kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

move mail to rx300

Browse source
This commit is contained in:
Franzi 2021-08-21 07:34:18 +02:00
parent 96f1604879
commit 2a7ab3a183
Signed by: kunsi
GPG key ID: 12E3D2136B818350
9 changed files with 32 additions and 133 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
data/powerdns/files/bind-zones/die-brontosaurier-waren-es.org
View file

@ -5,5 +5,5 @@ $ORIGIN die-brontosaurier-waren-es.org.
; ends up on rx300.kunbox.net
@ IN A 31.47.232.106
IN AAAA 2a00:f820:528::2
IN MX 10 mx0.kunbox.net.
IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all"

2
data/powerdns/files/bind-zones/felix-kunsmann.de
View file

@ -2,4 +2,4 @@ ${header}
$ORIGIN felix-kunsmann.de.
@ IN MX 10 mx0.kunbox.net.
@ IN MX 10 rx300.kunbox.net.

2
data/powerdns/files/bind-zones/flauschehorn.sexy
View file

@ -4,7 +4,7 @@ $ORIGIN flauschehorn.sexy.
@ IN A 5.189.140.103
IN AAAA 2a02:c207:3002:8320:feed:f2c1:c0ff:ee
IN MX 10 mx0.kunbox.net.
IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all"
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"

9
data/powerdns/files/bind-zones/franzi.business
View file

@ -5,7 +5,7 @@ $ORIGIN franzi.business.
; ends up on rx300.kunbox.net
@ IN A 31.47.232.106
IN AAAA 2a00:f820:528::2
IN MX 10 mx0.kunbox.net.
IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all"
chat IN CNAME rx300.kunbox.net.
@ -13,14 +13,11 @@ dimension IN CNAME rx300.kunbox.net.
git IN CNAME rx300.kunbox.net.
jenkins IN CNAME rx300.kunbox.net.
matrix IN CNAME rx300.kunbox.net.
mta-sts IN A 94.130.52.224
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
mta-sts IN CNAME rx300.kunbox.net.
sewfile IN CNAME sewfile.htz-cloud.kunbox.net.
IN TXT "v=spf1 a mx ~all"
paste IN CNAME rx300.kunbox.net.
postfixadmin IN CNAME rx300.kunbox.net.
radicale IN CNAME rx300.kunbox.net.
rss IN CNAME rx300.kunbox.net.
status IN CNAME icinga2.ovh.kunbox.net.

6
data/powerdns/files/bind-zones/kunbox.net
View file

@ -7,15 +7,15 @@ $ORIGIN kunbox.net.
IN AAAA 2a00:f820:528::2
; Needs to have a working Mail address, otherwise Telekom goes mimimi
IN MX 10 mx0
IN MX 10 rx300
IN TXT "v=spf1 mx ~all"
; Mail servers
mx0 IN A 94.130.52.224
IN AAAA 2a01:4f8:10b:2a5f::2
IN AAAA 2a01:4f8:10b:2a5f::1337
mta-sts IN CNAME mx0
mta-sts.mx0 IN CNAME mx0
mta-sts IN CNAME rx300
mta-sts.mx0 IN CNAME rx300
postfixadmin.mx0 IN CNAME mx0
rspamd.mx0 IN CNAME mx0
webmail.mx0 IN CNAME mx0

5
data/powerdns/files/bind-zones/kunsmann.eu
View file

@ -5,7 +5,7 @@ $ORIGIN kunsmann.eu.
; ends up on rx300.kunbox.net
@ IN A 31.47.232.106
IN AAAA 2a00:f820:528::2
IN MX 10 mx0.kunbox.net.
IN MX 10 rx300.kunbox.net.
IN TXT "v=spf1 mx ~all"
dav IN A 94.130.52.224
@ -16,8 +16,7 @@ icinga IN CNAME icinga2.ovh.kunbox.net.
influxdb IN CNAME influxdb.htz-cloud.kunbox.net.
statusmonitor.icinga IN CNAME icinga2.ovh.kunbox.net.
mta-sts IN A 94.130.52.224
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
mta-sts IN CNAME rx300.kunbox.net.
luther-ps IN CNAME luther.htz-cloud.kunbox.net.

