Add email - Dovecot, rspamd, exim4.
And appropriate configuration for various email domains.
This commit is contained in:
parent
ff199e101f
commit
7b94baa6cd
|
@ -0,0 +1,25 @@
|
|||
dkim:
|
||||
dkim_bear-cave: |
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
|
||||
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
|
||||
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
|
||||
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE==
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
dkim_cryhavoc: |
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
|
||||
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
|
||||
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
|
||||
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE==
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
dkim_lunch: |
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
|
||||
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
|
||||
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
|
||||
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE==
|
||||
-----END OPENSSH PRIVATE KEY-----
|
|
@ -4,6 +4,7 @@ base:
|
|||
- secrets/mariadb
|
||||
- secrets/wordpress
|
||||
'scabbers.lunch.org.uk':
|
||||
- secrets/dkim
|
||||
- secrets/dnsapi
|
||||
- secrets/gitea
|
||||
- secrets/webmail
|
||||
|
|
|
@ -1,3 +1,9 @@
|
|||
bullseye_backports:
|
||||
pkgrepo.managed:
|
||||
- name: deb http://deb.debian.org/debian bullseye-backports main
|
||||
- dist: bullseye-backports
|
||||
- file: /etc/apt/sources.list.d/bullseye-backports.list
|
||||
|
||||
deploy_sshd_config:
|
||||
file.managed:
|
||||
- name: /etc/ssh/sshd_config
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
dovecot:
|
||||
pkg.installed:
|
||||
- pkgs:
|
||||
- dovecot-core
|
||||
- dovecot-imapd
|
||||
- dovecot-sieve
|
||||
- dovecot-managesieved
|
||||
|
||||
dovecot_certs_group:
|
||||
group.present:
|
||||
- name: ssl-cert
|
||||
- system: true
|
||||
- addusers:
|
||||
- dovecot
|
||||
|
||||
dovecot_conf:
|
||||
file.managed:
|
||||
- mode: 0644
|
||||
- names:
|
||||
- /etc/dovecot/local.conf:
|
||||
- source: salt://email/dovecot_local.conf
|
||||
|
||||
dovecot_service:
|
||||
service.running:
|
||||
- name: dovecot
|
||||
- enable: true
|
||||
- watch:
|
||||
- pkg: dovecot
|
||||
- file: /etc/dovecot/local.conf
|
|
@ -0,0 +1,20 @@
|
|||
# We use Maildir.
|
||||
mail_location = maildir:~/Maildir
|
||||
|
||||
# Require SSL for all auth.
|
||||
ssl = required
|
||||
|
||||
# SSL certificate locations.
|
||||
ssl_cert = </var/local/certificates/mail.lunch.org.uk/fullchain.pem
|
||||
ssl_key = </var/local/certificates/mail.lunch.org.uk/privkey.pem
|
||||
|
||||
# Plugins.
|
||||
protocol lda {
|
||||
mail_plugins = acl sieve
|
||||
}
|
||||
|
||||
# IMAP - increase number of connections per IP.
|
||||
protocol imap {
|
||||
mail_max_userip_connections = 40
|
||||
}
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
exim4:
|
||||
pkg.installed:
|
||||
- name: exim4-daemon-heavy
|
||||
|
||||
exim4_conf:
|
||||
file.recurse:
|
||||
- name: /etc/exim4
|
||||
- dir_mode: '0755'
|
||||
- file_mode: '0644'
|
||||
- source: salt://email/exim4
|
||||
|
||||
# To read system certificate details, you must be in ssl-cert.
|
||||
exim4_certs_group:
|
||||
group.present:
|
||||
- name: ssl-cert
|
||||
- system: true
|
||||
- addusers:
|
||||
- Debian-exim
|
||||
|
||||
# To deliver using the Dovecot LDA without getting a perms
|
||||
# error on /run/dovecot/stats-writer, the Exim user must be in
|
||||
# the dovecot group.
|
||||
exim4_dovecot_group:
|
||||
group.present:
|
||||
- name: dovecot
|
||||
- system: true
|
||||
- addusers:
|
||||
- Debian-exim
|
||||
|
||||
exim4_dkim_private_keys:
|
||||
file.managed:
|
||||
- mode: 0640
|
||||
- group: Debian-exim
|
||||
- names:
|
||||
- /etc/exim4/dkim/bear-cave.org.uk-private.pem:
|
||||
- contents_pillar: dkim:dkim_bear-cave
|
||||
- /etc/exim4/dkim/cryhavoc.org.uk-private.pem:
|
||||
- contents_pillar: dkim:dkim_cryhavoc
|
||||
- /etc/exim4/dkim/lunch.org.uk-private.pem:
|
||||
- contents_pillar: dkim:dkim_lunch
|
||||
|
||||
exim4_update_conf:
|
||||
cmd.run:
|
||||
- name: update-exim4.conf
|
||||
- onchanges:
|
||||
- file: exim4_conf
|
||||
|
||||
enable_exim4_service:
|
||||
service.enabled:
|
||||
- name: exim4
|
||||
|
||||
exim4_service:
|
||||
service.running:
|
||||
- name: exim4
|
||||
- reload: true
|
||||
- watch:
|
||||
- cmd: exim4_update_conf
|
|
@ -0,0 +1,7 @@
|
|||
# AUTH acl check.
|
||||
check_auth:
|
||||
accept hosts = *
|
||||
endpass
|
||||
message = STARTTLS required before AUTH
|
||||
encrypted = *
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
# Authenticate via dovecot.
|
||||
#
|
||||
# For plain and login the connection must be ciphered.
|
||||
|
||||
dovecot_plain:
|
||||
driver = dovecot
|
||||
public_name = PLAIN
|
||||
server_socket = /var/run/dovecot/auth-client
|
||||
#server_set_id = $auth2
|
||||
server_mail_auth_condition = false
|
||||
|
||||
|
||||
#dovecot_login:
|
||||
# driver = dovecot
|
||||
# public_name = LOGIN
|
||||
# server_socket = /var/run/dovecot/auth-client
|
||||
# #server_set_id = $auth2
|
||||
# server_mail_auth_condition = false
|
|
@ -0,0 +1,33 @@
|
|||
# Trusted users and groups
|
||||
MAIN_TRUSTED_USERS=mail:www-data
|
||||
|
||||
# User account UID range
|
||||
FIRST_USER_ACCOUNT_UID=1000
|
||||
|
||||
# TLS configuration
|
||||
MAIN_TLS_ENABLE=true
|
||||
MAIN_TLS_CERTIFICATE=/var/local/certificates/mail.lunch.org.uk/fullchain.pem
|
||||
MAIN_TLS_PRIVATEKEY=/var/local/certificates/mail.lunch.org.uk/privkey.pem
|
||||
|
||||
# Local settings
|
||||
# CHECK_RCPT_LOCAL_ACL_FILE=/etc/exim4/local_check_rcpt
|
||||
CHECK_DATA_LOCAL_ACL_FILE=/etc/exim4/local_check_data
|
||||
|
||||
# DKIM keys and handling.
|
||||
DKIM_CANON = relaxed
|
||||
DKIM_SELECTOR = 20160621
|
||||
|
||||
# Get the domain from the outgoing mail.
|
||||
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
|
||||
|
||||
# The private key file.
|
||||
DKIM_FILE = ${lookup {DKIM_DOMAIN-private.pem} dsearch,ret=full,filter=file {/etc/exim4/dkim}}
