fix the runtehblog tutorial

2025-07-02 11:56:40 +00:00 · 2025-03-27 09:58:19 +01:00 · 2025-03-27 09:58:19 +01:00 · 818c8e34b2
commit 818c8e34b2
parent 690c6f2938
2 changed files with 48 additions and 197 deletions
--- a/opsec/runtheblog/25.png
+++ b/opsec/runtheblog/25.png
--- a/opsec/runtheblog/index.html
+++ b/opsec/runtheblog/index.html
@ -93,16 +93,22 @@
 <p>On a debian server (VPS or not), install the following packages:</p>
 <pre><code class="nim">
 [ Datura ] [ /dev/pts/23 ] [~]
-→ sudo apt install nginx wget curl -y
+→ sudo apt install nginx wget curl tor torsocks -y
 	
 </code></pre>

-<p>Then, you need to download the blog somewhere, you can simply git clone it from the blog-contributions gitea repository into the /srv/ directory:</p>
+<p>Then, you need to download the blog somewhere, you can simply git clone it from the blog-contributions forgejo repository into the /srv/ directory:</p>
 <pre><code class="nim">
 [ Datura ] [ /dev/pts/23 ] [~]
-→ git clone https://git.nowhere.moe/nihilist/blog-contributions /srv/blog/
+→ torsocks git clone https://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions /srv/blog/
 	
 </code></pre>
+<p><u>Optional:</u> if you want to also host the archived blog sections i wrote in the past (the hacking and selfhosting categories) you can do so as follows: </p>
+<pre><code class="nim">
+[ Wonderland ] [ /dev/pts/9 ] [/srv/blog-archive]
+→ torsocks git clone http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-archive /srv/blog-archive
+
+</pre></code>

 <p>then you can use this nginx configuration (and dont forget to enable it with a symlink to sites-enabled):</p>
 <pre><code class="nim">
@ -169,12 +175,18 @@ server {
 ###################################END OF HARDENING SSL###########################################


-
-                root /srv/blog/;
-                                rewrite ^/servers/anon.html /opsec/index.html permanent;
-                                rewrite ^/servers/(.*)$ /opsec/$1 permanent;
+  rewrite ^/servers/anon.html http://$server_name/opsec/index.html permanent;
+        rewrite ^/servers/(.*)$ http://$server_name/opsec/$1 permanent;
        index index.html;
+        root /srv/blog/;
+
+                #optional selfhosting + HTB locations in /srv/blog-archive:
+                location ~ ^/(selfhosting|HTB)/ {
+                root /srv/blog-archive/;
+
+                }
 }
+
 </code></pre>
 <p>but as you can see we're missing the TLS certificates, so let's get them using acme.sh:</p>
 <pre><code class="nim">
@ -354,6 +366,31 @@ server {
 <img src="3.png" class="imgRz"> 
 <p>And that's it! you now have made your own copy of the blog available over clearnet and Tor.</p>

+<p><u>Sidenote:</u> if you want to only have an onion mirror of the blog (and no clearnet at all), you can use this nginx config:</p>
+<pre><code class="nim">
+[ Wonderland ] [ /dev/pts/9 ] [/etc/nginx/sites-available]
+→ cat blog.conf
+
+server {
+        ######## TOR WEBSITE ########
+        listen 4443;
+        listen [::]:4443;
+        server_name blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion;
+
+        rewrite ^/servers/anon.html http://$server_name/opsec/index.html permanent;
+        rewrite ^/servers/(.*)$ http://$server_name/opsec/$1 permanent;
+        index index.html;
+        root /srv/blog/;
+
+                #optional selfhosting + HTB locations in /srv/blog-archive:
+                location ~ ^/(selfhosting|HTB)/ {
+                root /srv/blog-archive/;
+
+                }
+}
+
+</pre></code>
+
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
@ -367,14 +404,14 @@ server {
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Setting up Collaboration</b></h2> </br> </br>
 <p>Now if you want to make sure the blog content keeps growing, you'll need to either write your own blogposts in it or setup collaboration:</p>
-<p>Now in order to make sure you can welcome external contributions, you need at least to be able to have a gitea instance like the one i have at <a href="https://git.nowhere.moe/">https://git.nowhere.moe</a>:</p>
+<p>Now in order to make sure you can welcome external contributions, you need at least to be able to have a forgejo instance like the one i run <a href="https://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/">here</a>:</p>

 <img src="4.png" class="imgRz"> 
 <img src="5.png" class="imgRz"> 
 <img src="6.png" class="imgRz"> 
 <img src="7.png" class="imgRz"> 
 <img src="8.png" class="imgRz"> 
-<p>Now here you have a simple mirror git repo of the blog, once a day it will synchronize the new changes onto your mirror which is always useful to have in case if the <a href="https://git.nowhere.moe/nihilist/blog-contributions">main repository</a> gets taken down.</p>
+<p>Now here you have a simple mirror git repo of the blog, once a day it will synchronize the new changes onto your mirror which is always useful to have in case if the <a href="https://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions">main repository</a> gets taken down.</p>

