yuanti.primat.es

yuanti.primat.es

programming archaeology, pedantics, and machine intelligence

24 Jan 2012

Personal Cloud HowTo

 358 words

Set up a personal cloud in less than 30 minutes!

Box

I’m using a Panix VPS, which lets me run FreeBSD (on Xen).

Once you’ve signed up, you need to pick an OS via 

V-Colo management -> OS Loader
when that’s done, restart your machine from 
V-Colo management -> VPS Info -> Status
you can then find the public address of your instance under 
V-Colo management -> Tools -> IPv4 Tools

DNS

Gandi has been my naming provider of choice for several years now. My zone file looks like so:

Name   Type Value        TTL
----------------------------
@      A    166.84.7.90  3h
bliki  A    166.84.7.90  3h
canned A    166.84.7.90  3h
lists  A    166.84.7.90  3h
mx     A    166.84.7.90  3h
planet A    166.84.7.90  3h
@      MX   mx (10)      3h

Basic FreeBSD Configuration

Account

# adduser
(Remember to add your new user to group wheel).

Packages

# pkg_add -r mg wget tmux autotools gmake portmaster git

SSH

Disable remote root logins on the server by setting PermitRootLogin to no: 

# mg /etc/ssh/sshd_config

Enable password-less logins from your laptop/workstation: 

$ scp ~/.ssh/id_rsa.pub jakob@primat.es:/home/jakob/.ssh/authorized_keys

Duo Security

# pkg_add -r duo
# mg /usr/local/etc/duo/login_duo.conf
# echo "ForceCommand /usr/local/sbin/login_duo" >> /etc/ssh/sshd_config
# /etc/rc.d/sshd restart

See also: http://www.duosecurity.com/docs/duounix

HTTP

nginx

# pkg_add -r nginx
# rm /usr/local/etc/nginx/nginx.conf
# ln -s /home/jakob/www/nginx.conf /usr/local/etc/nginx/nginx.conf
# echo 'nginx_enable="YES"' >> /etc/rc.conf
# /usr/local/etc/rc.d/nginx start

Planet Venus

# portmaster textproc/py-libxml2
# portmaster textproc/py-libxslt
# portmaster databases/py-bsddb
# cd /opt
# git clone https://github.com/rubys/venus.git
# cd venus
# python runtests.py
$ echo "@hourly cd /home/jakob/www/planet && python /opt/venus/planet.py config.ini" >> ~/.crontab
$ crontab ~/.crontab

SMTP

qmail

Install packages:

# pkg_add -r qmail
# pkg_add -r ucspi-tcp

Configure qmail:

# echo primat.es > /var/qmail/locals
# echo primat.es > /var/qmail/me
# echo primat.es > /var/qmail/rcpthosts

Default aliases:

# echo jakob > /var/qmail/alias/.qmail-root 
# echo jakob > /var/qmail/alias/.qmail-postmaster 
# echo jakob > /var/qmail/alias/.qmail-mailer-daemon

Configure qmail-smtpd:

# echo '127.0.0.1:allow,RELAYCLIENT=""' > /etc/tcp.smtp
# echo :allow >> /etc/tcp.smtp

Configure user:

$ /var/qmail/bin/maildirmake ~/Maildir
$ echo "./Maildir/" > ~/.qmail

Enable qmail:

# /var/qmail/scripts/enable-qmail
# echo qmailsmtpd_enable="YES" >> /etc/rc.conf

Start qmail:

# /etc/rc.d/sendmail stop
# cp /var/qmail/boot/maildir /var/qmail/rc
# /usr/local/etc/rc.d/qmail.sh start
# ln -s /var/qmail/rc-smtpd /usr/local/rc.d/qmail-smtpd.sh
# cp /var/qmail/boot/qmail-smtpd.rcNG /var/qmail/rc-smtpd
# /usr/local/rc.d/qmail-smtp.sh start

Tags

freebsd qmail sysadmin unix