No description
- Shell 100%
| 00-user | ||
| 01-nginx | ||
| 02-website | ||
| 03-certbot | ||
| 04-forgejo | ||
| LICENSE | ||
| README.md | ||
vps-bootstrap
Scripts to bootstrap a fresh Debian VPS.
Order of operations
| Step | Directory | What it does |
|---|---|---|
| 0 | 00-user/ |
Install sudo, create zach user, harden SSH — run as root |
| 1 | 01-nginx/ |
Install UFW + nginx, open ports 22 and 80/443 |
| 2 | 02-website/ |
Create web root, install nginx config for zach.town |
| 3 | 04-forgejo/nginx-setup.sh |
Install nginx config for git.zach.town |
| 4 | 03-certbot/ |
Install certbot, obtain certs for all domains in one run |
| 5 | 04-forgejo/setup.sh |
Install Forgejo binary + systemd service |
Notes
- Step 0 runs as
root. All subsequent steps run aszachwithsudo. - Pass your public key to step 0 so you're not locked out after password auth is disabled:
ssh root@<ip> 'bash -s' < 00-user/setup.sh < ~/.ssh/id_ed25519.pubor pipe it:cat ~/.ssh/id_ed25519.pub | ssh root@<ip> 'bash /path/to/setup.sh' - The nginx site configs in this repo are the pre-certbot versions (HTTP only). Certbot rewrites them in-place to add the SSL and redirect blocks.
- Update
FORGEJO_VERSIONin04-forgejo/setup.shbefore running. - After Forgejo starts, complete initial setup via the web UI at
http://git.zach.town.