 <p> If it were to get taken down for whatever reason, or if you decide to branch out and do your own thing with the blog, you can edit the repository to not be a mirror anymore (meaning you'll be able to push your own commits without going through me):</p>
 <img src="9.png" class="imgRz"> 
@ -414,194 +451,8 @@ server {
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Setting up a Mirror List</b></h2> </br> </br>
-<p>And then to make sure the nihilism blog remains resistant to takedowns, you can update the mirrors.txt file:</p>
-<p>Now in order to give people a list of all the backup blog mirrors in one go, to make it simple i recommend just listing them manually in a textfile that you update on a monthly basis:</p>
-<pre><code class="nim">
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
-→ vim mirrors.txt
-
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
-→ cat mirrors.txt
-### Active ###
-
-Nihilist:
-Clearnet: https://blog.nowhere.moe
-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
-
-Anon1:
-Clearnet: link1
-Tor: link.onion1
-
-Anon2:
-Clearnet: link2
-Tor: link.onion2
-
-
-### Inactive ###
-
-### Removed ###
-
-</pre></code>
-<p>Then each month, validate that each link is still reachable, and if one of the links isnt reachable just move it to the "Inactive" category:</p>
-<pre><code class="nim">
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
-→ vim mirrors.txt
-
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
-→ cat mirrors.txt
-### Active ###
-
-Nihilist:
-Clearnet: https://blog.nowhere.moe
-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
-
-Anon1:
-Clearnet: link1
-Tor: link.onion1
-
-### Inactive ###
-
-Anon2:
-Clearnet: link2
-Tor: link.onion2
-
-### Removed ###
-
-</pre></code>
-
-<p>Next month upon the next review, check if the mirror is still no longer reachable just move it to the "Removed" category:</p>
-<pre><code class="nim">
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
-→ vim mirrors.txt
-
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
-→ cat mirrors.txt
-### Active ###
-
-Nihilist:
-Clearnet: https://blog.nowhere.moe
-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
-
-Anon1:
-Clearnet: link1
-Tor: link.onion1
-
-### Inactive ###
-
-### Removed ###
-
-Anon2:
-Clearnet: link2
-Tor: link.onion2
-
-</pre></code>
-<p>Don't forget to git push the file onto the git repository and you're good !</p>
-<pre><code class="nim">
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
-→ vim mirrors.txt
-
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
-→ cat mirrors.txt
-### Active ###
-
-Nihilist:
-Clearnet: https://blog.nowhere.moe
-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
-
-
-
-### Inactive ###
-
-
-### Removed ###
-
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
-→ cat push.sh
-#!/bin/bash
-git config --global user.email "nihilist@contact.nowhere.moe"
-git config --global user.name "nihilist"
-
-git add -A
-git commit
-git push
-
-[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
-→ ./push.sh
-
-add mirrors.txt
-# Please enter the commit message for your changes. Lines starting
-# with '#' will be ignored, and an empty message aborts the commit.
-#
-# On branch main
-# Your branch is up to date with 'origin/main'.
-#
-# Changes to be committed:
-#   new file:   mirrors.txt
-#   modified:   push.sh
-
-:wq
-
-[main 39b29a3] add mirrors.txt
- 2 files changed, 15 insertions(+), 2 deletions(-)
- create mode 100644 mirrors.txt
-
-<b>Username for 'https://git.nowhere.moe': nihilist
-Password for 'https://nihilist@git.nowhere.moe':</b>
-
-Enumerating objects: 6, done.
-Counting objects: 100% (6/6), done.
-Delta compression using up to 4 threads
-Compressing objects: 100% (4/4), done.
-Writing objects: 100% (4/4), 581 bytes | 290.00 KiB/s, done.
-Total 4 (delta 1), reused 0 (delta 0), pack-reused 0
-remote: . Processing 1 references
-remote: Processed 1 references in total
-To https://git.nowhere.moe/nihilist/blog-contributions
-   d1bc9ce..39b29a3  main -> main
-
-</pre></code>
-<p>And that's it! you have now made the mirrors.txt file accessible to your audience. They now can simply download it like so:</p>
-<pre><code class="nim">
-[ mainpc ] [ /dev/pts/7 ] [/tmp]
-→ apt install curl -y
- 
-[ mainpc ] [ /dev/pts/7 ] [/tmp]
-→ curl https://blog.nowhere.moe/mirrors.txt
-### Active ###
-
-Nihilist:
-Clearnet: https://blog.nowhere.moe
-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
-
-### Inactive ###
-
-### Removed ###
-
-[ mainpc ] [ /dev/pts/7 ] [/tmp]
-→ curl -x socks5h://127.0.0.1:9050 http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/mirrors.txt
-### Active ###
-
-Nihilist:
-Clearnet: https://blog.nowhere.moe
-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
-
-### Inactive ###
-
-### Removed ###
-
-</pre></code>
+<p>And then to make sure the nihilism blog remains resistant to takedowns, you can list it on your own <a href="../darknetlantern/index.html">Darknet Lantern</a> instance, under the <a href="http://lantern.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/index.php?query=Blogs">Blogs</a> category:</p>
+<img src="25.png" class="imgRz"> 
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->