We will configure a server running Ubuntu to send all mail out to a remote email address via an SMTP server. This is a redo of these instructions..
Again, I just copied an instructional as here. Cant be bothered copying it here, but I did all those steps, except I commented out this line:
#smtp_tls_CAfile = /etc/postfix/cacert.pem
I looked at this log and got some useful info: /var/log/mail.log
SMTPS wrappermode (TCP port 465) requires setting "smtp_tls_wrappermode = yes", and "smtp_tls_security_level = encrypt" (or stronger)
So I added those lines to my config file.
Then in testing I noticed that yay it actually sent the mail, although it bounced due to the ‘from address’ not being configured properly, so we create this file:
sudo nano /etc/postfix/generic with these contents:
username@hostname name@domain @hostname name@domain #use 'postmap /etc/postfix/generic' to hash this file #then 'service postfix restart'
Where hostname is the hostname for the machine, and name@domain is the sender address, which usually needs to be valid with the SMTP server – although Google actually allows improper addresses. You could create different instances for different users, i.e one for root perhaps
Then add this line to the config:
smtp_generic_maps = hash:/etc/postfix/generic
sudo postmap /etc/postfix/generic
sudo service postfix restart
I just logged into a root account and followed these instructions…
- My VPS provider (Vultr) allows inserting a public key at the time of a new instance creation, so I created a new key using an existing Linux command line:
ssh-keygen -t rsa
- Name server hostname (I used these instructions (archive) for hostname)
- Set reverse DNS in VPS server console equal to FQDN
- Change SSH port & disable password authentication with
sudo nano "/etc/ssh/sshd_config"then restart ssh
sudo systemctl restart ssh
- create non root user, copy .ssh folder from root to their profile, making sure to
chown newuserfor the authorized_keys file, and add the user to group sudo –
sudo addgroup groupname.
- Add auto security updates.
sudo apt-get install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades **requires root email for notifications*
- Set time zone
sudo dpkg-reconfigure tzdata
Following this guide.
NOTE 1: In the part where they edit
I edited the server directive to read:
server 192.168.155.0 255.255.255.0
then my UFW rules are
# START OPENVPN RULES Continue reading “OpenVPN Server on Ubuntu 16.04”
# NAT table rules
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to ens3 (change to the interface you discovered!)
-A POSTROUTING -s 192.168.155.0/24 -o ens3 -j MASQUERADE
# END OPENVPN RULES
In Ubuntu 16.04 DNSCrypt can be installed from apt-get:
sudo apt-get install dnscrypt-proxy
Assuming a wireless interface is setup and working on the router, we can add a virtual interface, give it it’s own subnet, and isolate that subnet from the existing LAN. Note: these routers don’t seem to like multi-tasking/wi-fi too much Continue reading “isolated wifi using a Mikrotik wireless router”
I moved the project to some acrylic in what is possibly the final stage for the project.While I thought the software reset for the Ethernet chip would suffice for connection problems, it appears this isn’t the case. I’ll try reprogramming the chip with an interrupt reboot for the main program loop, currently the device isn’t sending info to ThingSpeak.
Once the code is running smoothly (for at least a week) I’ll add email notifications. In the future I won’t use this Ethernet chip, there is a similarly priced chip I have which is much more capable.
Starting the electronics part..
This part of the build requires sending temperature data to the internet. This requires 3 things:
- Thermocouples for measuring temperature.
- A microcontroller for processing the thermocouples values.
- A hardware connection to the internet.