move mail to rx300

This commit is contained in:
Franzi 2021-08-21 07:34:18 +02:00
parent 96f1604879
commit 2a7ab3a183
Signed by: kunsi
GPG key ID: 12E3D2136B818350
9 changed files with 32 additions and 133 deletions

View file

@ -5,5 +5,5 @@ $ORIGIN die-brontosaurier-waren-es.org.
; ends up on rx300.kunbox.net ; ends up on rx300.kunbox.net
@ IN A 31.47.232.106 @ IN A 31.47.232.106
IN AAAA 2a00:f820:528::2 IN AAAA 2a00:f820:528::2
IN MX 10 mx0.kunbox.net. IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all" IN TXT "v=spf1 mx ~all"

View file

@ -2,4 +2,4 @@ ${header}
$ORIGIN felix-kunsmann.de. $ORIGIN felix-kunsmann.de.
@ IN MX 10 mx0.kunbox.net. @ IN MX 10 rx300.kunbox.net.

View file

@ -4,7 +4,7 @@ $ORIGIN flauschehorn.sexy.
@ IN A 5.189.140.103 @ IN A 5.189.140.103
IN AAAA 2a02:c207:3002:8320:feed:f2c1:c0ff:ee IN AAAA 2a02:c207:3002:8320:feed:f2c1:c0ff:ee
IN MX 10 mx0.kunbox.net. IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all" IN TXT "v=spf1 mx ~all"
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r" _dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"

View file

@ -5,7 +5,7 @@ $ORIGIN franzi.business.
; ends up on rx300.kunbox.net ; ends up on rx300.kunbox.net
@ IN A 31.47.232.106 @ IN A 31.47.232.106
IN AAAA 2a00:f820:528::2 IN AAAA 2a00:f820:528::2
IN MX 10 mx0.kunbox.net. IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all" IN TXT "v=spf1 mx ~all"
chat IN CNAME rx300.kunbox.net. chat IN CNAME rx300.kunbox.net.
@ -13,14 +13,11 @@ dimension IN CNAME rx300.kunbox.net.
git IN CNAME rx300.kunbox.net. git IN CNAME rx300.kunbox.net.
jenkins IN CNAME rx300.kunbox.net. jenkins IN CNAME rx300.kunbox.net.
matrix IN CNAME rx300.kunbox.net. matrix IN CNAME rx300.kunbox.net.
mta-sts IN CNAME rx300.kunbox.net.
mta-sts IN A 94.130.52.224
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
sewfile IN CNAME sewfile.htz-cloud.kunbox.net. sewfile IN CNAME sewfile.htz-cloud.kunbox.net.
IN TXT "v=spf1 a mx ~all" IN TXT "v=spf1 a mx ~all"
paste IN CNAME rx300.kunbox.net. paste IN CNAME rx300.kunbox.net.
postfixadmin IN CNAME rx300.kunbox.net.
radicale IN CNAME rx300.kunbox.net. radicale IN CNAME rx300.kunbox.net.
rss IN CNAME rx300.kunbox.net. rss IN CNAME rx300.kunbox.net.
status IN CNAME icinga2.ovh.kunbox.net. status IN CNAME icinga2.ovh.kunbox.net.

View file

@ -7,15 +7,15 @@ $ORIGIN kunbox.net.
IN AAAA 2a00:f820:528::2 IN AAAA 2a00:f820:528::2
; Needs to have a working Mail address, otherwise Telekom goes mimimi ; Needs to have a working Mail address, otherwise Telekom goes mimimi
IN MX 10 mx0 IN MX 10 rx300
IN TXT "v=spf1 mx ~all" IN TXT "v=spf1 mx ~all"
; Mail servers ; Mail servers
mx0 IN A 94.130.52.224 mx0 IN A 94.130.52.224
IN AAAA 2a01:4f8:10b:2a5f::2 IN AAAA 2a01:4f8:10b:2a5f::2
IN AAAA 2a01:4f8:10b:2a5f::1337 IN AAAA 2a01:4f8:10b:2a5f::1337
mta-sts IN CNAME mx0 mta-sts IN CNAME rx300
mta-sts.mx0 IN CNAME mx0 mta-sts.mx0 IN CNAME rx300
postfixadmin.mx0 IN CNAME mx0 postfixadmin.mx0 IN CNAME mx0
rspamd.mx0 IN CNAME mx0 rspamd.mx0 IN CNAME mx0
webmail.mx0 IN CNAME mx0 webmail.mx0 IN CNAME mx0