|
||||
|
||||
# If key exists then use it, if not don't.
|
||||
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE} {DKIM_FILE} {0}}
|
||||
|
||||
# Log more TLS info than default.
|
||||
MAIN_LOG_SELECTOR = +tls_peerdn +tls_sni
|
||||
|
||||
# SRS
|
||||
SRS_SECRET = sxN7DlwZMWHar1J;L!wlKwbzc9ECB[F>!LEYm9[LF0
|
|
@ -0,0 +1,13 @@
|
|||
# Use rspamd as spam scanner.
|
||||
spamd_address = 127.0.0.1 11333 variant=rspamd
|
||||
|
||||
# Timeout for virus and spam scans
|
||||
local_scan_timeout = 4m
|
||||
|
||||
# Allow all users to see mail queue
|
||||
no_queue_list_requires_admin
|
||||
|
||||
# Listen in ports 25, 465 and 587.
|
||||
daemon_smtp_ports = smtp : submission : submissions
|
||||
tls_on_connect_ports = submissions
|
||||
|
|
@ -0,0 +1,24 @@
|
|||
outbound:
|
||||
driver = dnslookup
|
||||
# if outbound, and forwarding has been done, use an alternate transport
|
||||
domains = ! +local_domains
|
||||
transport = ${if eq {$local_part@$domain} \
|
||||
{$original_local_part@$original_domain} \
|
||||
{remote_smtp} {remote_forwarded_smtp}}
|
||||
|
||||
inbound_srs:
|
||||
driver = redirect
|
||||
senders = :
|
||||
domains = +local_domains
|
||||
# detect inbound bounces which are SRS'd, and decode them
|
||||
condition = ${if inbound_srs {$local_part} {SRS_SECRET}}
|
||||
data = $srs_recipient
|
||||
|
||||
inbound_srs_failure:
|
||||
driver = redirect
|
||||
senders = :
|
||||
domains = +local_domains
|
||||
# detect inbound bounces which look SRS'd but are invalid
|
||||
condition = ${if inbound_srs {$local_part} {}}
|
||||
allow_fail
|
||||
data = :fail: Invalid SRS recipient address
|
|
@ -0,0 +1,12 @@
|
|||
# Allow a throwaway suffix to the local part. Might help spot who sells
|
||||
# email addresses.
|
||||
suffix_rewrite:
|
||||
driver = redirect
|
||||
allow_defer
|
||||
allow_fail
|
||||
data = ${local_part}@${domain}
|
||||
local_part_suffix = "_*"
|
||||
local_part_suffix_optional
|
||||
qualify_preserve_domain
|
||||
retry_use_local_part
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
|
||||
# cryhavoc.org.uk has its own aliases. These are separate to the system
|
||||
# ones - see system_aliases.
|
||||
cryhavoc_aliases:
|
||||
driver = redirect
|
||||
allow_defer
|
||||
allow_fail
|
||||
data = ${lookup{$local_part}lsearch{/etc/aliases.cryhavoc.org.uk}}
|
||||
domains = cryhavoc.org.uk
|
||||
qualify_preserve_domain
|
||||
pipe_transport = address_pipe
|
||||
no_more
|
||||
|
||||
# cowboybuilder.org.uk has its own aliases. These are separate to the system
|
||||
# ones - see system_aliases.
|
||||
cowboybuilder_aliases:
|
||||
driver = redirect
|
||||
allow_defer
|
||||
allow_fail
|
||||
data = ${lookup{$local_part}lsearch{/etc/aliases.cowboybuilder.org.uk}}
|
||||
domains = cowboybuilder.org.uk
|
||||
qualify_preserve_domain
|
||||
pipe_transport = address_pipe
|
||||
no_more
|
||||
|
||||
# lunch.org.uk has its own aliases. These are separate to the system
|
||||
# ones - see system_aliases.
|
||||
lunch_aliases:
|
||||
driver = redirect
|
||||
allow_defer
|
||||
allow_fail
|
||||
data = ${lookup{$local_part}lsearch{/etc/aliases.lunch.org.uk}}
|
||||
domains = lunch.org.uk
|
||||
qualify_preserve_domain
|
||||
retry_use_local_part
|
|
@ -0,0 +1,16 @@
|
|||
|
||||
# Use this to deliver to system users.
|
||||
# Exim runs this as the user from the local_user router.
|
||||
dovecot_home:
|
||||
debug_print = "T: dovecot_home for $local_part@$domain"
|
||||
driver = pipe
|
||||
#command = sh -c "/usr/bin/bogofilter -e -u -p | /usr/lib/dovecot/deliver"
|
||||
command = /usr/lib/dovecot/deliver
|
||||
message_prefix =
|
||||
message_suffix =
|
||||
log_output
|
||||
delivery_date_add
|
||||
envelope_to_add
|
||||
return_path_add
|
||||
temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
# transport; should look like the non-forward outbound
|
||||
# one, plus the max_rcpt and return_path options
|
||||
remote_forwarded_smtp:
|
||||
driver = smtp
|
||||
# modify the envelope from, for mails that we forward
|
||||
max_rcpt = 1
|
||||
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
|
|
@ -0,0 +1 @@
|
|||
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC97rpW4HWK3q4TIjQnWO6WQZxa1EPPRCJJp3yYcjej8ierPPA420RWm3hyUbfPvwN9ynUXPVfrYYj7FJWMR8W3/dGJGOEjaBvL4pITwSg5WZt/7fDpGYkro4P//TnMMcF3iRAOm+XQywatNISuBYKQvOdy16Lw0XQyhV37pt0ixwIDAQAB
|
|
@ -0,0 +1 @@
|
|||
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoEgY4ekHBKJFey4JtZOO9K0bc25aYKGZiUMd+ESgwZfB3uP0JYxdII8CKLYpHFopmPs8mBW9pNs9L2Iyl6U4v4EE+LwHAhz7uZJfpLylmjQrfb9x72AQONGb4AiK7drc4jbcHr80gMorr27RE9RuYe00U4HdERGwjWcU7rJaRzQIDAQAB
|
|
@ -0,0 +1 @@
|
|||
k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDT6tLjGtCGeZz7MtLq2AazdP7CojC1Vk6CrY+qvM7/rdhIaL++y28+l6WYQhEO0+0kUYNtGewjhvUuq9nEVPvTEh370xOOSDlfAsMTZXZnJFmZGVDegF8mbOg+CQSWqmKRPCmDFsTy1ablh9JnxCIk6q/hiMLfsM1qEO51Wafw/wIDAQAB
|
|
@ -0,0 +1,6 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC97rpW4HWK3q4TIjQnWO6WQZxa
|
||||
1EPPRCJJp3yYcjej8ierPPA420RWm3hyUbfPvwN9ynUXPVfrYYj7FJWMR8W3/dGJ
|
||||
GOEjaBvL4pITwSg5WZt/7fDpGYkro4P//TnMMcF3iRAOm+XQywatNISuBYKQvOdy
|
||||
16Lw0XQyhV37pt0ixwIDAQAB
|
||||
-----END PUBLIC KEY-----
|
|
@ -0,0 +1,6 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoEgY4ekHBKJFey4JtZOO9K0bc
|
||||
25aYKGZiUMd+ESgwZfB3uP0JYxdII8CKLYpHFopmPs8mBW9pNs9L2Iyl6U4v4EE+
|
||||
LwHAhz7uZJfpLylmjQrfb9x72AQONGb4AiK7drc4jbcHr80gMorr27RE9RuYe00U
|
||||
4HdERGwjWcU7rJaRzQIDAQAB
|
||||
-----END PUBLIC KEY-----
|
|
@ -0,0 +1,6 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDT6tLjGtCGeZz7MtLq2AazdP7C
|
||||
ojC1Vk6CrY+qvM7/rdhIaL++y28+l6WYQhEO0+0kUYNtGewjhvUuq9nEVPvTEh37
|
||||
0xOOSDlfAsMTZXZnJFmZGVDegF8mbOg+CQSWqmKRPCmDFsTy1ablh9JnxCIk6q/h
|
||||
iMLfsM1qEO51Wafw/wIDAQAB
|
||||
-----END PUBLIC KEY-----
|
|
@ -0,0 +1,41 @@
|
|||
# From rspamd docs.
|
||||
|
||||
# skip scanning for authenticated users (if desired?)
|
||||
accept authenticated = *
|
||||
|
||||
# scan the message with rspamd
|
||||
warn spam = Debian-exim:true
|
||||
# This will set variables as follows:
|
||||
# $spam_action is the action recommended by rspamd
|
||||
# $spam_score is the message score (we unlikely need it)
|
||||
# $spam_score_int is spam score multiplied by 10
|
||||
# $spam_report lists symbols matched & protocol messages
|
||||
# $spam_bar is a visual indicator of spam/ham level
|
||||
|
||||
# use greylisting available in rspamd v1.3+
|
||||
#defer message = Please try again later
|
||||
# condition = ${if eq{$spam_action}{soft reject}}
|
||||
|
||||
#deny message = Message discarded as high-probability spam
|
||||
# condition = ${if eq{$spam_action}{reject}}
|
||||
|
||||
# Remove foreign headers
|
||||
warn remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status
|
||||
|
||||
# add spam-score and spam-report header when "add header" action is recommended by rspamd
|
||||
warn
|
||||
condition = ${if eq{$spam_action}{add header}}
|
||||
add_header = X-Spam-Score: $spam_score ($spam_bar)
