Page MenuHomeDevCentral
Files F12241765

No OneTemporary
Actions

View Options

diff --git a/roles/mailserver/dovecot/files/conf.d/10-ssl.conf b/roles/mailserver/dovecot/files/conf.d/10-ssl.conf
index d46de73..d6f0e34 100644
--- a/roles/mailserver/dovecot/files/conf.d/10-ssl.conf
+++ b/roles/mailserver/dovecot/files/conf.d/10-ssl.conf
@@ -1,19 +1,19 @@
# -------------------------------------------------------------
# Dovecot configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Source file: roles/mailserver/dovecot/files/conf.d/10-ssl.conf
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
-ssl_cert = </usr/local/etc/letsencrypt/live/mail.nasqueron.org/fullchain.pem
-ssl_key = </usr/local/etc/letsencrypt/live/mail.nasqueron.org/privkey.pem
+ssl_cert = </var/certificates/mail.nasqueron.org/fullchain.pem
+ssl_key = </var/certificates/mail.nasqueron.org/privkey.pem
ssl = required
diff --git a/roles/mailserver/postfix/files/main.cf b/roles/mailserver/postfix/files/main.cf
index ce496bc..25d56ab 100644
--- a/roles/mailserver/postfix/files/main.cf
+++ b/roles/mailserver/postfix/files/main.cf
@@ -1,134 +1,134 @@
# -------------------------------------------------------------
# Postfix main configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Source file: roles/mailserver/postfix/files/main.cf
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
compatibility_level = 3.8
# -------------------------------------------------------------
# Postfix directories
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
command_directory = {{ dirs.sbin }}
daemon_directory = {{ postfix_dirs.daemon }}
data_directory = {{ postfix_dirs.data }}
html_directory = {{ dirs.share }}/doc/postfix
manpage_directory = {{ dirs.man }}
meta_directory = {{ dirs.etc }}/postfix
queue_directory = {{ postfix_dirs.queue }}
readme_directory = {{ dirs.share }}/doc/postfix
sample_directory = {{ dirs.etc }}/postfix
shlib_directory = {{ postfix_dirs.shlib }}
virtual_mailbox_base = /var/mail/_virtual
virtual_uid_maps = static:6000
virtual_gid_maps = static:6000
virtual_mailbox_domains=pgsql:{{ dirs.etc }}/postfix/pgsql-virtual-mailbox-domains.cf
virtual_mailbox_maps=pgsql:{{ dirs.etc }}/postfix/pgsql-virtual-mailbox-maps.cf
virtual_alias_maps=pgsql:{{ dirs.etc }}/postfix/pgsql-virtual-alias-maps.cf
alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases
myhostname = mail.nasqueron.org
# -------------------------------------------------------------
# External utilities
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
mailq_path = /usr/bin/mailq
newaliases_path = /usr/bin/newaliases
sendmail_path = /usr/bin/sendmail
# -------------------------------------------------------------
# UNIX users and groups
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
mail_owner = postfix
setgid_group = maildrop
# -------------------------------------------------------------
# Debug
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
# -------------------------------------------------------------
# Network
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
inet_protocols = all
mynetworks_style = host
# -------------------------------------------------------------
# Mail
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
mydestination = localhost
unknown_local_recipient_reject_code = 550
# -------------------------------------------------------------
# TLS certificates
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
smtp_tls_CApath = {{ postfix_dirs.cacerts }}
smtpd_tls_security_level=may
-smtpd_tls_cert_file=/usr/local/etc/letsencrypt/live/mail.nasqueron.org/fullchain.pem
-smtpd_tls_key_file=/usr/local/etc/letsencrypt/live/mail.nasqueron.org/privkey.pem
+smtpd_tls_cert_file=/var/certificates/mail.nasqueron.org/fullchain.pem
+smtpd_tls_key_file=/var/certificates/mail.nasqueron.org/key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = aNULL,MD5
smtpd_tls_security_level = may
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
# -------------------------------------------------------------
# Handle mail storage with dovecot
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
virtual_transport = lmtp:unix:private/dovecot-lmtp
# -------------------------------------------------------------
# Handle SMTP authentication using Dovecot
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client cbl.abuseat.org,
check_policy_service unix:private/policy-spf
smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client cbl.abuseat.org
# -------------------------------------------------------------
# Milter
#
# :: DKIM
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
milter_default_action = accept
milter_protocol = 6
smtpd_milters = unix:/var/run/opendkim/opendkim.sock
non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock
diff --git a/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
index 21066b1..25e1310 100644
--- a/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
+++ b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
@@ -1,48 +1,48 @@
# -------------------------------------------------------------
# Webserver
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Site: mail.nasqueron.org
# License: Trivial work, not eligible to copyright
# Source file: roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# Main site
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
server {
listen 80;
listen [::]:80;
server_name admin.mail.nasqueron.org;
include includes/tls;
- ssl_certificate /usr/local/etc/letsencrypt/live/admin.mail.nasqueron.org/fullchain.pem;
- ssl_certificate_key /usr/local/etc/letsencrypt/live/admin.mail.nasqueron.org/privkey.pem;
+ ssl_certificate /var/certificates/admin.mail.nasqueron.org/fullchain.pem;
+ ssl_certificate_key /var/certificates/admin.mail.nasqueron.org/key.pem;
error_log /var/log/www/nasqueron.org/admin.mail-error.log;
access_log /var/log/www/nasqueron.org/admin.mail-access.log;
include includes/letsencrypt;
root /var/wwwroot/nasqueron.org/admin.mail/public;
index index.html index.php;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/web/admin.mail.nasqueron.org/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/wwwroot/nasqueron.org/admin.mail/public/index.php;
include includes/fastcgi;
}
}

File Metadata

Mime Type
text/x-diff
Expires
Sun, Oct 12, 06:18 (1 d, 9 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3062578
Default Alt Text
(8 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator