You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

353 lines
7.1 KiB

---
Alias: ["Email Alias"]
Tag: ["Server", "App", "Cloud", "Privacy", "Security", "Web"]
Date: 2021-08-28
DocType: "Server"
Hierarchy: "NonRoot"
location: [48.8570517, 2.3677354]
Performance:
CPU: 1Core
RAM: 2GB
Bandwidth: 2TB
Speed: 100MBps
Characteristics:
OS: Ubuntu 20.04
Domiciliation: NL
Host: Hostigger
IPv4: 5.181.166.123
Hostname: 1630136610
SubDomain: emailalias
Disk:
Capa: 20GB
Type: SSD
UsedSpace: 50%
TimeStamp: 2021-11-13
CollapseMetaTable: yes
---
Parent:: [[mfxm Website Scope|mfxm.fr]], [[Email & Communication]]
---
^Top
 
```button
name Edit Server parameters
type command
action MetaEdit: Run MetaEdit
id EditMetaData
```
^button-EAServerEdit
```button
name Save
type command
action Save current file
id Save
```
^button-EAServerSave
 
# Email Alias Server
 
```ad-abstract
title: Summary
collapse: open
Quick note to centralise all relevant info on the server hosting the email aliasing service.
```
 
```toc
style: number
```
 
---
 
### Server parameters
[[#^Top|TOP]]
 
```ad-quote
title: Dashboard access
[https://clients.hostiger.com/clientarea](https://clients.hostiger.com/clientarea)
```
 
```ad-quote
title: Address
The service will be located under **[emailalias.mfxm.fr](https://emailalias.mfxm.fr)** .
```
 
---
 
### Service
[[#^Top|TOP]]
 
```ad-abstract
title: Service description
The Email Alias service itself is called [SimpleLogin](https://simplelogin.io/) and is an open-source software enabling to create email aliases.
```
 
#### Installed dependencies
[[#^Top|TOP]]
All dependencies for running the alias service.
 
##### Security
| Program name | Type | Description
|----------------|------|-------------
| **[[Configuring Fail2ban\|fail2ban]]** | Deamon | Blocks suspicious attempts to login
| **unattended-upgrades** | Program | Enables automatic updates of installed programs and OS
| **logwatch** | Deamon | Monitors activity on server and sends activity logs
 
##### fail2ban
[[#^Top|TOP]]
Classic [[Configuring Fail2ban|fail2ban]] installation with a dedicated configuration:
```ad-command
~~~bash
sudo nano /etc/fail2ban/jail.d/sshd.local
~~~
```
With the following parameters:
```ad-code
~~~yaml
[sshd]
enabled = true
port=2227
maxretry = 10
bantime = 1m
~~~
```
 
Please refer to the [[Configuring Fail2ban|conf guide]] for a detailed description.
 
##### UFW
Firewall management, see [[Configuring UFW|here]] for more details.
 
##### Docker
```ad-warning
title: Docker for non root users
[[Docker config|docker]] predominantly works for the root user. In order to let non-root users instruct Docker, users need to be added to the Docker group:
~~~bash
sudo usermod -aG docker (username)
~~~
Potentially, the Docker group needs to be defined:
~~~bash
sudo groupadd docker
~~~
```
Currently running [[Configuring Docker|docker]] containers
```ad-bug
title: sl-network
7c0268d5066a4bda05abb193772b0c0bcb480a0a55cf8772bca76272b74e8148
```
```ad-bug
title: sl-db
e4335360528e6f091efda49e75a27ab638277dc8107e45062780119d19a530cd
```
```ad-bug
title: sl-app
d4d7fefc710670312ae5e529d39537a6b93d58ff1af63219054c209d4b1179a6
```
```ad-bug
title: sl-email
39dbdb260763fec2a2b138d000f2ded9fe61c8ed5857cc9ef2823b0f7fb62913
```
 
##### Nginx
[[#^Top|TOP]]
Webserver. No particular setup apart from Certificate & pointing towards the sub-domain.
 
##### CertBot
All documentation in this [link](https://certbot.eff.org).
 
##### Postfix
Mail Transfer Agent. [[Configuring Postfix|Configuration]] is tailor-made by SimpleLogin to fit their needs.
 
