mr-karan commented 3 years ago

I'm interested to create this course.

About the course

Title

Self Hosting 101

Subtitle

Learn how to self host and manage applications on servers.

Description

This course is aimed towards beginners who are new to self hosting journey. The course starts with fundamentals like setting up a server, installing apps, configuring the machine, installing dependencies, setting up web server and goes further in explaining Day 2 tasks like setting up background services, debugging breaking applications using logs etc.

Course Outline

Mon School Self Hosting 101

Course Outcomes

At the end of this course, you should be able to:

Setup a personal server using major cloud providers.
Be confident in running off the shelves apps like NGINX/Redis/PostgreSQL.
Learn how to deploy and run Python applications.
Managing Day 2 tasks like debugging using metrics and logs.

Week 0

Objective: Some reading material will be shared to ignite interest in Self Hosting.

[ ] Why Self Host?
[ ] What things can you self host?
[ ] Self Hosted communities/peers

Week 1

Objective: Setup and configure a VPS.

[ ] Buy a $5 droplet on DigitialOcean
[ ] Configure the VPS
- [ ] Add SSH keys to access your instance
- [ ] Add a non root user
[ ] Install mon-debug-agent
[ ] Basics of apt, screen/tmux
[ ] Basics of editing files remotely using vim
[ ] Get to know your server
- [ ] Hostname
- [ ] ip addr

Week 2

Objective: Deploy a static website with HTML, CSS, JS

[ ] Install nginx using apt
[ ] Create index.html from scratch for hostname-a
[ ] Download the .zip of a new website from .git repo for hostname-b
- [ ] symlink the file to /var/www
[ ] Configure NGINX to serve static assets.
[ ] Setup SSL using certbot.
[ ] Visit hello.<username>.monschool.net which points to their public IP.
[ ] Learning how to share debug logs using mon-debug-agent with mentors.

Week 3

Objective: Deploy a Python application

[ ] Use git to clone a Python application
[ ] Install PostgreSQL
[ ] Setup and configure the DB as mentioned in README
[ ] Install pip and project dependencies with virtualenv
[ ] Run the application and ensure it runs without errors
[ ] Configure gunicorn/uwsgi for the webserver
[ ] Configure NGINX to setup a reverse proxy
[ ] Basics of port blocking via DO Firewall rules (UI)

Week 4

Objective: Understanding and setting up system services

[ ] Different ways to have a service running in background
[ ] Use systemd/supervisorctl to setup
- [ ] DB
- [ ] Python App
[ ] Setup a cronjob using cron/systemd-timer to run a background task like backing up DB.
[ ] Advanced setup config options for rq, redis

Week 5

Objective: Logs, Debugging and Fixing

[ ] Grep/Tail-ing for logs
[ ] View metrics with CLI tools:
- [ ] host metrics with htop
- [ ] disk metrics with df/ncdu
- [ ] network metrics with iftop
[ ] Crash the application on /easter-egg endpoint of Python App
[ ] Fix the error and restart services

Week 6

Objective: Recap + Further Reads

[ ] Reflect upon the course so far/things learnt etc
[ ] Plan to host more tools
[ ] Automate certain tasks
[ ] SSH Forwarding

Optional: Based on the interest in the course we can add a week on Hosting apps using Docker/Containers

anantshri commented 3 years ago

couple of things I would suggest

ssh login via key only. AWS makes it by default but DO and others might give you root password or password based login.
fail2ban setup to protect against bruteforce.
logrotation in case access logs are kept.
unattended upgrades

anandology commented 3 years ago

couple of things I would suggest

1. ssh login via key only. AWS makes it by default but DO and others might give you root password or password based login.

That is a good point. DO supports it, but you need to explicitly select a key when creating a droplet. I think it may be a good idea to explain ssh-keys before creating the droplet and suggest the users to create droplets with ssh-key selected, or does it make the flow complicated? @mr-karan?

2. fail2ban setup to protect against bruteforce.

3. logrotation in case access logs are kept.

4. unattended upgrades

fail2ban looks interesting. I think all these are good to include, may be in the last week? @mr-karan?

mr-karan commented 3 years ago

Sure, we can do that. It seems a better idea, than using the root password and then adding the SSH key manually after first login (which I'd in mind).

2-4: Yeah these are nice suggestions for Week 6. fail2ban however is a bit complicated and not trivial to setup (also it has a lot of false positives in my experience). We can decide on that, rest all LGTM 👍

NagariaHussain commented 2 years ago

Just awesome! Looking forward to the course.

mr-karan commented 2 years ago

Monschool-Selfhosting

@anandology For the logo of the course, I had an idea that would represent a box of "goodies" (aka skillset) that you get once you learn self hosting. The logo basically shows that you learn how to manage/operate a Cloud server based on Linux once you do the course.

But yeah, I know this didn't come off quite as well I'd in mind. Please feel free to either edit this or make a completely new logo :see_no_evil:

mr-karan commented 2 years ago

https://deploy-preview-34--monschool.netlify.app/self-hosting-101/week1/overview/

^ Week 0, Week 1 are almost in ready shape.

cc @anandology You can review it and share feedback during the weekly sync up call.

anandology commented 2 years ago