Difference between revisions of "Mail server"
Jump to navigation
Jump to search
| (5 intermediate revisions by the same user not shown) | |||
| Line 18: | Line 18: | ||
{| border="1" class="wikitable" | {| border="1" class="wikitable" | ||
| + | |- | ||
| + | ! site | ||
| + | ! path | ||
| + | ! contact | ||
| + | ! [[SAC:Backups|backup]] | ||
| + | ! comments | ||
|- | |- | ||
| www.tilecache.org | | www.tilecache.org | ||
| Line 25: | Line 31: | ||
| | | | ||
|- | |- | ||
| − | | | + | | lists.osgeo.org |
| + | | | ||
| admin | | admin | ||
| + | | | ||
| Web interface for managing Mailman | | Web interface for managing Mailman | ||
|- | |- | ||
| Line 33: | Line 41: | ||
== MySQL server == | == MySQL server == | ||
| − | '''TODO''': review | + | '''TODO''': review/cleanup |
| − | |||
| − | |||
* backed up via [[SAC:Backups|bacula]] in BackupOg6 job (see /osgeo/backup) | * backed up via [[SAC:Backups|bacula]] in BackupOg6 job (see /osgeo/backup) | ||
* admin user credentials found in ~root/.my.cnf | * admin user credentials found in ~root/.my.cnf | ||
| Line 42: | Line 48: | ||
= SSL certificates = | = SSL certificates = | ||
| − | * LetsEncrypt | + | * LetsEncrypt is configured using certbot-auto |
| − | ** careful: check the conf files in /etc/apache2/sites-enabled/ to make sure that the VirtualHost settings do not include something like ''<VirtualHost _default_:443>'' and instead should point to the IP such as ''<VirtualHost 140.211.15. | + | ** careful: check the conf files in /etc/apache2/sites-enabled/ to make sure that the VirtualHost settings do not include something like ''<VirtualHost _default_:443>'' and instead should point to the IP such as ''<VirtualHost 140.211.15.14:443>'' or else the certificate loaded will always default to mapserver.org |
** certbot-auto lives in /usr/local/sbin. | ** certbot-auto lives in /usr/local/sbin. | ||
** to add more sites, run the command:<blockquote>certbot-auto --apache -d mapserver.org -d www.mapserver.org</blockquote> | ** to add more sites, run the command:<blockquote>certbot-auto --apache -d mapserver.org -d www.mapserver.org</blockquote> | ||
Latest revision as of 09:39, 2 October 2025
The production mail server is a Debian 10 LXD container administered by SAC, hosted on osgeo9.
See SAC#Communication in case of troubles or quick questions
Services hosted on the mail container
Postfix SMTP server
Handles outgoing and incoming email
Mailman
- SAC:Mailing Lists - mailman configuration for lists.osgeo.org.
Websites
All websites are served by Apache
| site | path | contact | backup | comments |
|---|---|---|---|---|
| www.tilecache.org | /var/www/tilecache/docs | SAC !? | BackupOg6 bacula job | |
| lists.osgeo.org | admin | Web interface for managing Mailman |
MySQL server
TODO: review/cleanup
- backed up via bacula in BackupOg6 job (see /osgeo/backup)
- admin user credentials found in ~root/.my.cnf
SSL certificates
- LetsEncrypt is configured using certbot-auto
- careful: check the conf files in /etc/apache2/sites-enabled/ to make sure that the VirtualHost settings do not include something like <VirtualHost _default_:443> and instead should point to the IP such as <VirtualHost 140.211.15.14:443> or else the certificate loaded will always default to mapserver.org
- certbot-auto lives in /usr/local/sbin.
- to add more sites, run the command:
certbot-auto --apache -d mapserver.org -d www.mapserver.org
- a cronjob (certbot-auto renew) was created to check for renewal twice a day
- also enabled for geos.osgeo.org on by Jeff McKenna on 2018-10-01
Backup strategy
See SAC:Backups for general info about backup strategies for containers.
A dump of each mysql database is also stored as a separate file under /osgeo (created during the backup phase).