• 2 Posts
  • 325 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle





  • What do you mean by “more powerful” wrt CMake?

    CMake is a turing-complete language with some APIs that Meson either doesn’t have an equivalent yet because it’s comparatively new (for example, until 2023, there was no built in way to get a relative path from two paths, and if you wanted that you had to shell out to an external program), or they aren’t going to add because it doesn’t fit their design.

    Meson is (intentionally) limited in terms of extensibility, instead it tries to come with everything built in that you need, even down to specific library support like Qt, from what it seems like to me. For example, you cannot define your own functions, it ships builtin modules but does not allow other packages to provide their own (for example like KDE’s Extra CMake Modules), to name a few that I’m familiar with and why I was put off using it so far.

    I have yet to see how actually limiting that is, going to try to move the project I’ve been working on for years that relies on some of these CMake features to Meson soon and see how it fares. But considering that big projects like GNOME use it all over the place it’s probably workable in practice, I’ll just have to rethink the existing approach a bit.

    Is that considered bait?

    Wasn’t it? Go’s build system is very much not what I would call an example of good design (exhibit A: load-bearing comments and file names).









  • Okay, there are two different issues here. First, the mail delivery.

    You have

    mydomain = domain.com
    myhostname = mail.domain.com

    and getting

    Relay access denied (in reply to RCPT TO command)

    This means that received mail is addressed to a domain that is not configured for local delivery, and the mail server is not accepting it to be relayed to the actual target server. This is a good thing, you do not want to have a public relay under any circumstances because it would mean people could make your server launch spam anywhere.

    As for why it’s not configured to accept that domain for local delivery, you need to look at the mydestination setting:

    mydestination (default: $myhostname, localhost.$mydomain, localhost)

    The list of domains that are delivered via the $local_transport mail delivery transport. […]

    (from postconf(5).)

    You left it at the default value, so it will accept mail addressed to mail.domain.com, localhost.domain.com, and localhost. You’ll probably want to set that to additionally contain $mydomain (at least that is how mine is configured).


    Also, something else:

    My server’s hostname is domain.com not mail.domain.com (mail.domain.com is what my MX record points to), but this shouldn’t really matter as I configured postfix with:

    You’ll want those to match up, system hostname and postfix’s myhostname, since you’ll need to set the PTR record of your IP to match the hostname your SMTP server identifies itself as, and otherwise your server’s IP resolves to mail.domain.com while the canonical hostname is domain.com. It will work for mail, it’ll just not be nice when your server’s IP resolves to mail.domain.com for stuff that isn’t mail and that isn’t the canonical hostname. I recommend giving it some other hostname (or just setting both to mail.domain.com if the system just handles mail).




  • Not a professional networking guy either but here’s my opinion.

    What I would do is use the ISP router as is, open all ports on it (except to itself, hopefully it doesn’t do that…), and put a firewall in between the router and everything else that controls the actual access to everything behind it (in bridge mode between the two network interfaces of the firewall, so you only have the one network).

    Could a potential second router also assign addresses to devices in that globally routable space directly?

    Devices in IPv6 assign addresses themselves via SLAAC, you just need one device advertising the prefix which the ISP router should already do. The firewall should be able to just purely be there for packet filtering. If you need fixed addresses for public facing servers I would just assign them manually to the respective boxes as you likely also need to add them to public DNS manually anyway.