some of us may be actioning gemini://perplexing.space/2022/securing-gemini-servers.gmi - very useful post. some of us are having issues - for agate ProtectHome=read-only works:-) and RestrictAddressFamilies=AF_INET AF_INET6 works - might help others:-)
2 years ago · 👍 datapulp, lykso, rwa
gemini://perplexing.space/2022/securing-gemini-servers.gmi
@deepgrove: i get the joke now :-) my slim tech knowing had me thinking of how badly i'd stuffed up my server lol i can see chroot study in my future :-) · 2 years ago
I didn’t chroot it yet but have applied many of the suggestions in that article. definitely worth reading. · 2 years ago
just a joke. I briefly had my own setup running in such a sub-optimal way and felt attacked. · 2 years ago
@deepgrave: some confusion possibly (my part about settings probably) - my separate user account for agate has no sudo priv, runs on a headless pi thing , really-very few open ports in ufw, can't even directly log into account. what have i misunderstood? · 2 years ago
Running a server as a sudo user with a detached screen? I never did that, no way… · 2 years ago