ialokin.host.bsdforall.org

MISC
- Created some PF rules
- Installed SSHGUARD
- Changed timezone to Europe/Oslo
- Wireguard - added to the bsdbased.net MESH (10.63.10.0/64)
- Added appropriate entries to /etc/hosts
- Installed byobu (sorry :P)
- Configured doas.conf
- added 'freeshell' and 'paidshell' to /etc/login.conf
- new user "freeloader" in the 'freeshell' class.

MAIL
- Configured smtpd w/ TLS
- Installed and configured dovecot for POP3/IMAP w/ SSL
- Configured smtpd & dovecot to use ~/Maildir
- Added Maildir/* to /etc/skel
- Added .muttrc to /etc/skel
- Integrated rspamd
- Setup https://mail.ialokin.host.bsdforall.org/

IRC
- ZNC (with a user for me, + 3 "fake" clients) on port 6767
- ngircd on 6667 and 6697 (SSL)
- eggdrop (Not404Found @ irc.freeirc.org)

HTTPD
- https using letsencrypt cert
- Automatic redirect from http -> https
- php-fpm
- perl (slowcgi)

ACME-CLIENT/CERTS
- created a letsencrypt cert for ialokin.host.bsdforall.org
- created a self-signed cert for selfsigned.ialokin.bsdforall.org
- custom script to run acme-client & reload services using the
  letsencrypt cert on renewal

DNS
- enabled NSD
- added zones/master/ialokin.host.bsdforall.org
- added SSHFP records to the ialokin.host.bsdbased.org
- added zones/master/242.167.104.in-addr.arpa
- added zones/master/1.0.0.0.f.c.c.f.2.0.6.2.ip6.arpa
- bind NSD to external IPs preparing for a local resolver
- enabled Unbound
- bind Unbound to 127.0.0.1, 10.63.10.0/24, ::1
- Unbound now does lookups using DNS-over-TLS
- edit /etc/resolv.conf to use 127.0.0.1 for lookups!
- disabled resolvd

IDENT
- enabled oIdent
- allow ZNC to spoof ident replies based on the username connecting

MORE:
- gophernicus (gopher)
- gmid (gemini)
- fingerd

Additional IPv6 addresses for IRC

2602:fccf:1:2212:b5d:dead:ca7:cafe  |  cat.ialokin.host.bsdforall.org
2602:fccf:1:2212:b5d:dead:beef:cafe | beef.ialokin.host.bsdforall.org
2602:fccf:1:2212:b5d:dead:be47:cafe | beat.ialokin.host.bsdforall.org
2602:fccf:1:2212:b5d:dead:babe:cafe | babe.ialokin.host.bsdforall.org

SSHd fingerprints

256   SHA256:8YbYqTUFadqr2TAMnqhVutbaOVOEB9Y7I3+FyfQkPjM  (ECDSA)
256   SHA256:QGstBTUQkL8BOT353QQW75NwGcPZhqrcYyYbBjIVlnY  (ED25519)
3072  SHA256:T1HGYuFZXZvEJ2hrAhmjN9AUezWopNyfukNDN+/Mj1Q  (RSA)