Skip to main content

Browsing posts by tag


Mail-in-a-Box with IPv6 on Linode

Linode automatically assigns servers IPv6 addresses using SLAAC, but unlike the auto-assigned IPv4 addresses, you can’t transfer these addresses between Linodes. When running an email server with something like Mail-in-a-Box, this is a problem for updating to new major versions of the software or restoring to a new Linode from a backup. Ideally, you’d like to keep your IP addresses the same to minimise the amount of change during an update and to keep the good reputation you built with your address.

Continue reading “Mail-in-a-Box with IPv6 on Linode”

Symlinks to backup servers

Let’s say you want to backup some files on a server, but not clone the whole thing. Here’s a way to do it that’s nice and easy to maintain over time.

Continue reading “Symlinks to backup servers”

SSH as one user, get a terminal as another

I want to SSH into a server with one user account, but be presented with another user’s prompt — as if I connected and immediately ran sudo -su someone-else.

Continue reading “SSH as one user, get a terminal as another”

msmtp and Google's SMTP Relay Service

If you’re using msmtp to send email through Google’s SMTP Relay Service, you might get this error: “the server sent an empty reply”.

Continue reading “msmtp and Google's SMTP Relay Service”

Recursively set all file and folder permissions

Let’s say your current working directory is full of subdirectories and files. You want all the subdirectories to have one set of file permissions (say, 664), and all of the files to have a different set of permissions (for example, 775).

Continue reading “Recursively set all file and folder permissions”

Secure file transfer deployments with restricted SSH keys and rsync

This site is built in a GitHub Action, which means that I end up with a big folder of HTML files (and other stuff) which I need to get from the build environment onto my production server. To keep it simple, I wanted to use an SSH-based method to do that (so I don’t need to set up FTP or something), and rsync is a nice utility which fits the bill – it even handles deleting old files which aren’t needed any more.

I didn’t like the idea of supplying my Action with a set of keys which can access my entire server: that seems like too much power. Introducing rrsync, or restricted rsync, which allows you to limit where a given set of SSH keys can read and write. Let’s set it up.

Continue reading “Secure file transfer deployments with restricted SSH keys and rsync”