Originally posted by mikebua56
I guess my questions at this point are:
1) What is this hostname used for, and how can I safely change it?
2) Should this hostname match the hostname/domain name of my website
3) Do I need to set up a separate hostname for a Postfix mail server?
4) To configure mod_ssl, does my does my hostname/domain name on my box need to match my the domain name of my site?
1. It's used to define a hostname
For Home/Small Office use (maybe even large?) it's used to define machines by something other than their local IP. If you've got a group of computers, for humans, it's (usually) easier to remember that the one in the closet is "homer" and the one in the basement is "oscar" and so on, rather than, the one in the basement is 192.168.1.20 the in the closet is 192.168.1.22 and so on... To safely change it, you can either use the hostname command, but this won't last through a restart. Depending on your distro, you can define it at /etc/hostname /etc/conf.d/hostname /etc/rc.d/rc.hostname (check your distros documentation for more info on defining a hostname). If you want to just do it a generic way, you can play the hostname command in your rc.local file (somewhere in your /etc directory):
Is the syntax.
2. The hostname is not dependent upon anything, and the website should not be dependent upon the hostname. Outside of your network, defining that computer should look something like oscar.yourwebsite.com Or, in the case of a mail server, it's often seen as mail.yourwebsite.com therefore you'd give that server the hostname of 'mail', but this is NOT required, it's simply 'common'.
3. Um, sorta. You need to define
a hostname and domain name within the postfix main.cf file. They should simply match what you have. So, if your domain is something.com and your mail server is oscar:
Would be an example of the entries in your main.cf file.
4. I'm sorry, I don't use mod_ssl, so I really can't give good info on that. However, I believe for your certificate to be considered valid at all that the short answer is 'yes'. I really don't know, but I have seen the invalid cert dialogue and have done some (very little) stuff with ssl, and this would make sense.
It seems that maybe there is some confusion as to how your applications resolve to your server. Most of the time they do this through your DNS server, if that's a local server (Bind) then you will setup corresponding entries in your db entries. If not, and your DNS server is something like zoneedit.com then you need to set that up accordingly. Either way, your DNS server will resolve the hostname(s) and domain(s) on your network to the corresponding computers (or servers if you like). Your router (if you have one) will resolve the port-host via the port-forwarding section. If you don't have a router, and your server is the WAN IP's destination, then your hosts file will resolve those private IP's.
Clear as mud? Probably. I'll be happy to break it down a bit better, but I'm sure there is a networking guru out there who can do a MUCH better job than I. Another option is to pick up a book (either buy it, or grab it from the Library) on DNS, my personal favorite and bible is the one from Oreilly, DNS and Bind. It's been great for my questions regarding how resolving works.
Anyway, as a last 'note' I suggest not using Loopback addresses, they just tend to cause confusion when learning how this all works (IMHO). I use real LAN/private IP's, even if that means a line like this in hosts:
192.168.1.98 mail ns1 oscar
Which will define mail.something.com ns1.something.com and oscar.something.com It just makes a lot more sense than defining multiple Loopback addresses for the same machine.