Page MenuHomeDevCentral
Files F3750217

D3568.id9186.diff
No OneTemporary
Actions

D3568.id9186.diff
View Options

diff --git a/UIDs b/UIDs
--- a/UIDs
+++ b/UIDs
@@ -13,5 +13,5 @@
8900 zr LEGACY
# Web app
-12000 web-org-nasqueron-mail #reserved for it
+12000 web-org-nasqueron-mail
12001 web-org-nasqueron-mail-admin
diff --git a/pillar/paas/alkane/hervil/main.sls b/pillar/paas/alkane/hervil/main.sls
--- a/pillar/paas/alkane/hervil/main.sls
+++ b/pillar/paas/alkane/hervil/main.sls
@@ -19,6 +19,7 @@
nginx_vhosts:
nasqueron.org:
- admin.mail
+ - mail
php_fpm_instances:
# PHP current version, generally installed as package/port
@@ -34,3 +35,10 @@
php-fpm: prod
env:
APPLICATION_ENV: production
+
+ mail.nasqueron.org:
+ domain: nasqueron.org
+ subdomain: mail
+ user: web-org-nasqueron-mail
+ uid: 12000
+ php-fpm: prod
diff --git a/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/mail.conf b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/mail.conf
new file mode 100644
--- /dev/null
+++ b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/mail.conf
@@ -0,0 +1,64 @@
+# -------------------------------------------------------------
+# Webserver
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Site: mail.nasqueron.org
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/mail.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# Main site
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ server_name mail.nasqueron.org;
+
+ include includes/tls;
+ ssl_certificate /usr/local/etc/letsencrypt/live/mail.nasqueron.org/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/mail.nasqueron.org/privkey.pem;
+
+ include includes/letsencrypt;
+
+ root /var/wwwroot/nasqueron.org/mail;
+ index index.html index.php index.htm;
+
+ add_header X-Content-Type-Options "nosniff" always;
+ add_header X-XSS-Protection "1; mode=block" always;
+ add_header X-Robots-Tag "none" always;
+ add_header X-Download-Options "noopen" always;
+ add_header X-Permitted-Cross-Domain-Policies "none" always;
+ add_header Referrer-Policy "no-referrer" always;
+ add_header X-Frame-Options "SAMEORIGIN" always;
+
+ location /snappymail {
+ try_files $uri $uri/ /index.php?$args;
+
+ }
+
+ location ~ \.php$ {
+ fastcgi_pass unix:/var/run/web/mail.nasqueron.org/php-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include includes/fastcgi;
+ }
+}
+
+# -------------------------------------------------------------
+# Redirect
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name mail.nasqueron.org;
+
+ return 301 https://mail.nasqueron.org$request_uri;
+}
diff --git a/roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/init.sh b/roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/init.sh
new file mode 100755
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/init.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# Nasqueron PaaS :: Alkane :: Recipe for deployment
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/init.sh
+# Action: init
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+set -x
+
+# -------------------------------------------------------------
+# Snappymail
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+cd "$ALKANE_SITE_PATH"
+mkdir -p snappymail
+cd snappymail
+
+curl https://snappymail.eu/repository/latest.tar.gz | tar --exclude data/ -xzf -
diff --git a/roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/update.sh b/roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/update.sh
new file mode 100755
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/update.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# Nasqueron PaaS :: Alkane :: Recipe for deployment
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/update.sh
+# Action: init
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+set -x
+
+# -------------------------------------------------------------
+# Snappymail
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+cd "$ALKANE_SITE_PATH/snappymail"
+
+curl https://snappymail.eu/repository/latest.tar.gz | tar --exclude data/ -xzf -
diff --git a/roles/webserver-content/org/nasqueron/files/snappymail/include.php b/roles/webserver-content/org/nasqueron/files/snappymail/include.php
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/files/snappymail/include.php
@@ -0,0 +1,41 @@
+<?php
+
+/* -------------------------------------------------------------
+ Snappymail configuration
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Project: Nasqueron
+ License: Trivial work, not eligible to copyright
+ Source file: roles/webserver-content/org/nasqueron/files/snappymail/include.php
+ -------------------------------------------------------------
+
+ <auto-generated>
+ This file is managed by our rOPS SaltStack repository.
+
+ Changes to this file may cause incorrect behavior
+ and will be lost if the state is redeployed.
+ </auto-generated>
+ */
+
+/* -------------------------------------------------------------
+ Helper methods
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
+
+function define_app_data_path(string $path) : void {
+ // Avoid to create folders in the parent directory
+ // starting by path, e.g. snappymail snappymail_data_ snappymail.htaccess
+ // snappymailindex.html snappymailindex.php snappymailINSTALLED
+ // snappymailSALT.php
+ if (!str_ends_with($path, "/")) {
+ $path .= "/";
+ }
+
+ define("APP_DATA_FOLDER_PATH", $path);
+}
+
+/* -------------------------------------------------------------
+ Snappymail configuration
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
+
+define("MULTIDOMAIN", 1);
+
+define_app_data_path("{{ data_path }}");
diff --git a/roles/webserver-content/org/nasqueron/mail.sls b/roles/webserver-content/org/nasqueron/mail.sls
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/mail.sls
@@ -0,0 +1,78 @@
+# -------------------------------------------------------------
+# Salt — Provision mail.nasqueron.org website
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Base directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/wwwroot/nasqueron.org/mail:
+ file.directory:
+ - user: deploy
+ - group: wheel
+ - dir_mode: 755
+
+# -------------------------------------------------------------
+# Root content
+#
+# :: phpinfo - This is important to be transparent about the
+# capabilities of our webmails installations.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/wwwroot/nasqueron.org/mail/phpinfo.php:
+ file.managed:
+ - user: deploy
+ - mode: 644
+ - contents: |
+ <?php phpinfo(); ?>
+
+# -------------------------------------------------------------
+# Alkane deployment
+#
+# :: Snappymail
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/usr/local/libexec/alkane/mail.nasqueron.org:
+ file.directory:
+ - user: root
+ - group: web
+ - dir_mode: 755
+
+/usr/local/libexec/alkane/mail.nasqueron.org/init:
+ file.managed:
+ - source: salt://roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/init.sh
+ - mode: 755
+
+/usr/local/libexec/alkane/mail.nasqueron.org/update:
+ file.managed:
+ - source: salt://roles/webserver-content/org/nasqueron/files/recipes/mail.nasqueron.org/update.sh
+ - mode: 755
+
+www_mail_build:
+ cmd.run:
+ - name: alkane deploy mail.nasqueron.org
+ - runas: deploy
+ - creates: /var/wwwroot/nasqueron.org/mail/snappymail/index.php
+
+# -------------------------------------------------------------
+# Snappy mail
+#
+# :: Data
+# :: Configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/dataroot/nasqueron/snappymail:
+ file.directory:
+ - user: web-org-nasqueron-mail
+ - group: web
+ - makedirs: true
+
+/var/wwwroot/nasqueron.org/mail/snappymail/include.php:
+ file.managed:
+ - source: salt://roles/webserver-content/org/nasqueron/files/snappymail/include.php
+ - template: jinja
+ - context:
+ data_path: /var/dataroot/nasqueron/snappymail

File Metadata

Mime Type
text/plain
Expires
Sun, Nov 17, 22:40 (7 h, 1 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2249890
Default Alt Text
D3568.id9186.diff (10 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator