Adventures of the Retired Guy

Adventures of the Retired Guy

Stuff and nonsense from a retired guy

04 Nov 2018

The Server Rebuild

On this page

[Update 28-Jun-2020: And now they're found! Running containerized Ghost changed the path to the images and I never had the patience till now to go looking. But it would be helpful if Ghost export would capture the images too...]

[Update 20-jul-2019: Sadly, I've lost all the photos of the server components due to bad juju during an unintended blog rebuild. I can't immediately find backup copies, but will keep looking. They gave this post some real pizzaz!]

As mentioned previously, the server for this blog is a Lenovo Ideacentre Q150, a fairly anemic machine for desktop use, but right in the sweet spot for a low use server given appropriate choices of server OS, blogging service and web server. However, I decided to splurge on RAM and hard drive upgrades because it was the most fun I could have that night for under $50.00.

New Horses

Herewith, the details of the hardware and software setup.

Hardware

Turns out the RAM and SSD were in fact plug-compatible.

RAM Compare

Box specs say 2 GB RAM is the max (why?), but I didn't have any difficulty with 4 GB. What I bought online was labelled for Apple use. What benighted Apple PC still uses 4 GB?

Disk Compare

SATA plug compatibility rules!

And therefore fit right in the chassis.

New Server

Software

One restriction of the hardware is that it only supports a single disk, so it wasn't possible to clone the existing drive. So this was an install from scratch, which Ubuntu makes particularly easy.

Ubuntu Server 18.10

Burn onto a small thumbdrive with Rufus, do a standard install.

Install Ghost CMS using the bullet-proof production deployment script.

The only really tricky thing in the whole setup is the network access. The blog should have a professional looking web appearance:

  • a branded DNS name
    (easy, I have a domain hosted on Google domains)
  • SSL access
    Let's Encrypt makes SSL free
  • secure access to the server on my home network
    several tricks needed here:
    • reliable DNS resolution to my home network.
      Naturally, I'm not paying my ISP for a static IP address and I'm too lazy to move the domain to DYNU or other DDNS service. So instead, I rely on my ISP's laziness inertia and assume my network's current DHCP-assigned address won't change till I change out my cable modem.
    • reliably route incoming web traffic to the blog server
      done by relying on the ISPs firewall. Actually, Let's Encrypt HTTP-01 renewal protocol seems to require port 80 be enabled as well, unless I find a workaround. I believe this is this is reasonably secure, since the traffic goes to a Linux server that doesn't have routes to anything local. (until log monitoring disproves this assumption).

And that's what got you to this page and me to this point in my project.