💾 Archived View for paritybit.ca › arboretum › sysadmin › openbsd-server-setup.gmi captured on 2023-01-29 at 03:02:36. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

OpenBSD Server Setup

← Back

Everything on this page is common to all OpenBSD servers I set up.

Initial Boot

# syspatch && reboot
# ftp -o - https://meta.sr.ht/~jbauer.keys > .ssh/authorized_keys
# sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
# rcctl reload sshd
# mail

Packages

# pkg_add checkrestart ncdu

Daily Jobs

In `/etc/daily.local`:

next_part "Applying system patches:"
syspatch
next_part "Updating third-party packages:"
pkg_add -u 2>&1
next_part "Do any services need to be restarted?"
/usr/local/sbin/checkrestart
next_part "Disk usage report:"
df -h

Emails

Relaying Service Mail With OpenSMTPD

In `/etc/mail/smtpd.conf` (with real credentials of course):

table aliases file:/etc/mail/aliases
table credentials { service = service:thisisarandomandsecurepassword }

listen on socket
listen on lo0

action "local_mail" mbox alias <aliases>
action "outbound" relay host smtps://service@mail.example.com tls auth <credentials> mail-from host@example.com

match from local for local action "local_mail"
match from local for any action "outbound"

In `/etc/mail/aliases`:

root: jbauer@paritybit.ca
manager: root
dumper: root

Finally:

# rcctl restart smtpd