[svlug] Domain over multiple sites

[Rick Moen]

Michael Robinson wrote:

> I hope I can use cheap residential cable service to tunnel over to Eskimo
> securely so the spooler at Eskimo can then pass the email over to me
> through that tunnel.  I want my servers to detect the need for a tunnel
> and I want the establishment and tear down of a secure tunnel to be
> automated.  I hope this is straightforward for both Eskimo and my end.

Dude.  No, sorry, IMO almost nothing about the way you conceptualise your
problem and the solutions you're contemplating is straightforward.  I felt
like I might get a headache just reading about it.

My sense is that many people who suddenly discover the limitations of
Comcast residential ADSL with dynamic IP addressing, PPPoE, and port
blocking tend to come onto Linux user group mailing lists and ask help with
Rube Goldberging their way into getting full-service Internet server
presence out of that deliberately server-hostile, deliberately limited
consumer-grade service.  SVLUG has seen a lot of users in this plight, and
they tend to start saying the same things:  Can I work around the blocking
of SMTP ports using port 587?  I should use DynDNS, right?  What about the
DNS blocklists that don't like my IPs?  How about using SSH tunnels?  How
about using IPv6 tunnels?  How about UUCP?  How about IP over avian
carriers?  How about an IMAP to SMTP gateway?  How about opening a subspace
channel to V'ger?

I'm sorry, but the part that you didn't want to hear is your real problem:
The problem is that Comcast residential ADSL is extremely ill-suited for the
purpose you have in mind.

If you want to operate a full-service server where you control everything
and have root, the most pragmatic way is either: (1) VPS, or (2) a better
broadband service without your current services's limitations and with
static IP.

Do that, and then you will not need to work frantically to Rube Goldberg
your way out of complications that exist only because you're trying to
hammer nails with a toenail clipper.

> I am on a Centos 6.x system and would like to have an init script that
> works for Apache.

CentOS 6's Apache httpd package includes one.   It works great.   You might
want to grab it from there and adapt it if necessary.  Are you _sure_ you
have sufficient reason to do a custom local compile of Apache httpd 2.4.10?
Only in extremely rare cases, in my experience, do CentOS/RHEL's supported
distro default packages based on 2.2.15 with backported patches not more
than suffice, and also, if you actually need 2.4.x, there are decent rpms
from third-party repos.

In my experience, most of the people who ignore the distro package and
compile from upstream are making a tactical error.  Also, the fact that
you're saying, in effect, 'Where can I get an init script?' suggests you
should think carefully before doing that, even if you do have a reason.


> I'm trying to set up webalizer with a custom compile of Apache 2.4.10 and
> can't figure out how to configure Apache for webalizer.  [...] Googling
> isn't helping

Seems like search strategy is one of the key skills of the modern age, nei?
What worked for me was Web-seaching

   webalizer httpd.conf

Doing so finds examples like
http://www.faqs.org/docs/securing/chap29sec266.html