Compare commits
5 commits
78fda4f9e9
...
05f9712b24
Author | SHA1 | Date | |
---|---|---|---|
Franzi | 05f9712b24 | ||
Franzi | 3561a829d2 | ||
Franzi | de6249c65d | ||
Franzi | 38ba67a335 | ||
Franzi | cd31340c34 |
|
@ -24,7 +24,7 @@ $TTL 60
|
||||||
)
|
)
|
||||||
"""
|
"""
|
||||||
for rnode in sorted(repo.nodes_in_group('dns')):
|
for rnode in sorted(repo.nodes_in_group('dns')):
|
||||||
ZONE_HEADER += '@ IN NS {}.\n'.format(rnode.metadata.get('powerdns/my_hostname', rnode.metadata['hostname']))
|
ZONE_HEADER += '@ IN NS {}.\n'.format(rnode.metadata.get('powerdns/my_hostname', rnode.metadata.get('hostname')))
|
||||||
|
|
||||||
directories = {
|
directories = {
|
||||||
'/etc/powerdns/pdns.d': {
|
'/etc/powerdns/pdns.d': {
|
||||||
|
@ -51,10 +51,10 @@ files = {
|
||||||
'content_type': 'mako',
|
'content_type': 'mako',
|
||||||
'context': {
|
'context': {
|
||||||
'api_key': node.metadata['powerdns']['api_key'],
|
'api_key': node.metadata['powerdns']['api_key'],
|
||||||
'my_hostname': node.metadata['powerdns'].get('my_hostname', node.name),
|
'my_hostname': node.metadata['powerdns'].get('my_hostname', node.metadata.get('hostname')),
|
||||||
'is_secondary': node.metadata['powerdns'].get('is_secondary', False),
|
'is_secondary': node.metadata['powerdns'].get('is_secondary', False),
|
||||||
'my_primary_servers': node.metadata['powerdns'].get('my_primary_servers', {}),
|
'my_primary_servers': node.metadata['powerdns'].get('my_primary_servers', set()),
|
||||||
'my_secondary_servers': node.metadata['powerdns'].get('my_secondary_servers', {}),
|
'my_secondary_servers': node.metadata['powerdns'].get('my_secondary_servers', set()),
|
||||||
},
|
},
|
||||||
'needs': {
|
'needs': {
|
||||||
'pkg_apt:pdns-server',
|
'pkg_apt:pdns-server',
|
||||||
|
@ -99,13 +99,16 @@ if node.metadata.get('powerdns/features/bind', False):
|
||||||
|
|
||||||
primary_zones.add(zone)
|
primary_zones.add(zone)
|
||||||
|
|
||||||
files["/var/lib/powerdns/zones/{}".format(zone)] = {
|
files[f'/var/lib/powerdns/zones/{zone}'] = {
|
||||||
'content_type': 'mako',
|
'content_type': 'mako',
|
||||||
'context': {
|
'context': {
|
||||||
'header': ZONE_HEADER.format(serial=serial),
|
'header': ZONE_HEADER.format(serial=serial),
|
||||||
'metadata_records': node.metadata.get('powerdns/bind-zones/{}/records'.format(zone), []),
|
'metadata_records': node.metadata.get(f'powerdns/bind-zones/{zone}/records', []),
|
||||||
},
|
},
|
||||||
'source': 'bind-zones/{}'.format(zone),
|
'source': f'bind-zones/{zone}',
|
||||||
|
# TODO enable this once bundlewrap has test_with
|
||||||
|
# was introduced in https://github.com/bundlewrap/bundlewrap/commit/cb7e9c161719acd70d132a7b24f0d231a8cb3fa3
|
||||||
|
#'test_with': f'named-checkzone {zone} {{}}',
|
||||||
'triggers': {
|
'triggers': {
|
||||||
'action:powerdns_reload_zones',
|
'action:powerdns_reload_zones',
|
||||||
},
|
},
|
||||||
|
|
|
@ -1,10 +1,9 @@
|
||||||
reporting {
|
reporting {
|
||||||
# Required attributes
|
enabled = true;
|
||||||
enabled = true; # Enable reports in general
|
email = 'dmarc+${node.name.replace('.', '-')}@kunbox.net';
|
||||||
email = 'dmarc@${node.metadata.get('hostname')}'; # Source of DMARC reports
