△ Set up Quartz on a VPS

Last updated Sep 22, 2022 | Originally published Sep 24, 2022

# Order of operations

# Set up

1
ssh root@your-ip

# Git

# Set up git server and git clients

1
2
useradd git
passwd git
1
visudo
1
2
3
su -
mkdir /srv/git
chown git /srv/git
1
yum install git
1
2
cd /srv/git
git clone --bare https://github.com/ryanjamurphy/Mainframe.git
1
2
cd /srv/git
git clone --bare https://github.com/jackyzha0/quartz.git pyroclast.git
1
2
cd
git clone /srv/git/pyroclast.git
1
2
3
cd pyroclast
rm -rf content
mkdir content
1
2
3
4
5
6
7
cd /srv/git/notes.git/hooks
cat > post-receive
#!/bin/sh
echo "Post-receive hook running."
git --work-tree=/home/git/pyroclast/content --git-dir=/srv/git/Mainframe.git checkout -f # Creates a working directory at /home/git/notes from the pushed changes

# Make sure the paths to the directories above are correct
1
2
cd # switch to the directory you want to host the repo in
git clone ssh://git@your-ip:/srv/git/Mainframe.git
1
ssh-add --apple-use-keychain ~/.ssh/linode # Switch the identity filename `linode` to whatever is appropriate
1
2
git commit -a -m "Test edit"
git push
1
su git
1
2
3
cd Mainframe
ls
# check the file you made edits in

# Set up Hugo and Quartz

1
2
3
4
5
su git
sudo yum install epel-release
# confirm ok, wait for installation
sudo yum update
# confirm ok, wait for update
1
2
3
sudo yum install golang
# confirm ok, wait for install
echo "eval \"\$($(brew --prefix)/bin/brew shellenv)\"" >> ~/.profile
1
go install github.com/jackyzha0/hugo-obsidian@latest
1
2
export GOPATH=/home/$USER/go
export PATH=$GOPATH/bin:$PATH
1
(cd /home/git/pyroclast; /home/git/go/bin/hugo-obsidian -input=content -output=assets/indices -index=true -root=.; hugo --destination=public) # Uses a subshell to run hugo-obsidian and hugo to build the site in the checked-out working directory. Absolute path to hugo-obsidian prevents an error I couldn't avoid
1
2
cd ~/pyroclast
sudo vi config.toml
- Find the `ignoreFiles` field and add the directories you want to hide. Note that the ignoreFiles values do not recurse over the file structure, so you will have to explicitly list nested folders:
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
ignoreFiles = [
	'/content/private/*/',
	'/content/private/*/*',
    '/content/private/*/*/*',
    '/content/private/*/*/*/*',
    '/content/private/*/*/*/*/*',
    '/content/private/*/*/*/*/*/*',
    '/content/private/*/*/*/*/*/*/*',
    '/content/private/*/*/*/*/*/*/*/*',
    '/content/.macos',
    '/content/.ios',
    '/content/calendar/*',
    '/content/Calendar/*',
    '/content/excalidraw/*',
    '/content/Excalidraw/*',
    '/content/Excalidraw/*/*',
    '/content/*\\.excalidraw$',
    '\\.excalidraw.md',
    '\\.csl',
    '\\.excalidraw',
    '/content/*\.excalidraw$',
    '/content/*\\.excalidraw.md$',
    '/content/*\\.csl$',
    '/content/Index/*',
    '/content/Index/*/*/*',
    '/content/Templater/*',
    '/content/templates/*',
]

# Set up the web server

1
2
3
4
sudo dnf clean all
sudo dnf update
sudo dnf install nginx
sudo systemctl start nginx
1
2
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload
1
sudo dnf install -y policycoreutils-python-utils
1
2
3
4
# "public" below is the folder containing the static site files
sudo chcon -t httpd_sys_content_t public -R
sudo chcon -t httpd_sys_rw_content_t public -R 
sudo ls -dZ public

403 errors? Try invoking the above again.

Certain events (e.g., in the most recent case, restoring my server from a backup) cause the above permissions to be reset.

This can cause 403 errors and hours of muttering “wtf” before realizing that the above chcon commands need to be re-run. 🤦‍♂️

1
sudo usermod -G git -a nginx # this might be wrong, double-check
1
2
sudo mkdir -p /etc/nginx/{sites-available,sites-enabled}
cd /etc/nginx/sites-available
1
2
sudo touch fulcra.design
sudo vi fulcra.design
- config file:
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
# server config
server {
    server_name fulcra.design www.fulcra.design;

    root /home/git/pyroclast/public;

    location = / {
            index index.html;
	}

    error_page 404 /404.html;
        location = /404.html {
    }

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    }
}
1
sudo ln -s /etc/nginx/sites-available/fulcra.design /etc/nginx/sites-enabled/fulcra.design
1
2
cd /etc/nginx/
sudo vi nginx.conf
- Add:
1
2
3
4
5
6
7
...
http {
...
    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
...
}

# Set up the domain

# Set up HTTPS

1
2
sudo snap install certbot --classic
sudo ln -s /snap/bin/certbot /usr/bin/certbot
1
sudo certbot --nginx 
1
sudo systemctl restart nginx

# Set up restricted access or password sections

# Style the site

# Set up writing environments

# Set up Obsidian on macOS

# Set up Obsidian on iOS and iPadOS

# Set up mobile git

# Switch automations