User Tools

Site Tools


Sidebar

software:selfhosting

Whats's this about?

Notes on various services I run for myself.

Services

  • DNS:
    • hosting: bind
    • upstream registration: gandi.net
    • secondary server: https://ns-global.zone/ offers these publicly, not yet tried
  • SMTP:
    • verification tools:
    • As of 2020-12-28, t-online does not accept mails from me with: 554 IP=45.136.30.123 - A problem occurred. (Ask your postmaster for help or to contact tosa@rx.t-online.de to clarify.) (BL)
    • Communication with tosa@rx.t-online.de brought up that t-online has apparently setup own rules which are not backed by RFCs. The requirements I got:
      • request: Have a system with a name like 'mail.<domain>' deliver mail to t-online.
      • comment: That makes no sense. google would then start to request me to deliver from 'foobar.<domain>', so what should I do then? The RFC allow me to deliver plainly from <domain>. I have also all DNS things like dmarc in order, I am reacting to mails to postmaster@domain and so on.
      • request: Your whois record does not have your full contact details (that's because of new data protection laws). Providing these details via https from the same domain would be acceptable.
      • comment: I already have my name and various ways to reach me described on https://fluxcoil.net . My site is not commercial, I do not need an “impressum” as per German law. This is an arbitrary request from t-online. If such a request is valid, it should be discussed in the community and find its way into RFCs. Otherwise, everybody on the internet can start to setup such “own rules”.
    • ⇒ For now, I send mails to t-online from a different mail account, and notify the recipients that their provider is “special”.
  • http/https:
    • nginx, let's encrypt cert
    • nginx 1.15.4 will have ssl_early_data, Debian Bullseye was the first stable Debian release providing that
    • understand page load time: run firefox, press <ctrl>+<shift>+<i>, then “network”, disable cache, load a page
      • high latency to Japan, ~260ms
      • `time curl https://fluxcoil.net –tlsv1.3 >/dev/null` takes 1.4sec from Japan, and 0.022sec directly on the server
      • `time curl https://fluxcoil.net/files/ –tlsv1.3 >/dev/null` takes 0.83sec from Japan, 0.016sec directly on the server
    • sitemap validator: link
    • Are handed out svg files getting compressed? With default settings, nginx on Debian/Bullseye is not encrypting mime type 'image/svg+xml'.

Monitoring

Candidates for future services

software/selfhosting.txt · Last modified: 2021/09/20 13:21 by chris