Jim Hague
5b1ce35bc4
Add cryhavocbag user and redirect bag@cryhavoc to it.
2024-03-09 16:53:00 +00:00
Jim Hague
8316023a61
Update Squire's alias.
2024-02-27 20:41:09 +00:00
Jim Hague
fcc1356db0
Ignore SMTP line limit errors.
...
Turns out HMRC flout this limit.
2023-12-28 15:12:59 +00:00
Jim Hague
39ab8ea933
Add micro gpodder service at gpodder.lunch.org.uk.
2023-12-07 15:02:28 +00:00
Jim Hague
02bff10e25
Django required updates to mailman3-web config.
2023-12-06 16:04:15 +00:00
Jim Hague
6a07035281
Update from bullseye to bookworm.
2023-12-06 16:03:52 +00:00
Jim Hague
c17c33dfa2
Allow SMTPS and IMAPS connections from Mythic proxies.
2023-11-21 15:15:40 +00:00
Jim Hague
0faf81bd95
Go back to removing previous spam headers if we think it's spam.
2023-09-07 11:27:10 +01:00
Jim Hague
45816eb74a
We're receiving via Mythic mailservers, and they've already done RBL.
2023-09-06 14:27:00 +01:00
Jim Hague
32ce2b1a08
We're receiving via Mythic mailservers, so no point greylisting.
2023-09-06 14:26:29 +01:00
Jim Hague
6466609192
Mythic are already using rspamd, so keep their result if present.
2023-09-06 14:25:24 +01:00
Jim Hague
496226815d
rspamd requires Redis server.
2023-09-06 14:24:35 +01:00
Jim Hague
46549c6863
Ensure new certificates are readably by ssl-cert group members.
2023-09-06 14:22:51 +01:00
Jim Hague
f6185d6443
Small certificate hook updates
...
1. Preserve mode, owndership, timestamps when copying certificates.
Ownership is updated after copying.
2. Reload dovecot on mail.lunch.org.uk.
2023-08-06 11:07:16 +01:00
Jim Hague
3a790075ff
Deploy dephydrated certs into /var/local/certificates.
...
This way we can ensure we get the ownership and permissions right.
Also explicitly restart exim on mail cert updates.
2023-07-10 17:54:59 +01:00
Jim Hague
17550da505
Add DKIM to sending via smarthost.
...
No idea why Debian doesn't have this enabled.
2023-07-05 11:59:36 +01:00
Jim Hague
5be41d4b0b
Fix typos in Exim4 SRS router.
2023-05-31 15:20:12 +01:00
Jim Hague
2f349b74fe
Add mailman3.
2023-05-24 15:30:46 +01:00
Jim Hague
f1669325a2
Roundcube should use submissions (465) for sending.
2023-05-24 15:30:46 +01:00
Jim Hague
f61543ea0f
Fix Exim SRS configuration - smarthost delivery now works.
2023-05-24 15:30:46 +01:00
Jim Hague
0b936b4703
Create initial mailboxes (users) and add domain alias files.
2023-05-24 15:30:46 +01:00
Jim Hague
dcdb7d1687
Allow exim access to dovecot auth-client.
2023-05-24 15:30:46 +01:00
Jim Hague
25420a4eb9
Final email tweaks to delivery without errors.
...
1. Get Exim from backports because SRS.
2. Get rspamd from rspamd repo, because that works with Exim.
3. Fix permissions issue on delivery via Dovecot.
2023-05-24 15:30:46 +01:00
Jim Hague
0c199cbb96
Update Jenkins repository key.
2023-05-24 15:30:46 +01:00
Jim Hague
7b94baa6cd
Add email - Dovecot, rspamd, exim4.
...
And appropriate configuration for various email domains.
2023-05-24 15:30:46 +01:00
Jim Hague
ff199e101f
Correct 'owner' to 'user'.
2023-05-24 15:30:46 +01:00
Jim Hague
ffa92ca891
Set certificate ownership and add www-data to ssl-cert group.
...
ssl-cert has permissions to read certificates. No other regular user
does.
2023-05-24 15:30:46 +01:00
Jim Hague
d5aa257de5
havoc_website: add SSL redirect for cryhavoc.org.uk to www.cryhavoc.org.uk.
2023-05-24 15:30:46 +01:00
Jim Hague
e44a12557a
Add cowboy_website to hedwig.
2023-05-24 15:30:46 +01:00
Jim Hague
59d8ebe3ad
Add havoc_website to hedwig.
2023-05-24 15:30:46 +01:00
Jim Hague
2e40466040
Add mariadb install to hedwig.
2023-05-24 15:30:46 +01:00
Jim Hague
53c53b17e7
Copy specific files in dehydrated to avoid copying the subrepo .git.
2023-05-24 15:30:46 +01:00
Jim Hague
612c0355be
We definitely need cron installed.
2023-05-24 15:30:46 +01:00
Jim Hague
285d7a7f83
Add .gitignore
2023-05-24 15:30:46 +01:00
Jim Hague
bba4cc40c2
Replace dehydrated-mythic-dns01 with git submodule.
2023-05-24 15:30:46 +01:00
Jim Hague
1ba422580c
Add backup operations and remote access configs.
2023-05-24 15:30:46 +01:00
Jim Hague
4d13ad1145
Add firewall definitions.
2023-05-24 15:30:46 +01:00
Jim Hague
de539d163f
Correct proxy comment.
2023-05-24 15:30:46 +01:00
Jim Hague
9f414d0180
Change webmail cert path to client path and add symlink on server.
...
So webmail can be moved between servers if necessary.
2023-05-24 15:30:46 +01:00
Jim Hague
cd8649729f
Activate webmail on scabbers and lunch website on hedwig.
2023-05-24 15:30:46 +01:00
Jim Hague
1e961062cc
Add dottes website details.
2023-05-24 15:30:46 +01:00
Jim Hague
b59eb641bd
Add lunch website.
2023-05-24 15:30:46 +01:00
Jim Hague
f18932407f
Add Roundcube webmail.
2023-05-24 15:30:38 +01:00
Jim Hague
021d064552
Add mechanism for copying certificates to other servers.
2023-03-07 15:09:25 +00:00
Jim Hague
42d811b01f
ImageMAgick no longer required for dottes build now PNG replaced by SVG.
2023-03-05 22:19:48 +00:00
Jim Hague
888801ddd5
Add include Apache module (required for dottes) and dottes to scabbers.
2023-03-05 22:19:12 +00:00
Jim Hague
1b7b8e7c4b
pdfcrop is not longer required, so neither is texlive-extra-utils.
2023-02-28 17:46:47 +00:00
Jim Hague
e7c3209a8a
Add Gitea to scabbers.
2023-02-27 18:02:28 +00:00
Jim Hague
fd0714e00d
Add fail2ban and firewalld to scabbers.
2023-02-27 14:49:09 +00:00
Jim Hague
8c2405c7b7
Add fail2ban and firewalld and test out with hedwig.
2023-02-27 14:44:50 +00:00