Investigations

2024-10-25 VPC rootless container server

Today I succesfully set up a self-updating, self-rebooting, self-starting, self-certificating web server that I wrote myself, running rootless podman.

This is a quick note on the requirements for setting that up. For all the detours go to the repository at https://github.com/jakobvase/rust-score-tracker.

Prerequisites

This guide is probably only relevant if you’re running Debian 11 and Podman 4.3, which is the default on Debian 11.

Setup the vpc

• Follow the guides on security from OVH (or some other provider you trust).
• Set up a firewall like in this guide.
• Install podman sudo apt-get update, sudo apt-get -y install podman.
• Set up port-forwarding because rootless podman can’t access 80 and 443:
  • sudo firewall-cmd --zone=public --add-masquerade
  • sudo firewall-cmd --zone=public --add-forward-port=port=80:proto=tcp:toport=8000
  • sudo firewall-cmd --zone=public --add-forward-port=port=443:proto=tcp:toport=8001
  • test and then sudo firewall-cmd --runtime-to-permanent
• Follow the let’s encrypt guide to install certbot. I used snapd.
• Setup automatic updates and reboots by editing /etc/apt/apt.conf.d/50unattended-upgrades. See also [https://wiki.debian.org/UnattendedUpgrades].
• Now get your web-server running.

Run your webserver

• Save the image you want to run on the server as a .tar file on your local machine: docker save -o image.tar your-image.
• Copy to the server: scp image.tar user@server-ip:/home/user/image.tar.
• Add it to the images on the server: podman load -i image.tar
• Run it. This will look different for your project, but some of it is the same. For the certificates to work, you will at least need to load the certs and acme challenge. The ports are the ones I set up forwarding to above.

podman run -d -p 8000:80 -p 8001:443 \
--name rust_score_tracker_server \
-v rust-score-tracker-data:/app/data \
-v /home/user/config.json:/app/config.json \
-v "/home/user/score-tracker-static/.well-known/acme-challenge:/app/acme" \
-v "/etc/letsencrypt:/app/certs" \
rust-score-tracker --config /app/config.json

Automatic restart on reboot

If you run into problems, I recommend looking at the documentation for your version of Podman. For 4.3, that’s here: https://docs.podman.io/en/v4.3/markdown/podman-generate-systemd.1.html

2024-05-26 Setting up this website

I had some ideas for how I wanted to set up this website. This is my journal documenting what I did, what worked, what didn’t, what I learned, and how my vision changed to reflect that learning.

I want:

• A blog, where I can write whatever I want.
• A journal of the current thing I’m working on - you’re reading it!
• Books I’ve read, and my thoughts on them.
• Music I’ve heard, and my thoughts on it.
• Interesting things I’ve found.
• My music, written and recorded
• What you can hire me for
• Some way for people to subscribe to it all.
• Some way for people to comment on the stuff.
• What I have done myself, in programming, learning, and life.
• A now page (see [https://nownownow.com]) - done!

Other things I want:

2024-01-05 Search engines

• Elastic Search / Open Search - uses something called Lucene under the hood. Powerful but hard. Free and open source. Can run in docker. Much Setup required.
• Algolia - search as a service. Expensive and seems less suited for filtering. Powerful. Faster than elastic. Cannot run in docker. Little setup required.
• Meilisearch - simpler?
• SOLR - Also uses Lucene.
• Typesense - simpler?
• lnx - small Rust thing. Fast? Not recommended

2024-01-05 What composes a Rust graphql server

For a rust graphql server, I need to understand what is required to have it. I’ve read about the following:

• https://graphql-rust.github.io/ juniper. Seems to be the go-to graphql server in rust. They link to several web server libraries.
• https://async-graphql.github.io/async-graphql/en/introduction.html async-graphql. Some use it over juniper. Can merge objects etc.
• https://tokio.rs/ tokio. An underlying library that powers much of the rust ecosystem. Allows for easier asynchronous operations and thread management (I think?)
• https://github.com/hyperium/tonic tonic. A “gRPC”? Whatever that is. Something on top of tokio, that replaces tokio-grpc, I think.
• https://hyper.rs/guides/1/server/hello-world/ hyper. Seems to be the go-to, most stable, most developed server library?
• https://rocket.rs/ rocket. Another server library. Uses annotations, which I don’t like.
• https://github.com/seanmonstar/warp warp. Built on top of Hyper. Seems to add a lot of niceness?
• https://github.com/actix/examples/blob/master/graphql/juniper/src/main.rs#L26 actix. Uses annotations.
• https://github.com/poem-web/poem poem. Another server implementation. Uses annotations, but less so. Seems pretty nice?
• https://github.com/tokio-rs/axum doesn’t use annotations. Builds on top of hyper, tokio and tower.

2023-03-01 Storage

tl;dr

I chose MEGA for my current storage needs, but I’m not completely happy with it. Ente is really strong too.

Requirements

I’ve looked into storage solutions. I want our family photos and videos to be available to us as long as anyone wants them to be there. I want my wife’s photos and texts to be stored somewhere quite safe. I want it to be easy to share our favourite photos and videos, when we need to, and I want it to be easy for others to upload photos and videos of us to us. I don’t want to manage my own servers, as that comes with a lot of other management (what hardware, what operating system, security, how much raid-storage, multiple places, static dns, etc).