#### Server-side Monitoring
[[#^Top|TOP]]
Refer to the [[Configuring Monit|monit section]] for further information on installation and configuration.
List of monitored services:
- System
- SSH
- [[Configuring Fail2ban|Fail2ban]]
- cron
- Postfix
- nginx
- docker
- Postgres
- sl-app
- sl-email
 
[[Configuring Telegram bots|Telegram bots]] are also being implemented to receive logs from logwatch & [[Configuring Monit|monit]].
 
#### Troubleshooting
[[#^Top|TOP]]
 
##### DNS issues
```ad-info
title: Server pointing
The Email Alias service itself is called [SimpleLogin](https://simplelogin.io/) and is an open-source software enabling to create email aliases.
```
 
##### Documentation for SimpleLogin
```ad-warning
title: Troubleshooting SimpleLogin
Troubleshooting for [SimpleLogin](https://github.com/simple-login/app) and its parametrisation can be found [here](https://github.com/simple-login/app/blob/master/docs/troubleshooting.md) and [here](https://github.com/simple-login/app/blob/master/example.env)
```
 
##### CertBot
[[#^Top|TOP]]
```ad-warning
title: Troubleshooting CertBot
Running and troubleshooting for CertBot can be found [here](https://certbot.eff.org/docs/install.html)
```
 
#### Service management
The service itself does not require particular management as all features are embedded in the client interface running from the docker container 'sl-app', including user management.
Parameters can only be amended through the config file under the root user:
```ad-path
sudo vim ~/simplelogin.env
```
Sample configs can be found [here](https://github.com/simple-login/app/blob/master/example.env)
Once the change is made, restart the app container:
```ad-command
~~~bash
docker restart sl-app
~~~
```
 
##### Force premium subscription for users
[[#^Top|TOP]]
Users will be defaulted to the 'Free' plan and asked to subscribe to the premium plan. In order to force users onto the Premium plan, please update the database:
```ad-command
~~~bash
docker exec -it sl-db psql -U (dbusername) simplelogin
~~~
```
And then run:
```ad-command
~~~bash
UPDATE users SET lifetime = 'TRUE' WHERE EMAIL = '(emailaddress)';
~~~
```
And `\q` to exit the db.
 
---
 
### Pricing
[[#^Top|TOP]]
 
<mark class="green">Alias Server</mark> | One-off cost | Recurring subscription p.a.
--------|---------------|:----------------------:
<p style="color:cyan">**Server hosting**</p> | &emsp; | *$20*
^AliasServerCost
&emsp;
---
&emsp;
### Tasks & Further steps
&emsp;
- [ ] :email: [[Selfhosting]], [[Server Alias|Email Alias]]: Upgrader & Health checks %%done_del%% 🔁 every 4 months 📅 2023-03-31
- [x] [[Selfhosting]], [[Server Alias|Email Alias]]: Upgrader & Health checks 🔁 every 4 months 📅 2022-07-31 ✅ 2022-08-02
- [x] [[Selfhosting]], [[Server Alias|Email Alias]]: Upgrader & Health checks 🔁 every 4 months 📅 2022-03-31 ✅ 2022-03-31
- [ ] :email: [[Server Alias]]: Backup server %%done_del%% 🔁 every 6 months on the 1st Tuesday 📅 2023-03-07
- [x] :email: [[Server Alias]]: Backup server %%done_del%% 🔁 every 6 months on the 1st Tuesday 📅 2022-09-06 ✅ 2022-09-06
- [x] [[Server Alias]]: Backup server 🔁 every 6 months on the 1st Tuesday 📅 2022-03-11 ✅ 2022-03-11
- [x] [[Server Alias]]: Backup server 🔁 every 6 months on the 1st Tuesday 📅 2021-09-15 ✅ 2022-01-08
- [x] [[Server Alias]]: Backup server 🔁 every 6 months on the 1st Tuesday ✅ 2021-09-14
- [x] Understand why Gmail does not work
[[#^Top|TOP]]
&emsp;
&emsp;