Creating Vultr Instance
Creating Vultr Instance
2 minute read
Creating instance at Vultr & setting up DNS
Setting up my CAA: I use a Caddy server that auto-magically takes care of my SSL certs for me. I like lazy solutions that work.
0 issue "letsencrypt.org"
0 iodef "mailto:opekktar@opekkt.tech"
Next is all the mail stuff to work with ProtonMail: In case anyone is wondering those are not the real keys :)
CNAME protonmail._domainkey protonmail.domainkey.dn39a43a188d9439487409be25ea.domains.proton.ch
CNAME protonmail2._domainkey protonmail2.domainkey.dn39a43a188d9439487409bewida.domains.proton.ch
CNAME protonmail3._domainkey protonmail3.domainkey.dn39a43a188d9439487409bewida.domains.proton.ch
MX mail.protonmail.ch 300 10
MX mailsec.protonmail.ch 300 20
TXT "protonmail-verification=ca39a43a188d9439487409be"
TXT "v=spf1 include:_spf.protonmail.ch mx ~all"
TXT _dmarc "v=DMARC1; p=quarantine; rua=mailto:opekktar@opekkt.tech; ruf=mailto:opekktar@opekkt.tech; sp=quarantine; aspf=s; fo=1;"
Before changing the DNS pointers I need to migrate my Caddy server at Digital Ocean (DO) over to Vultr.
I do that by replicating my deployment script to mirror sites.
bsh ➜ cat deploy.sh
rm -rf public/
rm public.tar
HUGO_ENV="production" hugo --gc || exit 1
echo OK, now that stuff is built
rsync -azP --delete public/ serverv:~/opekkt.tech/ # Caddy server at Vultr
rsync -azP --delete public/ serverdo:~/opekkt.tech/ # Caddy server at DO
echo OK, now that stuff is uploaded
echo ======================================
echo Done
echo ======================================
- create user and sync ssh keys.
rsync -a --chown user:group ~/.ssh /home/user/
- Make sure the new user can su to root. I use doas.
🕙[ 13:47:15 ] bsh ➜ doas cat /usr/local/etc/doas.conf
permit nopass keepenv :wheel
- Turn off password authentication and root user login by adding to the end of
/etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
Configure Caddy
titania.opekkt.tech {
root * /home/user/wtf/
file_server
log {
output file /var/log/caddy/titania.opekkt.tech.access.log
format json
}
}
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
Last modified September 20, 2022: rewrite (3c5008e)