New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Definitely can do it from a single VPS. If you're just looking to play around with email, a nice email in a box solution is Zimbra Community Edition. It's a bit hungry on resources though.
@freerangecloud - looks brill - thanks!
mailcow.email is another email in a box that there's a big LET thread about. Main issue with any email hosting solution (self-hosting or otherwise) is dealing with deliverability problems all the time, from what I can tell.
I've been delaying responding, but here's what my second attempt at self-hosting looked like (first was on OVZ and not encrypted):
Get two VPS, KVM with 512MB+ RAM. If with the same provider, make sure they aren't in the same Host Node.
Mount Linux ISO and install with Full Disk Encryption (https://variable63.wordpress.com/2017/02/21/ubuntu-server-lvm-luks-made-easy/)
Install Nextcloud on one
Install mail stack on both: https://www.lowendtalk.com/discussion/50955/postfix-dovecot-distributed-setup
Setup your MX record on the DNS server
Check spamminess (https://www.mail-tester.com/) and fix what you can.
Get MXRoute to relay emails through if your IPs are dirty. (https://linode.com/docs/email/postfix/postfix-smtp-debian7/)
I don't recommend trying to create VMs within a VPS.
@willie thanks!
@aaraya1516 That's beautiful, thank you. You read my mind; I was just about to ask if there could be any sharing of Nextcloud and mail servers. I presume I don't need a separate firewall running between those servers and the internet? (apologies, I have only the dimmest notion that a firewall is sometimes used for such things...)
A firewall protects your VPS, I suggest you read: https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps
If you use debian or ubuntu, you can use ufw instead of iptables. That can help you easily manage your firewall rules.
You basically need to allow your ssh port "ufw allow 22" (default is 22, but I suggest you change it). Then "ufw enable" to enable the firewall. after that, configure everything else: dovecot, postfix, nextcloud. then "ufw allow 25" to receive emails. Just make sure you have configure postfix correctly or you will be relaying messages for spammers in no time. For Nextcloud you will need to allow 80 and 443. I suggest you use ssl as well (https://poweruphosting.com/blog/install-letsencrypt-ubuntu/).
Dovecot's dsync uses ssh, if I remember correctly, so this will be secure for synchronizing email between the two servers (https://wiki.dovecot.org/Replication). For other communications between servers I would recommend tinc vpn to connect the two VPS together (https://www.vultr.com/docs/creating-a-cecure-connection-between-two-debian-ubuntu-servers-using-tinc).
@aaraya1516 Those guides are absolutely gleaming, especially Digital Ocean's. It reads like a guide to building your own immune system. You make an excellent point regarding a VPN between servers. I will consider Centex when looking for my secondary server on another continent. Thank you!