Created
April 21, 2012 23:56
-
-
Save EnriqueVidal/2440416 to your computer and use it in GitHub Desktop.
rubytij.org config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Generated by iptables-save v1.4.10 on Sun Apr 22 03:00:29 2012 | |
*filter | |
:INPUT DROP [59:1664] | |
:FORWARD DROP [0:0] | |
:OUTPUT ACCEPT [49:5928] | |
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT | |
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT | |
-A INPUT -p icmp -m icmp --icmp-type 4 -j ACCEPT | |
-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT | |
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT | |
-A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT | |
-A INPUT -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT | |
-A INPUT -i lo -j ACCEPT | |
COMMIT | |
# Completed on Sun Apr 22 03:00:29 2012 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /bin/sh | |
### BEGIN INIT INFO | |
# Provides: nginx | |
# Required-Start: $all | |
# Required-Stop: $all | |
# Default-Start: 2 3 4 5 | |
# Default-Stop: 0 1 6 | |
# Short-Description: starts the nginx web server | |
# Description: starts nginx using start-stop-daemon | |
### END INIT INFO | |
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin | |
DAEMON=/opt/nginx/sbin/nginx | |
NAME=nginx | |
DESC=nginx | |
test -x $DAEMON || exit 0 | |
# Include nginx defaults if available | |
if [ -f /etc/default/nginx ] ; then | |
. /etc/default/nginx | |
fi | |
set -e | |
case "$1" in | |
start) | |
echo -n "Starting $DESC: " | |
start-stop-daemon --start --quiet --pidfile /opt/nginx/logs/$NAME.pid \ | |
--exec $DAEMON -- $DAEMON_OPTS | |
echo "$NAME." | |
;; | |
stop) | |
echo -n "Stopping $DESC: " | |
start-stop-daemon --stop --quiet --pidfile /opt/nginx/logs/$NAME.pid \ | |
--exec $DAEMON | |
echo "$NAME." | |
;; | |
restart|force-reload) | |
echo -n "Restarting $DESC: " | |
start-stop-daemon --stop --quiet --pidfile \ | |
/opt/nginx/logs/$NAME.pid --exec $DAEMON | |
sleep 1 | |
start-stop-daemon --start --quiet --pidfile \ | |
/opt/nginx/logs/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS | |
echo "$NAME." | |
;; | |
reload) | |
echo -n "Reloading $DESC configuration: " | |
start-stop-daemon --stop --signal HUP --quiet --pidfile /opt/nginx/logs/$NAME.pid \ | |
--exec $DAEMON | |
echo "$NAME." | |
;; | |
*) | |
N=/etc/init.d/$NAME | |
echo "Usage: $N {start|stop|restart|force-reload}" >&2 | |
exit 1 | |
;; | |
esac | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# See /usr/share/postfix/main.cf.dist for a commented, more complete version | |
# Debian specific: Specifying a file name will cause the first | |
# line of that file to be used as the name. The Debian default | |
# is /etc/mailname. | |
#myorigin = /etc/mailname | |
smtpd_banner = $mydomain ESMTP | |
biff = no | |
# appending .domain is the MUA's job. | |
append_dot_mydomain = no | |
# Uncomment the next line to generate "delayed mail" warnings | |
#delay_warning_time = 4h | |
readme_directory = no | |
# TLS parameters | |
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem | |
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key | |
smtpd_use_tls=yes | |
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | |
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | |
# information on enabling SSL in the smtp client. | |
myhostname = www | |
mydomain = localhost.localdomain | |
alias_maps = hash:/etc/aliases | |
alias_database = hash:/etc/aliases | |
myorigin = /etc/mailname | |
relayhost = [smtp.gmail.com]:587 | |
smtp_sasl_auth_enable = yes | |
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd | |
smtp_sasl_security_options = noanonymous | |
smtp_tls_CAfile = /etc/postfix/cacert.pem | |
smtp_use_tls = yes | |
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 | |
mailbox_size_limit = 0 | |
recipient_delimiter = + | |
inet_interfaces = all | |
smtpd_helo_required = yes | |
smtpd_delay_reject = no | |
disable_vrfy_command = yes | |
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination | |
smtpd_sender_restrictions = reject_unknown_sender_domain | |
smtp_host_lookup = dns, native |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
To get postfix working you'll need
postfix
,libsasl2-2
andlibsasl2-modules
get your hands on theca-certificates
as well.To trust Thawte you'll need to run:
cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem
(this assumes you already have your copy ofca-certificates
.To create the
sasl_password_maps
just create file named/etc/postfix/sasl_passwd
with the accounts in this format:Then do a
postmap /etc/postfix/sasl_passwd
you can now remove/etc/postfix/sasl_passwd
from the file system as postfix will look for/etc/postfix/sasl_passwd.db
.