|
domain = '${node.metadata.get('hostname')}';
|
||||||
domain = '${node.metadata.get('hostname')}'; # Domain to serve
|
org_name = 'kunbox.net';
|
||||||
org_name = 'kunbox.net'; # Organisation
|
smtp = '127.0.0.1';
|
||||||
smtp = '127.0.0.1'; # SMTP server IP
|
smtp_port = 25;
|
||||||
smtp_port = 25; # SMTP server port
|
from_name = 'rspamd @ ${node.metadata.get('hostname')}';
|
||||||
from_name = 'rspamd @ ${node.metadata.get('hostname')}'; # SMTP FROM
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
add_header Content-Security-Policy "frame-ancestors 'self' chat.franzi.business";
|
|
|
@ -1,12 +0,0 @@
|
||||||
location ~ /(data|conf|bin|inc|vendor)/ {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
|
|
||||||
location / { try_files $uri $uri/ @dokuwiki; }
|
|
||||||
|
|
||||||
location @dokuwiki {
|
|
||||||
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
|
|
||||||
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
|
|
||||||
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
|
|
||||||
rewrite ^/(.*) /doku.php?id=$1&$args last;
|
|
||||||
}
|
|
|
@ -8,4 +8,8 @@ $ORIGIN flauschehorn.sexy.
|
||||||
IN TXT "v=spf1 mx ~all"
|
IN TXT "v=spf1 mx ~all"
|
||||||
|
|
||||||
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbox.net; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
|
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbox.net; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
|
||||||
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDpoveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
|
||||||
|
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDp"
|
||||||
|
"oveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
||||||
|
) ;
|
||||||
|
|
|
@ -16,7 +16,6 @@ matrix IN CNAME rx300.kunbox.net.
|
||||||
mta-sts IN CNAME rx300.kunbox.net.
|
mta-sts IN CNAME rx300.kunbox.net.
|
||||||
netbox IN CNAME rx300.kunbox.net.
|
netbox IN CNAME rx300.kunbox.net.
|
||||||
sewfile IN CNAME sewfile.htz-cloud.kunbox.net.
|
sewfile IN CNAME sewfile.htz-cloud.kunbox.net.
|
||||||
IN TXT "v=spf1 a mx ~all"
|
|
||||||
paste IN CNAME rx300.kunbox.net.
|
paste IN CNAME rx300.kunbox.net.
|
||||||
postfixadmin IN CNAME rx300.kunbox.net.
|
postfixadmin IN CNAME rx300.kunbox.net.
|
||||||
radicale IN CNAME rx300.kunbox.net.
|
radicale IN CNAME rx300.kunbox.net.
|
||||||
|
@ -32,5 +31,12 @@ _dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbo
|
||||||
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
||||||
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
||||||
_token._dnswl IN TXT "gg3mbwjx9bbuo5osvh7oz6bc881wcmc"
|
_token._dnswl IN TXT "gg3mbwjx9bbuo5osvh7oz6bc881wcmc"
|
||||||
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
|
||||||
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDpoveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
2019._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440"
|
||||||
|
"vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
||||||
|
) ;
|
||||||
|
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDp"
|
||||||
|
"oveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
||||||
|
) ;
|
||||||
|
|
|
@ -11,14 +11,7 @@ $ORIGIN kunbox.net.
