Introduction
One of the things that I love about the cloud, is that you can deploy servers in minutes. What previously took weeks of time, purchase orders, etc. is now a few clicks of the mouse.
One of my action items is to set up my own dedicated email servers. These servers are for practice, security testing, and SPAM/Virus catching. Nothing like real-world scenarios to keep your skills fine-tuned.
However, the primary cloud vendors do not allow you to set up dedicated email servers. They block port 25, which is required for email to travel around the Internet.
A colleague recommended looking at Hostwinds as they do not block ports. This article is the result of working with them. I want to keep track of all the little tips that I learn along the way. Expect updates to this article.
Hostwinds products are excellent, and they understand how to do support. Their support is incredible.
Last Update: August 8, 2020
Table of contents
- Why you should consider Hostwinds
- What is a VPS or Virtual Private Server?
- What is Unmanaged VPS Hosting?
- VPS servers support IPv6
- Change the hostname on Ubuntu 18.04 Linux
- Create an SSL certificate the easy way
- Create an SSL certificate for Apache the easy way
- Hostwinds Cloud API Keys expire based upon Pacific Time Zone
- Hostwinds Cloud API – List Instances
Why you should consider Hostwinds
- Their services are very reasonably priced.
- Very easy to learn web interface
- You need not be a cloud expert to launch and configure systems
- Their support is amazing. Open a chatbox and get an answer in seconds.
Important advice:
“If you feel comfortable taking on the responsibility of configuring your server, handling server maintenance, and taking care of server security concerns, you might consider setting up an Unmanaged VPS account. Newbies to server configuration procedures would be advised to consider a Managed VPS account.”
What is a VPS or Virtual Private Server?
A VPS, or a Virtual Private Server, is a virtual server stored with other virtual servers within one larger physical server via a process called virtualization. It is called a ‘Private’ Server because it gives you your very own set of dedicated resources that can’t be accessed or used up by anyone else.
What is Unmanaged VPS Hosting?
Unmanaged VPS plans metaphorically give you the key to unlocking every aspect of the server. These VPS plans in particular are similar to dedicated servers in that they both give you full access to and control over everything.
VPS servers support IPv6
Onother item that I like is that Hostwinds support IPv6 on their VPS servers. This is a nice plus for developers and almost a requirement for enterprise production systems. The world really needs to support IPv6 on externally facing systems.
More information:
Change the hostname on Ubuntu 18.04 Linux
On Ubuntu, typically, you would use the hostnamectl
command to change the hostname. On Hostwinds VPS servers, this did not work. After a quick chat session with Hostwinds support, I learned about their hwagent
command.
Note: These commands are for Hostwinds Unmanaged Linux VPS servers.
For my server I ran the following two commands:
1 2 |
hwagent routine hostname --disable hostnamectl set-hostname mx2.jhanley.org |
Reference documentation:
Reboot the server once you run those commands.
Create an SSL certificate the easy way
I have read many articles on how to use Let’s Encrypt to create SSL certificates. Some of these articles are out of date. Let’s Encrypt has improved over the years. In this section, I will show you two commands that make this effortless. In this example, I am building a Postfix email server and I need an SSL certificate for mx2.jhanley.org
.
- Install Let’s Encrypt
certbot
program:
1 |
apt-get install certbot -y |
- Run
certbot
to issue an SSL certificate. Note, I am not running a web server on this system, which means I can use thehttp
challenge method.
1 |
certbot certonly --standalone --preferred-challenges http -d mx2.jhanley.org |
The important output from certbot
tells me where my certificate and private key are located:
1 2 3 4 5 |
IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/mx2.jhanley.org/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/mx2.jhanley.org/privkey.pem |
Create an SSL certificate for Apache the easy way
The following commands are similar to the previous technique but work with systems that have Apache installed. Certbot will configure Apache to use the new SSL certificates and optionally redirect HTTP to HTTPS. Almost effortless SSL certificate issuance and installation.
- Install Let’s Encrypt
certbot
program:
1 |
apt-get install certbot -y |
- Install the Certbot Apache package:
1 |
apt-get install python-certbot-apache -y |
- Run
certbot
to issue an SSL certificate.
1 |
certbot --apache -d mx2.jhanley.org |
The important output from certbot
tells me where my certificate and private key are located:
1 2 3 4 5 |
IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/mx2.jhanley.org/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/mx2.jhanley.org/privkey.pem |
Hostwinds Cloud API Keys expire based upon Pacific Time Zone
If you create a cloud API key, the expiration date is based upon the Pacific Time Zone. Normally, I would expect dates used for API keys to be based upon UTC, which means a key should expire at 5:00 PM PDT (4:00 PM PST) instead of at midnight Pacific time.
You might wonder how I figured this out. Simple, I opened a support ticket and asked Hostwinds.
Hostwinds Cloud API- List Instances
I have started to experiment with the Hostwinds Cloud API. The following scripts, one for Windows and one for Linux, display your Hostwinds instances. I have published these examples as GitHub Gists.
Note: These scripts use Linux tools on Windows. Both scripts use the tool jq.
More information:
- Hostwinds Cloud API Overview
- Hostwinds Cloud API Documentation
- jq is a lightweight and flexible command-line JSON processor
Windows:
Linux:
I design software for enterprise-class systems and data centers. My background is 30+ years in storage (SCSI, FC, iSCSI, disk arrays, imaging) virtualization. 20+ years in identity, security, and forensics.
For the past 14+ years, I have been working in the cloud (AWS, Azure, Google, Alibaba, IBM, Oracle) designing hybrid and multi-cloud software solutions. I am an MVP/GDE with several.
Leave a Reply