some of us may be actioning gemini://perplexing.space/2022/securing-gemini-servers.gmi - very useful post. some of us are having issues - for agate ProtectHome=read-only works:-) and RestrictAddressFamilies=AF_INET AF_INET6 works - might help others:-)
4 months ago · 👍 datapulp, lykso, rwa
[1] gemini://perplexing.space/2022/securing-gemini-servers.gmi
@deepgrove: i get the joke now :-) my slim tech knowing had me thinking of how badly i'd stuffed up my server lol i can see chroot study in my future :-) · 4 months ago
I didn’t chroot it yet but have applied many of the suggestions in that article. definitely worth reading. · 4 months ago
just a joke. I briefly had my own setup running in such a sub-optimal way and felt attacked. · 4 months ago
@deepgrave: some confusion possibly (my part about settings probably) - my separate user account for agate has no sudo priv, runs on a headless pi thing , really-very few open ports in ufw, can't even directly log into account. what have i misunderstood? · 4 months ago
Running a server as a sudo user with a detached screen? I never did that, no way… · 4 months ago