This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

How-to guides

These are the guides on how to perform common tasks.

1: How to get root access via SSH

2: How to manually clean up your server's disk space

1 - How to get root access via SSH

If you need to manually perform some tasks, you can get root access via SSH.

To access your server’s root shell you will have to generate your SSH key and add it to your server’s authorized keys.

How to generate SSH key

If you are a Unix-like system user

Open the terminal.
Run the following command:
```
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
```
You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase. If you do not want to use a passphrase, press Enter.
Print the public key to the terminal and copy it:
```
cat ~/.ssh/id_ed25519.pub
```
Refer to the next section to add the key to your server.

If you are a Windows user

Open settings and under “Applications” click on “Manage additional components”.
Press “Add Component”.
Enter “OpenSSH client” in the search box and install it.
Open the Command Prompt. You can do this by pressing Win+R, typing cmd and pressing Enter.
Run the following command, replacing user_name with your Windows username:
```
ssh-keygen -t ed25519 -f C:\Users\user_name\.ssh\id_ed25519.pub
```
You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase. If you do not want to use a passphrase, press Enter.
Print the public key to the terminal and copy it:
```
type C:\Users\user_name\.ssh\id_ed25519.pub
```
Once again, replace user_name with your Windows username.
Refer to the next section to add the key to your server.

If you are a Android (Termux) user

Install Termux. We recommend installing it from F-Droid.
Open Termux.
Run the following command:
```
apt update -y && apt upgrade -y && apt install open-ssh -y &&
ssh-keygen -t ed25519 -f /data/data/com.termux/files/usr/etc/ssh/ssh_host_ed25519_key
```
You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase. If you do not want to use a passphrase, press Enter.

Print the public key to the terminal and copy it:

cat /data/data/com.termux/files/usr/etc/ssh/ssh_host_ed25519_key.pub

Refer to the next section to add the key to your server.

How to add the key to your server

Open the SelfPrivacy app.
Go to the “More” tab.
Tap on “Superuser SSH keys”.
Tap on the “Create SSH key” button.
Paste the public key you copied earlier.
Tap on the “Create SSH key” button.
Open the Jobs list
Tap on the “Start” button.
In a few minutes, you will be able to access your server’s root shell via SSH.

How to access your server’s root shell via SSH

Open the terminal or Command Prompt.
Run the following command, replacing server_domain with your server’s domain:
```
ssh root@server_domain
```
Enter the passphrase you entered when generating the SSH key, if you used one.

Be careful when using the root shell. If you do not know what you are doing, you can break your server or leak your data. Responsibility for the consequences of your actions lies with you. Respect the privacy of other users.

2 - How to manually clean up your server's disk space

Manual cleanup might be required if you need more space on system volume.

All commands in this guide are executed as root over SSH. If you do not have root access, see this guide for more information.

If you have no space left, you will only be able to use the SSH keys you previously added. If you run out of disk space and have not added any SSH keys, contact SelfPrivacy support for further assistance.

There are several ways to clean up your server’s disk space.

To check how much disk space you have, run the following command:

df -h

This will output a table like this:

Filesystem      Size  Used Avail Use% Mounted on
devtmpfs         97M     0   97M   0% /dev
tmpfs           969M   52K  969M   1% /dev/shm
tmpfs           485M  3.8M  481M   1% /run
tmpfs           969M  432K  968M   1% /run/wrappers
/dev/sda1        19G  8.2G  9.5G  47% /
/dev/sdb         18G   62M   17G   1% /volumes/sdb
tmpfs           194M     0  194M   0% /run/user/0

Here, the filesystem mounted on just / is your system volume.

Deleting old NixOS generations

Zero space warning

This method won’t work if you have no space left on your system volume. Use other methods first.

NixOS allows you to roll back to previous system states at any time, at the cost of disk space. SelfPrivacy servers are configured to reclaim disk space by automatically deleting old system states, but only states older than 7 days are deleted, so you can still use the rollback feature.

It is possible to manually delete all old system states, and it may give you more much needed disk space. To do this, simply run the following command as root:

nix-collect-garbage -d

This operation might take a while, depending on the number of system states you have. When it is done, you will see how much disk space you have freed up.

Deleting old logs

Logs sometimes may take up quite a lot of disk space. On SelfPrivacy servers, system logs are always limited to 500MiB, but these are not the only log files you have on your server.

To check how much disk space logs take up, run the following command:

du -h --max-depth=1 /var/log

The output will look something like this:

4.0K	/var/log/private
14M     /var/log/nginx
499M	/var/log/journal
587M	/var/log

System journal

Here, /var/log/journal are the system logs where all apps usually write their logs. As you can see in this example, they respect the 500MiB limit.

If you want to clear all system logs, run the following command:

journalctl --rotate && journalctl --vacuum-time=1s

This will usually give you around 450 MiB of free disk space, but not for long. This may though be enough to run some commands that will free up more space.

Nginx logs

The /var/log/nginx directory contains logs for the Nginx web server. If they got too big, you can clear them by running:

rm /var/log/nginx/* && systemctl reload nginx

As you can see, we don’t just delete the files, but also reload Nginx. This is because Nginx will get confused by the missing log files, and they will not be recreated until Nginx is reloaded.

Deleting old system

This operation can only be performed once during the lifetime of your server.

If you have installed SelfPrivacy on your own hardware, this may lead to some data loss.

When you install SelfPrivacy on a server, the existing system gets replaced by NixOS. But the old system is still there and takes up disk space, so you can roll back to it if you want.

To measure how much disk space the old system takes up, run the following command:

du -h --max-depth=1 /old-root/

If there is no old system in place, you will see du: cannot access '/old-root/': No such file or directory.

But if you do have an old system, you may delete it by running the following command:

rm -rf /old-root/

This usually frees up around 1.8 GiB of disk space on typical SelfPrivacy servers.