User Tools

Site Tools


amber_build

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
amber_build [2011/05/31 16:30]
SLUUG Administration [Apache]
amber_build [2018/07/12 15:16] (current)
SLUUG Administration old revision restored (2018/05/28 02:17)
Line 24: Line 24:
 # cd /​etc/​pki/​tls/​certs # cd /​etc/​pki/​tls/​certs
  
-# make sluug.pem - notice we specified *.sluug.org to give ourselves a wildcard cert for the entire domain!+# make apache.pem
  
 Country Name (2 letter code) [GB]:US Country Name (2 letter code) [GB]:US
Line 36: Line 36:
 Organizational Unit Name (eg, section) []:Admin Team Organizational Unit Name (eg, section) []:Admin Team
  
-Common Name (eg, your name or your server'​s hostname) []:*.sluug.org+Common Name (eg, your name or your server'​s hostname) []:amber.sluug.org
  
 Email Address []:​sysadmin@sluug.org Email Address []:​sysadmin@sluug.org
Line 57: Line 57:
 to  to 
  
-''<​VirtualHost ​*>''​+''<​VirtualHost ​amber.sluug.org:​443>''​
  
 Then we restarted apache. ​ Then we restarted apache. ​
  
-We now have https available for anything in the sluug.org domain.+
 ===== PHP ===== ===== PHP =====
 PHP didn't require much configuration. We just did: PHP didn't require much configuration. We just did:
Line 72: Line 72:
  
 ''#​ yum install mysql mysql-server''​ ''#​ yum install mysql mysql-server''​
 +
 ''#​ mysql_secure_installation''​ ''#​ mysql_secure_installation''​
  
Line 269: Line 270:
 virtual_transport = virtual virtual_transport = virtual
 </​code>​ </​code>​
 +
 +Also in /​etc/​postfix/​main.cf,​ add or uncomment line "​recipient_delimiter = +". This specifies the separator between user names and address extensions (user+foo).
 +
 +Also in /​etc/​postfix/​main.cf,​ add "​disable_vrfy_command=yes"​. Disable VRFY....From Jeff's presentation.
  
 Now, edit the mapping files. **IMPORTANT:​ These files contain database passwords! They need to be root:​postfix 640!** Now, edit the mapping files. **IMPORTANT:​ These files contain database passwords! They need to be root:​postfix 640!**
Line 341: Line 346:
   * Uncomment $MYHOME,​$helpers_home,​$lock_file,​$pid_file   * Uncomment $MYHOME,​$helpers_home,​$lock_file,​$pid_file
   * Uncomment the clamav block in amavisd.conf. Make sure the path to the socket is /​var/​run/​clamav/​clamd.sock (must match the LocalSocket setting in clamd.conf)   * Uncomment the clamav block in amavisd.conf. Make sure the path to the socket is /​var/​run/​clamav/​clamd.sock (must match the LocalSocket setting in clamd.conf)
 +  * Change setting $sa_tag_level_deflt to -9999 instead of 2.0.  This means the SpamAssassin score headers are added to all mail. 
 +  * Uncomment the sample $final_spam_destiny line and change the value from D_PASS to D_DISCARD. Due to the default changing from bounce to pass. 
 +  * Try to be a little more lenient on mail relayed by our users. ​ Add "​spam_kill_level_maps => [10.0],"​ to the "​$policy_bank{'​ORIGINATING'​}"​ section.
  
 Append the following to /​etc/​postfix/​master.cf:​ Append the following to /​etc/​postfix/​master.cf:​
Line 398: Line 405:
   * courier-authlib-devel   * courier-authlib-devel
  
-As an unprivilged ​user, do:+As an unprivileged ​user, do:
 <​code>​ <​code>​
 mkdir $HOME/rpm mkdir $HOME/rpm
Line 470: Line 477:
 Mailman wouldn'​t start because the mailman list was missing. Mailman wouldn'​t start because the mailman list was missing.
  
-FIXME Did someone rsync over lists from bud? What happened in this step?+FIXME Did someone rsync over lists from bud? What happened in this step? It should have been lists/, data/, archives/, followed by /​usr/​local/​mailman/​bin/​genaliases.
  
 +See [[build:​lists|MailMan]] for configuration files and options,
 +including Apache.
 ===== Webmail===== ===== Webmail=====
  
 +We have installed roundcube as our [[build:​webmail|Webmail]] tool.
amber_build.1306877422.txt.gz · Last modified: 2011/05/31 16:30 by SLUUG Administration