Self Host 101 - Set up and Secure Your Own Server

Просмотров 47 тыс.

% 1 938

In this video, CJ shows you how to configure and lock-down a Virtual Private Server running Ubuntu 22.04. With this base VPS setup, you can begin hosting your own apps and services. This is the first part in a series on self hosting.
00:00 Intro
00:59 The What and Why of Virtual Private Servers
03:22 Connect to your VPS with SSH
05:14 Update package lists and Upgrade packages
09:16 Change root password
09:56 Create non-root user
13:08 Login with SSH Key
15:19 Disable Password Login
17:36 Disable root login
18:25 Network and Firewall Policy
19:11 Closed unused ports
20:15 Change default SSH port
21:31 Restrict port access to a specific IP
22:29 Enable and configure automatic updates
24:38 Thanks!
------------------------------------------------------------------------------
Listen to Syntax episode 615 - syntax.fm/show/615/where-should-you-host-your-app-hosting-providers-compared
Watch Syntax episode 730 - ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-nCWznQ0HY9c.html
Listen to Syntax episode 730 - syntax.fm/show/730/own-your-own-paas
Github - generate an SSH key - docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
XKCD 149 - xkcd.com/149/
unattended-upgrades reference - github.com/mvo5/unattended-upgrades?tab=readme-ov-file#supported-options-reference
------------------------------------------------------------------------------
Terms and Topics Covered:
Terminal Emulator - en.wikipedia.org/wiki/Terminal_emulator
SSH - Secure Shell - en.wikipedia.org/wiki/Secure_Shell
VPS - Virtual Private Server - en.wikipedia.org/wiki/Virtual_private_server
Brute Force Attack - en.wikipedia.org/wiki/Brute-force_attack
Exploit - en.wikipedia.org/wiki/Exploit_(computer_security)
Vulnerability - en.wikipedia.org/wiki/Vulnerability_(computing)
Self Hosting - en.wikipedia.org/wiki/Self-hosting_(web_services)
Media Server - en.wikipedia.org/wiki/Media_server
PaaS - Platform as a service - en.wikipedia.org/wiki/Platform_as_a_service
Ubuntu - en.wikipedia.org/wiki/Ubuntu
Debian - en.wikipedia.org/wiki/Debian
Principle of least privilege - en.wikipedia.org/wiki/Principle_of_least_privilege
Superuser - en.wikipedia.org/wiki/Superuser
sudo - en.wikipedia.org/wiki/Sudo
Public-key cryptography - en.wikipedia.org/wiki/Public-key_cryptography
gnu Nano - en.wikipedia.org/wiki/GNU_nano
port Computer Networking - en.wikipedia.org/wiki/Port_(computer_networking)
Firewall - en.wikipedia.org/wiki/Firewall_(computing)
------------------------------------------------------------------------------
Self Host-able Services Mentioned:
Awesome Selfhosted - github.com/awesome-selfhosted/awesome-selfhosted
Media Servers
Plex - www.plex.tv/
Jellyfin - jellyfin.org/
Emby - emby.media/
File Sharing
Nextcloud - nextcloud.com/
Password Managers
Bitwarden - bitwarden.com/blog/host-your-own-open-source-password-manager/
Passbolt - www.passbolt.com/self-hosted-password-manager
Error Tracking / Monitoring
Sentry - develop.sentry.dev/self-hosted/
------------------------------------------------------------------------------
Self Host-able PaaS Mentioned:
piku - github.com/piku/piku
dokku - dokku.com/
kubero - github.com/kubero-dev/kubero
caprover - caprover.com/
coolify - coolify.io/
------------------------------------------------------------------------------
Paas - Platform as a Service Mentioned:
Vercel - vercel.com/
Netlify - www.netlify.com/
Heroku - www.heroku.com/
fly.io - fly.io/
Render - render.com/
Railway - railway.app/
------------------------------------------------------------------------------
Hosted Database Providers Mentioned:
AWS RDS - aws.amazon.com/rds/
PlanetScale - planetscale.com/
Neon - neon.tech/
------------------------------------------------------------------------------
Hit us up on Socials!
www.syntax.fm/links
Brought to you by Sentry - Use code "tastytreats" to get 2 months free - sentry.io/syntax
#vps #ubuntu #selfhosted #guide

