Compare commits
No commits in common. "78fda4f9e93926e18b859268886a3038936b1bf1" and "530462e9d2b562a2d0879957c1adff4ba0f01c05" have entirely different histories.
78fda4f9e9
...
530462e9d2
|
@ -1,10 +0,0 @@
|
||||||
reporting {
|
|
||||||
# Required attributes
|
|
||||||
enabled = true; # Enable reports in general
|
|
||||||
email = 'dmarc@${node.metadata.get('hostname')}'; # Source of DMARC reports
|
|
||||||
domain = '${node.metadata.get('hostname')}'; # Domain to serve
|
|
||||||
org_name = 'kunbox.net'; # Organisation
|
|
||||||
smtp = '127.0.0.1'; # SMTP server IP
|
|
||||||
smtp_port = 25; # SMTP server port
|
|
||||||
from_name = 'rspamd @ ${node.metadata.get('hostname')}'; # SMTP FROM
|
|
||||||
}
|
|
|
@ -1,7 +0,0 @@
|
||||||
dmarc {
|
|
||||||
reporting = true;
|
|
||||||
actions = {
|
|
||||||
quarantine = "add_header";
|
|
||||||
reject = "reject";
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,9 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=Send rspamd dmarc reports
|
|
||||||
After=network.target
|
|
||||||
Requires=rspamd.service
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
User=_rspamd
|
|
||||||
Group=_rspamd
|
|
||||||
ExecStart=/usr/bin/rspamadm dmarc_report
|
|
|
@ -1,9 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=Trigger sending dmarc reports
|
|
||||||
|
|
||||||
[Timer]
|
|
||||||
OnCalendar=*-*-* ${hour}:${minute}:00
|
|
||||||
Persistent=true
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=timers.target
|
|
|
@ -49,12 +49,6 @@ svc_systemd = {
|
||||||
'pkg_apt:clamav-freshclam',
|
'pkg_apt:clamav-freshclam',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'rspamd-dmarc-report.timer': {
|
|
||||||
'needs': {
|
|
||||||
'file:/etc/systemd/system/rspamd-dmarc-report.service',
|
|
||||||
'file:/etc/systemd/system/rspamd-dmarc-report.timer',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
files = {
|
files = {
|
||||||
|
@ -64,22 +58,6 @@ files = {
|
||||||
'/usr/local/bin/telegraf-rspamd-plugin': {
|
'/usr/local/bin/telegraf-rspamd-plugin': {
|
||||||
'mode': '0755',
|
'mode': '0755',
|
||||||
},
|
},
|
||||||
'/etc/systemd/system/rspamd-dmarc-report.timer': {
|
|
||||||
'content_type': 'mako',
|
|
||||||
'context': {
|
|
||||||
'hour': node.magic_number%24,
|
|
||||||
'minute': node.magic_number%60,
|
|
||||||
},
|
|
||||||
'triggers': {
|
|
||||||
'action:systemd-reload',
|
|
||||||
'svc_systemd:rspamd-dmarc-report.timer:restart',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'/etc/systemd/system/rspamd-dmarc-report.service': {
|
|
||||||
'triggers': {
|
|
||||||
'action:systemd-reload',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -117,7 +95,7 @@ if 'dkim' in node.metadata.get('rspamd', {}):
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if 'password' in node.metadata.get('rspamd', {}):
|
if node.metadata.get('rspamd/password', None):
|
||||||
files['/etc/rspamd/local.d/worker-controller.inc'] = {
|
files['/etc/rspamd/local.d/worker-controller.inc'] = {
|
||||||
'content_type': 'mako',
|
'content_type': 'mako',
|
||||||
'triggers': {
|
'triggers': {
|
||||||
|
@ -129,7 +107,6 @@ local_config_path = join(repo.path, 'bundles', 'rspamd', 'files', 'local.d')
|
||||||
for f in listdir(local_config_path):
|
for f in listdir(local_config_path):
|
||||||
files[f'/etc/rspamd/local.d/{f}'] = {
|
files[f'/etc/rspamd/local.d/{f}'] = {
|
||||||
'source': f'local.d/{f}',
|
'source': f'local.d/{f}',
|
||||||
'content_type': 'mako',
|
|
||||||
'triggers': {
|
'triggers': {
|
||||||
'svc_systemd:rspamd:restart',
|
'svc_systemd:rspamd:restart',
|
||||||
},
|
},
|
||||||
|
|
|
@ -52,9 +52,6 @@ defaults = {
|
||||||
'clamav': {
|
'clamav': {
|
||||||
'root',
|
'root',
|
||||||
},
|
},
|
||||||
'dmarc': {
|
|
||||||
'root',
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'rspamd': {
|
'rspamd': {
|
||||||
|
|
|
@ -29,10 +29,7 @@ ns-3 IN A 35.228.143.71
|
||||||
${record}
|
${record}
|
||||||
% endfor
|
% endfor
|
||||||
|
|
||||||
; Please note there's no _dmarc record in here. We use this domain to
|
;_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:hostmaster@kunbox.net; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
|
||||||
; send out dmarc reports to other domains, so there shouldn't be a
|
|
||||||
; record here to avoid creating loops.
|
|
||||||
; We're still publishing DKIM keys and have enabled TLSRPT, though.
|
|
||||||
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
_mta-sts IN TXT "v=STSv1;id=20201111;"
|
||||||
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
|
||||||
_token._dnswl IN TXT "6akc10htbgmg56e072w0w2n0wql4oezu"
|
_token._dnswl IN TXT "6akc10htbgmg56e072w0w2n0wql4oezu"
|
||||||
|
|
|
@ -131,8 +131,8 @@ nodes['rx300'] = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'gitea': {
|
'gitea': {
|
||||||
'version': '1.15.2',
|
'version': '1.15.0',
|
||||||
'sha256': '9a7fae605dc182e0c7b1d380647518aaa8736ad5a42f7e9299099317f1e614c9',
|
'sha256': '4789c7b9f0610102129ced87a4977386e493a67383eebad80cfce66b42a6f2cc',
|
||||||
'domain': 'git.franzi.business',
|
'domain': 'git.franzi.business',
|
||||||
'email_domain_blocklist': {
|
'email_domain_blocklist': {
|
||||||
'gmail.com',
|
'gmail.com',
|
||||||
|
@ -485,7 +485,7 @@ nodes['rx300'] = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'travelynx': {
|
'travelynx': {
|
||||||
'version': '1.21.1',
|
'version': '1.21.0',
|
||||||
'mail_from': 'travelynx@franzi.business',
|
'mail_from': 'travelynx@franzi.business',
|
||||||
'domain': 'travelynx.franzi.business',
|
'domain': 'travelynx.franzi.business',
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in a new issue