kevin/server-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
27 commits 1 branch 0 tags 180 KiB
Shell 100%
Find a file
Kevin MacMartin 075111cba1 Up mailbox size limit to 1 gigabyte and message size limit to 50 megs
2016-10-26 12:03:55 -04:00
dovecot Add initial configuration and instructions 2016-02-23 22:05:00 -05:00
nginx Update nginx config to reflect upstream changes 2016-10-13 21:26:10 -04:00
pam.d Add initial configuration and instructions 2016-02-23 22:05:00 -05:00
php Update php config to reflect latest upstream changes 2016-10-13 21:18:40 -04:00
postfix Up mailbox size limit to 1 gigabyte and message size limit to 50 megs 2016-10-26 12:03:55 -04:00
skel Add Mail folder to the skel config as a .tar.gz so it gets included by git 2016-10-21 16:45:13 -04:00
systemd/system Increase the maximum upload size to 30 megs in php and nginx, and update the let's encrypt renewal service 2016-09-12 18:41:03 -04:00
procmailrc Add initial configuration and instructions 2016-02-23 22:05:00 -05:00
README.md Increase the maximum upload size to 30 megs in php and nginx, and update the let's encrypt renewal service 2016-09-12 18:41:03 -04:00

README.md

Base Config

Note: The Mail Server requires SSL certificates

Swap File

  1. Run dd if=/dev/zero of=/swapfile bs=1M count=2048 then chmod 600 /swapfile followed by mkswap /swapfile and swapon /swapfile
  2. Set the system up to mount the swap file at boot by adding /swapfile none swap defaults 0 0 to the bottom of /etc/fstab

Web Server

Package Requirements for Web Server

nginx, php, php-apcu-bc, php-fpm, php-composer, php-gd, php-imap, php-intl, php-mcrypt, php-memcached, memcached, mariadb, bower, gulp, npm, certbot

Folders for Web Server

nginx, php, systemd

Setup Instructions for Web Server

  1. Install the packages in the Package Requirements above
  2. Copy the folders above that aren't already configured to their equivalent location in /etc
  3. In /etc/nginx/sites-available/REPLACEME.TLD.conf and /etc/systemd/system/letsencrypt.service, replace instances of REPLACEME.TLD with the FQDN
  4. Rename /etc/nginx/sites-available/REPLACEME.TLD.conf so that REPLACEME.TLD is replaced with the FQDN
  5. Add your site files to /srv/http/REPLACEME.TLD where public assets are located in /srv/http/REPLACEME.TLD/public (replacing REPLACEME.TLD with the FQDN)
  6. Create a symlink from /etc/nginx/sites-available/REPLACEME.tld.conf to /etc/nginx/sites-enabled/REPLACEME.tld.conf (replacing REPLACEME.TLD with the FQDN)
  7. Run openssl dhparam -out /etc/nginx/dhparam.pem 4096 to generate the diffie-hellman parameter
  8. Run systemctl start php-fpm nginx to start the web services and systemctl status php-fpm and systemctl status nginx to check for errors
  9. If there were no errors in the previous command, run systemctl enable php-fpm nginx to enable the web services at boot
  10. Ensure the public web directory exists and run systemctl start letsencrypt to generate the SSL certificates
  11. Run systemctl start certbot-renewal.timer and systemctl enable certbot-renewal.timer to start and enable the auto-renewal process

MySQL Config

  1. Run mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
  2. Run systemctl start mysqld and systemctl enable mysqld to start mysqld and enable it at boot
  3. Run mysql_secure_installation.
  4. Create a new password.
  5. Say yes to everything (e.g. "Remove anonymous users? Disallow root logging remotely? Remove test database and access to it? Reload privilege tables now?")

Mail Server

Package Requirements for Mail Server

dovecot, postfix, procmail

Folders for Mail Server

dovecot, pam.d, postfix, procmailrc, skel, systemd

Setup Instructions for Mail Server

  1. Install the packages in the Package Requirements above
  2. Copy the folders above that aren't already configured to their equivalent location in /etc
  3. In /etc/dovecot/dovecot.conf and /etc/postfix/main.cf, replace instances of REPLACEME.TLD with the FQDN
  4. In /etc/postfix/aliases, replace the instance of REPLACEME with the user that should receive domain-level emails
  5. Run newaliases to update the aliases database with the contents of /etc/postfix/aliases
  6. Run systemctl start postfix dovecot to start the mail services and systemctl status postfix and systemctl status dovecot to check for errors
  7. If there were no errors in the previous command, run systemctl enable postfix dovecot to enable the mail services at boot

Add Accounts

  1. Create an account by running useradd -m -d /home/REPLACEME -s /bin/bash REPLACEME (replacing REPLACEME with the username associated with the mail account)
  2. Set the password by running passwd REPLACEME (replacing REPLACEME with the username associated with the mail account)