View file

@ -5,7 +5,7 @@ $ORIGIN kunsmann.eu.
; ends up on rx300.kunbox.net ; ends up on rx300.kunbox.net
@ IN A 31.47.232.106 @ IN A 31.47.232.106
IN AAAA 2a00:f820:528::2 IN AAAA 2a00:f820:528::2
IN MX 10 mx0.kunbox.net. IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all" IN TXT "v=spf1 mx ~all"
dav IN A 94.130.52.224 dav IN A 94.130.52.224
@ -16,14 +16,13 @@ icinga IN CNAME icinga2.ovh.kunbox.net.
influxdb IN CNAME influxdb.htz-cloud.kunbox.net. influxdb IN CNAME influxdb.htz-cloud.kunbox.net.
statusmonitor.icinga IN CNAME icinga2.ovh.kunbox.net. statusmonitor.icinga IN CNAME icinga2.ovh.kunbox.net.
mta-sts IN A 94.130.52.224 mta-sts IN CNAME rx300.kunbox.net.
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
luther-ps IN CNAME luther.htz-cloud.kunbox.net. luther-ps IN CNAME luther.htz-cloud.kunbox.net.
; legacy, for redirect ; legacy, for redirect
git IN CNAME ex42-1048908.htz.kunbox.net. git IN CNAME ex42-1048908.htz.kunbox.net.
paste IN CNAME ex42-1048908.htz.kunbox.net. paste IN CNAME ex42-1048908.htz.kunbox.net.
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r" _dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
_mta-sts IN TXT "v=STSv1;id=20201111;" _mta-sts IN TXT "v=STSv1;id=20201111;"

View file

@ -5,8 +5,7 @@ $ORIGIN trans-agenda.eu.
@ IN MX 10 mx0.kunbox.net. @ IN MX 10 mx0.kunbox.net.
IN TXT "v=spf1 a mx ~all" IN TXT "v=spf1 a mx ~all"
mta-sts IN A 94.130.52.224 mta-sts IN CNAME rx300.kunbox.net.
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
part.of.the IN A 94.130.52.224 part.of.the IN A 94.130.52.224
part.of.the IN AAAA 2a01:4f8:10b:2a5f::1337 part.of.the IN AAAA 2a01:4f8:10b:2a5f::1337

