🔧

Guides and Documentation

4 notes  •  Tools & Utilities
HomeTools & Utilities › Guides and Documentation

Set Up and Configure Git on Windows

Git is a distributed version control system. This guide covers installing Git Bash on Windows and configuring your identity for the first time.

Prerequisites

  • Windows PC with internet access

Steps

# Download Git for Windows from:
# https://git-scm.com/download/win
# Install and launch Git Bash from the Start menu

# Create a project directory and initialize a repo
mkdir my-project
cd my-project
git init

# Configure your identity (required before first commit)
git config --global user.name "Your Name"
git config --global user.email "you@example.com"

# Check repo status
git status

# Stage and commit files
git add .
git commit -m "Initial commit"

Verify

git log --oneline

Notes

  • Set --global to apply the identity to all repos on the machine, or omit it to set per-repo.
  • Use git config --list to view all current settings.
  • For SSH key setup: ssh-keygen -t ed25519 -C "you@example.com" then add the public key to GitHub/GitLab.

Install SSL for CouchDB on a Bitnami AWS Instance

Installing a Let's Encrypt SSL certificate on a Bitnami CouchDB stack on AWS requires working around Bitnami's bundled web server and locked-down security groups.

Prerequisites

  • Bitnami CouchDB instance on AWS EC2
  • A domain name pointed to the Elastic IP
  • Port 80 temporarily open in the security group (for ACME challenge)

Steps

# Bitnami includes its own Apache — use the Bitnami certbot approach
sudo /opt/bitnami/bncert-tool

The bncert-tool handles Let's Encrypt certificate issuance and Apache configuration for Bitnami stacks automatically. Alternatively:

# Install certbot manually
sudo apt-get install certbot

# Stop Bitnami's Apache to free port 80
sudo /opt/bitnami/ctlscript.sh stop apache

# Obtain certificate in standalone mode
sudo certbot certonly --standalone -d yourdomain.com

# Restart Bitnami Apache
sudo /opt/bitnami/ctlscript.sh start apache

Configure Apache to Use the Certificate

sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf
# Update SSLCertificateFile and SSLCertificateKeyFile to point to
# /etc/letsencrypt/live/yourdomain.com/fullchain.pem
# /etc/letsencrypt/live/yourdomain.com/privkey.pem

Notes

  • If outgoing ports are locked down in the AWS security group, certbot cannot download packages — open port 443 outbound temporarily.
  • Bitnami's bncert-tool is the recommended method for Bitnami stacks as it handles Apache config automatically.

Install vsftpd and Restrict an FTP User to a Directory

vsftpd (Very Secure FTP Daemon) can jail FTP users to their home directories using chroot. This guide creates a restricted FTP user with optional TLS support.

Prerequisites

  • Ubuntu/Debian server with root access
  • Passive port range (13000-13100) open in the firewall

Install vsftpd

apt-get install vsftpd

Configure vsftpd

nano /etc/vsftpd.conf

Recommended configuration:

listen=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
chroot_local_user=YES
allow_writeable_chroot=YES
pasv_enable=YES
pasv_min_port=13000
pasv_max_port=13100
pasv_address=YOUR_SERVER_IP

Create a Restricted FTP User

# Create user with a restricted home directory
useradd -m -d /home/ftpuser -s /usr/sbin/nologin ftpuser
passwd ftpuser

# Set directory permissions
chown root:root /home/ftpuser
chmod 755 /home/ftpuser
mkdir /home/ftpuser/files
chown ftpuser:ftpuser /home/ftpuser/files

systemctl restart vsftpd

Verify

ftp YOUR_SERVER_IP
# Login as ftpuser — should be restricted to /home/ftpuser

Notes

  • For TLS, add ssl_enable=YES and point to your certificate files.
  • chroot_local_user=YES jails users to their home directory — the home directory must be owned by root for this to work.

Install Let's Encrypt SSL on Amazon Linux with Apache

Amazon Linux uses yum for package management and requires mod_ssl for Apache HTTPS support. This guide covers installing certbot and obtaining a certificate.

Prerequisites

  • Amazon Linux EC2 instance
  • Apache installed and running
  • Domain DNS pointing to the instance
  • Port 80 and 443 open in the security group

Steps

# Update packages
yum update

# Install mod_ssl for Apache
yum install mod24_ssl

# Install certbot via pip
pip install certbot

# Fix idna version conflict (if certbot requires idna < 2.8)
pip install 'idna<2.8'

# Obtain the certificate
certbot certonly --webroot \
  -w /var/www/html \
  -d yourdomain.com \
  -d www.yourdomain.com

# Or use Apache plugin
certbot --apache -d yourdomain.com

Configure Apache for SSL

nano /etc/httpd/conf.d/ssl.conf
# Update:
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.com/chain.pem

service httpd restart

Verify

curl -I https://yourdomain.com

Notes

  • Certbot's Apache plugin (--apache) edits the virtual host automatically.
  • Set up auto-renewal: echo '0 0,12 * * * root certbot renew --quiet' >> /etc/crontab.