Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

111 lines (68 sloc) 3.143 kB
-----AWS backup instance setup
http://itsecureadmin.com/2011/06/aws-instance-ebs-volume-delete-on-termination/
-----------
Postfix setup:
http://www.millcreeksys.com/how-to-configure-your-postfix-server-to-relay-email-through-amazon-simple-email-service-ses/
sender_dependent_relayhost_maps = regexp:/etc/postfix/sender_dependent_relayhost
/etc/postfix/sender_dependent_relayhost:
somesender@millcreeksys.com in.mailjet.com
https://uk.mailjet.com/support/i-received-an-alert-for-an-unknown-sender-detection-what-should-i-do,265.htm
http://ubuntuforums.org/archive/index.php/t-1813276.html
sender_canonical_maps = regexp:/etc/postfix/sender_canonical
/etc/postfix/sender_canonical
/(.*?)@(.*)/ webmaster@web-angle.com
static lookup:
postmap -q sdfsdf@baasdr.com static:www1-new@web-angle.com
query lookup:
postmap -q foo@bar.com regexp:/etc/postfix/sender_canonical
Advanced mail mangling via postfix filter:
http://www.postfix.org/FILTER_README.html
Mailjet wants valid <email@address.com> in the From:
but can be "Some made up text <email@address.com>"
Mail clients use Reply-To to populate the to: field when hitting reply button
Gmail shows "via example.com" when Sender: address@example.com, or another part of message headers indicates a via
A strategy:
(1) Use regex sender_canonical to rewrite address to "{Name} via webserver <webserver@web-angle.com>"
(2) Insert Reply-To: header with original From:
(3) relay everything through mailjet
--------
Manual setup steps:
1. sudo vi ~/.ssh/config
Host www4.web-angle.com
User ubuntu
IdentityFile /Users/mrdavidlaing/.ssh/web-angle-EU-West1.pem
2. Attach a data volume at /data
mkdir /data
fdisk -l
mke2fs -N 4000000 -t ext4 /dev/xvdf
vi /etc/fstab
/dev/xvdf /data auto defaults,nobootwait,comment=cloudconfig 0 0
mount -all
df -h
8. Setup SSH tunnel (using blowfish encryption, which is slightly less secure but less CPU intensive)
ssh -f -c blowfish www4.web-angle.com -L 10080:127.0.0.1:80 -L10081:127.0.0.1:81 -L13000:127.0.0.1:3000 -L12000:127.0.0.1:2000 -N
9. Fix phpmyAdmin
Ensure this isn't on a public port!
sudo vi /var/www/phpmyadmin/config.inc.php
add
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = 'QzEoS8z4UjN0dIQArowX';
10. Setup git www deploy
http://caiustheory.com/automatically-deploying-website-from-remote-git-repository
--------
NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
/etc/nginx/sites-available/all-vhosts.conf
include /data/www/vhosts/*/nginx/*.conf;
/etc/nginx/fastcgi_params seems to require the HTTPS line to be commented out
#fastcgi_param HTTPS $server_https;
In ubuntu 11.10, the php5-fpm config file is /etc/php5/fpm/php-fpm.conf (not main.conf)
When changing location of mysql data, also update
sudo vi /etc/apparmor.d/usr.sbin.mysqld
/data/mysql/ r,
/data/mysql/** rwk,
/var/lib/mysql/ r,
/var/lib/mysql/** rwk,
Make sure that /data/mysql is chowned mysql:mysql
make sure that /data/mysql contains everything from /var/lib/mysql
Jump to Line
Something went wrong with that request. Please try again.