View file

@ -1,18 +1,8 @@
nodes['htz.ex42-1048908'] = { nodes['htz.ex42-1048908'] = {
'bundles': { 'bundles': {
# to be migrated to rx300
'dovecot',
'postfixadmin',
'redis',
'rspamd',
# no migration needed
'check-mail-received', 'check-mail-received',
'lm-sensors', 'lm-sensors',
'nodejs',
'php',
'postgresql', 'postgresql',
'unbound',
'smartd', 'smartd',
'vmhost', 'vmhost',
}, },
@ -32,37 +22,6 @@ nodes['htz.ex42-1048908'] = {
'gateway6': 'fe80::1', 'gateway6': 'fe80::1',
}, },
}, },
'apt': {
'packages': {
# TODO
'php-imagick': {},
# No need to create a bundle just to install packages,
# configs will be managed by users nevertheless.
'mosh': {},
'weechat': {},
'weechat-core': {},
'weechat-curses': {},
'weechat-perl': {},
'weechat-plugins': {},
'weechat-python': {},
'weechat-ruby': {},
},
'repos': {
'backports': {
'install_gpg_key': False, # default debian signing key
'items': {
'deb http://deb.debian.org/debian {os_release}-backports main',
},
},
},
},
'backups': {
'paths': {
'/home/kunsi/.weechat',
'/opt/matrix/matrix-dimension',
},
},
'check-mail-received': { 'check-mail-received': {
't-online': { 't-online': {
'email': 'franzi.kunsmann@t-online.de', 'email': 'franzi.kunsmann@t-online.de',
@ -119,15 +78,6 @@ nodes['htz.ex42-1048908'] = {
}, },
}, },
}, },
'mta-sts': {
'domain': 'mta-sts.mx0.kunbox.net',
'domain_aliases': {
'mta-sts.franzi.business',
'mta-sts.kunbox.net',
'mta-sts.kunsmann.eu',
'mta-sts.trans-agenda.eu',
},
},
'paste.kunsmann.eu': { 'paste.kunsmann.eu': {
'locations': { 'locations': {
'/': { '/': {
@ -135,19 +85,6 @@ nodes['htz.ex42-1048908'] = {
}, },
}, },
}, },
'postfixadmin.mx0.kunbox.net': {
'webroot': '/opt/postfixadmin/public/',
'php': True,
'website_check_path': '/login.php',
'website_check_string': 'login',
},
'rspamd.mx0.kunbox.net': {
'locations': {
'/': {
'target': 'http://localhost:11334/',
},
},
},
'vliedel.random.franzi.business': { 'vliedel.random.franzi.business': {
'webroot_config': { 'webroot_config': {
'mode': '0775', 'mode': '0775',
@ -155,44 +92,9 @@ nodes['htz.ex42-1048908'] = {
'group': 'vliedel', 'group': 'vliedel',
}, },
}, },
'webmail.mx0.kunbox.net': {
'php': True,
'website_check_path': '/',
'website_check_string': 'roundcube',
},
}, },
'worker_processes': 4, 'worker_processes': 4,
}, },
'php': {
'version': '7.4',
'packages': {
'gd',
'imap',
'intl',
'json',
'mbstring',
'opcache',
'pgsql',
'readline',
'xml',
},
},
'postfix': {
'myhostname': 'mx0.kunbox.net',
'message_size_limit_mb': 50,
'mynetworks': {
'ovh',
},
},
'postfixadmin': {
'version': '3.3.10',
'setup_password': vault.decrypt('encrypt$gAAAAABgnNGpAqUs--qBXII9ZPcHtxaELy9e2Dx9O44n4l0O4nMHPoIyaPW5HkvpQ2zWTlh5OfjjOgunRtE_voJuY0Kdtji37ixAnuL9ErOJ0LDY5QfMkNPUgPs5alwz1baqYq6rqJ7NDmB0gHraY46v5eG79R2EyQ=='),
},
'radicale': {
'users': {
'kunsi': bwpass.password('dav.kunsmann.eu/kunsi'),
},
},
'rspamd': { 'rspamd': {
'ignore_spam_check_for_ips': { 'ignore_spam_check_for_ips': {
# entropia # entropia
@ -249,16 +151,9 @@ nodes['htz.ex42-1048908'] = {
'kunsi': { 'kunsi': {
'enable_linger': True, 'enable_linger': True,
'groups': [ 'groups': [
'www-data',
'libvirt', 'libvirt',
], ],
}, },
'vliedel': {
'ssh_pubkey': {
'command="/usr/local/bin/rrsync /var/www/vliedel.random.franzi.business/",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVOBnzs/QDzhvg70VK6xaV318Euaag1cWNjAJfsA266618UiZVx4xsHzNwYN960v0MhiVPMwnl3NoGWAT9/j/b5l3HAkihv4rEPYQkoGV0Mvtwee37dT5nCL8o54Kl+rhl4WPD4Ju5+iZ3AP84YMUJXUrETpZLRzQD1pKOWLaGxBSJolICjz5A7glDVNmvI8uH58EkzhA7q4lCPhzFLxfvFfJPRuEHdVViL2usvHpRnIDRQOCjLYF2fIpG3ULrvWGl4VZ+9cZCNqSN6ywjlH8U8e5Vc3Fi4sbqYh71LrBqs/lSJ+5BL9/rB3GZD1SVTbivyEDJGJu3HPDV4ahwYYKn minecraft@irc',
'command="/usr/local/bin/rrsync /var/www/vliedel.random.franzi.business/",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVB179psVd1HMcqOvQm0BXzVELake6ZFCZeV6DnR2/6baLvRqne/PWtfMDQpT9joc0iZtjW7dhI96Wga89PccaG1OnjzBuHDU9xRQ9pKYn64czmJYiG3uDKCPAWUnzvuqzMU3Prq9JWdjURwkEIRkwE98dzaLcUvop3DdbWFluGgq6+btP4UBc0Dkkd/EjngQsbcs2bPE935ySEW7rHBfOm/1bMjmyNx/5tCqfJI6GblSLRvWRhXmJJmKJM1GjdoBOuFS68mhPgkvP6An+nTzlWBsiilYjokYlbL3avveqiQV/qySAKkwX2nsAnYhY+sjoohcWzlhTWX9yq7yk7N8dJAEKAhpHFaLAXTwhkKG6qeUma194Z/ADHnP4YaD645dq+FAjflKIl430JlKe4FxkT77mOIf90prLCFenYfrEl4f4/lazKBudcmauhX+8oa/FPfuw+Nhc4q5oIAZDoiKdOLRPYInT/2kPv2xkLioi124UDotkEMnS4FennCxaq3Rf13AXkyQfc945RClkjAzEp6dU+82B9Oy+civUnEOtWQZcbrWTAeNMo6sg7fJoS+md8PxhOZ5QWR+uc/388idpxeOlGJTRpFYGQDMTXcexey0caSJuK9r/Qee2shMOoIjUwn0Z8LOUtI3m5UCpF9jbAWcp/7KXRr4L/itgsVhN7Q== minecraft@asus-mini',
},
},
}, },
'vm': { 'vm': {
'cpu': 8, 'cpu': 8,

