We will configure a server running Ubuntu to send all mail out to a remote email address via an SMTP server. This is a redo of these instructions..
Again, I just copied an instructional as here. Cant be bothered copying it here, but I did all those steps, except I commented out this line:
#smtp_tls_CAfile = /etc/postfix/cacert.pem
I looked at this log and got some useful info: /var/log/mail.log
SMTPS wrappermode (TCP port 465) requires setting "smtp_tls_wrappermode = yes", and "smtp_tls_security_level = encrypt" (or stronger)
So I added those lines to my config file.
Then in testing I noticed that yay it actually sent the mail, although it bounced due to the ‘from address’ not being configured properly, so we create this file:
sudo nano /etc/postfix/generic with these contents:
username@hostname name@domain @hostname name@domain #use 'postmap /etc/postfix/generic' to hash this file #then 'service postfix restart'
Where hostname is the hostname for the machine, and name@domain is the sender address, which usually needs to be valid with the SMTP server – although Google actually allows improper addresses. You could create different instances for different users, i.e one for root perhaps
Then add this line to the config:
smtp_generic_maps = hash:/etc/postfix/generic
sudo postmap /etc/postfix/generic
sudo service postfix restart
I just logged into a root account and followed these instructions…
- My VPS provider (Vultr) allows inserting a public key at the time of a new instance creation, so I created a new key using an existing Linux command line:
ssh-keygen -t rsa
- Name server hostname (I used these instructions (archive) for hostname)
- Set reverse DNS in VPS server console equal to FQDN
- Change SSH port & disable password authentication with
sudo nano "/etc/ssh/sshd_config"then restart ssh
sudo systemctl restart ssh
- create non root user, copy .ssh folder from root to their profile, making sure to
chown newuserfor the authorized_keys file, and add the user to group sudo –
sudo addgroup groupname.
- Add auto security updates.
sudo apt-get install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades **requires root email for notifications*
- Set time zone
sudo dpkg-reconfigure tzdata
Following this guide.
NOTE 1: In the part where they edit
I edited the server directive to read:
server 192.168.155.0 255.255.255.0
then my UFW rules are
# START OPENVPN RULES Continue reading “OpenVPN Server on Ubuntu 16.04”
# NAT table rules
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to ens3 (change to the interface you discovered!)
-A POSTROUTING -s 192.168.155.0/24 -o ens3 -j MASQUERADE
# END OPENVPN RULES
In Ubuntu 16.04 DNSCrypt can be installed from apt-get:
sudo apt-get install dnscrypt-proxy
Assuming a wireless interface is setup and working on the router, we can add a virtual interface, give it it’s own subnet, and isolate that subnet from the existing LAN. Note: these routers don’t seem to like multi-tasking/wi-fi too much Continue reading “isolated wifi using a Mikrotik wireless router”
The main challenge installing guy wires onto a tiled roof was how to make anchor points. I went to a local antenna supplier and they told me the usual method is with these long self tapping o-ring bolts. So that’s what I did, it was much easier than I expected.
I used a diamond hole saw from eBay to make 2 holes in the roof tiles, and made use of an existing satellite dish mast for the final mounting point. I used threaded rod to attach a tapped o ring (or whatever you call it) to the satellite mast. Using a wet finger I was able to mold silicon around the anchor bolts in the roof tiles.
From my understanding it’s better to be earthed than not… I tried running conduit through this cement path using only an angle grinder and a chisel. This would have taken waay too long. Ended up buying a jack-hammer from gumtree (cheaper than renting). The second earth wire is from a UBNT Ethernet protector in the roof-space. This goes to a separate earth rod a small distance from the mast earth rod.