No description
dovecot | ||
nginx | ||
pam.d | ||
php | ||
postfix | ||
skel | ||
systemd/system | ||
procmailrc | ||
README.md |
Base Config
Note: The Mail Server requires SSL certificates
Swap File
- Run
dd if=/dev/zero of=/swapfile bs=1M count=2048
thenchmod 600 /swapfile
followed bymkswap /swapfile
andswapon /swapfile
- Set the system up to mount the swap file at boot by adding
/swapfile none swap defaults 0 0
to the bottom of/etc/fstab
Web Server
Package Requirements for Web Server
nginx, php, php-apcu-bc, php-fpm, php-composer, php-gd, php-imap, php-intl, php-mcrypt, php-memcached, memcached, mariadb, bower, gulp, npm, certbot
Folders for Web Server
nginx, php, systemd
Setup Instructions for Web Server
- Install the packages in the
Package Requirements
above - Copy the folders above that aren't already configured to their equivalent location in
/etc
- In
/etc/nginx/sites-available/REPLACEME.TLD.conf
and/etc/systemd/system/letsencrypt.service
, replace instances ofREPLACEME.TLD
with the FQDN - Rename
/etc/nginx/sites-available/REPLACEME.TLD.conf
so thatREPLACEME.TLD
is replaced with the FQDN - Add your site files to
/srv/http/REPLACEME.TLD
where public assets are located in/srv/http/REPLACEME.TLD/public
(replacingREPLACEME.TLD
with the FQDN) - Create a symlink from
/etc/nginx/sites-available/REPLACEME.tld.conf
to/etc/nginx/sites-enabled/REPLACEME.tld.conf
(replacingREPLACEME.TLD
with the FQDN) - Run
openssl dhparam -out /etc/nginx/dhparam.pem 4096
to generate the diffie-hellman parameter - Run
systemctl start php-fpm nginx
to start the web services andsystemctl status php-fpm
andsystemctl status nginx
to check for errors - If there were no errors in the previous command, run
systemctl enable php-fpm nginx
to enable the web services at boot - Ensure the public web directory exists and run
systemctl start letsencrypt
to generate the SSL certificates - Run
systemctl start certbot-renewal.timer
andsystemctl enable certbot-renewal.timer
to start and enable the auto-renewal process
MySQL Config
- Run
mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
- Run
systemctl start mysqld
andsystemctl enable mysqld
to start mysqld and enable it at boot - Run
mysql_secure_installation
. - Create a new password.
- Say
yes
to everything (e.g. "Remove anonymous users? Disallow root logging remotely? Remove test database and access to it? Reload privilege tables now?")
Mail Server
Package Requirements for Mail Server
dovecot, postfix, procmail
Folders for Mail Server
dovecot, pam.d, postfix, procmailrc, skel, systemd
Setup Instructions for Mail Server
- Install the packages in the
Package Requirements
above - Copy the folders above that aren't already configured to their equivalent location in
/etc
- In
/etc/dovecot/dovecot.conf
and/etc/postfix/main.cf
, replace instances ofREPLACEME.TLD
with the FQDN - In
/etc/postfix/aliases
, replace the instance ofREPLACEME
with the user that should receive domain-level emails - Run
newaliases
to update the aliases database with the contents of/etc/postfix/aliases
- Run
systemctl start postfix dovecot
to start the mail services andsystemctl status postfix
andsystemctl status dovecot
to check for errors - If there were no errors in the previous command, run
systemctl enable postfix dovecot
to enable the mail services at boot
Add Accounts
- Create an account by running
useradd -m -d /home/REPLACEME -s /bin/bash REPLACEME
(replacingREPLACEME
with the username associated with the mail account) - Set the password by running
passwd REPLACEME
(replacingREPLACEME
with the username associated with the mail account)