Archives for My Lazy and Forgetful Mind

Fix EPrints 3.4.7 cgi HTTPS Redirect Loop (Certbot + Apache)

Contents1 Fix: EPrints 3.4.7 /cgi HTTPS Redirect Loop (Certbot + Apache)1.1 Problem1.2 Root Cause1.3 Correct Reference1.4 Fix1.4.1 Update <Location> block1.5 Optional Improvement1.6 Required EPrints Config (10_core.pl)1.7 Why This Works1.8 Verification1.9 Notes1.10 Summary1.11 Key Takeaway Fix: EPrints 3.4.7 /cgi HTTPS Redirect Loop (Certbot + Apache) Problem When enabling HTTPS using Certbot, EPrints /cgi endpoints (e.g. /cgi/users/login) […]

Manual Rsync Backup from VPS to Local (with Exclusions)

Contents1 Rsync Backup from VPS to Local (with Exclusions)1.1 Command1.2 Explanation1.2.1 Basic flags1.2.2 Excluded folders/files1.3 Notes1.3.1 Why exclude dependencies1.3.2 About .env1.4 Result Rsync Backup from VPS to Local (with Exclusions) Command rsync -avz -e "ssh -p 2222" \ --exclude='node_modules' \ --exclude='vendor' \ --exclude='.env' \ user@vps:/path/app/ /home/youruser/backup/app/ Explanation Basic flags -a → archive mode (preserve permissions, […]

VPS First-Time Setup

Contents1 VPS First-Time Setup2 1. Initial Login3 2. Create Non-Root User4 3. Setup SSH Key (Recommended)5 Disable root SSH login5.0.1 Disable root SSH login (Ubuntu)5.0.2 Important6 4. Configure Firewall (Before Changing SSH Port)7 5. Change SSH Port8 6. Test New SSH Port (Critical Step)9 7. Remove Default Port 22 From Firewall10 8. Install Fail2Ban11 9. […]

How to Make Vite Build Work on Filament Page

Contents1 How to Make Vite Build Work on Filament Page1.1 Overview1.2 Problem Statement1.3 Solution Architecture1.4 Step-by-Step Implementation1.4.1 Step 1: Create FilamentServiceProvider1.4.2 Step 2: Register Service Provider1.4.3 Step 3: Create Asset Files (If Not Exists)1.4.4 Step 4: Configure Vite1.4.5 Step 5: Build Assets1.4.6 Step 6: Use in Filament Pages1.5 Advanced Usage1.5.1 Multiple Asset Bundles1.5.2 Conditional Registration1.5.3 […]

Repair Git Broken Object / EntryNotFound (WSL / VS Code)

Contents1 ✅ Repair Git Broken Object / EntryNotFound (WSL / VS Code)1.1 1️⃣ Backup working tree1.2 2️⃣ Fetch remote state1.3 3️⃣ Create clean branch from remote1.4 4️⃣ Restore file content from broken branch1.5 5️⃣ Rebuild objects1.6 6️⃣ Replace broken main1.7 7️⃣ Cleanup dangling / corrupted objects1.8 8️⃣ Verify1.9 9️⃣ Push2 ✅ What you learned (important)3 […]

Setting Persistent IPv4 DNS for Ubuntu 20.xx

Contents1 Prefer IPv4 for DNS & Connections on Ubuntu (Keep IPv6 Enabled)1.1 🎯 Goal1.2 1) Set IPv4 DNS with systemd-resolved1.3 2) Prefer IPv4 over IPv6 for connections1.4 3) Test1.5 ✅ Result1.6 🧠 Notes1.7 🔁 Revert Prefer IPv4 for DNS & Connections on Ubuntu (Keep IPv6 Enabled) On Ubuntu 20.04+, systemd-resolved and the network stack prefer […]

Deploying Web App with Docker + Apache Reverse Proxy

Deploying Web App with Docker + Apache Reverse Proxy Contents1 1) Apache as Reverse Proxy2 2) Enable Required Apache Modules3 3) Allow .htaccess4 4) HTTPS with Certbot5 5) Fix Base URL in Docker (CodeIgniter)6 6) Redirect HTTP → HTTPS7 7) Debugging8 8) Ownership / Permissions 1) Apache as Reverse Proxy Use Apache on host to […]

Fixing Expo + npm ERR_INVALID_URL and Permission Issues on WSL

Contents1 Fixing Expo + npm ERR_INVALID_URL and Permission Issues on WSL1.0.1 Problem Summary1.0.2 Fix Instructions1.0.2.1 1. Use WSL Terminal1.0.2.2 2. Ensure Node and npm are Linux-native1.0.2.3 3. Keep project inside WSL filesystem1.0.2.4 4. Fix missing executable permission1.0.2.5 5. Clean reinstall deps1.0.2.6 6. Run Expo1.0.3 Notes Fixing Expo + npm ERR_INVALID_URL and Permission Issues on WSL […]