Наука

Опубликовано:

21 мар 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 128

@syntaxfm 6 месяцев назад

This video is for beginners and hobbyist that are learning about the basics of servers and Linux. If you are managing multiple servers you can automate this kind of setup with tools like Terraform, Ansible, Puppet, Chef and others. We hope to cover these kinds of tools in future videos. Also, we want this video to be an accurate and secure guide for people that are learning the basics, if you notice anything wrong or missing, please let us know and we will add corrections.

@WesBos 6 месяцев назад

CJ on fire with these videos! 🔥🔥🔥

@nickdhrones6425 6 месяцев назад

I sure hope CJ's being properly compensated? He's a real catch! You guys have always been entertaining and great to watch! But, CJ is so high-bandwidth while also very entertaining. I love to be entertained while being educated. Syntax now is best in class on RU-vid!!!

@ivan.jeremic 3 месяца назад

Self Host 101 + Coolify Crash Course + a whole pod on PocketBase? Amazing! This is exactly my money making stack I try to bet on.

@_techbk 6 месяцев назад

Love this !! so easy to understand and follow !! That SSH ports explanation was top notch

@poloat 6 месяцев назад

I have always loved CJ and his tutorials on his channel, but he hasn‘t done them often in the last months I think. More CJ tutorials!!!

@syntaxfm 6 месяцев назад

Once we get rolling there will be much more CJ on this channel

@alexdin1565 6 месяцев назад

can you share his channel link

@poloat 6 месяцев назад

@@alexdin1565 youtube.com/@CodingGarden

@poloat 6 месяцев назад

@@alexdin1565 CodingGarden on yt

6 месяцев назад

Excited for this series! Would be interested to see server configuration with Caddy

@CodingGarden 6 месяцев назад

That will be the next video!

@DRTYDR3Y 6 месяцев назад

Absolutely love your content. Can’t explain it, but it feels like I’m being tutored 1 on 1. You have a knack for teaching. Stoked for more!

@dav1dw 6 месяцев назад

I've been using Linux for 6 months, but learned a lot of new things. Great video!

@Arreboleo Месяц назад

Have been looking for this exact video and this exact series for a lot of time. I'm new to Linux, i'm using Debian and trying to set up a web server on my raspberry pi and, until i found your video, i was quite overwhelmed on how dense and complex is all the documentation. Linux overall need more quality content like yours, an easy first step to set things running and links and advice on how to improve and take on more complex topics. Absolutely brilliant.

@carsonhartley8125 6 месяцев назад

This is on the outer edges of the theoretical limits of how good RU-vid content can be. Great job!!

@lootpigeon 2 месяца назад

Really great work on putting this together, easy to follow and concise 🔥

@kyrregjerstad 6 месяцев назад

Looking forward to the next part of this series! Just signed up for a Hetnzer VPS and followed the steps here, I now know so much more about basic linux and web servers!

@somyaranjan26 6 месяцев назад

Excited about the future content for setting the server for web apps

@kristiankubis640 6 месяцев назад

Man, if I had this video when first setting up my Raspberry Pi I would be over the moon 🙌. Having to figure all this stuff out separately took some time.

@just_morby 3 месяца назад

I always thought servers were fun, so I decided to subscribe for a cheap VPS and play around with self hosting. And a couple of hours after I did I found your videos. So detailed, so insightful. Perfect! It's like the universe is trying to tell me to keep messing around. Keep up the good work!

@KaizenCodes 6 месяцев назад

This video brings me happiness. Not just the content, but CJ is the best fit for this by a mile!

@nickwoodward819 3 месяца назад

Great video - explains in 25 minutes the most important parts of the FEM course on the same topic, which is 6 hours (and I love Jem Young's course)

@scottfwalter 6 месяцев назад

Seriously this video helped me immensely. I just have a little play server and didn't realize anyone would try to hack into it. Sure enough, I checked the auth log and there's a lot of activity of some folks trying to log in with all sorts of usernames. My server is now secure thanks to the info in this video.

