mirror of
https://github.com/AlexBocken/mykb.git
synced 2024-11-21 10:49:38 +01:00
Server Setup outline - really
This commit is contained in:
parent
98413f798f
commit
f59434b1d9
62
docs/ServerSetup.md
Normal file
62
docs/ServerSetup.md
Normal file
@ -0,0 +1,62 @@
|
||||
|
||||
# PreRequisites
|
||||
|
||||
1. A domain name provider ([EPIK](epik.com), etc)
|
||||
2. A VPS provider ([vultr](vultr.com), etc)
|
||||
|
||||
# Set DNS Records
|
||||
|
||||
1. Get the IP of your server from your VPS provider.
|
||||
2. Enable Reverse DNS for IPv6
|
||||
3. Enter the IP in to the DNS system interface of you DNS provider.
|
||||
- Enable IPv4 and IPv6 this way.
|
||||
|
||||
# Server
|
||||
|
||||
- `ssh-copy-id root@domain.xyz`
|
||||
- Edit /etc/ssh/sshd_config : `UsePAM no` and `PasswordAuthentication no` and restart ssh using `systemctl reload sshd`
|
||||
- `apt update; apt upgrade` and delete scetchy line from `.bashrc`.
|
||||
- install webserver stuff `apt install nginx python3-certbot-nginx rsync`
|
||||
|
||||
# Website
|
||||
|
||||
- In `/etc/nginx/sites-available` copy `default` to `domainname`.
|
||||
- Here change the root line to `root /PATH/TO/WEBSITE`
|
||||
- Change the `server_name` line to `server_name HOSTNAME.xyz www.HOSTNAME.xyz`
|
||||
- Copy this file to make the mail server and change `root` again to something relatable like `root /var/www/mail`.
|
||||
- Change the `server_name` to mail.HOSTNAME.xyz and www.mail.HOSTNAME.xyz
|
||||
- Now link both files to `/etc/nginx/sites-enabled/` using `ln -s /etc/nginx/sites-available/mail /etc/nginx/sites-enabled/`
|
||||
- Create the directories with `mkdir -p /var/www/domainname /var/www/mail` and add a `index.html` to both of them.
|
||||
|
||||
|
||||
## RSYNC command
|
||||
`rsync -uvrP --delete-after LOCAL root@HOSTNAME.xyz:/var/www/name/`
|
||||
|
||||
## CERTBOT
|
||||
|
||||
Run `certbot --nginx` and follow the hints on the screen.
|
||||
It guides you quite detailed through the procedure.
|
||||
Make sure that in the end you select the port-forwarding.
|
||||
|
||||
## MAIL
|
||||
|
||||
Use `emailwiz` from `lukesmith.xyz/emailwiz.sh` and run using `internet page` and replace guest.guest with domainname
|
||||
|
||||
Copy the output to the txt records on epik.com with mail._domainkey.HOSTNAME.xyz
|
||||
|
||||
Add the wanted user using `useradd -G mail -m username` and add password use `passwd username`
|
||||
|
||||
To enable the email to pass, you need to set the firewall correctly.
|
||||
Next to the ports listed below, sometimes port 25 can be probelmatic.
|
||||
Make sure to use `ufw` to open these ports and also use your VPS interface to open these ports if necessary.
|
||||
|
||||
| Server | Protocol | Port | Handshake | Role |
|
||||
| :--- | :--- | :--- | :--- | :--- |
|
||||
| mail.HOSTNAME.xyz | SMTP | 587 | STARTLS | Outgoing |
|
||||
| mail.HOSTNAME.xyz | IMAP | 993 | TSL/SSL | Incoming |
|
||||
|
||||
Also set the MX records on you dns service provider and let it point to `mail.HOSTNAME.xyz`.
|
||||
|
||||
# Possible Hickups on the way
|
||||
|
||||
- If you had that domain already set up on a server with a different IP address, you have to clean out your local `.ssh/known_hosts` before you can connect using `ssh`.
|
Loading…
Reference in New Issue
Block a user