Configure specific domains through AWS SES and others through local exim

In this post we will see how we can configure some domains in the server to relay through the amazon ses service and other domains which we dont want to go through ses to send via the local exim MTA.

First create the file /etc/excludeindomains and add the domains which you dont want to route through ses.

The format should be :

example.com:

Next create a file /etc/excludeoutdomains and add the same domains in the following format :

example1.com
example2.com

These 2 files are for both incoming and outgoing mails. 

Add the following line under the Section CONFIG ( you will see similar lines there )

domainlist exclude_receiver_domains = lsearch;/etc/excludeindomains 
domainlist exclude_sender_domains = lsearch;/etc/excludeoutdomains

Next add the following lines in Section: ROUTERSTART

You need to write this in the section which we mention about the ses relaying. ( after the ” begin routers ” line )

domains = !+exclude_receiver_domains: !+local_domains 
senders = !*@+exclude_sender_domains

Rest you can follow in this documentation :

https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-email-exim.html

Just make sure you dont overwrite the ‘domains’ thing mentioned above as ‘domains = ! +local_domains’ as given in aws doc. This should not be domains = ! +local_domains if you want domains which should not route through ses. It should rather be as ( as mentioned above )

domains = !+exclude_receiver_domains: !+local_domains
senders = !*@+exclude_sender_domains

That’s it, wait a min though, dont forget to restart your exim 😉

Configuring automated ec2 -volume’s snapshots !

Taking automatic snapshots of ec2 volumes is currently not as ‘automatic’ as the case with an RDS instance in which we can fully automate it.

However with AWS Ops Automator and CloudFormation, we can come up with a solution to automate the creation / deletion of snapshots.

1.1) First, launch CloudFormation and create a new stack :

 

1.2) After clicking on create new stack, select the option 

Give the URL as : https://s3.amazonaws.com/solutions-reference/ops-automator/latest/ops-automator.template

1.3) Give the stack a name in the next page and specify the paramters below it. Dont forget to give the 

1.4) Select the next page, leave the options page as default and click next.

Review the options and tick on

and go ahead with create.

Give 5-10 mins for the stack creation to be completed.

Once complete, you will find


Step 2) Next step would be to launch the task template ( for creating snaps) 

To do that,

2.1) Open the s3 console in the account in which the above ops automator stack was created

2.2) There would be 2 buckets created, open the one with the keyword configuration, it would be something like opsworks-configuration-xxx. Open it and click on the configuration folder. Now, select the applicable template. First, we would take a template to create the snapshot every ‘x’ hours.

2.3) So, look for the template Ec2CreateSnapshot.template and copy the Link associated with the file ( template )

2.4) Now, go back to CloudFormation and create another stack.

2.5) In the option, 

2.6) Give the stack name, something like createsnap which would help to distinguish from other stacks.

2.7) Fill in the paramters like task description etc, The time interval would be a cron time. To run everyday at 3 am, it would be : 0 3 */1 * *

2.8) Give the paramters like, Regions, Timezone.

2.9) Take a note about ‘

What you set here, would go as the tag which we will add to our ec2-instances.

So, set something like
snapshot-time=3
would mean ‘snapshot-time’ is the tag and its value is 3.

Also, note the Snapshot volume options.

2.10) Dont forget to add “

I added something like : volume-source=auto
So my config looks like :

>

Go ahead and press Next.

Press Next in the options page without modifying anything,

Review and press create and wait for the stack to be created.

Step 3 ) Next, we would be creating the stack to remove the older snapshots.

3.1) Go to the s3 console as we did with the previous stack, select the configuration folder, this time copy the link of the template –

Ec2DeleteSnapshot.template

3.2) Go to ClouldFormation and select Create new stack, in the select template, 

3.3) Give the stack a name and go through the parameters.

3.4) As with the previous stack, give the task interval in cron format.

3.5) The tag filter value here would be the tags that will look in the snapshots to be deleted. In the previous stack, we set the tags for the snapshots to be volume-source=auto ( step 2.10)

So give that value here as the tag filter.

3.6) You can either select 

My config looks something like this :

Remember to put 0 in retention days option if you are using retension count and vice-versa.

So, with that the Cloudformation and ops automator are set up. Next is to tag the ec2 which needs the snapshot to be taken
What we had set during the snapshot creation stack was snapshot-time=3 ( step 2.9 )

So, go to the EC2 console – Instances – Select the instance, Actions -> Instance settings – Add/Edit tags. 

Add the key – snapshot-time and value as 3.

This should get the snapshot creation at the time we specify and delete it in the way we specify either looking at the retention count / days.

Connecting to Mariadb/MySQL RDS from phpMyAdmin

The Amazon RDS ( AWS RDS ) – Managed relational database service from aws is a real blessing these days. Since its managed by aws, you don’t have to worry about the patching / administration / backups / restore aspects of it. All you need to do is upload the codes into it and make sure the connection between ec2 ( web-servers in this case ) and RDS is all good.

But, what if you want to manage the tables / dbs of the rds ? There is no way in which you can login into it directly and execute any codes.

You can make use of phpMyAdmin to login to the rds and manage it.

1) Install phpMyAdmin in the ec2-server ( Based on the linux distro it varies ) On a centos release, it comes with the EPEL Repository.

yum install epel-release ( installing the repo )
yum install phpmyadmin

2) Once installed, open the conf file at /etc/httpd/conf.d/phpMyAdmin.conf

You will find parameters which specify Require ip and Allow from which would be default to 127.0.0.1

3) Find your local public IP and replace the localhost entires with the public IP.

4) Restart the httpd service and make sure you can access phpMyAdmin at http://serverip/phpmyadmin.

If Step 3 is not done properly, you will get a 403 Forbidden error.

With this, the installations steps are complete, however, logging now to phpMyAdmin would give you only the option to manage the dbs on the local server now. To have the choice to connect to the RDS do the following :

1) Open the File – /etc/phpMyAdmin/config.inc.php ( on centos this would be the path )

2) Find the section –

/*
* End of servers configuration
*/

Just above it, type in the following :

$i++;
$cfg['Servers'][$i]['host'] = 'xxx.rds.amazonaws.com'; ( rds endpoint )
$cfg['Servers'][$i]['port'] = '3306';
$cfg['Servers'][$i]['verbose'] = 'hostname'; ( hostname of the ec2 )
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = TRUE;

Save the config file. Now when you login to http://serverip/phpmyadmin/ you will get a dropdown to select the server, instead of localhost, select the server which we just added.

In case the above dropdown to select the server is not showing up, it would be a case of missing permissions / ownership.

Make sure the /etc/phpMyAdmin/ folder has the permission – 755
and the /etc/phpMyAdmin/config.inc.php file – 644

Note : The above was done on a virtualmin centos7 server.