If you use OpenPGP to secure your email communication, you should consider publishing your public key using Web Key Directory. This allows email clients to automatically retrieve your public key, using the HTTPS protocol.

This mail server allows you to send email only if you authenticate with a valid username and password, which are stored on a LDAP server. If someone sends email to one of the mail domains supported by the server, the recipient address will be checked on the LDAP directory whether it is valid, before the mail is accepted. The received emails are not stored locally, but are forwarded instead to an external email address that belongs to the user (and is recorded in the LDAP directory).

WireGuard is a simple, fast and modern VPN that utilizes state-of-the-art cryptography. It is quite flexible and can be used in many situations. In this article we will see some of them (hopefully the most important ones).

With COVID-19 pandemic, most of the schools and universities around the world have to do the teaching from home. In such conditions, being able to devise a virtual computer lab, where each student (with his laptop) participates remotely from home, might be quite useful. In this article we will see how to set it up with Epoptes, WireGuard VPN, and a VPS on the cloud.

With COVID-19 pandemic, most of the schools and universities around the world have to do the teaching from home. In such conditions, being able to access computer labs remotely might be quite useful. In this article we will see how to achieve this with Guacamole, WireGuard VPN, and a VPS on the cloud.

With docker-scripts we can have one or more Wordpress containers, and each container can serve one or more sites.

This tutorial shows how to share data with the help of a sshfs-mounted central directory

This tutorial shows how to create a bare Git repository on your own server and how to access it through ssh.

I manage the cloud server and the web applications of an organization. These applications are mostly dockerized and installed by docker-scripts. For robustness, I would like other people from the organization to be able to keep a backup of whatever is installed on the server, but without being able to restore or modify anything on the server (they can restore it on a new server, if needed). Using rsync+ssh is one of the obvious choices for making such a backup, but it also needs a couple of tricks for working properly, the way that I want it. In this blog I describe this setup.

This tutorial shows how to setup a firewall for blocking any outgoing communications from your server to private networks (RFC1918/RFC6598 IP ranges), which is not allowed on many providers.