How-To-Secure-A-Linux-Server VS Gitea

- own server costs about $5/month. I recommend using docker to deploy hbbr and hbbs. Back up the key in case you need to re-deploy. You do need to secure your Linux server, and this community-driven Github guide has some good tips to get started.

I have been using the How To Secure A Linux Server guide for quite a while and wanted to learn Ansible, so I created two playbooks to automate most of the guides content. The playbooks are still a work in progress.

If it works, I will then follow the hardening guide I did before (https://github.com/imthenachoman/How-To-Secure-A-Linux-Server) and test after every step

Maybe these two repos can help you, I've used them both from time to time to look up stuff I have no idea about as a frontend main: https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https://github.com/decalage2/awesome-security-hardening

> In short it’s all about control, privacy, and security, in that order.

I am going to strongly urge you to consider changing that order and move *security* to the first priority. I have long run my own servers, it is much easier to setup a server with strong security foundation, than to clean up afterwards.

As a beginner, you should stick to a well known and documented Linux server distribution such as Ubuntu Server LTS or Fedora. Only install the programs you need. Do not install a windowing system on it. Do everything for the server from the command line.

Here are a few blog posts I have bookmarked over the years that I think are geared to beginners:

"My First 5 Minutes On A Server; Or, Essential Security for Linux Servers": An quick walk through of how to do basic server security manually [1]. There was a good Hacker News discussion about this article, most of the response suggests using tools to automate these types of security tasks [2], however the short tutorial will teach you a great deal, and automation mostly only makes sense when you are deploying a number of similar servers. I definitely take a more manual hands-on approach to managing my personal servers compared to the ones I professionally deploy.

"How To Secure A Linux Server": An evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters. [3]

Both Linode[4] and Digital Ocean[5] have created good sets of Tutorials and documentation that are generally trustworthy and kept up-to-date

Good luck and have fun

[1]: https://sollove.com/2013/03/03/my-first-5-minutes-on-a-serve...

[2]: https://news.ycombinator.com/item?id=5316093

[3]: https://github.com/imthenachoman/How-To-Secure-A-Linux-Serve...

[4]: https://www.linode.com/docs/guides/

[5]: https://www.digitalocean.com/community/tutorials

I suggest these resources: - Some fundamentals: https://www.cyberciti.biz/tips/linux-security.html - One of the best imho ( exhaustive list ): https://github.com/imthenachoman/How-To-Secure-A-Linux-Server - Ansible playbook to harden security by Jeff Geerling: https://github.com/geerlingguy/ansible-role-security - OAWSP Check list ( targeted for web apps... and honestly a bit overkill ): https://github.com/0xRadi/OWASP-Web-Checklist

Linux Mint with Cinnamon: https://www.linuxmint.com/ as far as desktop OSes go it's familiar (Ubuntu without snaps by default), whereas the UI feels both snappy, doesn't use too much resources and is actually pretty to look at.

MobaXTerm: https://mobaxterm.mobatek.net/ this one is a bit more Windows centric but I ended up paying for it and replaced mRemoteNg and PuTTY with it, it's even better than Remmina or whatever Linux has to offer - you can manage SSH/RDP/VNC/... sessions, input across multiple sessions side by side and it just simplifies things a lot (jump host support, a port forwarding too and so much more).

GitKraken: https://www.gitkraken.com/ also a piece of software that I paid for, this one actually makes using Git pleasant, feels better to use than SourceTree and Git Cola (even though that latter is wonderfully lightweight, too) and honestly I prefer that to the CLI nowadays.

Kanboard: https://kanboard.org/ is a lightweight Kanban project management tool, it might not have every feature under the sun but it's the most snappy project management tool I've ever used, looks simple and runs well. I honestly love it, what a nice thing to have.

