Build a mail server with docker-mailserver

docker-mailserver is a production-ready fullstack but simple mail server that runs inside a container. Building a mail server is quite complicated, and for a beginner, it may be unclear how to start. In this article, I will share my experience of building my own mail server from scratch and provide some explanations of the parameters used.

- READ MORE -

Enable TLS communication between frps and frpc

In this article I introduced how to use frp to establish an SSH connection to a local server. In fact, services running on a local server also can be exposed to the internet via frp's TCP forwarding. For instance, I ran a chat service on my old laptop without public IP address and made it accessible over the internet. However, a potential security issue is that the traffic between the local client and server is plaintext if you just use the tcp or http mode. This article records how to enable TLS feature.

- READ MORE -

Use aria2+AriaNg as download service

Aria2 is a lightweight and powerful download utility. However, since aria2 is operated using command, it is slightly difficult for the normal user. Therefore, typically I use AriaNg as the web frontend to visualize the aria2.

- READ MORE -

Pylr - A simple audio/video plugin for Typecho

As Typecho does not support audio and video, playing them on Typecho pages requires a plugin. However, most plugins obtain audio resources from playlists on Netease Cloud or QQ Music, which means the song choices are limited. In addition, some guys, like me, prefer not to use these APPs to listen to music. Plyr is a simple HTML5, YouTube, and Vimeo player, and it was ported to Typecho called Typecho-Plugin-Plyr. The audio/video can be played by using this tiny tool.

- READ MORE -

Issue a wildcard cert using acme.sh

In a previous article I introduced how to issue an SSL cert for a single subdomain using acme. If there are several services running on a server (e.g., cloud storage, blog, chatroom), and each service has a subdomain, it is helpful to secure multiple subdomain names (hosts) under the same base domain using the wildcard cert.

- READ MORE -

Enable swap partition on Linux

If a server has RAM less than 1 GB or uses resource heavy services, it would be a good idea to enable swap space as the RAM may be exhausted here. This article records how I enable Swap on Linux.

- READ MORE -

Implement intranet penetration using frp

frp is a fast reverse proxy to expose a local server behind a network address translation (NAT) or firewall to the internet. This article introduces how to use frp to establish a SSH connection with a server that does not have a public IP address, even if two servers are not in same local area network (LAN).

- READ MORE -

Initial setup for Linux servers

Since buying the first server last year, I have bought several servers up to now. Because they are exposed to the internet, some necessary configurations in terms of firewall, ssh, etc., are required for security issues. This article records how I setup a server from scratch. I generally use Debian/Ubuntu, and Debian is used as an example server in this article. Some commands may differ for other distributions, but the overall process is similar.

- READ MORE -

Issue an SSL/TLS certificate using acme.sh

From July 1, 2018, Chrome shows all sites that do not use SSL certificates as "not secure", while sites with SSL certificates receive a boost in weight ranking. In fact, it is easy to issue, install, and renew an SSL/TLS certificate. All needed are a virtual private server (VPS) and a domain name pointing to this server's IP. In this article, I'm going to show how to acquire an SSL cert using acme.

- READ MORE -