Stream: boston

Topic: HTTPS everywhere, even Phil's websites

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:04):

Yesterday I set up HTTPS for https://greptilian.com

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:05):

I still need to work on subdomains of greptilian.com. And stuff I host for http://thedurbins.com , including subdomains.

view this post on Zulip Dan (Nov 12 2025 at 22:06):

What tech did you use?

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:07):

For https://greptilian.com ? It's hosted on GitHub Pages. See https://github.com/pdurbin/pdurbin.github.com

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:08):

It was mostly a matter of updating DNS records.

view this post on Zulip Dan (Nov 12 2025 at 22:08):

Oh so the webserver didn't even come into play.

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:08):

right

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:09):

My reasoning has always been that GitHub Pages will have much better uptime than my little Digital Ocean droplet. So that's where I host the URL for "me" on the Internet.

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:11):

Huh, sudo apt install caddy doesn't work without some other steps: https://caddyserver.com/docs/install#debian-ubuntu-raspbian

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:12):

I'm on Ubuntu 22.04.

view this post on Zulip Dan (Nov 12 2025 at 22:12):

I'm pretty sure it's in the normal Debian repo. Caddy probably likes to encourage people to install the latest version from their own repo.

view this post on Zulip Dan (Nov 12 2025 at 22:14):

Did you actually try sudo apt install caddy without adding their key?

view this post on Zulip Philip Durbin (Nov 12 2025 at 22:15):

Yeah. Here's what it says:

No apt package "caddy", but there is a snap with that name.

view this post on Zulip Dan (Nov 12 2025 at 22:16):

oh jeez. well I thought Ubuntu hijacks apt with snap anyway. maybe you turned that off somehow. I don't use Ubuntu anymore mainly because of this.

view this post on Zulip Dan (Nov 12 2025 at 22:16):

Like the same is said for chromium and maybe firefox

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:02):

Yeah, I'm really not sure. I don't remember installing anything via snap. According to https://askubuntu.com/questions/1261242/how-to-list-packages-manually-installed-by-snap I do have some stuff installed via snap:

pdurbin@server4:~$ ls -l /snap/bin
total 0
lrwxrwxrwx 1 root root  7 Sep 30 08:26 lxc -> lxd.lxc
lrwxrwxrwx 1 root root 13 Sep 30 08:26 lxd -> /usr/bin/snap
lrwxrwxrwx 1 root root 13 Sep 30 08:26 lxd.benchmark -> /usr/bin/snap
lrwxrwxrwx 1 root root 13 Sep 30 08:26 lxd.buginfo -> /usr/bin/snap
lrwxrwxrwx 1 root root 13 Sep 30 08:26 lxd.check-kernel -> /usr/bin/snap
lrwxrwxrwx 1 root root 13 Sep 30 08:26 lxd.lxc -> /usr/bin/snap
lrwxrwxrwx 1 root root 13 Sep 30 08:26 lxd.lxc-to-lxd -> /usr/bin/snap
lrwxrwxrwx 1 root root 13 Sep 30 08:26 lxd.migrate -> /usr/bin/snap
pdurbin@server4:~$ ls -l /var/lib/snapd/snaps
total 419916
-rw------- 2 root root 66871296 Sep 26 20:26 core20_2669.snap
-rw------- 2 root root 66871296 Nov  6 16:56 core20_2682.snap
-rw------- 1 root root 93745152 Nov 26  2024 lxd_31333.snap
-rw------- 2 root root 95842304 Sep 30 08:26 lxd_35819.snap
drwxr-xr-x 2 root root     4096 Apr  8  2022 partial
-rw------- 2 root root 53235712 Aug 22 23:46 snapd_25202.snap
-rw------- 2 root root 53399552 Oct 21 04:01 snapd_25577.snap

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:05):

I'm using Apache right now. This seems fairly relevant: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu

view this post on Zulip Dan (Nov 12 2025 at 23:06):

So one of your sites is on Github Pages and the other is on Digital Ocean via Apache?

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:07):

I have a lot of subdomains.

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:08):

pdurbin@server4:~$ ls -1 /etc/apache2/sites-enabled
000-default.conf
api.greptilian.com.conf
blog.greptilian.com.conf
bostonopen.dev.conf
irc.greptilian.com.conf
movies.greptilian.com.conf
music.thedurbins.com.conf
people.greptilian.com.conf
thedurbins.com.conf
unread.greptilian.com.conf
wiki.greptilian.com.conf

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:08):

(I never got bostonopen.dev.conf working because .dev domains require HTTPS.)

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:47):

Hey, it worked! https://blog.greptilian.com

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:47):

https://wiki.greptilian.com

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:48):

Let's Encrypt has been around for a decade. Not sure why it took me so long. Thanks for the nudge! :smile:

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:50):

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu was really good.

And sudo certbot --apache "just worked". I simply followed the prompts.

view this post on Zulip Philip Durbin (Nov 12 2025 at 23:50):

I guess I'm not sure what to do if I want to add a new subdomain. Re-run sudo certbot --apache? :thinking:

view this post on Zulip Philip Durbin (Nov 13 2025 at 01:58):

I wrote up a little blog post: https://blog.greptilian.com/2025/11/12/https-at-last/

Last updated: Jan 09 2026 at 14:22 UTC