fighting the lack of good ideas
After a friend of mine told me he wanted to deploy Jitsi on my main webserver, and me saying “sure”, I decided I wanted to get it up and running on a new server both so I knew how to do it, and to avoid the latency issues of videoconferencing from central North America to…
continue “basic dockerized jitsi deployment with an apache reverse proxy on centos” »
In follow-up to previous posts I’ve had about SSL (specifically with Let’s Encrypt), here is the set of SSL configurations I use with all my sites. These, if used correctly, should score you an “A+” with no warnings from ssllabs.com. Note: I have an improved entropy package installed (twuewand). This is adapted from the Mozilla config…
continue “ssl configuration for apache 2.4 on centos 7 with let’s encrypt” »
After running my new server for a while, I was noticing an unusually-high level of bogus email arriving in my inbox – mail that was being spoofed to look like it was coming from myself (to myself). After a great deal of research, I learned there is a component of the DNS specification that allows…
continue “turn on spf filtering with postfix and centos 7” »
After moving to a new server, I wanted to finally get ownCloud up and running (over SSL, of course) on it. And I like subdomains for different services, so I wanted to put it at sub.domain.tld. This turns out to be not as straight-forward as one might otherwise hope, sadly – ownCloud expects to be…
continue “putting owncloud 8 on a subdomain instead of a subdirectory on centos 7” »
In my how-to for Let’s Encrypt, I gave an example script that can be called via cron (or manually) which will renew Let’s Encrypt SSL certificates under CentOS 6. If you want to do it on CentOS 7 (which is what I am now running), use the following: cd ~/letsencrypt git pull systemctl stop httpd.service…
continue “automated let’s encrypt ssl certificate renewal on centos 7” »
There’s been quite a bit of excitement surrounding Let’s Encrypt recently – a truly 100% free SSL issuer. Last week I helped a friend of mine get his first Let’s Encrypt certificate generated and configured for his website. One of the things I found incredibly frustrating is that Let’s Encrypt does not have a package…
Thanks to @Anon on Unix.SE for the pointer on how to do this. And to @Andy‘s comment on @mmckinst‘s answer for the warning about additional packages you may need. As my three readers know, I run a CentOS mirror. One of the idiosyncrasies of CentOS, like its upstream RHEL, is that DVD ISOs aren’t always…