Self_Host_101

2/17/25

Caddy

Self_Host_101

Home

Self Host 101 (5 videos)

see Episode 340: Servers with Matt from Caddy

Copilot

Self_Host_101

Self Host 101 - Set up and Secure Your Own Server

Self Host 101 - Office Hours - Losing SSH Access, VPNs, Load Testing, Reverse Proxies and more ! (29:06)

tail -n 10 -f /var/log/auth.log

check for login attempts

Self Host 101 | Office Hours LIVE | Reviewing Your Questions and Comments (2:12:15)

apt update

update the package lists locally on my machine

apt upgrade

install latest versions of all the packages that I have installed (does the upgradables)

Coolify Crash Course | Self Host 101 | Secure Set up (1:29:05)

doing a kernel update will cause a reboot being needed

ls /var/run/reboot required

needs rebooting if that file exists

apt upgrade

since kernel was updated, it is likely that more packages can be upgraded.

passwd

change the password for the currently logged in user (ie, root)

passwd mdh

change the password for user mdh

adduser mdh

usermod -aG sudo mdh

add user mdh to the sudo group

groups mdh

see all groups that mdh is a member of

13:08

15:19

Disable Password Login

17:36

Disable root login

18:25

Network and Firewall Policy

19:11

Closed unused ports

20:15

Change default SSH port

21:31

Restrict port access to a specific IP

sudo apt install unattended-upgrades

Enable and configure automatice updates

sudo dpkg-reconfigure unattended-upgrades

configurations wizard:

auto download and install stable updates ?

Yes

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

sudo systemctl status unattended-upgrades

Self Host 101 - Run Multiple Apps with Caddy | DNS, Static Sites, Reverse Proxies and Let's Encrypt (1:19:49)

Creating DNS Records

65.128.253.137

in order to point our domain name to the IP address of our server we need to set up what's called an A record

@ specifies the root record, disable proxy (DNS only), TTL = 1 minute (when setting up)

4:32

Query DNS Records with dig

dig hvezda.cc A

.cc is the root

dig +trace hvezda.cc A

dig www.hvezda.cc A

dig banana.hvezda.cc CNAME

dig hvezda.cc TXT

7:50

www subdomain record, CNAME records and TEXT records

www

65.128.253.137

DNS only

1 min

CNAME

banana

hvezda.cc

DNS only

1 min

Content (required)

TXT

1 min

anything goes here!

11:23

DNS Resources

https://wizardzines.com/zines/dns/

12:13

SSH to your VPS with a Domain Name

13:08

Responding to HTTP Requests from our Server

sudo nc -l 80

19:05

How To Navigate The Caddy Docs

Tutorials > Quick starts > Using a Caddyfile

Reference > Caddy file > Concepts

21:32

Caddy Architecture / reloading configuration

sudo service caddy restart

sudo service caddy reload

<---

Reloads the configuration without stopping the service !

use reload over restart.

22:35

Install Caddy

Install

Caddyserver.com > Documentation > Get Caddy > Install > Debian, Ubuntu, …

After installing, see --->

using the service

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl

curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg

curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list

sudo chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg

sudo chmod o+r /etc/apt/sources.list.d/caddy-stable.list

sudo apt update

sudo apt upgrade

sudo apt install caddy

caddy -v

v2.11.2

h1:iOlpsSiSKqEW+SIXrcZsZ/NO74SzB/ycqqvAIEfIm64=

sudo service caddy status

23:59

Set up https for the root domain

sudo nano /etc/caddy/Caddyfile

the Caddy config file

Caddyfile>

:80 {

change :80 { toyour domain name hvezda.cc {

hvezda.cc {

sudo service caddy restart

/usr/share/caddy/index.html

Location of Caddy's default index.html file.

journalctl --no-pager -u caddy