Linux

After setting up my VPS, security was the next priority. A server on the public internet gets probed constantly. Within hours of going live, the auth log fills up with failed SSH login attempts from all over the world. This post covers the measures I took. None of this is novel, but having it written down in one place is useful. SSH hardening SSH is the primary way you access a Linux server, which makes it the primary target for attackers. The default configuration is functional but permissive. ...

I have been running Nginx on a 1 vCPU / 2 GB RAM VPS for a while now. These are my notes on configuration choices that make sense at this scale. The defaults are mostly fine Nginx is efficient out of the box. For a small site serving static files, you can run the default configuration and it will handle far more traffic than your server will ever see. But there are a few things worth adjusting. ...

When I decided to rent a VPS for personal projects, I spent some time thinking about location. I ended up choosing a data center in Amsterdam. Here is how I arrived at that decision and what the setup looks like. Why Amsterdam A few factors made Amsterdam a good fit. Network connectivity. Amsterdam is one of the most interconnected cities in Europe. AMS-IX is one of the largest internet exchange points in the world. In practice this means good peering, low latency to most of Western Europe, and solid routing to the rest of the world. ...

I wanted a blog on my VPS that would cost almost nothing in resources. Static site generators were the obvious choice, and after looking at a few options I went with Hugo. Why Hugo The main appeal is simplicity. Hugo is a single binary. There is no runtime, no dependency tree, no Node modules folder growing to 800 MB. You write Markdown, run one command, and get a folder of HTML files ready to serve. ...