloud/vps.org
@@ -36,7 +36,36 @@ So instead, I'll
Match User …
PasswordAuthentication yes
#+end_src
+
+* System
+** Hostname
+#+begin_src sh
+sudo hostnamectl set-hostname $fqdn
+#+end_src
+
* Web server
+Run ~sudo apt install nginx~; then, in
+=/etc/nginx/sites-available/$FQDN=:
+#+begin_src conf
+server {
+ listen 80;
+ listen [::]:80;
+
+ root /var/www/$FQDN/html;
+ index index.html;
+
+ server_name $FQDN www.$FQDN;
+ access_log /var/log/nginx/$FQDN.access.log;
+
+ location / {
+ try_files $uri $uri/ =404;
+ }
+}
+#+end_src
+Use one =access_log= file per site, to simplify analytics.
+
+Run ~sudo systemctl restart nginx~.
+** fail2ban
With the following files in =$HOME=:
#+begin_src conf
# nginx-botsearch.local
@@ -56,12 +85,12 @@ enabled = true
[nginx-botsearch]
enabled = true
-logpath = /var/log/nginx/access.log
+# Assume that each requests to $fqdn will be logged to "$fqdn.access.log".
+logpath = /var/log/nginx/*access.log
#+end_src
-Do:
+Then:
#+begin_src sh
-sudo apt install nginx
sudo cp ~/nginx-botsearch.local /etc/fail2ban/filter.d/
sudo cp ~/jail.local /etc/fail2ban/
sudo systemctl restart fail2ban
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-06 17:49:06 +0000