3
data/powerdns/files/bind-zones/trans-agenda.eu
View file

@ -5,8 +5,7 @@ $ORIGIN trans-agenda.eu.
@ IN MX 10 mx0.kunbox.net.
IN TXT "v=spf1 a mx ~all"
mta-sts IN A 94.130.52.224
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
mta-sts IN CNAME rx300.kunbox.net.
part.of.the IN A 94.130.52.224
part.of.the IN AAAA 2a01:4f8:10b:2a5f::1337

105
nodes/htz/ex42-1048908.py
View file

@ -1,18 +1,8 @@
nodes['htz.ex42-1048908'] = {
'bundles': {
# to be migrated to rx300
'dovecot',
'postfixadmin',
'redis',
'rspamd',
# no migration needed
'check-mail-received',
'lm-sensors',
'nodejs',
'php',
'postgresql',
'unbound',
'smartd',
'vmhost',
},
@ -32,37 +22,6 @@ nodes['htz.ex42-1048908'] = {
'gateway6': 'fe80::1',
},
},
'apt': {
'packages': {
# TODO
'php-imagick': {},
# No need to create a bundle just to install packages,
# configs will be managed by users nevertheless.
'mosh': {},
'weechat': {},
'weechat-core': {},
'weechat-curses': {},
'weechat-perl': {},
'weechat-plugins': {},
'weechat-python': {},
'weechat-ruby': {},
},
'repos': {
'backports': {
'install_gpg_key': False, # default debian signing key
'items': {
'deb http://deb.debian.org/debian {os_release}-backports main',
},
},
},
},
'backups': {
'paths': {
'/home/kunsi/.weechat',
'/opt/matrix/matrix-dimension',
},
},
'check-mail-received': {
't-online': {
'email': 'franzi.kunsmann@t-online.de',
@ -119,15 +78,6 @@ nodes['htz.ex42-1048908'] = {
},
},
},
'mta-sts': {
'domain': 'mta-sts.mx0.kunbox.net',
'domain_aliases': {
'mta-sts.franzi.business',
'mta-sts.kunbox.net',
'mta-sts.kunsmann.eu',
'mta-sts.trans-agenda.eu',
},
},
'paste.kunsmann.eu': {
'locations': {
'/': {
@ -135,19 +85,6 @@ nodes['htz.ex42-1048908'] = {
},
},
},
'postfixadmin.mx0.kunbox.net': {
'webroot': '/opt/postfixadmin/public/',
'php': True,
'website_check_path': '/login.php',
'website_check_string': 'login',
},
'rspamd.mx0.kunbox.net': {
'locations': {
'/': {
'target': 'http://localhost:11334/',
},
},
},
'vliedel.random.franzi.business': {
'webroot_config': {
'mode': '0775',
@ -155,44 +92,9 @@ nodes['htz.ex42-1048908'] = {
'group': 'vliedel',
},
},
'webmail.mx0.kunbox.net': {
'php': True,
'website_check_path': '/',
'website_check_string': 'roundcube',
},
},
'worker_processes': 4,
},
'php': {
'version': '7.4',
'packages': {
'gd',
'imap',
'intl',
'json',
'mbstring',
'opcache',
'pgsql',
'readline',
'xml',
},
},
'postfix': {
'myhostname': 'mx0.kunbox.net',
'message_size_limit_mb': 50,
'mynetworks': {
'ovh',
},
},
'postfixadmin': {
'version': '3.3.10',
'setup_password': vault.decrypt('encrypt$gAAAAABgnNGpAqUs--qBXII9ZPcHtxaELy9e2Dx9O44n4l0O4nMHPoIyaPW5HkvpQ2zWTlh5OfjjOgunRtE_voJuY0Kdtji37ixAnuL9ErOJ0LDY5QfMkNPUgPs5alwz1baqYq6rqJ7NDmB0gHraY46v5eG79R2EyQ=='),
},
'radicale': {
'users': {
'kunsi': bwpass.password('dav.kunsmann.eu/kunsi'),
},
},
'rspamd': {
'ignore_spam_check_for_ips': {
# entropia
@ -249,16 +151,9 @@ nodes['htz.ex42-1048908'] = {
'kunsi': {
'enable_linger': True,
'groups': [
'www-data',
'libvirt',
],
},
'vliedel': {
'ssh_pubkey': {
'command="/usr/local/bin/rrsync /var/www/vliedel.random.franzi.business/",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVOBnzs/QDzhvg70VK6xaV318Euaag1cWNjAJfsA266618UiZVx4xsHzNwYN960v0MhiVPMwnl3NoGWAT9/j/b5l3HAkihv4rEPYQkoGV0Mvtwee37dT5nCL8o54Kl+rhl4WPD4Ju5+iZ3AP84YMUJXUrETpZLRzQD1pKOWLaGxBSJolICjz5A7glDVNmvI8uH58EkzhA7q4lCPhzFLxfvFfJPRuEHdVViL2usvHpRnIDRQOCjLYF2fIpG3ULrvWGl4VZ+9cZCNqSN6ywjlH8U8e5Vc3Fi4sbqYh71LrBqs/lSJ+5BL9/rB3GZD1SVTbivyEDJGJu3HPDV4ahwYYKn minecraft@irc',
'command="/usr/local/bin/rrsync /var/www/vliedel.random.franzi.business/",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVB179psVd1HMcqOvQm0BXzVELake6ZFCZeV6DnR2/6baLvRqne/PWtfMDQpT9joc0iZtjW7dhI96Wga89PccaG1OnjzBuHDU9xRQ9pKYn64czmJYiG3uDKCPAWUnzvuqzMU3Prq9JWdjURwkEIRkwE98dzaLcUvop3DdbWFluGgq6+btP4UBc0Dkkd/EjngQsbcs2bPE935ySEW7rHBfOm/1bMjmyNx/5tCqfJI6GblSLRvWRhXmJJmKJM1GjdoBOuFS68mhPgkvP6An+nTzlWBsiilYjokYlbL3avveqiQV/qySAKkwX2nsAnYhY+sjoohcWzlhTWX9yq7yk7N8dJAEKAhpHFaLAXTwhkKG6qeUma194Z/ADHnP4YaD645dq+FAjflKIl430JlKe4FxkT77mOIf90prLCFenYfrEl4f4/lazKBudcmauhX+8oa/FPfuw+Nhc4q5oIAZDoiKdOLRPYInT/2kPv2xkLioi124UDotkEMnS4FennCxaq3Rf13AXkyQfc945RClkjAzEp6dU+82B9Oy+civUnEOtWQZcbrWTAeNMo6sg7fJoS+md8PxhOZ5QWR+uc/388idpxeOlGJTRpFYGQDMTXcexey0caSJuK9r/Qee2shMOoIjUwn0Z8LOUtI3m5UCpF9jbAWcp/7KXRr4L/itgsVhN7Q== minecraft@asus-mini',
},
},
},
'vm': {
'cpu': 8,

