It’s been a week of new learning experiences.
As of writing this, my personal web server has been running off a Raspberry Pi 3 in my basement for a little over a week. This blog (and a couple other project sites) now live on a few circuits the size of a deck of playing cards stuffed into a closet in my home office.
But getting there and despite the thirty-minute walk-through YouTube video that inspired me that such a thing might be possible… it has been a long row to hoe.
Challenge 1 … I don’t like nginx.
Maybe I’m just an Apache2 fanboy at heart and I don’t realize it, but heeding the advice of dozens of computer nerds online, I spent two days trying to configure the Mr. Pibb of web server software to work with my sub-domain desires. When that didn’t work, I ultimately swapped the system out to Apache2, but then spent another few days scraping the stubborn remains of the nginx server from the system, so much so that I actually stayed up late one night trying to figure out why after restarting my system the Apache server wouldn’t start (turns out that despite running the install and removing the config files, nginx still thought it would bind to all my ports on startup and block the legit server!) *shakes fist in air*
Challenge 2 … doing the dynamic IP shuffle
Being much too cheap to spring for a proper ISP package, I’m stretching the rules and using a quirky workaround to host my Pi on my home internet package. My ISP doesn’t prevent you from doing this –they leave the ports wide open to let you do just that, in fact– but they complicate it by nudge-nudging you that they sell a better option for the low price of $50/month. Simply, they don’t guarantee that your IP will stick. It’s dynamic. Every few weeks, they shuffle the four number address (your IP) from where your internet connection identifies your to the internet. You get around this by setting up a complicated little piece of software to check this address (say every ten minutes) and ping it to a service that links your domain names (blog.8r4d.com) to that sometimes-changing IP address. Once set up it works a charm, but it was definitely a small challenge finding and initiating it.
Challenge 3 … routers are tricky buggers
Everyone is seems –from online to friends at parties– has opinions on network configuration. No? You don’t find this? Well, maybe you’re just hanging out with less interesting people than me. So, for sake of obscurity, let’s just say there are two fairly different ways to set up a router for a home web server and no matter which you choose you are faced with a security challenge. I chose one, but ultimately not without probing the depths of pros and cons surrounding both before settling. And I’m not even sure I’ve actually settled. I’d love to discuss the intricacies of my network configuration here, but alas after spending a week locking it down I think I might be in a paranoid-secretive state of mind about that.
Challenge 4 … firewalls are funky
Of course five minutes after my little Raspberry Pi met the world wide web her little logs were filling up with flirtatious notes with all sorts of russian and chinese return addresses. I was playing with fire for a day or so until I locked down my ports and installed a couple layers of firewall protection. It’s locked down solid now.. so much so that I even banned myself for a few hours and had to literally plug the Pi into a TV and keyboard so that I could get back in to fix it. Not that I really understand why I’d be worth hacking: sixteen years of public blog posts, some mediocre short fiction, our family recipe collection, and a year worth of web comics …is about all that anyone could steal from me. I suppose a dedicated hacker could install some bots on my little computer-that-could, but then I’d probably notice that show up in my CPU usage pretty quickly too. Either way…
The server is now working. Between crawling search engines, probing bots and (of course) a trickle of regular traffic, the CPU is barely warming its transistors and I’ve not noticed any real performance issues… unless you’re an overseas hacker it probably is running about the same as before I moved it all. My confidence level is about as solid as it can be having thrown open the doors of my web site to the world, that it won’t collapse under the pressure of challenges that I think I’ve overcome… for now.
So, uh… where do I pick up my achievement badge?