NGINX Reverse Proxy LetsEncrypt Auto-Renew

Intro

I finally got round to moving all my web services off a single server and onto a new server using ESXi virtualisation. I got an older HP G7 DL380 with 2x Intel Xeon CPU’s and 64GB of RAM for around £300 off eBay. It does use more power (Averages 150W) however it is well worth it as it provides full RAID redundancy and virtualisation provides easy backup/snapshots before any modifications. I have decided to create a separate VM for each service and then use NGINX as a reverse proxy to handle all the SSL. This greatly reduces management overhead as I have only got to renew the certificates in one place, it also provides speed improvements as well as security.

I was initially put off LetsEncrypt with its short certificate lifetime and the need for automation, especially when I add a large and complex Apache configuration file however I decided to go for it with a brand new VM and I am glad I did; it is brilliant!!

Read more…

Please share 🙂

Install Kolab Mail Server on Ubuntu

This post will show you how to install Kolab mail server on ubuntu 14.04, in this example on a DigitalOcean VPS.  Kolab’s recipient policy will be removed because I do not need guaranteed unique email addresses, secondary alias addresses setup etc. DKIM is another important factor when configuring a mail server as it allows other mail servers to validate the authenticity of you emails. There are many useful plugins available for roundcube such as integration with Google Authenticator app. For sources see the reference section at the end.

Install Kolab

The first step is to install Kolab on the VPS. Add the following to /etc/apt/sources.list.d/kolab.list using nano or similar.

We need to import the authentication key to validate the packages. Run these commands.

To make sure the Ubuntu server priorities the packages from the Kolab repository we need to create a preferences file. Create and put the following in /etc/apt/preferences.d/kolab:

Setup Kolab

Read more…

Please share 🙂