Most modern text editors and IDEs: I personally pay for JetBrains IDEs but also like Visual Studio Code as a text editor and both have helped me immensely, they're reasonably performant when you have the RAM, look nice, often give you suggestions about how to improve your code and also have a plethora of plugins in their ecosystems. Nowadays I unapologetically use LLMs as well and overall it feels like I have these great tools and cool autocomplete (that is sometimes a bit silly and wrong) at my disposal, that makes me happy.

Kdenlive: https://kdenlive.org/ imagine if there was a successor to Windows Movie Maker, though something that gets most of the important stuff out of Sony Vegas, except is also completely free and works on most platforms. Kdenlive is all of that and also somehow quite pleasant to use, I actually prefer it to DaVinci resolve. There is a bit of a learning curve to any piece of software like this, but everything mostly makes sense in this one.

Gitea: https://about.gitea.com/ I still use this for my personal Git repositories and integrating with CI systems and it's lightweight, looks good and just feels pleasant to use. Previously I self-hosted GitLab and constantly ran into resource exhaustion as well as doubts about the next update is going to corrupt all of my data and break (it did), so now I use Gitea instead.

Drone CI: https://www.drone.io/ a container native CI solution that I can also self host. It's container oriented, integrates with Gitea nicely, is similarly nice to GitLab CI and doesn't cause me headaches like Jenkins would.

Docker: https://www.docker.com/ yes, even Docker desktop. It just makes working with containers really pleasant and predictable, even when something like Podman also exists (and also is great). I don't know, I feel like Docker really saved me from having brittle legacy environments, even self-contained containers with health checks and resource limits with still the same brittle code inside of those make me feel way more safe.

Same [1]. Zoom being outsourced to the implementing platform is one major pain-point. That example from us has grown in size.

We are clearly using the wrong tool for a diagram of this complexity, but the practicality of seeing commit changes in the diff, what property was changed by whom and instantly having the visual feedback in the Pull Request is just way too useful to use a "proper" tool.

[1] https://github.com/go-gitea/gitea/issues/25803

It's a tangent, but I think it's interesting that Gitea started trying to self host in Feb 2017 (https://github.com/go-gitea/gitea/issues/1029) and hasn't got there yet (based on how active the github issues/PR page are).

https://about.gitea.com/ offers me a "free cloud trial" and otherwise sounds very like other web front ends to git. So like github, except they don't trust it themselves.

In contract forgejo has "Self-hosted alternative to GitHub" written in big letters on the landing page. https://codeberg.org/forgejo is indeed self hosted.

Gitea is a versatile tool for creating and managing git-based repositories, streamlining Code Review to enhance code quality for users and businesses. It integrates a CI/CD system, Gitea Actions, compatible with GitHub Actions, allowing users to create workflows in YAML or use existing plugins. Gitea's project management features include issue tasks, labeling, and kanban boards for efficient management of requirements, features, and bugs. These tools integrate with branches, tags, milestones, assignments, time tracking, and dependencies to plan and track development progress. Furthermore, Gitea supports over 20 package management types, such as Cargo, Composer, NPM, and PyPI, catering to a wide range of public or private package management needs. This comprehensive suite of features makes Gitea a powerful platform for managing development projects and packages.

Golang has a ton of single binary websites out there. The two that come to mind off hand are Gogs/Gitea only because I contributed to them

https://github.com/gogs/gogs

https://github.com/go-gitea/gitea

My problem with Fossil is that it is a "one solution for all problems". Fossil packs all solutions together while the Git ecosystem provides several different solutions for each problem.

When you want to do things that Fossil is not meant to do, then you're in trouble. I have no idea on how to do CI/CD and DevOps with Fossil and how to integrate it with AWS/Azure/GCP.

I find that the whole ecosystem of Gitlab/Github and stand-alone alternatives like Gitea [1], Gogs [2], Notion, Jira and others is way more flexible and versatile.

[1] https://about.gitea.com/

Reminds of the GitHub issue for hosting Gitea on Gitea, it's... a read to be sure: https://github.com/go-gitea/gitea/issues/1029