For those of you using the `gigo.com` server, you may have noticed a few changes.
- The hostname is now bender.gigo.com
- The host is now Ubuntu 12.04LTS instead of FreeBSD. Yeah, I know.
This means lots of changes to how things work, and how things are laid out. This is mostly intended for people who I’ve shared administrative controls to.
||All domains are now in this location; and the directory names canonicalized to match the primary domain name. These directory names are expected to match the configuration file names, for my sanity.|
||Configurations for virtual hosts go here. See also next line.|
||Use this to restart apache.|
bender.gigo.com aka “gigo.com” is the top level master for DNS. However, it does not run a DNS server. Edits are made here; validated (with email sent on validation status); and then published. This cycle takes 1-2 minutes total.
Also worth noting:
ns2.gigo.com changed IP addresses. If you have domains that refer to those by name, no action is required. However, if you have DNS servers branded with your domain name but my IP address, you should update the IP address used. ns1 and ns2 are located in Fremont, CA and Rancho Cordova, CA, respectively.
||For those of you used to editing in /etc/namedb, note the new location.|
||If we have a pre-arranged place for you to stick your zone files, this has not changed.|
||You probably don’t care about this file|
||Still runs automatically, roughly once a minute.|
ns2.gigo.com. Note that ns3 and ns4 will work, but are not redundant (they are aliases of ns1 and ns2). IF your domain still uses ns3 and ns4, I recommend removing those.
Public Resolvers: Avoiding your ISP’s resolver is usually a great performance boost. Unfortunately, public resolvers have become unwilling attackers against the public, harming both the resolver and the actual victims. We are no longer offering public resolvers. Consider using Google’s public DNS resolvers. If you’re too paranoid for that, consider deploying your own in-home resolver.
We are running a basic firewall - but mostly to defend applications from specific malicious attacks. We are maintaing these files, to make changes to the firewall:
||Starts the firewalls with the latest on-disk configs|
||iptables for IPv4|
||Script to configure iptables for
For the most part, all ports are open. Applications installed are expected to bind to
127.0.0.1 unless meant to be publicly accessible. If we want to install something “risky”, please contact me. Chances are that we’ll either find a way to limit that risk; or I’ll build you a VM for the application instead.