Random Tech Adventures
  • About
  • Articles
ARTICLES

January 1, 0001

Outside of my day job, I also run a YouTube channel that follows my growing hobby of restoring forgotten 80s and 90s cars. I am not a mechanic, nor do I have any official training, so I am leanring as I go. This is made more difficult in some cases because the cars that I am working on are not the “Popular” cars that everyone else is doing (Fire Birds, TransAms, Grand Nationals, etc). Instead I am working on forgotten Mopar vehicles such as the Dodge Stealth and Dodge Rampage.

As I go through this process I am learning some tips and tricks that I want to make available to others. Now you can find this information on my YouTube channel, but sometimes its nice to have a printable page to reference, or individual photos to refrence as you go. So with that in mind, I am starting up a web page that will be an add-on to the YouTube page.

Since this is a hobby of mine, and not a business venture, I am going to do this on the cheap (but still in a nerdy way). I will be making use of the Oracle Cloud Free Tier, leveraging ARM cores. We will also be using:

  • Hugo
  • Podman
  • Caddy
  • Let’s Encrypt
  • Git

Prerequisites

  • Get an Oracle Free Forever account
  • Get a Domain Name

Deploy a new Oracle VM

  1. Log into Oracle Cloud
  2. Select Instances
  3. Select Type of Aarch
  4. Select OS of Oracle-Linux-9.0 - (this is just a RHEL 9 clone)
  5. Add a SSH Key
  6. Build

Log into cluster

ssh opc@<ip address>
sudo dnf update -y
sudo dnf install podman -y

Add a new user - Optional

I don’t like to leave default user accounts in place, so I will always create a new user account and disable the default cloud user. We will use the same ssh key that was built into the cluster

useradd -m -G wheel <username>
passwd <username>
cp -R ~opc/.ssh/ ~<username>/
chown -R <username>:<username> ~<username>/.ssh

Now in a new window ssh to the host with your new user account, and then test that you have sudo access.

$ ssh <username>@<ip address>
$ sudo su -
#

If you were able to run sudo and become root, then we are good and you can disable the ocp account:

$ sudo usermod -L opc
$ sudo chage -E0 opc

Validate that the “opc” user is disabled by attempting to log in with it

$ ssh opc@<ip address>

Deploy our Web Server

We are going to run a web server from a container as a non-privledged user on a non-privledged port. To do this we will be using Caddy

Create a caddy user

$ sudo useradd -m caddy
$ sudo loginctl enable-linger caddy
# This will allow us to create a systemd service later that will run our container
# we will NOT be setting up a password, or any way to log in
$ sudo su - caddy

Run the Caddy Container

Pull down the default Caddyfile

mkdir ~/caddydata && mkdir ~/caddyconfig
curl https://raw.githubusercontent.com/caddyserver/dist/master/config/Caddyfile -o ~/caddyconfig/Caddyfile

Edit our Caddyfile

$ podman run -d -p 8080:8080 -p 8443:8443 -p 8443:8443/udp
–name caddysrv
–userns keep-id
-v /u01/ageeksgarage:/srv:z
-v /home/caddy/caddydata:/data:z
-v /home/caddy/caddyconfig/Caddyfile:/etc/caddy/Caddyfile:z
docker.io/caddy

© Random Tech Adventures 2023