Caddy will fetch a **SSL certificate** for all sub-domains and addresses present in the config file automatically, once the declaration is made properly.
@ -114,7 +116,7 @@ Caddy will fetch a **SSL certificate** for all sub-domains and addresses present
Users with sudo rights need to be added to the 'docker' group for being able to instruct docker:
```ad-command
@ -140,7 +142,7 @@ sudo docker–compose --version
 
### docker elements
[[#^Top|TOP]]
 
#### docker network
@ -174,7 +176,7 @@ sudo docker-compose up -d
 
#### Maintaining containers
[[#^Top|TOP]]
Maintaining containers with docker is arduous and easier to do with docker-compose.
Easiest is to create aliases in the .bashrc of home directory by adding:
@ -213,7 +215,7 @@ From within the container folder.
 
#### Update environment variables
[[#^Top|TOP]]
Docker does not have a standard way to update environment variables, and requires to take down and then re-initialise a container with the appropriate variable fed in the run script. To avoid that, the followong steps can be taken:
**Linux** is the most common OS for servers. **Ubuntu**, **Debian** or **CentOS** the most common distributions.
**MacOS** would require a Virtual Machine to run properly.
@ -95,7 +95,7 @@ More and more literature point that a home Internet connection may not be the mo
 
#### Domain
[[#^Top|TOP]]
Domain management is important for several reasons: email and email routine can only be defined once per domain. As such, email services (self-hosting, email aliasing) need to be run on separate domains.
For self-hosting, the folllowing domain will be used: **mfxm.fr**
@ -114,7 +114,7 @@ Security is paramount at the points of connection to the server. SSH protocols a
@ -160,7 +160,7 @@ Backups are managed through the **tar** command and dispatched over the network
 
#### Server Monitoring
[[#^Top|TOP]]
```ad-info
title: Documentation
[Monit](https://mmonit.com/)
@ -178,7 +178,7 @@ Monitoring is implemented through a free and open-source tool called [[Configuri
 
### Running multiple services on the same hardware
[[#^Top|TOP]]
 
```ad-tip
@ -205,7 +205,7 @@ In essence, to run multiple services on the same hardware, a few basic steps nee
 
### Self-hosted services
[[#^Top|TOP]]
 
A list of FOSS services can be found [here](https://github.com/awesome-selfhosted/awesome-selfhosted)
@ -222,7 +222,7 @@ A list of FOSS services can be found [here](https://github.com/awesome-selfhoste
 
#### Email service
[[#^Top|TOP]]
Email service can be fully built but has many components to it: server, database, imap, caldav, carddav, DNS specificities, spam whitelisting as well as security (server access & spam filtering). It can therefore be tideous to build an email service from scratch. Pre-packaged solitions exist to manage all components:
1. [IRedMail](https://www.iredmail.org/)
2. [Mail-in-a-Box](https://mailinabox.email/)
@ -239,7 +239,7 @@ title: Documentation
 
#### [[Email alias]] service
[[#^Top|TOP]]
```ad-info
title: Documentation
[Tutorial](https://github.com/simple-login/app)
@ -248,7 +248,7 @@ title: Documentation
 
#### Personal [[/Nextcloud|cloud]] & syncing
[[#^Top|TOP]]
```ad-info
title: Documentation
[Tutorial](https://nextcloud.com/athome/)
@ -264,7 +264,7 @@ title: Build your own
 
#### Instant Messenging
[[#^Top|TOP]]
```ad-info
title: Documentation
[[Element]]
@ -275,7 +275,7 @@ title: Documentation
#### VPN
Easy service to set-up through [WireGuard](https://www.wireguard.com/)
@ -95,7 +97,7 @@ The service will be located under **[emailalias.mfxm.fr](https://emailalias.mfxm
 
### Service
[[#^Top|TOP]]
 
```ad-abstract
@ -106,7 +108,7 @@ The Email Alias service itself is called [SimpleLogin](https://simplelogin.io/)
 
#### Installed dependencies
[[#^Top|TOP]]
All dependencies for running the alias service.
 
@ -163,7 +165,7 @@ title: sl-email
 
##### Nginx
[[#^Top|TOP]]
Webserver. No particular setup apart from Certificate & pointing towards the sub-domain.
 
@ -181,7 +183,7 @@ Mail Transfer Agent. [[Configuring Postfix|Configuration]] is tailor-made by Sim
 
#### Server-side Monitoring
[[#^Top|TOP]]
Refer to the [[Configuring Monit|monit section]] for further information on installation and configuration.
List of monitored services:
@ -199,7 +201,7 @@ List of monitored services:
 
#### Troubleshooting
[[#^Top|TOP]]
 
##### DNS issues
@ -221,7 +223,7 @@ Troubleshooting for [SimpleLogin](https://github.com/simple-login/app) and its p
 
##### CertBot
[[#^Top|TOP]]
```ad-warning
title: Troubleshooting CertBot
Running and troubleshooting for CertBot can be found [here](https://certbot.eff.org/docs/install.html)
@ -253,7 +255,7 @@ docker restart sl-app
 
##### Force premium subscription for users
[[#^Top|TOP]]
Users will be defaulted to the 'Free' plan and asked to subscribe to the premium plan. In order to force users onto the Premium plan, please update the database:
@ -95,7 +97,7 @@ The service will be located under **[cloud.mfxm.fr](https://cloud.mfxm.fr)** .
 
