Kilala.nl - Personal website of Tess Sluijter

Unimportant background
Login
  RSS feed

About me

Hi! I'm Tess Sluijter-Stek. In daily life I'm a UNIX and IT security consultant employed by Unixerius.

I live in Almere with my wife and daughter. In my free time I'm an all-round geek: gaming, studying, drawing...

My LinkedIn.
My Github.
Contact me.

Blog archives

2025

1 2 4 6 7 8 9 10

2024

1 2 5 6 7 9 10 11 12

2023

1 2 3 4 6 7 11 12

2022

1 2 4 5 6 7 12

2021

1 2 3 4 5 6 7 8 10 11 12

2020

1 6 7 8 9 10 11 12

2019

1 2 3 4 7 10 11 12

2018

1 3 4 5 6 7 10 11 12

2017

1 2 3 4 5 6 8 9 10 11

2016

1 3 4 5 7 8 9 10 12

2015

3 6 7 9 10 11 12

2014

3 5 7 11

2013

1 2 3 4 5 6 7 8 9 10

2012

1 2 3 4 5 6 7 8 9 10 11 12

2011

1 2 3 4 5 6 7 8 9 10 11 12

2010

1 2 3 4 5 6 7 8 9 10 11 12

2009

1 2 3 5 6 7 8 9 10 11 12

2008

1 2 3 4 5 6 7 8 10 11 12

2007

1 2 3 4 5 6 7 8 9 10 11 12

2006

1 2 5 6 7 8 9 10 12

2005

1 2 3 5 7 8 9 11

2004

2 3 4 9 10 11 12

2003

11

> Weblog

> Sysadmin articles

> Maths teaching

<< 9 / 2025

Self-hosting Mailcow, behind NAT, with Lets Encrypt TLS certificates, with TransIP DNS

2025-10-07 19:48:00

A few weeks ago I set up a locally hosted Mailcow instance, with proper TLS certificates from Let's Encrypt. Good stuff. 

At the time I'd put off automating certificate renewal, because I wasn't ready to deal with my DNS provider's API yet. Turns out that TransIP is dead simple to use with the official Acme.sh solution!

There's a ready-to-run implementation of Acme.sh for TransIP DNS. Here's the documentation for it.

All you need is to follow TransIP's documentation of opening up and securing the API for your account.

The script I'd showed before only needs a tiny adjustment to work:

#!/bin/bash
#
# Documentation:
# https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_transip

if [[ ($# -gt 0) && ($1 == "--force") ]]
then
  Force="--force"
else
  Force=""
fi

export TRANSIP_Username="break524"
export TRANSIP_Key_File="./api.pem"

acme.sh --set-default-ca --server https://acme-v02.api.letsencrypt.org/directory

acme.sh --issue --dns dns_transip --dnssleep 300 -d mail.${Domain} ${Force}

acme.sh --install-cert -d mail.broehaha.nl \
  --cert-file      data/assets/ssl/nochain.pem \
  --key-file       data/assets/ssl/key.pem \
  --fullchain-file data/assets/ssl/cert.pem

kilala.nl tags: , ,

View or add comments (curr. 0)

Preparing to teach Linux+ v8, aka XK0-006

2025-10-05 16:50:00

Last year I did my traditional comparison of incoming and outgoing exam objectives for the Linux+ exam. It's good for students to know the changes from XK0-005 to XK0-006. 

The latest version, also known as v8, went live in June. I hadn't looked at the official objectives document yet, but now I can confirm: there are no real changes between the XK1-006 draft objectives and the official, final XK0-006 objectives. There's only a few small corrections, like objective 3.3 which stated that sshd is solid state hybrid drive, instead of the SSH daemon. :)

I'm still in the midst of teaching v7 to my current group of students. They will take their exams in early December, with the final deadline being January 15th 2026. In the mean time I'm creating the new slide decks for next year's group. 


kilala.nl tags: ,

View or add comments (curr. 0)

<< 9 / 2025