• 0 Posts
  • 20 Comments
Joined 1 year ago
cake
Cake day: June 16th, 2023

help-circle




  • You still need encryption between your CDN and your origin, ideally using a proper certificate.

    It can be self-signed though, that’s what I’m doing and it’s partly to outsource the TLS maintenance. But the main reason I’m doing it is to get IP privacy. WHOIS domain privacy is fine, but to me it seems pretty sub-optimal for a personal site to be publicly associated with even a permanent IP address. A VPS is meant to be private, it’s in the name. This is something that doesn’t get talked about much. I don’t see any way to achieve this without a CDN, unfortunately.

    I guess it’s popular because people already use Github and don’t want to look for other services?

    Yes, and the general confusion between Git and Github, and between public things and private things. It’s everywhere today. Another example: saying “my Substack” as if blogging was just invented by this private company. So it’s worse than just laziness IMO. It’s a reflexive trusting of the private over the public.


  • I have some static sites that I just rsync to my VPS and serve using Nginx. That’s definitely a good option.

    Agree. And hard to get security wrong cos no database.

    If you want to make it faster by using a CDN and don’t want it to be too hard to set up, you’re going to have to use a CDN service.

    Yes but this can just be a drop-in frontend for the VPS. Point the domain to Cloudflare and tell only Cloudflare where to find the site. This provides IP privacy and also TLS without having to deal with LetsEncrypt. It’s not ideal because… Cloudflare… but at least you’re using standard web tools. To ditch Cloudflare you just unplug them at the domain and you still have a website.

    Perhaps its irrational but I’m bothered by how many people seem to think that Github Pages is the only way to host a static website. I know that’s not your case.


  • This is a bit fuzzy. You seem to recommend a VPS but then suggest a bunch of page-hosting platforms.

    If someone is using a static site generator, then they’re already running a web server, even if it’s on localhost. The friction of moving the webserver to the VPS is basically zero, and that way they’re not worsening the web’s corporate centralization problem.

    I host my sites on a VPS. Better internet connection and uptime, and you can get pretty good VPSes for less than $40/year.

    I preferred this advice.


  • Can recommend Hetzner (German IP). Good value and so far solid.

    Before that I used OVH (French IP) for years but it ended badly. First they locked me out of my account for violating 2FA which I had not asked for or been told about, and would not provide any recourse except sending them a literal signed paper letter, which I had to do twice because the first one they ignored. A nightmare which went on for weeks. And then, cherry on the cake, my VPS literally went up in smoke when their Strasbourg data center burned down! Oops! Looks like your VPS is gone, sorry about that, here’s a voucher for six months free hosting! Months later they discovered a backup but the damage was done. Never again.


  • If you don’t mind going full back-to-basics, you can do this with standard command-line tools and no cloud server. Contrary to popular wisdom, a server is not necessary to sync files between a computer and a mobile device.

    I use ssh and unison over wifi hotspot, no cable required. Works fine though it does require a button to be pressed. It doesn’t sync constantly in the background. Personally, after many years of doing that, I decided that it was an anti-feature.









  • Your frustration is warranted. I consider mapping to be the major unsolved problem in the FOSS universe. It’s certain my one, and I have much more limited aims than you. I just want my personal POIs on a map, in colored categories, with access to that map on desktop and mobile, read and write. I’ve gone with the serverless route, just syncing the two devices, but the Nextcloud method is not so different.

    Well, it’s hard. Osmand is amazingly powerful, and apparently has the most advanced POI features of any Android app, but still there are catastrophic flaws. For example, in the GPX it marks up POI categories with its own bespoke GPX markup - totally invisible to desktop software (I had to write a Python script to add it to POIs created on desktop, just so that I can actually see their colors in Osmand). Next, syncing the GPX is made unnecessarily cumbersome by the fact that all the DB files and cached tiles are in the same file tree (I literally use an Android file sync tool to sync the GPX within Android to a place where it can be synced again with my desktop).

    What a mess. Pretty sure I haven’t overlooked anything for my simple use case of POIs-on-a-map. It just seems not many people want to do this. Or perhaps they tried and then gave up.

    Oh well. This rant is not much use to you, but please accept it as consolation.



  • ITT: lots of the usual paranoid overkill. If you do rsync with the --backup switch to a remote box or a VPS, that will cover all bases in the real world. The probability of losing anything is close to 0.

    The more serious risk is discovering that something broke 3 weeks ago and the backups were not happening. So you need to make sure you are getting some kind of notification when the script completes successfully.