Setting Up DropShare With a VPS
I want to switch away from CloudApp to a host/domain under my control, and DropShare looks like a great alternative, because it lets you pick a back-end.
They have instructions for setting up SCP/SSH using your own server via nginx on DigitalOcean. I’ve already got danj.ca running on Apache on Linode, so I should be able to replicate the same.
Another alternative is to use S3-compatible object storage which, again, Linode offers and I could potentially use by mirroring DropShare’s DigitalOcean instructions. Object storage might be a better move because it comes with CDN and takes away the overhead of administering a server, but we’ll see. I’ll try just putting this on my web server first…
Instructions
Requirements
I already have the server and web server running, I just need to add:
- A VirtualHost, to associate a subdomain to the folder where the shared files will be hosted
- A user account for DropShare to use; by their instructions, the hosted files go in this user’s home directory, but I suppose you could host them somewhere else as long as it’s available to the user account / web server
- An SSH keypair for DropShare to use to authenticate as the DropShare user
Adding the site to Apache
- Pretty sure I want the site’s document root alongside that for
www.danj.ca, i.e./var/www/dropshare/ - So let’s create that folder with the same subfolders as my other site has
> sudo mkdir -p /var/www/dropshare/{backups,log,public_html}- Now let’s create the Apache config for the site
- My intention is to use
share.danj.caas the public domain for this site - Let’s start by copying
www.danj.ca’s config > sudo cp www.danj.ca.conf dropshare.conf- Actually, wait. I should name this after the site I want to use, not the incidental fact I’ll use DropShare to interact with it!
- Let’s replace “dropshare” above with “share.danj.ca”
- Ok, added
share.danj.ca.confwith contents copied fromwww.danj.ca.conf, but all domain/folder references updated accordingly - Kept the Rewrite rule that I believe forces https…
- Now we need to add a link in the
sites-enableddirectory sudo ln -s /etc/apache2/sites-available/share.danj.ca.conf /etc/apache2/sites-enabled/share.danj.ca.conf
Set up a user for dropshare
sudo useradd dropshare- …Oops, should have used
useradd -m, he didn’t get a home directory 😛 - Ok, created the directory by hand and made the dropshare user its owner… I wonder if I have to configure something to actually make
/home/dropshareassociated as the user’s homedir… but we’ll see - Give the dropshare user ownership on the
share.danj.ca/public_htmldirectory > sudo chown dropshare:www-data /var/www/share.danj.ca/public_html- Oh, by the way, it looks like this is how you assign a user’s homedir:
sudo usermod -d /home/dropshare dropshare, so let’s do that - Usermod reported “no changes”, so I guess it was fine
Set up the domain
- In Hover, we need to add a CNAME so that requests to
share.danj.cago to the server - If I recall correctly, I think we can set up a CNAME from
share.danj.catodanj.ca, and Apache should do the right thing, but I could be missing a step. Let’s put a testindex.htmlinshare’spublic_htmldir, and that’ll let us know if we’re finding it. - Hmm, actually right now
share.danj.cain a web browser just sends me tohttp://danj.ca; I guess there’s a wildcard subdomain record? - Ok, created the CNAME, let’s see what happens… might need to wait for DNS to propagate
- Ah, reviewing some docs, I was reminded I need to restart Apache after adding server configs
- Now
share.danj.cagives me a certificate error, presumably because it’s not configured for SSL, so it might be working - Also note that now
code.danj.ca(an existing CNAME) leads to an empty directory listing… what’s that showing me? 🤔
- Now
Sidebar: Adding domains to an SSL certificate
- Instructions: https://certbot.eff.org/docs/using.html#re-creating-and-updating-existing-certificates
- Ran
> sudo certbot certonly --cert-name danj.ca -d danj.ca,www.danj.ca,share.danj.ca - Selected Apache plugin as the challenge mechanism, confirmed I wanted to add the new domain, that’s all it took
- Oh yes, and restart the web server. Gotta remember that.