### Service
[[#^Top|TOP]]
 
```ad-abstract
@ -115,7 +117,7 @@ title: Installation
 
#### Installed dependencies
[[#^Top|TOP]]
 
##### Apache2
@ -143,7 +145,7 @@ A comprehensive tutorial on the MPM switch can be found [here](https://www.digit
 
##### Certbot
[[#^Top|TOP]]
Provides SSL certification from **Let's Encrypt**. Installation dependencies are different from Nginx and explained [here](https://linuxhint.com/secure-apache-lets-encrypt-ubuntu/)
 
@ -180,7 +182,7 @@ sudo service mysql restart
 
##### Security
[[#^Top|TOP]]
| Program name | Type | Description
|----------------|------|-------------
| **fail2ban** | Daemon | Blocks suspicious attempts to login
@ -196,7 +198,7 @@ Mail Transfer Agent. Configuration is standard to allow for emails to be sent by
 
##### APCu
[[#^Top|TOP]]
Memory caching addon for Nextcloud. Memory caching management is provided by Nextcloud and needs to be set up as a system cron job. After installing APCu, the webserver needs to be **restarted** and the cron job defined:
1. **Define the cronjob**
@ -226,7 +228,7 @@ sudo crontab -u www-data -l
 
##### SVG support
[[#^Top|TOP]]
SVG support is installed in the form of a package.
```ad-command
@ -247,7 +249,7 @@ Firewall management, see [[Configuring UFW|here]] for more details.
 
#### Server-side monitoring
[[#^Top|TOP]]
[Monit](https://mmonit.com/monit/documentation/monit.html) is a process and daemon monitoring tool. More information on operating the software can be found [[Configuring Monit|here]].
List of monitored services:
@ -266,7 +268,7 @@ List of monitored services:
 
#### Service management
[[#^Top|TOP]]
Nextcloud offers two alternatives for manaing the service:
1. An admin webpanel
2. A command line tool
@ -280,7 +282,7 @@ Accessed through login into the service with admin credentials. Sertings offer a
 
##### Nextcloud command line tool
[[#^Top|TOP]]
From the server's command line, Nextcloud offers the ability to perform some tasks like user management.
Classic installation with a dedicated configuration:
```ad-command
@ -180,7 +182,7 @@ Mail Transfer Agent. Configuration is standard to allow for emails to be sent by
 
##### Certbot
[[#^Top|TOP]]
Provides SSL certification from **Let's Encrypt**. Installation dependencies are different from Nginx and explained [here](https://linuxhint.com/secure-apache-lets-encrypt-ubuntu/)
@ -97,7 +99,7 @@ The service will be located under **[vpn.mfxm.fr](https://vpn.mfxm.fr)** .
 
### Services
[[#^Top|TOP]]
 
```ad-abstract
@ -108,7 +110,7 @@ The VPN server will host a single VPN service and dependencies bare metal.
 
#### Installed server dependencies
[[#^Top|TOP]]
##### Security
| Program name | Type | Description
@ -144,7 +146,7 @@ bantime = 1m
 
##### Postfix
[[#^Top|TOP]]
Mail Transfer Agent. Configuration is standard to allow for emails to be sent by programs / deamons / [[Nextcloud]] or others. Such a [[Configuring Postfix|system]] is required for every server to work correctly.
 
@ -160,7 +162,7 @@ Firewall management, see [[Configuring UFW|here]] for more details.
 
#### Dedicated Server parameters
[[#^Top|TOP]]
 
| Service | Used value
@ -176,7 +178,7 @@ Firewall management, see [[Configuring UFW|here]] for more details.
 
#### VPN Service
[[#^Top|TOP]]
 
```ad-info
@ -205,7 +207,7 @@ title: Server Config file
 
##### VPN client parametrisation
[[#^Top|TOP]]
```ad-command
title: In `~` for `melchiorbv`
~~~bash
@ -238,7 +240,7 @@ Second DNS resolver to use for the clients (optional): 94.140.15.15
[Plain text Accounting](https://plaintextaccounting.org/)
@ -70,7 +72,7 @@ style: number
 
### hLedger
[[#^Top|TOP]]
 
Plain Text Accounting is accessible through command-line clients like hledger.
@ -102,6 +104,7 @@ The underlying database is a (collection of) file(s) readable through classic te
 
#### Initialisation
[[#^Top|TOP]]
At start of the year/period in any given file, a certain number of initialisations need to be made:
1. **Initialise top-level accounts**
@ -133,7 +136,7 @@ commodity 'layout + number format'
 
#### Transactions
[[#^Top|TOP]]
hLedger allows for three methods for entering transactions:
1. **Through command-line**
@ -192,7 +195,7 @@ Instructions can be found [here](https://hledger.org/import-csv.html)
 
#### Investments
[[#^Top|TOP]]
```ad-info
title: Documentation
The documentation can be found [here](https://hledger.org/investments.html)
@ -255,7 +258,7 @@ This flexibility enables to implement FIFO/LIFO as per prevailing fiscal rules.
 
#### Closing books
[[#^Top|TOP]]
In order to close books, revenues/expenses need to amount to 0 and only show Asset, Liability and Equity. The below is a growing mapping of revenues and expenses lines:
```ad-code
@ -279,7 +282,7 @@ In order to close books, revenues/expenses need to amount to 0 and only show Ass
 
#### Reports
[[#^Top|TOP]]
```ad-info
title: Documentation
Simple reports can be found [here](https://hledger.org/quickstart.html#run-reports)
