grav CMS on OpenBSD w/ chrooted fpm and nginx

📆
🏷
, ,

Just in case somebody else is getting the cannot resolve getgrav.com error: just copy /etc/resolv.conf into the chroot:

	mkdir /var/www/etc
	cp /etc/resolv.conf /var/www/etc/

And I already feared that I need to create /dev/random and shit like that. Damn it that took too long to find out.

DKIM and OpenBSD

📆
🏷
, , , ,
  • Setting up DKIM key

      touch /etc/ssl/dkim-selector1.xn--ew8hgl.ws.key
      chmod 0640 /etc/ssl/dkim-selector1.xn--ew8hgl.ws.key
      chgrp _dkimproxy /etc/ssl/dkim-selector1.xn--ew8hgl.ws.key
      openssl genrsa -out /etc/ssl/dkim-selector1.xn--ew8hgl.ws.key 2048
      openssl rsa -in /etc/ssl/private/dkim-selector1.xn--ew8hgl.ws.key -pubout -out /etc/ssl/dkim-selector1.xn--ew8hgl.ws.pem
    
  • Setup DNS RR

      selector1._domainkey IN TXT "k=rsa; t=s; p=MHwwDQYJK ... OprwIDAQAB"
    
  • Install dkimproxy

      pkg_add dkimproxy
    
  • configure /etc/dkimproxy_out

  • enable and start dkimproxy_out

      rcctl enable dkimproxy_out
      rcctl start dkimproxy_out
    
  • configure and restart OpenSMTPD

      listen on lo0 port 10028 tag DKIM
      accept tagged DKIM for any relay
      accept from local for any relay via smtp://127.0.0.1:10027
      rcctl restart smtpd