Jim Hague
cbd9ef7c24
Forgot to enable pillar smtpauth.
2024-05-12 11:44:56 +01:00
Jim Hague
49b96071a2
Change gitea package provider.
...
The old one seems to have died.
2024-05-12 10:59:12 +01:00
Jim Hague
18a4347a8d
Fix dehydrated-mythic-dns01 install.
2024-05-11 09:27:31 +01:00
Jim Hague
e6c2ab7270
Hedwig crashes if swap is enabled, so take it out.
2024-05-10 16:18:05 +01:00
Jim Hague
c766eddeda
Route email From: *.acm.org via Mailroute.
2024-05-10 08:36:37 +01:00
Jim Hague
f8dff4d0b2
fallocate doesn't work on NFS.
2024-04-20 08:12:22 +01:00
Jim Hague
f7d02fdd20
Add swapfile to both hosts.
2024-04-20 07:58:57 +01:00
Jim Hague
756b121a2b
Fix error in sieve file.
2024-04-04 12:10:14 +01:00
Jim Hague
188d410ea3
Add global email delivery spam processing.
2024-04-04 11:46:40 +01:00
Jim Hague
be351a6538
Louis would like bag emails to still be copied to his Gmail.
2024-03-11 20:22:45 +00:00
Jim Hague
9143a33fc0
Disable logins for cryhavocbag.
2024-03-09 17:37:53 +00:00
Jim Hague
b423b7c259
Add imap/smtp.cryhavoc.org.uk to the domains known to deyhdrated.
2024-03-09 17:20:20 +00:00
Jim Hague
5a222dce42
Add cryhavoc.org.uk hosts to mail certificate.
2024-03-09 17:05:13 +00:00
Jim Hague
5b1ce35bc4
Add cryhavocbag user and redirect bag@cryhavoc to it.
2024-03-09 16:53:00 +00:00
Jim Hague
8316023a61
Update Squire's alias.
2024-02-27 20:41:09 +00:00
Jim Hague
fcc1356db0
Ignore SMTP line limit errors.
...
Turns out HMRC flout this limit.
2023-12-28 15:12:59 +00:00
Jim Hague
39ab8ea933
Add micro gpodder service at gpodder.lunch.org.uk.
2023-12-07 15:02:28 +00:00
Jim Hague
02bff10e25
Django required updates to mailman3-web config.
2023-12-06 16:04:15 +00:00
Jim Hague
6a07035281
Update from bullseye to bookworm.
2023-12-06 16:03:52 +00:00
Jim Hague
c17c33dfa2
Allow SMTPS and IMAPS connections from Mythic proxies.
2023-11-21 15:15:40 +00:00
Jim Hague
0faf81bd95
Go back to removing previous spam headers if we think it's spam.
2023-09-07 11:27:10 +01:00
Jim Hague
45816eb74a
We're receiving via Mythic mailservers, and they've already done RBL.
2023-09-06 14:27:00 +01:00
Jim Hague
32ce2b1a08
We're receiving via Mythic mailservers, so no point greylisting.
2023-09-06 14:26:29 +01:00
Jim Hague
6466609192
Mythic are already using rspamd, so keep their result if present.
2023-09-06 14:25:24 +01:00
Jim Hague
496226815d
rspamd requires Redis server.
2023-09-06 14:24:35 +01:00
Jim Hague
46549c6863
Ensure new certificates are readably by ssl-cert group members.
2023-09-06 14:22:51 +01:00
Jim Hague
f6185d6443
Small certificate hook updates
...
1. Preserve mode, owndership, timestamps when copying certificates.
Ownership is updated after copying.
2. Reload dovecot on mail.lunch.org.uk.
2023-08-06 11:07:16 +01:00
Jim Hague
3a790075ff
Deploy dephydrated certs into /var/local/certificates.
...
This way we can ensure we get the ownership and permissions right.
Also explicitly restart exim on mail cert updates.
2023-07-10 17:54:59 +01:00
Jim Hague
17550da505
Add DKIM to sending via smarthost.
...
No idea why Debian doesn't have this enabled.
2023-07-05 11:59:36 +01:00
Jim Hague
5be41d4b0b
Fix typos in Exim4 SRS router.
2023-05-31 15:20:12 +01:00
Jim Hague
2f349b74fe
Add mailman3.
2023-05-24 15:30:46 +01:00
Jim Hague
f1669325a2
Roundcube should use submissions (465) for sending.
2023-05-24 15:30:46 +01:00
Jim Hague
f61543ea0f
Fix Exim SRS configuration - smarthost delivery now works.
2023-05-24 15:30:46 +01:00
Jim Hague
0b936b4703
Create initial mailboxes (users) and add domain alias files.
2023-05-24 15:30:46 +01:00
Jim Hague
dcdb7d1687
Allow exim access to dovecot auth-client.
2023-05-24 15:30:46 +01:00
Jim Hague
25420a4eb9
Final email tweaks to delivery without errors.
...
1. Get Exim from backports because SRS.
2. Get rspamd from rspamd repo, because that works with Exim.
3. Fix permissions issue on delivery via Dovecot.
2023-05-24 15:30:46 +01:00
Jim Hague
0c199cbb96
Update Jenkins repository key.
2023-05-24 15:30:46 +01:00
Jim Hague
7b94baa6cd
Add email - Dovecot, rspamd, exim4.
...
And appropriate configuration for various email domains.
2023-05-24 15:30:46 +01:00
Jim Hague
ff199e101f
Correct 'owner' to 'user'.
2023-05-24 15:30:46 +01:00
Jim Hague
ffa92ca891
Set certificate ownership and add www-data to ssl-cert group.
...
ssl-cert has permissions to read certificates. No other regular user
does.
2023-05-24 15:30:46 +01:00
Jim Hague
d5aa257de5
havoc_website: add SSL redirect for cryhavoc.org.uk to www.cryhavoc.org.uk.
2023-05-24 15:30:46 +01:00
Jim Hague
e44a12557a
Add cowboy_website to hedwig.
2023-05-24 15:30:46 +01:00
Jim Hague
59d8ebe3ad
Add havoc_website to hedwig.
2023-05-24 15:30:46 +01:00
Jim Hague
2e40466040
Add mariadb install to hedwig.
2023-05-24 15:30:46 +01:00
Jim Hague
53c53b17e7
Copy specific files in dehydrated to avoid copying the subrepo .git.
2023-05-24 15:30:46 +01:00
Jim Hague
612c0355be
We definitely need cron installed.
2023-05-24 15:30:46 +01:00
Jim Hague
285d7a7f83
Add .gitignore
2023-05-24 15:30:46 +01:00
Jim Hague
bba4cc40c2
Replace dehydrated-mythic-dns01 with git submodule.
2023-05-24 15:30:46 +01:00
Jim Hague
1ba422580c
Add backup operations and remote access configs.
2023-05-24 15:30:46 +01:00
Jim Hague
4d13ad1145
Add firewall definitions.
2023-05-24 15:30:46 +01:00