Some fixes and additions

README.md

@@ -1,11 +1,13 @@
 # Guide for systems / infra maintanance and creation
 
-This guide is assuming you are setting up or maintaining an AlmaLinux (9, 10) server.
+This guide encapsulates my experience of wrangling servers and provides good defaults and recipes on how to run shit that wont ever brake down so you can focus on more important things.
+
+It assumes you are setting up or maintaining an AlmaLinux (9, 10) server.
 It guides you from setting up a fresh machine, to installing build dependencies, configuring the firewall, serving and monitoring your apps and lastly protecting them from DDOS.
 
 ## [Setting up a new machine](setup.md)
 
-Prepare a new machine for use with an `admin` user. Lock out everything but to it. 
+Prepare a new machine for use with an `admin` user. Lock out everything but SSH to it. 
 
 ## [Installing aplications and build tools](applications.md)
 
@@ -14,7 +16,8 @@ Set up your apps in `/srv/` partition.
 
 ## [Firewall (opening/checking ports)](firewall.md)
 
-How to open firewall to let outside traffic to your apps.
+How to open firewall to let outside traffic to your apps. How to check and set firewall zones.
+If your service is timing out (nothing gets thru) this is probably the answer.
 
 ## [Running services and logging with systemd](systemd.md)
 

firewall.md

@@ -42,7 +42,7 @@ sudo firewall-cmd --zone=public --list-ports
 Change the default zone to `public` with
 
 ```sh
-sudo firewall-cmd --permanent --zone=public
+sudo firewall-cmd --set-default-zone=public
 ```
 
 Then open the relevant ports and reload the firewall

nginx-certbot.md

@@ -85,3 +85,22 @@ server {
 }
 
 ```
+
+Test and reload nginx by:
+
+```sh
+# Test configuration
+sudo nginx -t
+# Reload nginx
+sudo systemctl reload nginx
+```
+
+## Deleting Certbot certificates
+
+```sh
+# List your certificates
+sudo certbot certificates
+# Delete by name
+sudo certbot delete --cert-name sub.domain.com
+```
+