diff --git a/README.md b/README.md index bc0bfcf..67a2f1a 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ # Guide for systems / infra maintanance and creation -This guide provides good defaults and recipes on how to install & run shit that wont ever brake down so you can focus on more important things. +This guide provides good defaults and recipes on how to set up infra in a reliable, stable, effecient and secure way. It guides you from setting up a fresh machine, to installing build dependencies, configuring the firewall, serving and monitoring your apps, protecting them from DDOS and more. -It assumes you are setting up or maintaining an AlmaLinux (9, 10) server. +It assumes you are setting up or maintaining an AlmaLinux (9, 10) or a similar RHEL-based server. ## [Setting up a new machine](setup.md) @@ -40,6 +40,4 @@ How to monitor your services and websites with Open Kuma. How to protect and hide your services and websites from DDOS attacks. -## [WTF is AlmaLinux](alma-linux.md) - -Could be the first link, but really its not that important. +## [AlmaLinux / RHEL linux](alma-linux.md) diff --git a/alma-linux.md b/alma-linux.md index 182d14e..bfb8dae 100644 --- a/alma-linux.md +++ b/alma-linux.md @@ -1,9 +1,9 @@ -# Why and why .. Alma Linux? +# Why .. Alma Linux? AlmaLinux is a continuation of open source work for enterprise grade Red Hat Enterprise Linux (RHEL). Its a spiritual successor to CentOS and bug-for-bug compatible with RHEL same as Rocky Linux but without the toxic community. -### What about Debian / Ubuntu ??? +### What about Debian / Ubuntu ? Tbh, at the time of setting up new servers the `Debian` install was not working on my host, thats why i picked `AlmaLinux` for all installations to keep them uniform. Even though its a move from our usual package manager (`apt`) its the same shit. It uses `dnf` and `yum` and everything works the same. diff --git a/bunny-cdn.md b/bunny-cdn.md index 0db6b85..aa5923c 100644 --- a/bunny-cdn.md +++ b/bunny-cdn.md @@ -8,16 +8,6 @@ BunnyCDN is your friend in 3 ways at least: It operates with "zones". Think 1 zone = 1 service / website / url you run. -## No caching please - -By default if server doesnt include a `Cache-control` header, bunny will cache it. - -To make it never cache, include header `Cache-control` with value `no-cache` in your responses. - -## Purging cache - -To purge the cache on BunnyCDN, there is a button on the top right of the UI. - ## How to add a service / website to BunnyCDN Consult the screenshots below on how to set BunnyCDN in your browser. @@ -42,4 +32,14 @@ Enter it into your DNS and Verify SSL back on BunnyCDN. ![New zone 4](public/bunny4.png "Step 4") -Voila, this is it +Voila, this is it. + +## How to disable caching + +By default if server doesnt include a `Cache-control` header, bunny will cache it. + +To make it never cache, include header `Cache-control` with value `no-cache` in your responses. + +## Purging cache + +To purge the cache on BunnyCDN, there is a button on the top right of the UI. diff --git a/setup.md b/setup.md index 54e2fc2..0f2d3c4 100644 --- a/setup.md +++ b/setup.md @@ -34,7 +34,7 @@ firewall-cmd --add-service=ssh --permanent && firewall-cmd --reload ``` -⚠️⚠️⚠️ `drop` zone will just drop all traffic if you dont configure it to use `public` zone like we show in [Firewall](firewall.md) section. If connections time out this is likely the reason. ⚠️⚠️⚠️ +⚠️ *`drop` zone will just drop all traffic if you dont configure it to use `public` zone like we show in [Firewall](firewall.md) section. If connections time out this is likely the reason.* ## Unattended upgrades @@ -93,7 +93,7 @@ Try opening a new terminal and ssh-ing into `admin` user on the server, it shoul ### Locking the `root` account -⚠️⚠️⚠️ Be sure you can SSH with another sudo enabled account like `admin` otherwise you WILL LOCK YOURSELF out of the machine. ⚠️⚠️⚠️ +⚠️ *Be sure you can SSH with another sudo enabled account like `admin` otherwise you WILL LOCK YOURSELF out of the machine.* Go back to `root` account now, otherwise you will need to `sudo` the commands below. The following commands will lock out the root by configuring `/etc/ssh/sshd_config` file.