draft blog setup dingus

content/blog/2024-12-23-01-blog-setup.md

@@ -0,0 +1,84 @@
+---
+date: 2024-12-23
+title: blog setup
+description: How to make a website with 11ty and edit it with Decap CMS
+tags:
+  - programming
+  - my-blog
+  - how-to
+draft: true
+---
+_or, how to make a website with 11ty and edit it with Decap CMS._
+
+I'm just gonna start documenting all the config files I write here in case I forget how I did this. I can always update this later or something.
+
+## get a server
+
+I'm using a VPS (Virtual Private Server) from [DigitalOcean](https://www.digitalocean.com/). The cheapest option costs $4/mo and comes with 10 GB of storage. I picked one with Debian 12 pre-installed.
+
+I also changed my login shell to [fish](https://fishshell.com/):
+
+```sh
+$ sudo apt install fish
+$ chsh -s /usr/bin/fish
+```
+
+And created an account for my friend:
+
+```sh
+$ sudo useradd -s /usr/bin/fish -m friend
+```
+- `-s /usr/bin/fish`: set fish as the new user's default shell
+- `-m`: create a new folder in `/home`.
+
+## install apache web server
+
+```sh
+$ sudo apt install apache2
+```
+
+I like to put my own stuff in */data* so I don't get confused by stuff added by an installer. 
+
+I'll be using a neat trick taught to me by Kooda: [Default HTTPS but only for recent browsers.](https://palmure.fr/blog.html#default-https-but-only-for-recent-browsers) This way your website will work on old gizmos like the Nintendo 3DS.
+
+```sh
+$ sudo a2enmod headers
+```
+
+Contents of */data/example.net/site.conf*
+
+```xml
+<VirtualHost *:80 *:443>
+  ServerName example.net
+#  SSLEngine on
+#  Include /etc/letsencrypt/options-ssl-apache.conf
+#  SSLCertificateFile    /etc/letsencrypt/live/example.net/fullchain.pem
+#  SSLCertificateKeyFile /etc/letsencrypt/live/example.net/privkey.pem
+
+  Header always add Strict-Transport-Security: "max-age=31536000; includeSubDomains; preload;"
+  <If "%{HTTPS} == 'off'">
+    <If "%{HTTP:Upgrade-Insecure-Requests} == 1">
+      Header always add Vary: Upgrade-Insecure-Requests
+      Redirect / https://example.net
+    </If>
+  </If>
+
+  DocumentRoot /data/example.net/site
+  <Directory />
+    ErrorDocument 404 404.html
+    Options FollowSymLinks MultiViews
+    Require all granted
+  </Directory>
+
+</VirtualHost>
+```
+
+you can uncomment those SSL lines later when you get a certificate
+
+## asdfasdf come back to this later
+
+todo: 
+- set up 11ty
+- install forgejo
+- git hooks to auto-build?
+- decap CMS for editing

content/howto.md

@@ -1,61 +0,0 @@
----
-layout: layouts/base.njk
-title: How to self-host a blog with 11ty, git, and Decap CMS
----
-
-# {{ title }}
-
-Server: debian
-
-## Apache
-
-Install apache2
-
-```sh
-apt install apache2
-```
-
-Config file
-
-```conf
-# https://palmure.fr/blog.html#default-https-but-only-for-recent-browsers
-<VirtualHost *:80 *:443>
-  ServerName example.net
-  SSLEngine on
-  Include /etc/letsencrypt/options-ssl-apache.conf
-  
-  Header always add Strict-Transport-Security: "max-age=31536000"; includeSubDomains; preload;"
-  <If "%{HTTPS} == 'off'">
-    <If "%{HTTP:Upgrade-Insecure-Requests} == 1">
-      Header always add Vary: Upgrade-Insecure-Requests
-      Redirect / https://example.net
-    </If>
-  </If>
-  
-  DocumentRoot /data/example.net/site
-  ErrorDocument 404 404.html
-  
-  <Directory />
-    Options FollowSymLinks MultiViews
-    Require all granted
-  </Directory>
-  SSLCertificateFile    /etc/letsencrypt/live/example.net/fullchain.pem
-  SSLCertificateKeyFile /etc/letsencrypt/live/example.net/privkey.pem
-</VirtualHost>
-  
-<VirtualHost *:443>
-  ServerName git.example.net
-  SSLEngine on
-  Include /etc/letsencrypt/options-ssl-apache.conf
-  
-  # https://stackoverflow.com/a/9933890/3821202
-  AllowEncodedSlashes NoDecode
-  <Location />
-    ProxyPass http://localhost:8100/ nocanon
-  </Location>
-  SSLCertificateFile    /etc/letsencrypt/live/example.net/fullchain.pem
-  SSLCertificateKeyFile /etc/letsencrypt/live/example.net/privkey.pem
-</VirtualHost>
-```
-
-Last updated 2024-12-23.