My home server recently failed (as anyone who tried to visit
www.sectordisk.pw may have seen if they attempted to go to it for the week or
so that it was down). I'm not exactly sure what happened to be honest --
Ubuntu corrupted somehow and just refused to come back to life. Every time I
booted in it would take forever hanging on services, and once I finally did
get in it could take a command or two before the entire system would hang.
This happened after I tried to mount some backups trying to figure out where
the heck my Letsenrypt renewal script went (as my sites hadn't renewed their
SSL certificates), but it's difficult to tell if the two events were related.
The server just hung up at some point while I was working on that, and it
never recovered after restart. I tried fsck'ing the volume and even upgrading
Ubuntu in place (in case that'd fix whatever broken service or kernel module
was causing the issue), but it just wouldn't work. So, in an attempt to
mitigate any further possible damage, I ordered a new SSD and rebuilt it from
the ground up, copying over basically all my files and configs that I could
think of from the old SSD.

This time around, though, I decided to put things like my websites and Gopher
and such all in virtual machines so that I could better manage them. When I
very first set all this stuff up all the way back in 2017, it was on a
Raspberry Pi 3B that I connected over an SSH reverse tunnel to my Vultr server
in order to forward the ports (since I was behind my college's NAT and
firewall). This is how I set up pretty much everything, and while it worked,
it was a pretty terrible solution. Everything had to be run as root, and even
though I had SSH KeepAlive enabled, I still set up a script to make the server
say "Ping! Pong!" every few seconds just to make sure the connection didn't
die. Plus, all traffic look like it originated from the localhost, which was a
nightmare for security. This is still the solution used by quite a lot of
people to forward their website out to the world, and it IS admittedly an easy
solution, but it's definitely not the best way to do it. So a good while back
I learned how to set up a Site-to-Site VPN with Wireguard and set up rules
with UFW and iptables in order to forward traffic properly. The only downside
of this solution is that all internet traffic period ends up being routed
through the Wireguard VPN, but frankly in a VM I think that's fine. (Actually,
there might have been a way to preserve non-forwarded traffic, but I don't
remember how to do it because that's not how I set it up ultimately lol).
Still, it has the added benefit of automatically coming back online, unlike my
SSH tunnel quite a lot of the time.

I spun up a test VM and a test Vultr server back in April of last year to
learn how to set this up, and I ended up succeeding in it and applied the
change to Sector Disk, getting rid of the SSH tunneling stuff altogether. I
didn't, however, apply it to all my other stuff, because it was all running on
the actual host (no longer a Raspberry Pi lol) and not in a virtual machine.
It wasn't until the server crashed that I actually migrated all those things
to a VM and set up Wireguard, but it was a much needed move so I guess in a
way it was a good thing the server finally crashed when it did lol. Now I also
have it so that the VMs all start on startup, so in the event of a power
outage there should be less downtime and manual work getting stuff back
running. Honestly it's kind of a nice relief, and things seem a lot snappier
than before, so my server is perhaps a bit happier about it too lol.

Anyway, that's all for now. Hope everyone's doing great!

Bye for now! :>