@nickdhrones6425 6 месяцев назад

What a catch CJ was. I thoroughly enjoy his style and energy!

@isaacdruin 6 месяцев назад

Ohhh. This is awesome. I have a PC that I've been thinking about utilizing like this. I will be following this series for sure!

@SRG-Learn-Code 6 месяцев назад

So goooooood... VPS FTW! I'm hyped about this series! Thanks for sharing! CJ you are the MVP(S) 😘

@realdanbyers 6 месяцев назад

CJ is a beast. I definitely love these how to video's and self hosted is what I'm working on.

@jacobshore 6 месяцев назад

I'm liking the shift to Linux stuff and servers!! Looking forward to more.

@mrevergreen9049 6 месяцев назад

Wow this is amazing cj just in time Pleaaase continue I’m excited for this series 🔥🔥 Coding garden forever 🌱

@bluetheredpanda 6 месяцев назад

That is some GREAT content. Can’t wait for the next parts of this series

@ravenbergdev 6 месяцев назад

Love this content. It's actually worth learning this stuff as opposed to the latest in js-land.

@mamadj359 6 месяцев назад

Thank you. I really needed this. It explained everything plain and simple.

@jitxhere 6 месяцев назад

Oh wow perfect. I have just started self hosting my stuff and I know little about security. Thanks Coding Garden Guy

@chrisliva6841 6 месяцев назад

Great video CJ, looking forward to the series!

@nekoill 6 месяцев назад

Heyyy CDawg, didn't know you had another channel, my guy! Most instantest sub ever 😸

@nove1398 Месяц назад

Looking forward to the rest of this series

@andybourgeoisinfo 6 месяцев назад

New favorite channel! These videos are so good.

@mubafaw 29 дней назад

Top notch. Quality. 😊 Many thanks. 😊

@Supadiri 6 месяцев назад

Great content CJ! One little advice from a viewer perspective, please limit the amount of zoom in/zoom out for the framing. A more subtle movement would be beneficial and still effective! Thanks!

@syntaxfm 6 месяцев назад

Thanks for the feedback. This does stop after the 3 minute mark, but I should probably limit it to just the intro. -CJ

@Supadiri 6 месяцев назад

@@syntaxfm You are right, I've just finished this great video and I've noticed the improvement in the subsequent minutes. Kudos and waiting for the next!

@chatka92 6 месяцев назад

That was very interesting and useful. Please keep it coming.

@samirergaibi874 6 месяцев назад

Great stuff, looking forward to the next one!

@juanmacias5922 6 месяцев назад

2:54 I've been wondering how much a tiny/starter VPS could handle, thanks for the info!

@0xshaheen 6 месяцев назад

Great content as always cj, but I got dizzy from the zooming in and out❤😂

@blakenator123 6 месяцев назад

Thanks for the awesome content, so much information and you really find a great balance between depth and speed. I have a spare dell laptop lying around which I am beginning to think to turn into my own server. How deluded am I? The main purpose would be for my business to run a python script for langchain that takes a recording, transcribes it and then saves to to a git repo (an automatic summary for students). The reason being I am having a hard time making the script and corresponding packages easy to install and set up for my peers! So I want to set the laptop up as a kind of server, albeit with some down time now and then.

@syntaxfm 6 месяцев назад

A spare old laptop running Linux is a great way to get started with this kind of stuff as well. If you haven't heard of it, research "home lab" and you'll find lots of resources on this. I think if the server will only be used by students / staff, this should be doable. -CJ

@blakenator123 6 месяцев назад

@@syntaxfm thanks, that's what I really wanted to hear haha

@talensjr 6 месяцев назад

Super useful series!! Keep it going 😃

@codeman99-dev 6 месяцев назад

21:19 Just add the custom port number to your (client) ssh config! Super easy win. I specify my user there too because I typically only have a single user I'm concerned with.

@slicerabbit6166 6 месяцев назад

syntax is looking good on you, CJ!