|
||||||
IN TXT "v=spf1 mx ~all"
|
IN TXT "v=spf1 mx ~all"
|
||||||
|
|
||||||
; Mail servers
|
; Mail servers
|
||||||
mx0 IN A 94.130.52.224
|
|
||||||
IN AAAA 2a01:4f8:10b:2a5f::2
|
|
||||||
IN AAAA 2a01:4f8:10b:2a5f::1337
|
|
||||||
mta-sts IN CNAME rx300
|
mta-sts IN CNAME rx300
|
||||||
mta-sts.mx0 IN CNAME rx300
|
|
||||||
postfixadmin.mx0 IN CNAME mx0
|
|
||||||
rspamd.mx0 IN CNAME mx0
|
|
||||||
webmail.mx0 IN CNAME mx0
|
|
||||||
|
|
||||||
; Nameservers
|
; Nameservers
|
||||||
ns-1 IN A 34.89.208.78
|
ns-1 IN A 34.89.208.78
|
||||||
|
@ -36,11 +29,18 @@ ${record}
|
||||||
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
||||||
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
||||||
_token._dnswl IN TXT "6akc10htbgmg56e072w0w2n0wql4oezu"
|
_token._dnswl IN TXT "6akc10htbgmg56e072w0w2n0wql4oezu"
|
||||||
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
|
||||||
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDpoveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
2019._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440"
|
||||||
|
"vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
||||||
|
) ;
|
||||||
|
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDp"
|
||||||
|
"oveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
||||||
|
) ;
|
||||||
|
|
||||||
f2k1.de._report._dmarc IN TXT "v=DMARC1"
|
f2k1.de._report._dmarc IN TXT "v=DMARC1"
|
||||||
franzi.business._report._dmarc IN TXT "v=DMARC1"
|
franzi.business._report._dmarc IN TXT "v=DMARC1"
|
||||||
kunsmann.eu._report._dmarc IN TXT "v=DMARC1"
|
kunsmann.eu._report._dmarc IN TXT "v=DMARC1"
|
||||||
kunsmann.info._report._dmarc IN TXT "v=DMARC"
|
kunsmann.info._report._dmarc IN TXT "v=DMARC1"
|
||||||
salonkatrin.de._report._dmarc IN TXT "v=DMARC"
|
salonkatrin.de._report._dmarc IN TXT "v=DMARC1"
|
||||||
|
|
|
@ -8,9 +8,6 @@ $ORIGIN kunsmann.eu.
|
||||||
IN MX 10 rx300.kunbox.net.
|
IN MX 10 rx300.kunbox.net.
|
||||||
IN TXT "v=spf1 mx ~all"
|
IN TXT "v=spf1 mx ~all"
|
||||||
|
|
||||||
dav IN A 94.130.52.224
|
|
||||||
dav IN AAAA 2a01:4f8:10b:2a5f::2
|
|
||||||
|
|
||||||
grafana IN CNAME influxdb.htz-cloud.kunbox.net.
|
grafana IN CNAME influxdb.htz-cloud.kunbox.net.
|
||||||
icinga IN CNAME icinga2.ovh.kunbox.net.
|
icinga IN CNAME icinga2.ovh.kunbox.net.
|
||||||
influxdb IN CNAME influxdb.htz-cloud.kunbox.net.
|
influxdb IN CNAME influxdb.htz-cloud.kunbox.net.
|
||||||
|
@ -21,12 +18,19 @@ mta-sts IN CNAME rx300.kunbox.net.
|
||||||
luther-ps IN CNAME luther.htz-cloud.kunbox.net.
|
luther-ps IN CNAME luther.htz-cloud.kunbox.net.
|
||||||
|
|
||||||
; legacy, for redirect
|
; legacy, for redirect
|
||||||
git IN CNAME ex42-1048908.htz.kunbox.net.
|
git IN CNAME rx300.kunbox.net.
|
||||||
paste IN CNAME ex42-1048908.htz.kunbox.net.
|
paste IN CNAME rx300.kunbox.net.
|
||||||
|
|
||||||
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbox.net; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
|
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbox.net; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
|
||||||
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
||||||
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
||||||
_token._dnswl IN TXT "5mx0rv9ru8s1zz4tf4xlt48osh09czmg"
|
_token._dnswl IN TXT "5mx0rv9ru8s1zz4tf4xlt48osh09czmg"
|
||||||
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
|
||||||
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDpoveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
2019._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440"
|
||||||
|
"vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
||||||
|
) ;
|
||||||
|
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDp"
|
||||||
|
"oveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
||||||
|
) ;
|
||||||
|
|
|
@ -2,17 +2,21 @@ ${header}
|
||||||
|
|
||||||
$ORIGIN trans-agenda.eu.
