Created
April 21, 2012 23:56
-
-
Save EnriqueVidal/2440416 to your computer and use it in GitHub Desktop.
rubytij.org config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generated by iptables-save v1.4.10 on Sun Apr 22 03:00:29 2012 | |
| *filter | |
| :INPUT DROP [59:1664] | |
| :FORWARD DROP [0:0] | |
| :OUTPUT ACCEPT [49:5928] | |
| -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT | |
| -A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT | |
| -A INPUT -p icmp -m icmp --icmp-type 4 -j ACCEPT | |
| -A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT | |
| -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT | |
| -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT | |
| -A INPUT -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT | |
| -A INPUT -i lo -j ACCEPT | |
| COMMIT | |
| # Completed on Sun Apr 22 03:00:29 2012 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/sh | |
| ### BEGIN INIT INFO | |
| # Provides: nginx | |
| # Required-Start: $all | |
| # Required-Stop: $all | |
| # Default-Start: 2 3 4 5 | |
| # Default-Stop: 0 1 6 | |
| # Short-Description: starts the nginx web server | |
| # Description: starts nginx using start-stop-daemon | |
| ### END INIT INFO | |
| PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin | |
| DAEMON=/opt/nginx/sbin/nginx | |
| NAME=nginx | |
| DESC=nginx | |
| test -x $DAEMON || exit 0 | |
| # Include nginx defaults if available | |
| if [ -f /etc/default/nginx ] ; then | |
| . /etc/default/nginx | |
| fi | |
| set -e | |
| case "$1" in | |
| start) | |
| echo -n "Starting $DESC: " | |
| start-stop-daemon --start --quiet --pidfile /opt/nginx/logs/$NAME.pid \ | |
| --exec $DAEMON -- $DAEMON_OPTS | |
| echo "$NAME." | |
| ;; | |
| stop) | |
| echo -n "Stopping $DESC: " | |
| start-stop-daemon --stop --quiet --pidfile /opt/nginx/logs/$NAME.pid \ | |
| --exec $DAEMON | |
| echo "$NAME." | |
| ;; | |
| restart|force-reload) | |
| echo -n "Restarting $DESC: " | |
| start-stop-daemon --stop --quiet --pidfile \ | |
| /opt/nginx/logs/$NAME.pid --exec $DAEMON | |
| sleep 1 | |
| start-stop-daemon --start --quiet --pidfile \ | |
| /opt/nginx/logs/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS | |
| echo "$NAME." | |
| ;; | |
| reload) | |
| echo -n "Reloading $DESC configuration: " | |
| start-stop-daemon --stop --signal HUP --quiet --pidfile /opt/nginx/logs/$NAME.pid \ | |
| --exec $DAEMON | |
| echo "$NAME." | |
| ;; | |
| *) | |
| N=/etc/init.d/$NAME | |
| echo "Usage: $N {start|stop|restart|force-reload}" >&2 | |
| exit 1 | |
| ;; | |
| esac | |
| exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # See /usr/share/postfix/main.cf.dist for a commented, more complete version | |
| # Debian specific: Specifying a file name will cause the first | |
| # line of that file to be used as the name. The Debian default | |
| # is /etc/mailname. | |
| #myorigin = /etc/mailname | |
| smtpd_banner = $mydomain ESMTP | |
| biff = no | |
| # appending .domain is the MUA's job. | |
| append_dot_mydomain = no | |
| # Uncomment the next line to generate "delayed mail" warnings | |
| #delay_warning_time = 4h | |
| readme_directory = no | |
| # TLS parameters | |
| smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem | |
| smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key | |
| smtpd_use_tls=yes | |
| smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | |
| smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |
| # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | |
| # information on enabling SSL in the smtp client. | |
| myhostname = www | |
| mydomain = localhost.localdomain | |
| alias_maps = hash:/etc/aliases | |
| alias_database = hash:/etc/aliases | |
| myorigin = /etc/mailname | |
| relayhost = [smtp.gmail.com]:587 | |
| smtp_sasl_auth_enable = yes | |
| smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd | |
| smtp_sasl_security_options = noanonymous | |
| smtp_tls_CAfile = /etc/postfix/cacert.pem | |
| smtp_use_tls = yes | |
| mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 | |
| mailbox_size_limit = 0 | |
| recipient_delimiter = + | |
| inet_interfaces = all | |
| smtpd_helo_required = yes | |
| smtpd_delay_reject = no | |
| disable_vrfy_command = yes | |
| smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination | |
| smtpd_sender_restrictions = reject_unknown_sender_domain | |
| smtp_host_lookup = dns, native |
To get postfix working you'll need postfix, libsasl2-2 and libsasl2-modules get your hands on the ca-certificates as well.
To trust Thawte you'll need to run: cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem (this assumes you already have your copy of ca-certificates.
To create the sasl_password_maps just create file named /etc/postfix/sasl_passwd with the accounts in this format:
[smtp.gmail.com]:587 user@domain.tld:password
Then do a postmap /etc/postfix/sasl_passwd you can now remove /etc/postfix/sasl_passwd from the file system as postfix will look for /etc/postfix/sasl_passwd.db.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
You need to remember to run
sudo /usr/sbin/update-rc.d -f nginx defaultsfornginxautostart