Wow foreman is still around! I remember looking into it at my very first job to see if it would fit the bill for laying down operating systems on bare metal.
Looks interesting. Also, you have a typo on your home page :
The word "became" should probably be "become."
I'll check out the software!
Audits
No more wondering why did your load balancer suddenly became a database. Check how, who and when in our audits system.
If that's all you need. Bare-metal provisioning is a feature not the attraction. Foreman provides first class support for Puppet, with hostgroups, config groups, and smart class parameters so you can easily organize and manage your nodes from a friendly interface.
Personally though I think Foreman goes beyond what I need for myself.
Mainly what I am currently looking for is a way to better manage the services that I run on my FreeBSD server.
The services in question are self-hosted mail and some websites and HTTP APIs.
Up until now I've been running my self-hosted mail and websites and HTTP APIs all without making use of jails, but it's a bit of a messy setup and so my plan is to eventually isolate each of them in separate jails.
The setup I am envisioning to replace the one that I currently have, is one where I will continue to use Caddy v2 reverse HTTP proxy like now but with some changes. Instead of having the websites and HTTP APIs that I host all live under /var/www/, I'm going to have each of them live in a separate jail, and make the UNIX domain socket for each site or HTTP API available to the main Caddy server. I already use UNIX domain sockets today for several of them, and from what I can tell it should be possible to share a UNIX domain socket either from a jail to the host, or from a jail to another.
Another improvement I am looking to make is that instead of manually SSHing into my server and doing git pull followed by cargo build --release and restarting the service, I'm going to set up GitHub webhooks to trigger automatic rebuilds and service restarts when I push to master for each repository of each of the websites and HTTP APIs. https://docs.github.com/en/developers/webhooks-and-events/we...
I am also looking to improve my mail setup by blacklisting some common keywords in spam that I get, and to set up some basic sender validation to reject or blackhole some of the other spam that I am getting.
Currently I am running Postfix on my FreeBSD server, and not using SpamAssasin. I've had this setup for years and it's less than ideal but it's at the point where it's been hard to justify the time I'd have to spend setting up a better configuration. In other words, it's a janky setup but it works exactly enough that it hasn't really forced me to rework the setup almost at all in all of the many years since I originally did the setup. But one day I will.
I ssh into the server and read mail using mutt. I also have notmuch installed but only use it a little bit now and then and still relying primarily on mutt. I'm not really happy about mutt either. It's neat in its own way but it's also a bit of a drag to use and even though I enjoy using the command line I don't feel like mutt is really a good fit for how I would like to use mail.
Ideally I think I'd want something similar to how some of the features of GMail work, but mainly in terms of tagging and filtering. As for a web based interface, I don't want that part really.
Is anyone else here running their own self-hosted e-mail? What's your setup like?