|
$ORIGIN trans-agenda.eu.
|
||||||
|
|
||||||
@ IN MX 10 mx0.kunbox.net.
|
@ IN MX 10 rx300.kunbox.net.
|
||||||
IN TXT "v=spf1 a mx ~all"
|
IN TXT "v=spf1 a mx ~all"
|
||||||
|
|
||||||
mta-sts IN CNAME rx300.kunbox.net.
|
mta-sts IN CNAME rx300.kunbox.net.
|
||||||
|
|
||||||
part.of.the IN A 94.130.52.224
|
|
||||||
part.of.the IN AAAA 2a01:4f8:10b:2a5f::1337
|
|
||||||
|
|
||||||
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbox.net; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
|
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbox.net; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
|
||||||
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
||||||
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
||||||
_token._dnswl IN TXT "5mx0rv9ru8s1zz4tf4xlt48osh09czmg"
|
_token._dnswl IN TXT "5mx0rv9ru8s1zz4tf4xlt48osh09czmg"
|
||||||
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
|
||||||
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDpoveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
2019._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440"
|
||||||
|
"vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
|
||||||
|
) ;
|
||||||
|
uO4aNejDvVdw8BKne3KJIqAvCQMJ0416._domainkey IN TXT ( "v=DKIM1; k=rsa; "
|
||||||
|
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh5Ym9PO7r+wdOIKfopvHzn3KU3qT6IlCG/gvvbmIqoeFQfRbAe3gQmcG6RcLue55cJQGhI6y2r0lm59ZeoHR40aM+VabAOlplekM7xWmoXb/9vG2OZLIqAyF4I+7GQmTN6B9keBHp9SWtDUkI0B0G9neZ5MkXJP705M0duxritqQlb4YvCZwteHiyckKcg9aE9j+GF2EEawBoVDp"
|
||||||
|
"oveoB3+wgde3lWEUjjwKFtXNXxuN354o6jgXgPNWtIEdPMLfK/o0CaCjZNlzaLTsTegY/+67hdHFqDmm8zXO9s+Xiyfq7CVq21t7wDhQ2W1agj+up6lH82FMh5rZNxJ6XB0yQIDAQAB"
|
||||||
|
) ;
|
||||||
|
|
|
@ -27,18 +27,6 @@ groups['gce'] = {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
groups['htz'] = {
|
|
||||||
'member_patterns': {
|
|
||||||
r"htz\..*",
|
|
||||||
},
|
|
||||||
'subgroups': {
|
|
||||||
'htz-cloud',
|
|
||||||
},
|
|
||||||
'metadata': {
|
|
||||||
'location': 'htz',
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
groups['htz-cloud'] = {
|
groups['htz-cloud'] = {
|
||||||
'member_patterns': {
|
'member_patterns': {
|
||||||
r"htz\-cloud\..*",
|
r"htz\-cloud\..*",
|
||||||
|
@ -57,6 +45,7 @@ groups['htz-cloud'] = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
'location': 'htz-cloud',
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
Hetzner Hardware Servers
|
|
|
@ -1,80 +0,0 @@
|
||||||
nodes['htz.ex42-1048908'] = {
|
|
||||||
'bundles': {
|
|
||||||
'check-mail-received',
|
|
||||||
'lm-sensors',
|
|
||||||
'smartd',
|
|
||||||
},
|
|
||||||
'groups': {
|
|
||||||
'debian-buster',
|
|
||||||
'webserver',
|
|
||||||
},
|
|
||||||
'metadata': {
|
|
||||||
'interfaces': {
|
|
||||||
'enp0s31f6': {
|
|
||||||
'ips': {
|
|
||||||
'94.130.52.224/26',
|
|
||||||
'2a01:4f8:10b:2a5f::02/64',
|
|
||||||
'2a01:4f8:10b:2a5f::1337/64',
|
|
||||||
},
|
|
||||||
'gateway4': '94.130.52.193',
|
|
||||||
'gateway6': 'fe80::1',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'check-mail-received': {