Filament and vite integration

Integrating Filament 4 with Vite this article maybe incomplete because this information is compiled from my memory debugging my project. But the core information is here. I will add more when i stumbled accross this problem again on next project Filament 4 uses Laravel’s modern frontend tooling, and you can integrate it with Vite for […]

Running Qwen Code in a Sidecar Docker Container

Contents1 Running Qwen Code in a Sidecar Docker Container1.1 1. Why Sidecar?1.2 2. Dockerfile1.3 3. docker-compose.yml1.4 4. Environment Variables1.5 5. Wrapper Script1.6 6. Usage1.7 7. Notes Running Qwen Code in a Sidecar Docker Container 1. Why Sidecar? Instead of installing Qwen Code on your host, you can run it in its own container. Keeps API […]

VPS First-Time Setup

22 February 2026 / by akozan / 0 Comments

Last Modified on 9 April 2026

VPS First-Time Setup

Assume:

New SSH port = 2222
Ubuntu VPS

1. Initial Login

ssh root@YOUR_VPS_IP
apt update && apt upgrade -y
reboot

Reconnect after reboot.

2. Create Non-Root User

adduser youruser
usermod -aG sudo youruser

3. Setup SSH Key (Recommended)

From local machine:

ssh-keygen
ssh-copy-id youruser@YOUR_VPS_IP

Test login:

ssh youruser@YOUR_VPS_IP

Disable root SSH login

Disable root SSH login (Ubuntu)

Edit SSH config:

sudo nano /etc/ssh/sshd_config

Set:

PermitRootLogin no

(Optional but recommended)

PasswordAuthentication no

Restart SSH:

sudo systemctl restart ssh

Important

Ensure you have a normal user with sudo:

adduser youruser
usermod -aG sudo youruser

Test login in a new session before closing current one.

4. Configure Firewall (Before Changing SSH Port)

Install UFW:

sudo apt install ufw -y

Allow required ports:

sudo ufw allow 2222/tcp
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable
sudo ufw status

Ensure 2222/tcp is allowed.

5. Change SSH Port

Edit config:

sudo nano /etc/ssh/sshd_config

Modify:

Port 2222
PermitRootLogin no # disable root login
PasswordAuthentication no # if login using ssh key

Save and restart:

sudo systemctl restart ssh

6. Test New SSH Port (Critical Step)

Open new terminal window:

ssh -p 2222 youruser@YOUR_VPS_IP

If successful → continue.
If not → fix before closing old session.

7. Remove Default Port 22 From Firewall

List rules:

sudo ufw status numbered

Delete OpenSSH rule (by number):

sudo ufw delete <number>

Verify:

sudo ufw status

Port 22 should no longer be allowed.

8. Install Fail2Ban

sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

9. Set Timezone

sudo timedatectl set-timezone Asia/Jakarta

10. Install Stack (Choose One)

Option A – Nginx + PHP

sudo apt install nginx -y
sudo apt install php-fpm php-mysql php-cli php-curl php-mbstring php-xml php-zip -y
sudo systemctl enable nginx

Option B - apache + php (laravel ready)

Install Apache + PHP 8.3 (Ubuntu)

sudo apt update && sudo apt upgrade -y

# install repo for PHP 8.3
sudo apt install -y software-properties-common ca-certificates lsb-release apt-transport-https
sudo add-apt-repository ppa:ondrej/php -y
sudo apt update

# install apache + php 8.3 + required extensions
sudo apt install -y apache2 php8.3 php8.3-cli php8.3-common php8.3-mysql php8.3-xml php8.3-curl php8.3-mbstring php8.3-zip php8.3-bcmath php8.3-intl php8.3-gd libapache2-mod-php8.3 unzip curl git

# enable apache rewrite (needed for Laravel)
sudo a2enmod rewrite

# restart apache
sudo systemctl restart apache2

Install Composer

curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer

Laravel ready notes

Document root → /var/www/html/yourproject/public
Set permission:

sudo chown -R www-data:www-data /var/www/html
sudo chmod -R 775 /var/www/html

Option C – Docker

curl -fsSL https://get.docker.com | sudo bash
sudo usermod -aG docker youruser

Logout/login again.

Test:

docker run hello-world

if youruser still not added to docker group

newgrp docker

then rerun hello world

Final Security Baseline

SSH on custom port (2222)
Root login disabled
Password login disabled
Firewall enabled
Fail2Ban active
System updated
Kernel updated + rebooted

This is a clean, secure baseline for production VPS.