The Services of Vulpine Citrus

I’m coming close to a year of VulpineCitrus being up and running, and over the course of a year it has been a tremendously useful tool for me to deploy so many services that have changed my (and to an extent others’) daily routines. It has also been a great way to learn a lot of technological solutions I had heard of before but never managed to deploy at home.

Back in the days when I shared a VPS I had TinyTinyRSS, a small web-based RSS stream aggregation tool, running and configured.
I personally use it to keep up with local newspaper that have not yet dropped their RSS feeds (and it works well). When I migrated, the first
things I had to do were moving my PostgreSQL clusters and installing TTRSS again. It has been working like a charm for a year.

Later, when the pandemic happened and I was back home, stuck with a lot of time, I started dabbling with WireGuard, the small yet powerful VPN system now shipped with the Linux kernel (for versions >=5.6). I had a lot of fun connecting the small network in my bedroom (which I should discuss for the sheer technical interest of it) and had a couple painful encounters with the kernel’s routing system (both in IPv4 and IPv6) and NetFilter framework (usually through ip(6)tables).

Another service I brought over from my old VPS, but haven’t been using for a while, is Drawpile. It’s good fun to doodle with friends from time to time, and last summer I decided to update the clunky and old server I had kept running on here. I was both surprised and afraid to find out that they had switched to Docker as a deployment solution. They also work in a distributed architecture as well, so I had some good fun yelling at docker. It is a technology I already know from my systems and network experience, but it was the first time I had to deploy a solution on my own using pre-made dockers. It went well (although I do remember being utterly confused trying to use the old client-side tools and not understanding right-away why it wasn’t working). I should update it again, in fact. Thankfully, it’s rather lightweight, and it works. The rather funny side effect of having draw.vulpinecitrus.info point to the same VPS as everything else is that trying to access that domain with a browser will give you a SSL_ERROR_BAD_CERT_DOMAIN error (my web certificate is only valid for vulpinecitrus.info).

Let’s talk about apache2 by the way. I did not know it back in July/August but when I deployed a Gitea, I learned a lot of extremely useful things about reverse proxies, and specifically Apache’s reverse-proxy. Using recommendations from Gitea’s README and some help from Apache’s manual I cobbled together the right site-enabled configuration file for Apache’s reverse-proxy to server me gitea, which I have been using for some time now to host code for people and some archives of projects, most recently including Advent of Code 2020.

The final service I moved from my VPS in March is the couple of Discord Bots I run for me and my friends, an especially sensitive operation since one of these bots ended up being an important part of one Discord server I help ran for my college promotion. A couple crontab lines and pyenv hacks were all I needed.

In September I moved in with a group of friends and found myself needing some sort of cloud storage. In order to synchronize my class documents across multiple devices, I had been using git, which worked for a while, but gave up with large media files (lessons our teachers recorded for example). Within my network, I had started using a Samba server, running on my Raspberry Pi 2B Rev 1.1, but said RPi couldn’t handle a hard drive, so massive storage was impossible. In early October, when school moved off-line again, I heard about Nextcloud again, a full cloud solution (although I hate the word “cloud”). It was a hassle to deploy, since the easiest way to accommodate for storage was to have the service run at home, and proxy to it from my VPS. I combined the aforementioned wireguard VPN along with Apache’s reverse proxy, and after roughly two days of googling and checking uploads, VC’s Cloud was up and running.

Lately, not much has moved. A lot of my needs are currently satisfied. I discovered Bitwarden, which was horribly painful to deploy and configure (it deployed no less than 10 dockers), so I switched to the compatible Rust implementation by Daniel Garcia, which was ready to use after only half an hour of cloning docker images.

I can also mention a couple of dev experiences VC has afforded me. I made my own log file separator in bash, a rather painful experience. Running the Discord bots gave me an excuse to learn Discord Py to make some useful modules for me and my classmates.

I will also mention in passing that I deployed the mail server for Vulpinecitrus on my own, using Dovecot, Postfix and SpamAssassin (the classic triad), and I have plans to dive into how I did it in a later post. I also had an IRC server but since I don’t actually have a use for it, the SystemD unit is disabled by default.

So that’s a year of VulpineCitrus. Hopefully I get to do crazy new things ! I am thinking of tinkering with GlitchSoc, a Mastodon fork, as well as Grafana (which I already know a lot about but haven’t put on VC yet, it’s in my home network).