My Website Architecture
I won’t get into the weeds on this blog post, but I don’t really care for social media. I much prefer this platform right here. My website, my domain, my kingdom. I hope this encourages someone to learn some HTML, CSS, and maybe dabble in a little bit of DevOps and GitOps. It can be fun for the right person. (Me).
Applications
On my Windows development PC, I use the following tools….
- VSCode: Edit the Markdown docs.
- JekyllRB: Ruby Gem to test the markdown to HTML templating locally.
- GitHub Desktop: Version control and the start of the deployment pipeline.
- cwebp: Google binary to convert images into webp.
GitHub Desktop is a great git wrapper for Windows. Its really easy to create branches, push and pull changes, and anything else Git related.
JekyllRB had a small learning curve, but once I understood how to update and maintain the Ruby Gems and Gemfile it became way easier. I’ve honestly really enjoyed being able to pass in the --livereload
command and watch my changes on a seperate monitor.
Converting images from their original format into a webp format is a bit tedious. I was doing it all in powershell but I’ve started to use the ThioJoe cwebpGUI and its a bit easier I guess. I like that it shows me the cwebp command it generates more than anything. I serve these high-quality but compressed images from an Object Storage bucket into a CDN for distribution.
My Akamai Cloud
This cookieless website gets about 2,000 hits per month at the Bunny CDN. I just assume it’s 99.9% bot traffic so really the only person here is me, and that’s perfectly fine with me. I could get away with hosting this site 6 different ways for free, but I enjoy and trust the platform. I use a $5/month Nanode, paired with a $5/month 250GB S3-compatible Object Storage Bucket. As a paying customer, I’m also able to use their DNS Resolvers as my Authoritative Name Servers. Doing all of this on one platform is awesome because they have a Python3 pip package called Linode-CLI that has a huge range of capabilities.
It’s best practice to restrict root access, enforce the use of cryptographic key-pair for ssh access, adjust listening settings on the sshd daemon, and install fail2ban. I’ve done this. But I want to go even further. I’ve setup and enabled the local UFW firewall, setup SSH to be limited to my Tailscale TailNet while still enforcing the SSH Key requirement, installed CrowdSec, a CrowdSec bouncer or four, and finally….
Put my Nanode behind a Cloud Firewall. Yes - I block ICMP traffic before the web server and at the web server.
Security is like an onion, its all done in layers. Feel free to reach out if you need support analyzing your attack vectors and threat models.
References
GitHub Desktop and GitHub Actions
2024
Secure Your Linux Box
Matt’s Guide to Securing a Linux Box for Production.
My Website Architecture
Quick overview of my websites architecture.
Exploring Glacier National Park
One Night in Glacier NP - 2024
Images from the Nebraska DLC
Exploring and capturing the scenery in American Truck Simulator, Nebraska DLC
Sail High Seas Safely!
how-to be safe while downloading linux isos.
Jackson-Faulkner Family Trip 2024
Exploring South Dakota with the Jacksons.
Serving Up WebP instead of PNG
how I reduced my home page 610 percent.
Javascript Cat!
how-to add oneko.js to the minimal-mistakes jekyll template.
Growing Cannabis Notes
My personal running notes for growing cannabis.
SMB Mount Errors found in dmesg
Dealing with CIFS errors between TrueNAS and Debian.
Bounce a Juniper Switchport
how-to bounce a Juniper JunOS switchport.
Fixing apt error, ‘list of sources could not be read’
how-to fix ‘the list of sources could not be read.’ when using apt.
Basic Network Troubleshooting
how-to troubleshoot a home network, by a Network Engineer.
Moving to Caddy
Moving my webserver from OpenLiteSpeed to Caddy
Could Not Resolve Error in apt
how-to resolve, could not resolve packages.adoptium.net
Responding to XZ-Utils Vulnerability
how-to validate XZ-Utils impact.
Ninite is Awesome
How and Why I use Ninite
Certbot Renewal on OpenLiteSpeed
Manually renewing Certbot on OpenLiteSpeed
YABS Results
Yet Another Benchmark Results
Basic Linux Administration
Linux Basics and Core Concepts by Matt F.
How to Setup and Manage a Web Domain
how-to Buy and Manage a Web Domain
Learn Linux in 5 Days
My Udemy Course Completion Certification.
2013 Scion FRS Service Manual
Scion FRS Service Manual Download and Sources
My Discord Server
My Discord Server Widget
Migrating to BunnyCDN
How I moved from QUIC.Cloud to BunnyNet CDN.
2023
99.99% Uptime Goal for 2024
My High Uptime Plan for 2024.
Magic The Gathering Notes
Personal notes for Magic the Gathering
HTML Hobbiest Webring
HTML Hobbiest Webring Landing Page/Post
Ditching WordPress
Method of Procedure for migrating from WordPress to plain HTML.
W900 Tuning Pack
W900 Tuning Pack DLC Review.
Goodbye Google Domains
Google Domains is Ending.
Experience OpenLiteSpeed
Deep dive into OpenLiteSpeed webserver.
Struggles with Jekyll and Cloudflare Pages
how-to resolve my Jekyll/Cloudflare Pages deployment error.
Mom Said Redefine Success
In High School I had one dream that stands out. Own a Porsche by the time I was 26. Looking back, I have no idea where this dream came from; because I was ra...
Cow Town Hoe Down - 2023
Personal ramblings about my new town.
Knowledge Sharing
Knowledge Filled PDF Bundle
Jellyfin Guide for Friends and Family
how-to Jellyfun.
My ProtonMail Review
ProtonMail Review - 1 Year
2022
Managing Pi-Hole - A Guide for Beginners in 2022
how-to manage Pi-Hole.
Matt’s Desktop Build in 2022
My new Gaming PC. Its boring but it’ll do.
Ad-Blocking on the Go using Pi-Hole and Pi-VPN in the Cloud
how-to setup Pi-Hole and Wireguard on Linode.
How To Change The Hostname of a Raspberry Pi
how-to update the hostname of a Raspberry Pi.
2021
Using A Raspberry Pi Zero To Host a VPN Server
Can a Raspberry Pi Zero host a family VPN Server? Yes.
Logitech G413 Carbon - Keyboard Review
Logitech G413 Keyboard review.
Razer Huntsman Mini - My First Keyboard Review
Razer Huntsman Mini review.
Weekend with the Bois - June 2021 Video
YouTube video cruising through Colorado!
PiAware - One Month of Ownership
Ramblings about PiAware after one month of operation.
Setup a Headless Raspberry Pi - For Beginners
Guide to setup a Raspberry Pi from start to finish!
Setting the Timezone on your Raspberry Pi 4
Guide to configuring the Timezone on a Raspberry Pi.