mccarthy.hcoop.net is our first Debian Jessie VM, and is intended to run mail services and the member portal.
1. The Ugly
ServerDeleuze decided to start dying one day so a few evils were committed in moving services.
1.1. Exim
Installed exim4-daemon-heavy procmail, merged deleuze's config onto the current Debian base exim4 config. No config package has been created.
Added /etc/ferm/service.d/...
2. Setup Issues
- Fix fail2ban
- ferm resets rules ever time it reloads. Add a ferm hook to reload fail2ban on firewall reload
sudo $command > file does not work, piping does however. Probably a new sudo option to detect output redirection and squelch output.
- systemd work:
- domtool unit files seem to work OK so far
- ferm is likely starting earlier than it should be, and may fail if the generated config references any pts users
dnscache-run starts very late by virtue of daemontools starting late. Either hack daemontools to be WantedBy=nss-lookup.target (systemd equiv of LSB $named service), or make dnscache-run a native systemd service.
- Hacked momentarily by adding Google DNS servers as backups