• 0 Posts
  • 63 Comments
Joined 1 year ago
cake
Cake day: June 14th, 2023

help-circle







  • You need to include the files in the zone file. Bind 9.18.18 is a mess with the changed DNSSEC setup, it broke my domains as well. I’t isn the bind documentation, so I have to refer you there. I have no access to my setup now (or my browser history) as I’m not at my computer.

    Edit: managed to get in dns.

    named.conf.local: zonefile needa to be the .signed file the unsigned zone file must have both keys included, best is via absolute path:

    $INCLUDE "/etc/bind/keys/example.com.123456.key"
    

    for both the ZSK and KSK keys. The include is to get the RRSIG entries.


  • I’ve setup my email via a VPN to my own server.

    • DNS, mail, business web, cusromer web on VPSes (2, 1 primary, 1 secondary DNS only)
    • Personal email, incoming and outgoing via VPS, personal websites (all static) on local system (RPi 4 8GB)

    This gives the advantage that your outgoing email always comes from the VPS ip address (pick a VPS provider that is trusted) and when your line is down, incoming email is cached on your VPS. It’s a tad of double work, but pretty secure. Even connecting to my employer to work from home is not a big issue. (and that connection is limited to it’s own vlan)

    Also, with this method, you can route the mail into your network via port 26 when 25 is blocked or even set an outgoing vpn to your VPS and route the email that way. You’ll be provider independent at home. (I even have a private ipv6 /48 via a tunnel broker)

    You’ll need to work a lot on your knowledge though, without DNSSEC, SPF, DKIM and DMARC the big 2 (Google and hotmail) will refuse your email.



  • I bought a fun domain in '98, used it for email only. Next to that I bought a domain with just my surname. I have several sites in that domain, for my personal stuff, one for the pets, our wedding,… It’s a lot more flexible then using the complete name. (But you have to be lucky enough to catch it)

    Next to these 2 I have 2 others in my countries tld for messing about with. Those are a lot cheaper and my company has 3 more domains. The total set costs me €90 a year.






  • I’ve been using gogs since I had my RPi2. It’s not fancy, it just works. Gitea is a fork of it, as there are others, but I never really put time in a conversion, as gogs just works. I don’t do more then synching repos over ssh and an occasional repo creation via the web interface. It’s a 1 user setup.

    Edit: just spend a bit of spare time to install forgejo to figure out what I need to do to move the repos I have (~200) over. All that was needed was to create all repos manually and then rsync the content from the direcory with the gogs repos to the forgejo repo storage. I went ftom gogs 0.12 to forgejo 1.20.5 in a tad over 2h.