|
|
||||||
't-online': {
|
|
||||||
'email': 'franzi.kunsmann@t-online.de',
|
|
||||||
'imap_host': 'secureimap.t-online.de',
|
|
||||||
'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'),
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'icinga_options': {
|
|
||||||
'pretty_name': 'kunsmann.eu',
|
|
||||||
},
|
|
||||||
'locale': {
|
|
||||||
'installed': {
|
|
||||||
# legacy
|
|
||||||
'en_DK.UTF-8',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'nginx': {
|
|
||||||
'security.txt': {
|
|
||||||
'contact': 'mailto:security@kunsmann.eu',
|
|
||||||
'Encryption': 'https://franzi.business/gpg_hi-kunsmann.eu.asc',
|
|
||||||
},
|
|
||||||
'vhosts': {
|
|
||||||
'dav.kunsmann.eu': {
|
|
||||||
'locations': {
|
|
||||||
'/': {
|
|
||||||
'redirect': 'https://radicale.franzi.business$request_uri',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'git.kunsmann.eu': {
|
|
||||||
'locations': {
|
|
||||||
'/': {
|
|
||||||
'redirect': 'https://git.franzi.business$request_uri',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'paste.kunsmann.eu': {
|
|
||||||
'locations': {
|
|
||||||
'/': {
|
|
||||||
'redirect': 'https://paste.franzi.business$request_uri',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'worker_processes': 4,
|
|
||||||
},
|
|
||||||
'smartd': {
|
|
||||||
'disks': {
|
|
||||||
'/dev/nvme0',
|
|
||||||
'/dev/nvme1',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'vm': {
|
|
||||||
'cpu': 8,
|
|
||||||
'ram': 64,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
|
|
@ -59,6 +59,9 @@ nodes['rx300'] = {
|
||||||
'ruby-dev': {},
|
'ruby-dev': {},
|
||||||
'ruby-bundler': {},
|
'ruby-bundler': {},
|
||||||
|
|
||||||
|
# for `bw test` on jenkins
|
||||||
|
'bind9utils': {},
|
||||||
|
|
||||||
# more php
|
# more php
|
||||||
'php-imagick': {},
|
'php-imagick': {},
|
||||||
'php-yaml': {},
|
'php-yaml': {},
|
||||||
|
@ -332,7 +335,6 @@ nodes['rx300'] = {
|
||||||
'domain': 'mta-sts.kunbox.net',
|
'domain': 'mta-sts.kunbox.net',
|
||||||
'domain_aliases': {
|
'domain_aliases': {
|
||||||
'mta-sts.franzi.business',
|
'mta-sts.franzi.business',
|
||||||
'mta-sts.mx0.kunbox.net',
|
|
||||||
'mta-sts.kunsmann.eu',
|
'mta-sts.kunsmann.eu',
|
||||||
'mta-sts.trans-agenda.eu',
|
'mta-sts.trans-agenda.eu',
|
||||||
},
|
},
|
||||||
|
@ -379,6 +381,22 @@ nodes['rx300'] = {
|
||||||
'website_check_path': '/start?do=login',
|
'website_check_path': '/start?do=login',
|
||||||
'website_check_string': 'Username',
|
'website_check_string': 'Username',
|
||||||
},
|
},
|
||||||
|
|
||||||
|
# legacy domains
|
||||||
|
'git.kunsmann.eu': {
|
||||||
|
'locations': {
|
||||||
|
'/': {
|
||||||
|
'redirect': 'https://git.franzi.business$request_uri',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'paste.kunsmann.eu': {
|
||||||
|
'locations': {
|
||||||
|
'/': {
|
||||||
|
'redirect': 'https://paste.franzi.business$request_uri',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
'worker_processes': 8,
|
'worker_processes': 8,
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in a new issue