Server

I created a provider that makes the lego command itself a DNS server to perform DNS-01 authentication when obtaining Let’s Encrypt SSL certificates using Lego. Introduction Lego is a command-line tool written in Go that acts as an ACME client to obtain SSL certificates from Let’s Encrypt and other certificate authorities. What did I do? Lego’s DNS-01 authentication supports various DNS providers, but for times when “there’s no DNS server with an API available! …

Here’s a note on adding Rspamd to an existing Postfix mail server. The server is running on Ubuntu 20.04. Install Redis Install via apt # apt install redis Check if it is running # systemctl status redis.service Ensure it shows active (running) Verify it is listening on port 6379 # ss -ltn | grep 6379 LISTEN 0 511 127.0.0.1:6379 0.0.0.0:* LISTEN 0 511 [::1]:6379 [::]:* If it is listening on 0. …

Before upgrading Mattermost, I restarted Mattermost and encountered a 404 Page Not Found issue. Here’s a note on the troubleshooting steps. Symptoms When accessing http://<mattermost-server>/, a 404 Page Not Found error is displayed. Cause I use nginx for caching in front of Mattermost, and I disabled gzip compression in nginx. However, I mistakenly set the WebserverMode to “disabled” instead of “uncompressed,” causing the web server to be disabled. The issue did not appear immediately after changing the setting; it only occurred after restarting Mattermost, making it difficult to identify the cause. …

I wasn’t very familiar with this, so I did a brief research. To use RCTL in FreeBSD, a kernel with RACCT and RCTL enabled is required. The Generic kernel of FreeBSD 13.1 seems to have this enabled, so enable it in loader.conf. root@freebsd13:~ # grep -E 'RACCT|RCTL' /usr/src/sys/amd64/conf/GENERIC options RACCT # Resource accounting framework options RACCT_DEFAULT_TO_DISABLED # Set kern.racct.enable=0 by default options RCTL # Resource limits # echo "kern.racct.enable=1" >> /boot/loader. …

Note: This is possible, but not the intended use. Enjoy it as a fun experiment. On Sakura Cloud, it is not possible to connect using a bridge. Can I assign a fixed MAC address or change it to an arbitrary one? It is presumed that packets with MAC addresses other than those of the created VM cannot leave the VM on Sakura Cloud’s switch. Creating a bridge within a VM to connect LXD containers directly to the router + switch IP address or the switch’s local IP address for communication is not possible. …

I always forget pfctl commands, so here are some notes. Rule Related Check current rules # pfctl -s rules Add -v to see statistics # pfctl -vs rules Table Operations List tables # pfctl -s Tables Add -vv to see statistics # pfctl -vvs Tables Display IP addresses in a table # pfctl -t <table> -T show Add an IP address to a table # pfctl -t <table> -T add <IPAddress> Remove an IP address from a table # pfctl -t <table> -T delete <IPAddress> Remove all IP addresses from a table # pfctl -t <table> -T flush …

Given the strict spam filters these days, I decided to implement DKIM on my personal mail server. Here are the notes from that process. For DMARC settings, see the update in November 2023. August 2024 Update I have switched from OpenDKIM to arcmilter. Changed from OpenDKIM to arcmilter and Added Support for ARC Signatures Environment Ubuntu 20.04 OpenDKIM Installation # apt install opendkim opendkim-tools Create the directory to store keys # install -d /etc/opendkim/key # cd ! …

Upon upgrading to Ubuntu 22.04, it seems that the way to specify gateway4 and gateway6 in netplan has been deprecated. Error Messages `gateway4` has been deprecated, use default routes instead. See the 'Default routes' section of the documentation for more details. `gateway6` has been deprecated, use default routes instead. See the 'Default routes' section of the documentation for more details. Before Fix network: ethernets: ens3: addresses: - 192.168.0.2/24 gateway4: 192.168.0.1 nameservers: addresses: - 8. …

Here’s a note on setting up Wireguard using netplan. I couldn’t find many Japanese articles on this topic. Tested on Ubuntu 20.04. Server Side Generating private and public keys # umask 077 # wg genkey | tee private.key | wg pubkey > public.key netplan configuration network: tunnels: wg0: mode: wireguard key: <Generated private.key> port: 50000 # UDP port number to listen on addresses: [ 192.168.2.1/30 ] # IP address for wg0 peers: - allowed-ips: [0. …

I tried using the newly integrated feature that allows linking Sakura Cloud’s Web Accelerator with Object Storage. Web Accelerator Now Supports Object Storage Integration This blog is a static site generated by Hugo, so I wanted to distribute this site using Object Storage and Web Accelerator. Currently, it is being distributed via Web Accelerator + Sakura Rental Server. Creating a Bucket in Object Storage For pricing information, please check here …