diff --git a/content/blog/2024-12-23-01-blog-setup.md b/content/blog/2024-12-23-01-blog-setup.md
new file mode 100644
index 0000000..883df73
--- /dev/null
+++ b/content/blog/2024-12-23-01-blog-setup.md
@@ -0,0 +1,84 @@
+---
+date: 2024-12-23
+title: blog setup
+description: How to make a website with 11ty and edit it with Decap CMS
+tags:
+ - programming
+ - my-blog
+ - how-to
+draft: true
+---
+_or, how to make a website with 11ty and edit it with Decap CMS._
+
+I'm just gonna start documenting all the config files I write here in case I forget how I did this. I can always update this later or something.
+
+## get a server
+
+I'm using a VPS (Virtual Private Server) from [DigitalOcean](https://www.digitalocean.com/). The cheapest option costs $4/mo and comes with 10 GB of storage. I picked one with Debian 12 pre-installed.
+
+I also changed my login shell to [fish](https://fishshell.com/):
+
+```sh
+$ sudo apt install fish
+$ chsh -s /usr/bin/fish
+```
+
+And created an account for my friend:
+
+```sh
+$ sudo useradd -s /usr/bin/fish -m friend
+```
+- `-s /usr/bin/fish`: set fish as the new user's default shell
+- `-m`: create a new folder in `/home`.
+
+## install apache web server
+
+```sh
+$ sudo apt install apache2
+```
+
+I like to put my own stuff in */data* so I don't get confused by stuff added by an installer.
+
+I'll be using a neat trick taught to me by Kooda: [Default HTTPS but only for recent browsers.](https://palmure.fr/blog.html#default-https-but-only-for-recent-browsers) This way your website will work on old gizmos like the Nintendo 3DS.
+
+```sh
+$ sudo a2enmod headers
+```
+
+Contents of */data/example.net/site.conf*
+
+```xml
+
+ ServerName example.net
+# SSLEngine on
+# Include /etc/letsencrypt/options-ssl-apache.conf
+# SSLCertificateFile /etc/letsencrypt/live/example.net/fullchain.pem
+# SSLCertificateKeyFile /etc/letsencrypt/live/example.net/privkey.pem
+
+ Header always add Strict-Transport-Security: "max-age=31536000; includeSubDomains; preload;"
+
+
+ Header always add Vary: Upgrade-Insecure-Requests
+ Redirect / https://example.net
+
+
+
+ DocumentRoot /data/example.net/site
+
+ ErrorDocument 404 404.html
+ Options FollowSymLinks MultiViews
+ Require all granted
+
+
+
+```
+
+you can uncomment those SSL lines later when you get a certificate
+
+## asdfasdf come back to this later
+
+todo:
+- set up 11ty
+- install forgejo
+- git hooks to auto-build?
+- decap CMS for editing
diff --git a/content/howto.md b/content/howto.md
deleted file mode 100644
index 811de06..0000000
--- a/content/howto.md
+++ /dev/null
@@ -1,61 +0,0 @@
----
-layout: layouts/base.njk
-title: How to self-host a blog with 11ty, git, and Decap CMS
----
-
-# {{ title }}
-
-Server: debian
-
-## Apache
-
-Install apache2
-
-```sh
-apt install apache2
-```
-
-Config file
-
-```conf
-# https://palmure.fr/blog.html#default-https-but-only-for-recent-browsers
-
- ServerName example.net
- SSLEngine on
- Include /etc/letsencrypt/options-ssl-apache.conf
-
- Header always add Strict-Transport-Security: "max-age=31536000"; includeSubDomains; preload;"
-
-
- Header always add Vary: Upgrade-Insecure-Requests
- Redirect / https://example.net
-
-
-
- DocumentRoot /data/example.net/site
- ErrorDocument 404 404.html
-
-
- Options FollowSymLinks MultiViews
- Require all granted
-
- SSLCertificateFile /etc/letsencrypt/live/example.net/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/example.net/privkey.pem
-
-
-
- ServerName git.example.net
- SSLEngine on
- Include /etc/letsencrypt/options-ssl-apache.conf
-
- # https://stackoverflow.com/a/9933890/3821202
- AllowEncodedSlashes NoDecode
-
- ProxyPass http://localhost:8100/ nocanon
-
- SSLCertificateFile /etc/letsencrypt/live/example.net/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/example.net/privkey.pem
-
-```
-
-Last updated 2024-12-23.
\ No newline at end of file