Good Morning from my Robotics Lab. This is Shadow_8472, and today I am getting lost while exploring SSL certificates… again. Let’s get started!
Installing NGINX
At last count, I had about six or seven projects I should hook into it, but most of them are on hold because I don’t want some stranger finding his way into my home network and rearranging things without permission. I set up Vaultwarden to manage its own HTTPS connections, and I learned a lot about what SSL is and how it works. But this is not a recommended configuration and I want to learn the proper, more advanced way of doing things.
I ignored plenty of guides’ advice on my path to a Vaultwarden server. They recommend some sort of ingress controller, and I’m currently exploring one called NGINX. I’ve come across quite the debate as to whether to use a container or install it native. The tutorials for the container edition all use Docker, but I’m using Podman and I’m uneasy about root permission nuances between the two projects making things needlessly more challenging, so I installed the package on ButtonMash.
sudo dnf install nginx
To confirm installation, I enabled the web server with a few systemctl commands and opened a port in ButtonMash’s firewall. NGINX now proudly displays its welcome page.
A Web of Dependencies
NGINX does not lend itself to solo study. It is a do-everything solution for networking. With so many use cases from serving HTML pages to load balancing containers, I have spent weeks pouring through tutorials without finding a keystone lesson for my use case. Some of that time was spent looking into some sort of web interface I falsely believed was included. See NGINX Proxy Manager vs. NGINX for details. I will stick with bare NGINX if for now mainly because NGINX Proxy Manager’s website ironically has an expired SSL certificate.
I got lost researching what I would need for a project this week. Proper HTTPS for Vaultwarden is a good choice of target. That will require an SSL certificate, and that means Let’sEncrypt. An SSL certificate requires either a domain name or a subdomain, so that means arranging one of those.
Somewhere along the way, I got lost and visited this blog’s host cPanel in the interest of moving its SSL to Let’sEncrypt. The experience was unexpectedly surreal, like I was paging through a book written in a language I’m trying to learn – there was a flood of jargon, but the bits I recognized made for moments of satisfaction.
3D Printing Corner
I want to glue the Sonic figure I printed, but I’d just as soon have some experience with gluing large, flat surfaces together before I go smashing a larger project together and hoping it sticks (literally). I had the idea to print up eight calibration cubes for practice. I tried some lower infill settings and got inferior, but adequate results. My biggest complaint was how many tries it took for the overall first layer. I had to settle with a couple curling corners, but a perfect print wasn’t the goal anyway. Gluing will have to wait until next week though.
Side Project
Also on the topic of 3D printing, my mother has been into quilting as of late and she commissioned some more bias tape makers like the ones I made during the early stages of the pandemic. I found what I thought was the model on Thingiverse and its description linked a revision that folds it in half again. I used a spreadsheet to scale the model to a couple different sizes.
Takeaway
I feel like I am assembling a jigsaw puzzle without the box. Each piece must be studied and understood before placing it. Half the challenge is knowing what pieces need to be in place before it’s time to begin studying others. Placing more than one at a time is very difficult, but the HTTPS piece interlocks with so many others, its ecosystem doesn’t lend itself to a project of the week format of study like what I have going on here.
Final Question
The most important lesson in tech is to know where to seek help. I had to seek out a new
Discord server familiar with NGINX this week when I should have looked them up a week ago. How long does it take before you look for specialized help?