Debian updates with Ansible

I've recently bought a HP Proliant Microserver Gen8 to play around with LXC and try new stuff.

From the 4 Debian machines I had to keep up-to-date, I now have 7, so it became quite time-consumming to manually SSH to each of them whenever an update became available.

I ended up looking at Ansible to speed up the process and, within an hour, I had a working playbook that updates the debian packages, pip packages and git repos installed on all of my servers with a single command.

I figured I'd share the playbook I use to update the Debian packages !

Read more  ↩︎

Private Git repo

I've decided to migrate this blog to Pelican. I've been playing around with it over the week-end, and it turns out to be way easier to manage than Jekyll. Themes are much easier to install and configure, so it ends up looking better as well !

Since I'm basically recreating this blog from scratch, I've decided to delete the old git repo that was hosting it and to create a new one.

Setting up your own private git repo is pretty easy to achieve and is already well-documented on the Git website.

Every time I want to create a new repo, I've had time to forget how to do it and I end up looking for that page, so I figured I'd write a few lines on the subject.

In this tutorial, I'll configure a git repo on a distant server running Debian 8 (Jessie). This repo will be remotely accessible using SSH. Two users will be able to connect to it : me and the www-data user on my webserver.

Read more  ↩︎

Flexget init script

I've been using Flexget for the past two years or so as a download automator.

Since I wrote an init script for it a while back, and it is compatible with Debian Jessie / systemd, I figured I'd share it here.

Read more  ↩︎

Setting up a mail server

In this first tutorial, I'll explain how I've configured my mail server using the following :

  • A server running Linux Debian (jessie) ;
  • Postfix ;
  • Postfix-policyd-spf-python ;
  • Dovecot ;
  • Spamassassin ;
  • OpenDKIM ;
  • OpenDMARC ;
  • Monit ;
  • Rainloop.

I'm assuming you have some basic knowledge of Linux and DNS configuration.

You can host this server at home, but you might have issues with your ISP not allowing outbound traffic on TCP port 25, and your emails might be considered to be spam by other providers if your IP is dynamic and/or you can't configure a reverse DNS record on it.

The cheapest VMs from DigitalOcean or Vultr are powerful enough to have this configuration running smoothly.

We'll also need a SSL certificate for this configuration. You can create an auto-signed one or get a free valid one from StartSSL. For the purpose of this tutorial, I'll consider you've chosen the latter.

You'll also need a domain name. I've chosen Namecheap as a registrar. I won't go into details on how to configure it, but you'll need at the very least a A record on your server's IP as well as a MX record pointing to it.

I use the captainark.net domain as an example throughout this tutorial. You'll have to use your actual domain for your configuration to work !

Note: links in this section are sponsored.

Read more  ↩︎