Webserver configuration

This is a document detailing our current webserver setup. It is intended to help anyone wishing to improve or maintain our online infrastructure.

• The webserver is based on Debian
• NFTables for our firewall
• Crowdsec for IP banning
• Caddy for our frontend web proxy
• SystemD and linux groups to manage our web services
• PostgreSQL as our database

• Disable password login

TODO: Steps to enable NFTables SystemD service

TODO: insert our NFTables config here

TODO: Caddy installation

TODO: Group configuration

TODO: Expand on the following

• Creating a directory (with permissions, groups, sticky bits etc.)
• Clone the repository
• Create SystemD configs (copy example configs here)
• Add Caddy host

Additional stuff:

• Database connection