View file

@ -8,7 +8,7 @@ nodes['rx300'] = {
'hostname': '31.47.232.106', 'hostname': '31.47.232.106',
'bundles': { 'bundles': {
'check-mail-received', 'check-mail-received',
#'dovecot', 'dovecot',
'element-web', 'element-web',
'gitea', 'gitea',
'jenkins-ci', 'jenkins-ci',
@ -23,11 +23,11 @@ nodes['rx300'] = {
'nodejs', 'nodejs',
'oidentd', 'oidentd',
'php', 'php',
#'postfixadmin', 'postfixadmin',
'postgresql', 'postgresql',
'radicale', 'radicale',
'redis', 'redis',
#'rspamd', 'rspamd',
'smartd', 'smartd',
'travelynx', 'travelynx',
'unbound', 'unbound',
@ -317,6 +317,15 @@ nodes['rx300'] = {
}, },
}, },
}, },
'mta-sts': {
'domain': 'mta-sts.kunbox.net',
'domain_aliases': {
'mta-sts.franzi.business',
'mta-sts.mx0.kunbox.net',
'mta-sts.kunsmann.eu',
'mta-sts.trans-agenda.eu',
},
},
'paste.franzi.business': { 'paste.franzi.business': {
'ssl': '_.franzi.business', 'ssl': '_.franzi.business',
'extras': True, 'extras': True,
@ -324,12 +333,12 @@ nodes['rx300'] = {
'owner': 'kunsi', 'owner': 'kunsi',
}, },
}, },
# 'postfixadmin': { 'postfixadmin': {
# 'domain': 'postfixadmin.franzi.business', 'domain': 'postfixadmin.franzi.business',
# 'ssl': '_.franzi.business', 'ssl': '_.franzi.business',
# 'webroot': '/opt/postfixadmin/public/', 'webroot': '/opt/postfixadmin/public/',
# 'php': True, 'php': True,
# }, },
'unicornsden-redirect': { 'unicornsden-redirect': {
'domain': 'unicornsden.franzi.business', 'domain': 'unicornsden.franzi.business',
'ssl': '_.franzi.business', 'ssl': '_.franzi.business',