Creating Vultr Instance

2 minute read

Creating instance at Vultr & setting up DNS

Setting up my CAA: I use a Caddy server that auto-magically takes care of my SSL certs for me. I like lazy solutions that work.

0 issue "letsencrypt.org"
0 iodef "mailto:rkey@rkey.tech"

Next is all the mail stuff to work with ProtonMail: In case anyone is wondering those are not the real keys :)

CNAME protonmail._domainkey protonmail.domainkey.dn39a43a188d9439487409be25ea.domains.proton.ch
CNAME protonmail2._domainkey protonmail2.domainkey.dn39a43a188d9439487409bewida.domains.proton.ch
CNAME protonmail3._domainkey protonmail3.domainkey.dn39a43a188d9439487409bewida.domains.proton.ch
MX mail.protonmail.ch 300 10
MX mailsec.protonmail.ch 300 20
TXT "protonmail-verification=ca39a43a188d9439487409be"
TXT "v=spf1 include:_spf.protonmail.ch mx ~all"
TXT _dmarc "v=DMARC1; p=quarantine; rua=mailto:rkey@rkey.tech; ruf=mailto:rkey@rkey.tech; sp=quarantine; aspf=s; fo=1;"

Before changing the DNS pointers I need to migrate my Caddy server at Digital Ocean (DO) over to Vultr.

I do that by replicating my deployment script to mirror sites.

bsh ➜  cat deploy.sh
rm -rf public/
rm public.tar
HUGO_ENV="production" hugo --gc || exit 1
echo OK, now that stuff is built
rsync -azP --delete public/ titania:~/rkey.tech/ # Caddy server at Vultr
rsync -azP --delete public/ spirit:~/rkey.tech/ # Caddy server at DO
echo OK, now that stuff is uploaded
echo ======================================
echo Done
echo ======================================

create user and sync ssh keys.

rsync -a --chown user:group ~/.ssh /home/user/

Make sure the new user can su to root. I use doas.

🕙[ 13:47:15 ] bsh ➜  doas cat /usr/local/etc/doas.conf
permit nopass keepenv :wheel

Turn off password authentication and root user login by adding to the end of /etc/ssh/sshd_config

PermitRootLogin no
PasswordAuthentication no

Configure Caddy

titania.rkey.tech {
        root * /home/user/wtf/
        file_server
        log {
                output file /var/log/caddy/titania.rkey.tech.access.log
                format json
        }
}

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified July 22, 2024: initial site build v0.1 (87f0048)