cd48cf495d
rework firewall setup
2023-09-24 21:01:51 +02:00
dda3c4162c
bundles/postfix: ensure /etc/mailname exists before installing postfix
2023-09-20 17:46:04 +02:00
4122a7ccf8
isort the repo
2023-02-05 17:30:58 +01:00
90823b7984
bundles/postfix: lessen smtpd security restrictions
2022-12-20 08:55:44 +01:00
3db6078d9b
bundles/postfix: set tls ciphers to medium to increase compatibility with centos
2022-11-04 07:08:33 +01:00
22759ca52a
bundles/postfix: enable smtps
kunsi/bundlewrap/pipeline/head There was a failure building this commit
2022-02-15 18:21:12 +01:00
d44c87e8a7
move SPAM BLOCKLIST check to icinga2 itself
...
kunsi/bundlewrap/pipeline/head This commit looks good
somehow, we tend to get false positives if we run that check on the
node itself.
2021-11-28 07:26:41 +01:00
c6fe9d5eb2
bundles/postfix: fix .provides()
2021-08-21 12:32:47 +02:00
12ca6f4ff7
bundles/postfix: open up SMTPS
2021-08-21 08:12:21 +02:00
6cadf33ae3
bundles/postfix: support having postfixadmin without setting myhostname
2021-07-18 07:55:19 +02:00
ce9f6dd7ba
bundles: add zfs dataset to bundles
2021-07-17 10:17:39 +02:00
b193971625
bundles/postfix: fix some needed files not being present in chroot on arch
bundlewrap/pipeline/head This commit looks good
2021-07-10 16:16:56 +02:00
8f4db6f2ba
bundles/postfix: install pkg_pacman:s-nail
2021-07-10 15:59:03 +02:00
7b00e7484e
fix monitoring for arch linux hosts
bundlewrap/pipeline/head This commit looks good
2021-06-28 19:59:54 +02:00
5369490b79
bundles/postfix: fix spam blocklist timeout
2021-06-03 14:31:03 +02:00
d569b00960
modify nodes and bundles for new nftables syntax
2021-06-03 13:59:36 +02:00
6b90d568cf
bundles/postfix: use dig
in check_spam_blocklist instead of a python library
...
bundlewrap/pipeline/head This commit looks good
The library isn't available as a debian package, so we would have to
manually install that every time the python package updates its minor
version number.
2021-05-29 09:29:40 +02:00
5a182fadef
make some bundles arch-compatible, more default packages for arch
2021-05-23 14:36:16 +02:00
ae0bb8ed58
bundles/postfix: rework exporter for better usability
2021-05-02 12:06:53 +02:00
6772b3b5d0
bundles: various fixes for telegraf plugins
bundlewrap/pipeline/head There was a failure building this commit
2021-04-24 11:45:58 +02:00
c97d9ab948
bundles/postfix: use own postqueue exporter
2021-04-24 10:17:05 +02:00
a37d31973a
bundles: add some telegraf plugins
2021-04-24 09:14:25 +02:00
bc8050cd3c
bundles/postfix: fix connection limits for smtpd
bundlewrap/pipeline/head This commit looks good
2021-04-11 21:56:37 +02:00
69279ba34f
bundles/postfix: be a bit more relaxed when checking for smtp errors
bundlewrap/pipeline/head This commit looks good
2021-04-10 16:50:16 +02:00
e36a352a42
bundles: fix usage of set() vs {}
bundlewrap/pipeline/head This commit looks good
2021-04-04 10:34:55 +02:00
f8bbe00d47
overall better handling and usage of exceptions
bundlewrap/pipeline/head This commit looks good
2021-04-02 18:57:13 +02:00
5d5930265a
bundles/postfix: remove print statement
2021-04-02 18:29:33 +02:00
957cac5ebc
bundles/postfix: disable SPAM BLOCKLIST check if relayhost is set
2021-04-01 17:00:53 +02:00
61c6188454
bundles/postfix: mynetworks now supports identifiers
2021-04-01 16:59:49 +02:00
35e4bbf04b
bundles/postfix: remove postscreen usage
...
bundlewrap/pipeline/head This commit looks good
postscreen isn't able to share its cache file between
instances, which leads to the server simply accepting
mails for the port on which postscreen starts up later.
Since we can't predict which port this will be, we
simply remove postscreen alltogether.
Yes, i know i could just remove postscreen for port 2525.
2021-03-28 09:00:37 +02:00
ce39850bda
bundles/postfix: fix .provides() for iptables reactor
bundlewrap/pipeline/head This commit looks good
2021-03-28 08:56:22 +02:00
9fe4e2933d
bundles/postfix: add firewalling for port 2525
bundlewrap/pipeline/head There was a failure building this commit
2021-03-28 08:37:51 +02:00
27753d50c4
bundles/postfix: use threading in check_spam_blocklist
bundlewrap/pipeline/head This commit looks good
2021-03-25 17:42:59 +01:00
fdcec012f3
bundles/postfix: add SPAM BLOCKLIST check for every non-private IP attached to the server
bundlewrap/pipeline/head This commit looks good
2021-03-22 20:24:14 +01:00
5775001301
bundles/postfix: add iptables config
2021-03-21 11:11:49 +01:00
3fcd81960e
bundles/postfix: allow configuring mynetworks
bundlewrap/pipeline/head This commit looks good
2021-03-15 11:41:35 +01:00
ad5c8cc0ab
bundles/postfix: only get certificate if actually needed
bundlewrap/pipeline/head This commit looks good
2021-02-20 17:30:38 +01:00
b06532241b
bundles: use metastack syntax for metadata.get()
bundlewrap/pipeline/head This commit looks good
2021-02-18 18:12:25 +01:00
fbb8840dff
add .editorconfig, format files correctly
bundlewrap/pipeline/head This commit looks good
2021-02-17 10:56:18 +01:00
b42e39ed0a
get rid of check_rbl
2021-02-17 10:51:49 +01:00
f52df58517
bundles: code style improvements
bundlewrap/pipeline/head This commit looks good
2021-02-12 20:45:41 +01:00
eb431d8da8
bundles/postfix: also set alias_maps
...
bundlewrap/pipeline/head This commit looks good
fixes "warning: dict_nis_init: NIS domain name not set - NIS lookups disabled"
2021-02-06 10:24:19 +01:00
2d42e5f7dd
update bw to 4.3, add .provides() to metadata reactors
bundlewrap/pipeline/head This commit looks good
2021-01-07 18:44:38 +01:00
4f57a6c0e3
icinga2: more checks should send sms
bundlewrap/pipeline/head This commit looks good
2021-01-02 12:26:37 +01:00
4a57926577
bundles/icinga2: set some notification options for checks
2020-11-22 08:24:44 +01:00
5419bf31fb
bundles: fix some icinga checks
2020-11-21 10:30:05 +01:00
f04dac11e5
Merge branch 'kunsi-icinga2' into main
bundlewrap/pipeline/head This commit looks good
2020-11-13 13:03:16 +01:00
0749fc75c5
bundles: add backup paths
2020-11-13 12:37:26 +01:00
087f4bb74d
groups/{gce,home}: send mail via mx0.kunbox.net
bundlewrap/pipeline/head This commit looks good
2020-11-11 13:31:01 +01:00
652fb72ccc
bundles/postfix: fix metadata reactor for letsencrypt
2020-11-11 08:35:36 +01:00