- Ok, now
share.danj.caredirects me to the website atwww.danj.ca, it doesn’t seem like my Apache config is working as intended
Fixing the Apache config
- Still noticing that if you go to
share.danj.caordanj.ca, the hyperlinks to all articles have that domain. I guess because they’re all relative links. But I’d really like to force the site to always direct you towww… - Ok. Confirmed that pinging
share.danj.cabasically returnsdanj.caand pings the correct IP address. That’s a sanity check done. Now let’s look at the Apache configs again - Interesting: Added a test index file to the
share.danj.cadocument root. When I go to an undefined subdomain, likescrod.danj.ca, I get served that file. If I actually go toshare.danj.ca, I end up on thewww.danj.cahomepage… Same withcode.danj.ca - Hypothesis: I was gonna say CNAMEs are taking me to
danj.ca, but bothcodeandshareare CNAMEs yet yield different results- Now, the difference is,
shareis on the SSL cert… - Wait, the
shareapache config also has the redirect rules I copied fromwwwto apply https… - Ok, I think the
share.danj.caVirtualHost is working just fine. But when it redirects to https, then we end up in the VirtualHost config inwww.danj.ca-le-ssl.conf(because it handles*:443), which of course serves uswww.danj.ca/public_html - So I think if I add a 443 VirtualHost for
share.danj.ca, I’ll have it made. Now, it looks like LetsEncrypt/certbot added that SSL config file for me, but forshare.danj.ca, I’m gonna try just adding the SSL VirtualHost to the existingshare.danj.caconfig file
- Now, the difference is,
- Yup, that did it! Now
share.danj.caredirects tohttps://share.danj.caand serves up the share index file
Letting DropShare communicate with the server
- We need to generate an SSH keypair for DropShare to use to connect as the
dropshareuser - Did that locally on my Mac, using the instructions from DropShare
- I remember there’s a clever way to copy an SSH pubkey up to the server, let’s see if I can find it…
- Ah, I was thinking of
ssh-copy-id, but that assumes you’re adding a key for the user with whom you’re logging in. That’s not what I’m doing: I want to SSH into the server as my own account, but add a key for thedropshareaccount - It occurs to me I can do this with
scp - Ah, no, I want to append the contents of the pubkey to
authorized_keys, like this: > ssh user@danj.ca "cat >> /home/dropshare/.ssh/authorized_keys" < ~/.ssh/dropshare.pub- …Ah, the file doesn’t exist. Can’t append to it if it doesn’t exist.
- Logged in and created the
.sshfolder and auth keys file fordropshare. For reference, giving it these permissions: this comment - Let’s try this one more time via SSH (we’ll need sudo, cos I can’t write to the other user’s auth keys file…)
- Ah, it’s not clear how to do this via sudo. Fuck it, just copy the pubkey to the pasteboard and I’ll paste it into the
authorized_keysfile while SSH-ed in, let Terminal do the work. 😛
- Ah, it’s not clear how to do this via sudo. Fuck it, just copy the pubkey to the pasteboard and I’ll paste it into the
- Ok, done.
- Let’s test and see if it works:
ssh -i ~/.ssh/dropshare dropshare@danj.ca- (The
iswitch defines precisely which key to use, otherwise it would default to my key (actually I think the dropshare key is the only one there, but let’s just be explicit.))
- (The
- Boom, that worked. Ok, now
dropsharecan get in to the server
Setting up DropShare on the Mac
- Set up new SCP over SSH connection
- Hostname:
share.danj.ca - Username:
dropshare - Password:
SSH passphrase - SSH Key Pair:
dropshare/dropshare.pub - Upload Path:
/var/www/share.danj.ca/public_html - URL to Path:
https://share.danj.ca/ - Successfully tested!
- Uploaded a screenshot… DropShare’s annotation tool is MUCH more clunky than CloudApp’s… alas
- Ahh, but you can configure DropShare to use external annotation tools! Gonna play with that!
- One of the supported apps is CleanShot, also included in SetApp (which is how I’m getting access to DropShare), so there’s a natural choice… though it also supports Preview.app too, let’s try that first.
- Ah, ok, so it hands off the screenshot to Preview, then you use the DropShare Share Extension in Preview to upload the image
- A slight annoyance here is you have to dismiss Preview (and tell it you don’t want to save the screenshot) when you’re done
- Let’s try CleanShot, too
- Oh yeah. That’s a LOT better1. CleanShot has nice annotation tools much more like CloudApp’s, and you just drag an icon up to DropShare’s menu bar icon, which uploads the shot and dismisses CleanShot. I think this is my workflow. ✅
Next Up
I think the next thing I want to do is set up YOURLS on my server, and set DropShare to use it. I suspect I’ll have to stop using www.danj.ca as an alias for danj.ca, and make them into two separate sites. But that should be fine, as the canonical URLs for my website use www.danj.ca anyway. danj.ca is perfect for short URLs…
-
(Update after a few months of using CleanShot): CleanShot is great. It's got an easy-to-use screen recorder built right in that lets you capture video or animated GIFs, great for demonstrations. It also has a feature that lets you quickly hide your desktop icons, which I used in haste whilse sharing my screen on a video call the other day. Thus far my only complaint about CleanShot is it doesn't seem to support emoji in its text annotation which is a big 👎🏼. ↩