27
nodes/rx300.py
View file

@ -8,7 +8,7 @@ nodes['rx300'] = {
'hostname': '31.47.232.106',
'bundles': {
'check-mail-received',
#'dovecot',
'dovecot',
'element-web',
'gitea',
'jenkins-ci',
@ -23,11 +23,11 @@ nodes['rx300'] = {
'nodejs',
'oidentd',
'php',
#'postfixadmin',
'postfixadmin',
'postgresql',
'radicale',
'redis',
#'rspamd',
'rspamd',
'smartd',
'travelynx',
'unbound',
@ -317,6 +317,15 @@ nodes['rx300'] = {
},
},
},
'mta-sts': {
'domain': 'mta-sts.kunbox.net',
'domain_aliases': {
'mta-sts.franzi.business',
'mta-sts.mx0.kunbox.net',
'mta-sts.kunsmann.eu',
'mta-sts.trans-agenda.eu',
},
},
'paste.franzi.business': {
'ssl': '_.franzi.business',
'extras': True,
@ -324,12 +333,12 @@ nodes['rx300'] = {
'owner': 'kunsi',
},
},
# 'postfixadmin': {
# 'domain': 'postfixadmin.franzi.business',
# 'ssl': '_.franzi.business',
# 'webroot': '/opt/postfixadmin/public/',
# 'php': True,
# },
'postfixadmin': {
'domain': 'postfixadmin.franzi.business',
'ssl': '_.franzi.business',
'webroot': '/opt/postfixadmin/public/',
'php': True,
},
'unicornsden-redirect': {
'domain': 'unicornsden.franzi.business',
'ssl': '_.franzi.business',