@rafaeldemacedo 6 месяцев назад

That was just what I was looking for!

@TheLilthy 6 месяцев назад

Great video, helps a lot, CJ!

@Pra2wins 6 месяцев назад

Very useful, thanks CJ ❤

@krispyChkn 6 месяцев назад

super interested , keep them videos coming

@flwi 3 месяца назад

Great tutorial! Thanks for creating it!

@philsola 6 месяцев назад

This is a great video for walking through VPS basic set up and security measures. Really enjoyed it! Looking forward to the next one 👌 One question for my own understanding, we do something similar already with SSH keys at my day job, but we use .pem keys to log in. Is there any difference / benefits to doing it that way vs how you're doing it without? Thanks

@syntaxfm 6 месяцев назад

.pem is a container file format that can store all kinds of cryptographic keys including SSL certificates. When using it with SSH, it will contain a private key. The ~/.ssh/id_rsa (private key) file is actually a .pem file but without the extension! The only difference with the way you are connecting is manually specifying the key to use instead of the ssh agent picking one automatically from ~/.ssh - if you want the ssh-agent to automatically use your .pem file when connecting to a server, you can use: ssh-add keyfile.pem - but you'll need to do this after every reboot. -CJ

@philsola 6 месяцев назад

@@syntaxfm Awesome thanks CJ! Great video

@mj2068 5 месяцев назад

this is a really really good video. sshing my love to you... ❤

@josephgay-cj2fc 6 месяцев назад

Can't wait for part 2

@ayazsayyed9053 6 месяцев назад

I really really want part 2 CJ

@tiagosutter8821 6 месяцев назад

Great stuff, thanks for the content!

@alexdin1565 6 месяцев назад

this is my first time i like the youtube suggestion very clear tutorial and I like you energie thanks CJ please can you add this tutorials how we can run docker apps in vps and use different domain name for each app ? run Nginx as reverse proxy

@ralacerda12 6 месяцев назад

Nice video! This video will be a great checklist for when I'm spinning up a new VPS. My question is, how much can you pack inside this 1 vCPU 1GB Ram VPS? Will it be able to run an simple sqlite database + nuxt? Any tips on how to make the most out of it?

@Fullflexno 6 месяцев назад

CJ! Love it !

@codeman99-dev 6 месяцев назад

4:30 Maybe I missed it, but the reason for the fingerprint is to help prevent "man in the middle" attacks.

@fullstack_journey 6 месяцев назад

Ayye seeing your face instantly lit up my face with a smile

@JuanMoisesTorrijos 6 месяцев назад

Awesome! Let's go!

@justinsantiago6639 19 дней назад

Dude, thank you

@jacobwerner8533 4 месяца назад

this is a great video.

@MattCrom 2 месяца назад

Thank you!

@prashlovessamosa 6 месяцев назад

Thanks CJ

@moddeht 6 месяцев назад

This is amazing

@alejandroyanes391 6 месяцев назад

pretty cooool !😱

@moonstruckmoth Месяц назад

ssh-copy-id can be used to transfer your public key

@MyrLin8 6 месяцев назад

Nice :) thanks.

@krisclem8290 6 месяцев назад

Can't you use scp to copy your public key to your vps? There is also a way to add 2FA using TOTP codes as a second form of authentication to the terminal.

@remccs16 6 месяцев назад

This kind of stuff interests me!

@joaquimley 6 месяцев назад

Also saying in the comments.

@HumanoAI 6 месяцев назад

Are you sure you wouldn’t rather hear how a famous dev guy or other, starts his day, and what kinda coffee he drinks? syntax sometimes goes on two hour interviews of non value info. I agree I like this better. Syntax keep up the channel…

@syntaxfm 6 месяцев назад

The goal here is to have regular deep dives into real code and practical stuff to accompany the more causal pod. Def more on the way.

@TutoDS2014 2 месяца назад

Any way to avoid the password request? I'm using ssh keys so I prefer not to remember always the password.

@kamauwaweru4991 22 дня назад

good one

@nickwoodward819 3 месяца назад

@4:50 - does this also include when you ssh in from another computer?

