透過CertBot取得AliCloud SSL憑證

要先去AliCloud申請AliyunDNSFullAccess權限

sudo apt update -y
sudo apt install snapd -y
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo snap install certbot-dns-aliyun
sudo snap set certbot trust-plugin-with-root=ok
sudo snap connect certbot:plugin certbot-dns-aliyun

# 將AliCloud DNS API and Secret 寫入到alicloud.ini
sudo echo "dns_aliyun_access_key = apikey" > /etc/letsencrypt/alicloud.ini
sudo echo "dns_aliyun_access_key_secret = secret" >> /etc/letsencrypt/alicloud.ini

sudo chmod 600 /etc/letsencrypt/alicloud.ini
sudo certbot certonly --authenticator=dns-aliyun --dns-aliyun-credentials='/etc/letsencrypt/alicloud.ini' -d "domain"

參考資料：
https://github.com/tengattack/certbot-dns-aliyun

CentOS 6.5 Postfix 加入DNS 並利用WWW發送郵件

郵件正解如下：

$TTL 86400
@   IN  SOA     dns.cy.local. root.cy.local. (
        0 ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)

@       IN      NS      dns.cy.local.
@       IN      A       192.168.10.13
@       IN      MX 10   mail.cy.local.
dns     IN      A       192.168.10.13
mail    IN      A       192.168.10.15
web     IN      A       192.168.10.16
www     IN      CNAME   web

反解：

$TTL 86400
@   IN  SOA     dns.cy.local. root.cy.local. (
        0  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)

@       IN      NS      dns.cy.local.
@       IN      PTR     cy.local.
dns      IN      A       192.168.10.13
mail    IN      A       192.168.10.15
web     IN      A       192.168.10.16
13      IN      PTR     dns.cy.local.
15      IN      PTR     mail.cy.local.
16      IN      PTR     web.cy.local.

CentOS 6.5 DNS新增WWW伺服器

前幾個禮拜有寫『CentOS 6.5 架設 DNS Server』文章，該次使用的配置檔，僅拿上次的來改而已，如與您的環境不符合請自行修改

第一步先修改DNS正解與反解

修改正解：

$TTL 86400
@   IN  SOA     dns.cy.local. root.cy.local. (
        0 ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)

@       IN      NS      dns.cy.local.
@       IN      A       192.168.10.13
dns     IN      A       192.168.10.13
web     IN      A       192.168.10.16
www     IN      CNAME   web

CentOS 6.5 架設 DNS Server

輸入下方指令安裝DNS

yum install -y bind*

安裝好後，輸入指令編輯配置檔案

vim /etc/named.conf

options {
        listen-on port 53 { 127.0.0.1; 該台IP; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any;192.168.100.0/24; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

/*正解*/
zone "cy.local" IN {
        type master;
        file "cy.local";
        allow-update {none;};
};

/*反解*/
zone "10.168.192.in-addr.arpa" IN {
        type master;
        file "10-168-192";
        allow-update {none;};
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";