OpenBSD Server Setup

Everything on this page is common to all OpenBSD servers I set up.

Initial Boot

# syspatch && reboot
# ftp -o - https://meta.sr.ht/~jbauer.keys > .ssh/authorized_keys
# sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
# rcctl reload sshd
# mail

Packages

# pkg_add checkrestart ncdu
# ln -s /usr/bin/openrsync /usr/bin/rsync

Daily Jobs

In /etc/daily.local:

next_part "Applying system patches:"
syspatch
next_part "Updating third-party packages:"
pkg_add -u 2>&1
next_part "Do any services need to be restarted?"
/usr/local/sbin/checkrestart
next_part "Disk usage report:"
df -h

Relaying Emails

In /etc/mail/smtpd.conf (with real credentials of course):

table aliases file:/etc/mail/aliases
table credentials { service = service:thisisarandomandsecurepassword }

listen on socket
listen on lo0

action "local_mail" mbox alias <aliases>
action "outbound" relay host smtps://service@mail.example.com tls auth <credentials> mail-from host@example.com

match from local for local action "local_mail"
match from local for any action "outbound"

In /etc/mail/aliases:

root: jbauer@paritybit.ca
manager: root
dumper: root

Finally:

# rcctl restart smtpd