/ Technology

Server Naming Considerations

After a long week of fending off hackers trying to use brute force password guessing to ssh into my clients servers, I realized my naming conventions were wreaking all kinds of havok on my administrative tasks.
I had to come up with a system that would take into consideration a myriad of “situations”. It had to be distinguishable in a terminal (not all hostnames are good names). For example all of my live servers had the hostname “server” and development servers “dev”. When you have 4 live servers up and they all report back [email protected], how do you know which one you’re on, without typing “hostname -f” constantly? I tried editing my .bashrc to report a FQDN in the terminal, but I wasn’t doing something right. Exim4 was having issues sending fail2ban emails from root domain, I had to make sure that some sub-domains were on CDN (content delivery networks) and so needed a real, FQDN to be reachable via SSH, SFTP, VPN, etc.

What I came up with simply works, and works great on a vanilla Ubuntu 14.04 LTS install. The hostname is now “srv-moebis”, the hosts file just resolves to localhost.localdomain and localhost, then the fully exposed static IP on the internet is mapped to “srv.moebis.com srv-moebis”, you can also use if you don’t have a static IP. > hostname reports “srv-moebis”, terminal shows “[email protected]”, hostname -f repost “srv.moebis.com”, DNS entries are moebis.com xxx.xxx.xxx.xxx (pass thru CDN), CNAME www.moebis.com (pass thru CDN), CNAME srv.moebis.com (pass around CDN).
For send only mail via exim4, it’s simple. Now I use the FQDN srv.moebis.com (you can use the root domain moebis.com, but I advise against it). My digitalocean droplet has a PTR record that reverse lookups my IP to srv.moebis.com. Listen is on the normal ; ::1 and the rest is blank during “dpkg-reconfigure exim4-config”, I choose maildir at the end, choose whatever you want, doesn’t really matter.

This new system now accounts for development servers. So lets say I’m building a parallel dev.moebis.com that I want to work on and maybe switch out live at some point. Well same deal. Hostname is “dev-moebis”, hosts xxx.xxx.xxx.xxx dev.moebis.com dev-moebis, DNS records, I just create a new A NAME for the new dev.moebis.com. Everything else goes the same, exim4 config, etc. When the time comes to bring the server up live, I just rename its hostname, edit the hosts, reconfigure exim4, change the PTR record and point the DNS at the new changes.

Carl Moebis

Carl Moebis

...a technology enthusiast and curiosity seeker since photons first gathered on my retinae…

Read More