|
||||
add_header = X-Spam-Report: $spam_report
|
||||
|
||||
# add x-spam-status header if message is not ham
|
||||
warn
|
||||
! condition = ${if match{$spam_action}{^no action\$|^greylist\$}}
|
||||
add_header = X-Spam-Status: Yes
|
||||
|
||||
# add x-spam-bar header if score is positive
|
||||
warn
|
||||
condition = ${if >{$spam_score_int}{0}}
|
||||
add_header = X-Spam-Bar: $spam_bar
|
||||
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
# /etc/exim4/update-exim4.conf.conf
|
||||
#
|
||||
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
|
||||
# yourself or use 'dpkg-reconfigure exim4-config'
|
||||
#
|
||||
# Please note that this is _not_ a dpkg-conffile and that automatic changes
|
||||
# to this file might happen. The code handling this will honor your local
|
||||
# changes, so this is usually fine, but will break local schemes that mess
|
||||
# around with multiple versions of the file.
|
||||
#
|
||||
# update-exim4.conf uses this file to determine variable values to replace
|
||||
# the DEBCONFsomethingDEBCONF strings in the configuration template files.
|
||||
#
|
||||
# Most settings found in here do have corresponding questions in the
|
||||
# Debconf configuration, but not all of them.
|
||||
#
|
||||
# This is a Debian specific file
|
||||
|
||||
dc_eximconfig_configtype='smarthost'
|
||||
dc_other_hostnames='bear-cave.org.uk:*.bear-cave.org.uk:lunch.org.uk:*.lunch.org.uk:cryhavoc.org.uk:cowboybuilder.org.uk:oxfordbeginnersession.org.uk'
|
||||
dc_local_interfaces=''
|
||||
dc_readhost=''
|
||||
dc_relay_domains=''
|
||||
dc_minimaldns='false'
|
||||
dc_relay_nets=''
|
||||
dc_smarthost='smtpout.mythic-beasts.com'
|
||||
CFILEMODE='644'
|
||||
dc_use_split_config='true'
|
||||
dc_hide_mailname='false'
|
||||
dc_mailname_in_oh='true'
|
||||
dc_localdelivery='dovecot_home'
|
|
@ -0,0 +1,4 @@
|
|||
include:
|
||||
- email/dovecot
|
||||
- email/rspamd
|
||||
- email/exim4
|
|
@ -0,0 +1,20 @@
|
|||
# Stock bullseye rspamd doesn't start.
|
||||
rspamd:
|
||||
pkg.installed:
|
||||
- name: rspamd
|
||||
- fromrepo: bullseye-backports
|
||||
|
||||
rspamd_conf:
|
||||
file.recurse:
|
||||
- name: /etc/rspamd/local.d
|
||||
- dir_mode: '0755'
|
||||
- file_mode: '0644'
|
||||
- source: salt://email/rspamd/local.d
|
||||
|
||||
rspamd_service:
|
||||
service.running:
|
||||
- name: rspamd
|
||||
- enable: true
|
||||
- watch:
|
||||
- pkg: rspamd
|
||||
- file: /etc/rspamd/local.d
|
|
@ -0,0 +1 @@
|
|||
# 2a00:1098:8:d6::1/64
|
|
@ -0,0 +1,6 @@
|
|||
IP_WHITELIST {
|
||||
type = "ip";
|
||||
prefilter = "true";
|
||||
map = "/${LOCAL_CONFDIR}/local.d/ip_whitelist.map";
|
||||
action = "accept";
|
||||
}
|
|
@ -0,0 +1,2 @@
|
|||
write_servers = "localhost";
|
||||
read_servers = "localhost";
|
|
@ -5,6 +5,12 @@ scabbers_public:
|
|||
- services:
|
||||
- dhcpv6-client
|
||||
- ssh
|
||||
- imap
|
||||
- imaps
|
||||
- managesieve
|
||||
- smtp
|
||||
- smtps
|
||||
- smtp-submission
|
||||
- prune_services: True
|
||||
- require:
|
||||
- firewalld
|
||||
|
|
|
@ -22,6 +22,7 @@ base:
|
|||
- backup
|
||||
- backup/scabbers
|
||||
- dottes_website
|
||||
- email
|
||||
- fail2ban
|
||||
- firewalls/scabbers
|
||||
- gitea
|
||||
|
|
Loading…
Reference in New Issue