Since our BIND server currently does not support TLS secured queries natively, we will be using nginx rather than stunnel to provide a secured endpoint. Not only is Nginx already part of our system, i...
TLS
Mail Server using LDAP backend w/ Postfix and Dovecot
We will set up a Mail Server using Postfix and Dovecot and an OpenLDAP backend with a custom LDAP schema. Our schema uses a dedicated organization unit called mail which acts as a container for all of...
Drop Nginx clients which do not indicate server names
Sometimes we want to drop clients which do not send valid server_names but probe our Nginx IPs. Using Server Name Indication (SNI) for our virtual hosts we want to drop all clients which do not speci...