Introducing Indie Web Server 8.0.0: install the server and start serving a secure static personal web site in literally seconds
I hope it makes your lives easier. This is one of the earlier pieces of the puzzle in the Hypha project.
(It took two weeks and a couple of false starts but Version 8.0.0 introduces native binaries for Linux and macOS. Production use via startup daemons is supported only on Linux platforms with systemd.)
@aral possibly redundant criticism, but: please don't advise people to pipe to bash. It may simplify things and look pretty, but (aside from the obvious security issues / implied trust of the domain) encourages others to "simplify" commands (possibly using sudo) in this manner, and could even result in partial commands being executed and wrecking someone's system. Source: https://www.seancassidy.me/dont-pipe-to-your-shell.html
Aside from that, great article! I might try this out sometime soon :)
@fennifith … and usability and security are always a trade off: a completely secure system would be one that is utterly unusable. That’s why we use threat models. For the goals of this project and its threat model, this is the most optimised installation process I could come up with. Always open for suggestions about how to make it better (so the bit that comes after “don’t do that” and says “do this instead”).
Hope you find it useful when you try it out.
@aral It is good that you have considered this, but I'd still like to err on the side of caution (one possible option is PGP-signing the installer so it can be verified with keybase or the "web of trust"), and I think the decision of how this is balanced with usability should ultimately be left to the user. Regardless, I would briefly mention this in the article if only to communicate to a new/inexperienced audience that it *might not always be a good idea*, and that this is still something to be wary of.
@aral However, after taking some time to look at the project I see that this is mentioned in the web server's page, and it is true that the script may be simple enough that PGP signing is a bit overkill. Criticizing your work without properly understanding it was on me.
@fennifith Hey, no worries – always better to err on the side of caution ;)
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!