Outside of my day job, I also run a YouTube channel that follows my growing hobby of restoring forgotten 80s and 90s cars. I am not a mechanic, nor do I have any official training, so I am leanring as I go. This is made more difficult in some cases because the cars that I am working on are not the “Popular” cars that everyone else is doing (Fire Birds, TransAms, Grand Nationals, etc). Instead I am working on forgotten Mopar vehicles such as the Dodge Stealth and Dodge Rampage.
As I go through this process I am learning some tips and tricks that I want to make available to others. Now you can find this information on my YouTube channel, but sometimes its nice to have a printable page to reference, or individual photos to refrence as you go. So with that in mind, I am starting up a web page that will be an add-on to the YouTube page.
Since this is a hobby of mine, and not a business venture, I am going to do this on the cheap (but still in a nerdy way). I will be making use of the Oracle Cloud Free Tier, leveraging ARM cores. We will also be using:
- Hugo
- Podman
- Caddy
- Let’s Encrypt
- Git
Prerequisites
- Get an Oracle Free Forever account
- Get a Domain Name
Deploy a new Oracle VM
- Log into Oracle Cloud
- Select Instances
- Select Type of Aarch
- Select OS of Oracle-Linux-9.0 - (this is just a RHEL 9 clone)
- Add a SSH Key
- Build
Log into cluster
ssh opc@<ip address>
sudo dnf update -y
sudo dnf install podman -y
Add a new user - Optional
I don’t like to leave default user accounts in place, so I will always create a new user account and disable the default cloud user. We will use the same ssh key that was built into the cluster
useradd -m -G wheel <username>
passwd <username>
cp -R ~opc/.ssh/ ~<username>/
chown -R <username>:<username> ~<username>/.ssh
Now in a new window ssh to the host with your new user account, and then test that you have sudo access.
$ ssh <username>@<ip address>
$ sudo su -
#
If you were able to run sudo and become root, then we are good and you can disable the ocp account:
$ sudo usermod -L opc
$ sudo chage -E0 opc
Validate that the “opc” user is disabled by attempting to log in with it
$ ssh opc@<ip address>
Deploy our Web Server
We are going to run a web server from a container as a non-privledged user on a non-privledged port. To do this we will be using Caddy
Create a caddy user
$ sudo useradd -m caddy
$ sudo loginctl enable-linger caddy
# This will allow us to create a systemd service later that will run our container
# we will NOT be setting up a password, or any way to log in
$ sudo su - caddy
Run the Caddy Container
Pull down the default Caddyfile
mkdir ~/caddydata && mkdir ~/caddyconfig
curl https://raw.githubusercontent.com/caddyserver/dist/master/config/Caddyfile -o ~/caddyconfig/Caddyfile
Edit our Caddyfile
$ podman run -d -p 8080:8080 -p 8443:8443 -p 8443:8443/udp
–name caddysrv
–userns keep-id
-v /u01/ageeksgarage:/srv:z
-v /home/caddy/caddydata:/data:z
-v /home/caddy/caddyconfig/Caddyfile:/etc/caddy/Caddyfile:z
docker.io/caddy