So as many of you know I develop a Linux distro called Drauger OS.
A few days ago, someone hacked into the server hosting the apt repository and messed with one of the websites the repository was sharing the server with. The repository wasn’t tampered with, but the server is now effectively unusable without a complete reinstall process.
Because of all this, I ended up moving to my personal server.
My initial idea was to have nginx be a reverse proxy for the apt repository, another subdomain for downloading files, and my NextCloud. All of which would use Apache for their web server. That ended up not happening. NextCloud was refusing to move ports (a phenomenon I eventually rectified with a couple
snap set nextcloud commands) so my NextCloud installations have basically got to reinitialize themselves with the server.
Something wasn’t working with the previous idea of settting up Apache and serving it over the reverse proxy with Nginx. I ended up just serving both the apt repo and download folder using nginx. I still would like to get the reverse proxy set up for NextCloud but that’s not looking feasible.
Moral of the story: make sure no one can hack the server you are on. Whether it be through your site or someone else’s.