@scottfwalter 6 месяцев назад

What happens if you disable password login and lose your public key?

@syntaxfm 6 месяцев назад

If your VPS provider has "console" mode, you can login with the root password if you still know it. In some cases this would require a support ticket / someone at the VPS company with direct hypervisor access to login. Otherwise, you would need to ask your hosting provider to reset your VPS. This is why backups and fail safes are important. I'll talk about those in future videos. -CJ

@qubitgg 6 месяцев назад

Yesss! **Grabs Popcorn**

@tmxwll 6 месяцев назад

CJ ❤

@nicobaier5424 4 месяца назад

What provider are you using for your VPS? I've always been overwhelmed trying to choose

@nickwoodward819 6 месяцев назад

Yup, after realising there's no good way to prevent unexpected serverless costs i've gone back to traditional servers.

@PaoloLaitempergher-dy1io Месяц назад

tnx!

@comosaycomosah Месяц назад

mustache is pretty legendary ngl lol

@BrickTamlandOfficial 6 месяцев назад

the auth.log command didnt work for me because there was no file. but i used last and lastlog which works fine.

@belkocik 6 месяцев назад

Are you going to cover cloudflare?

@good-dev-student 6 месяцев назад

If I don't have my machine where I log in with my secondary user, how can I log in to the server if the root is disabled as well?

@yammerttv 6 месяцев назад

Hey it seems your audio is slightly out of sync with the video itself.

@Emadmohamad 6 месяцев назад

Does CJ has his own channel?

@CodingGarden 6 месяцев назад

I do! Over here on Coding Garden. I haven't posted any videos there since joining Syntax but will start live streaming again soon.

@LauriePoulter 6 месяцев назад

Given these tasks are always performed when setting up a VPS is there a way to automate them?

@syntaxfm 6 месяцев назад

Yes there are a few popular tools for this: cloud-init, Terraform, Ansible, Puppet and Chef -CJ

@twitchizle 6 месяцев назад

Kool kool kool

@azteck2 6 месяцев назад

How can you use something like Zerotier or Tailscale to only allow ssh from those vpn services?

@CodingGarden 6 месяцев назад

You can do this with those tools or any other type of VPN including OpenVPN and Wireguard. Once the VPS is connected to the VPN, you can add a firewall rule that limits connections to port 22 from a given subnet within the VPN.

@azteck2 6 месяцев назад

@@CodingGarden Great, thanks!

@plaintext7288 6 месяцев назад

Guys, this might not be the best place to ask question, but I am wondering rn how can i publish my portfolio app that makes uses websockets for free? Looking at servicea other than aws, azure, gcp feels like some functionality is missing while they themselves look like rabbitholes😅

@WesBos 6 месяцев назад

websockets require a traditional long-running server, and I don't think there are any free offerings in this space. You should grab a $5 VPS and follow along this series so you can host your own :)

@CodingGarden 6 месяцев назад

I linked a few cheap VPS options here: twitter.com/coding_garden/status/1770834001843957963 Another alternative for real-time connections is to use the free tier on a hosted service like supabase or firebase, but this will likely require you to re-write your real-time logic.

@plaintext7288 6 месяцев назад

@@WesBos @CodingGen thank you! I will look into these

@handerson171 6 месяцев назад

Cant seem to find find episode 615 of syntax...

@syntaxfm 6 месяцев назад

syntax.fm/show/615/where-should-you-host-your-app-hosting-providers-compared

@badriinfo259 6 месяцев назад

How to get public ip

@OrganHats 3 месяца назад

i always thought sudo was like a cutesy spelling of pseudo like, 'fake root admin'

@cipherw0lf 6 месяцев назад

Has the channel been renamed?

@syntaxfm 6 месяцев назад

It has. Check out this for the full story ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-fmdJ1KGSKIA.htmlsi=LEMCXbW0a8VIi9Oj TLDR, Level Up Tutorials and Syntax were acquired by Sentry and to simplify things we combined them. Scott who started LUT is deeply involved in content and planning.