<li>Will ask for storage name, I used blockstorage</li>
<li>Enter your passphrase when asked and confirm it. Make sure you note this down somewhere, you will not be able to access your storage without it.</li>
We don't need to deal with these complex commands each time. We can use aliasing to substitute much simpler commands to remember instead.
</p>
<br>
<ulclass="list-decimal">
<li><code>echo "alias mntblk='sudo mount /dev/mapper/blockstorage /mnt/blockstorage' >> .bashrc"</code> will set the mounting command to <code>mntblk</code></li>
<li><code>echo "alias unlkblk='sudo cryptsetup luksOpen /dev/vdb blockstorage' >> .bashrc"</code> will set the unlocking command to <code>unlkblk</code></li>
<li><code>echo "alias lkblk='sudo cryptsetup luksClose blockstorage' >> .bashrc"</code> will set the locking command to <code>lkblk</code></li>
<li><code>echo "alias umntblk='sudo umount /mnt/blockstorage' >> .bashrc"</code> will set the unmounting command to <code>umntblk</code></li>
</ul>
<br>
<p>
This will still need 2 commands to mount, and 2 more to unmount.
I like having these aliased separately just in case I want to run one without the other for some reason.
To bring this to 1 command for each I will make 2 more aliases using the ones I just created.
You could make each of these 2 using the expanded commands above, but I find this way simpler to read.
</p>
<br>
<ulclass="list-decimal">
<li><code>echo "alias m='mntblk && unlkblk' >> .bashrc"</code> will make <code>m</code> mount the system and unlock it</li>
<li><code>echo "alias m-x='lkblk && umntblk' >> .bashrc"</code> will make <code>m-x</code> lock the filesystem and unmount it</li>
<li>log out and log back in to be able to use these new aliases or run <code>source .bashrc</code></li>
</ul>
<br>
<h3>Use Your Storage</h3>
<ulclass="list-decimal">
<li>No changes</li>
</ul>
<br>
<h3>FreeFileSync</h3>
<ulclass="list-decimal">
<li>I did not use this</li>
</ul>
<br>
<h3>Verify and Unmount</h3>
<ulclass="list-decimal">
<li>No changes</li>
</ul>
<br>
<h3>Web Server</h3>
<p>
Ports are not open externally by defaul on Arch.
<code>sudo ufw 80</code> will open the port for the web server.
Do not open unnecessary ports.
Arch is fully capable of hosting an apache server like is used in the guide.
I prefer Nginx and so used that.
The configuration is a little more complex than apache but I am more familiar with it and it works well for single site hosting.
</p>
<br>
<ulclass="list-decimal">
<li>install with <code>sudo pacman -S nginx</code></li>
<li>enable with <code>sudo systemctl enable nginx.service</code></li>
<li>start with <code>sudo systemctl start nginx.service</code></li>
</ul>
<br>
<p>
When I was testing I was serving static content from /srv/http/domain.com/public_html.
In the /etc/nginx/nginx.conf file in the http block I added:
</p>
<pre><code>
server {:
server_name yourdomain www.yourdomain
location / {:
root /srv/http/yourdomain/public_html
}
}
</code></pre>
<br>
<p>
Run <code>nginx -s reload</code> to reload the configuration file.
</p>
<p>
Then the html files to be served can be put in whatever folder specified in root and will be served from there.
In the end I have my website built and served using SvelteKit and Nginx is working as a proxy for that program.
I will go into Svelte in the future.
</p>
<p>
To have a secure webserver (https) I need a certificate.
</p>
<ulclass="list-decimal">
<li><code>sudo pacman -S certbot certbot-nginx</code> to install the certbot package and nginx plugin</li>
<li><code>sudo certbot --nginx</code> will scan for nginx sites and create certificates</li>
<li><code>sudo certbot renew</code> will renew all certificates on the machine managed by certbot.</li>
</ul>
<br>
<p>
To run this renewal periodically I made certref file in bin containing:
</p>
<pre><code>
#!/bin/bash
sudo certbot renew
</code></pre>
<p>
Set permissions to 700 with <code>sudo chmod 700 bin/certref</code>, then added a cronjob to run the refresh once a month.
</p>
<br>
<h3>Simple Website</h3>
<p>
Can use exactly what is in the guide here.
Just make sure the files are located in the root you specified in the Nginx configuration above.
</p>
<br>
<h3>File Sharing With Pub</h3>
<p>
Did not set this up with Nginx yet.
If I do will update this.
</p>
<br>
<h3>Calendar and Contacts</h3>
<p>
This is very similar for both Arch and OpenBSD so will list changes
Arch does not have htpasswd by default.
Install with <code>sudo pacman -S apache</code> then continue.
