kunsi/bundlewrap
1
0
Fork 0
Code Issues 2 Pull requests 1 Releases Activity

dns: deploy MTA-STS
All checks were successful
bundlewrap/pipeline/head This commit looks good
Details

Browse source
This commit is contained in:
Franzi 2020-11-11 11:41:06 +01:00
parent e0f02ef0f7
commit 11701a67c8
Signed by: kunsi
GPG key ID: 12E3D2136B818350
8 changed files with 38 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
bundles/nginx/files/site_template
View file

@ -1,5 +1,9 @@
server {
% if domain_aliases:
server_name ${domain} ${' '.join(sorted(domain_aliases))};
% else:
server_name ${domain};
% endif
root ${webroot if webroot else '/var/www/{}/'.format(vhost)};
index ${' '.join(index)};

2
bundles/nginx/metadata.py
View file

@ -48,7 +48,7 @@ def letsencrypt(metadata):
for vhost, config in metadata.get('nginx/vhosts', {}).items():
domain = config.get('domain', vhost)
domains[domain] = set()
domains[domain] = config.get('domain_aliases', set())
return {
'letsencrypt': {

2
data/powerdns/files/bind-zones/felix-kunsmann.de
View file

@ -3,5 +3,3 @@ ${header}
$ORIGIN felix-kunsmann.de.
@ IN MX 10 mx0.kunbox.net.
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"

8
data/powerdns/files/bind-zones/franzi.business
View file

@ -16,6 +16,9 @@ dimension IN AAAA 2a01:4f8:10b:2a5f::2
matrix IN A 94.130.52.224
matrix IN AAAA 2a01:4f8:10b:2a5f::2
mta-sts IN A 94.130.52.224
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
sewfile IN A 116.203.205.248
IN AAAA 2a01:4f8:c0c:c71b::1
IN TXT "v=spf1 a mx ~all"
@ -31,7 +34,8 @@ wiki IN AAAA 2a01:4f8:10b:2a5f::2
_matrix._tcp IN SRV 10 10 8448 matrix
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
_token._dnswl IN TXT "gg3mbwjx9bbuo5osvhq7oz6bc881wcmc"
_mta-sts IN TXT "v=STSv1;id=20201111;"
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
_token._dnswl IN TXT "gg3mbwjx9bbuo5osvh7oz6bc881wcmc"
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"

8
data/powerdns/files/bind-zones/kunbox.net
View file

@ -12,6 +12,8 @@ $ORIGIN kunbox.net.
; Mail servers
mx0 IN A 94.130.52.224
IN AAAA 2a01:4f8:10b:2a5f::2
mta-sts.mx0 IN CNAME mx0
mta-sts.mx0 IN CNAME mx0
postfixadmin.mx0 IN CNAME mx0
rspamd.mx0 IN CNAME mx0
webmail.mx0 IN CNAME mx0
@ -25,11 +27,11 @@ ns-3 IN A 35.228.143.71
${record}
% endfor
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
_mta-sts IN TXT "v=STSv1;id=20201111;"
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
_token._dnswl IN TXT "6akc10htbgmg56e072w0w2n0wql4oezu"
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
f2k1.de._report._dmarc IN TXT "v=DMARC1"
franzi.business._report._dmarc IN TXT "v=DMARC1"
kunsmann.eu._report._dmarc IN TXT "v=DMARC1"

8
data/powerdns/files/bind-zones/kunsmann.eu
View file

@ -16,6 +16,9 @@ git IN AAAA 2a01:4f8:10b:2a5f::2
jenkins IN A 94.130.52.224
jenkins IN AAAA 2a01:4f8:10b:2a5f::2
mta-sts IN A 94.130.52.224
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
luther-ps IN CNAME luther.htz-cloud.kunbox.net.
paste IN A 94.130.52.224
@ -24,7 +27,8 @@ paste IN AAAA 2a01:4f8:10b:2a5f::2
rss IN A 94.130.52.224
rss IN AAAA 2a01:4f8:10b:2a5f::2
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
_token._dnswl IN TXT "5mx0rv9ru8s1zz4tf4xlt48osh09czmg"
_mta-sts IN TXT "v=STSv1;id=20201111;"
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
_token._dnswl IN TXT "5mx0rv9ru8s1zz4tf4xlt48osh09czmg"
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"

7
data/powerdns/files/bind-zones/trans-agenda.eu
View file

@ -5,7 +5,14 @@ $ORIGIN trans-agenda.eu.
@ IN MX 10 mx0.kunbox.net.
IN TXT "v=spf1 a mx ~all"
mta-sts IN A 94.130.52.224
mta-sts IN AAAA 2a01:4f8:10b:2a5f::2
part.of.the IN A 94.130.52.224
part.of.the IN AAAA 2a01:4f8:10b:2a5f::2
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@kunsmann.eu; ruf=mailto:postmaster@kunsmann.eu; fo=0:d:s; adkim=r; aspf=r"
_mta-sts IN TXT "v=STSv1;id=20201111;"
_smtp._tls IN TXT "v=TLSRPTv1;rua=mailto:hostmaster@kunbox.net"
_token._dnswl IN TXT "5mx0rv9ru8s1zz4tf4xlt48osh09czmg"
2019._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg6UAcu3V98hal1UVf6yB0WT1CKDS0AK83CUlSP8bUwraPxkxK1nkQOUsmjbQs6a3FhdsKprMi32GeUaTVvZg81JIybPk3jNugfNWfSjs2TXPomYu+XD2pmmbR3cZlzC5NGR2nmBFt/P/S2ihPHj35KziiBIwK1TdvOi1M2+upCjK33Icco0ByCm0gJpD2O0cbqcBcUKqd6X440vYhNXH1ygp0e91P0iRnvS9sg6yD0xjD8kD6j/8GfxBY+9bpU3EvDoBgyJSbjw5b6PUVJbKMXzw1NIRNj0SXKs5BakjS8+7u62vR11IPCYRwy+yr0rDT0tNegM7gStIIgoTpOoQIDAQAB"

9
nodes/htz/ex42-1048908.py
View file

@ -186,6 +186,15 @@ nodes['htz.ex42-1048908'] = {
'matrix.franzi.business': {
'extras': True,
},
'mta-sts': {
'domain': 'mta-sts.mx0.kunbox.net',
'domain_aliases': {
'mta-sts.franzi.business',
'mta-sts.kunbox.net',
'mta-sts.kunsmann.eu',
'mta-sts.trans-agenda.eu',
},
},
'paste.kunsmann.eu': {
'webroot_config': {
'owner': 'kunsi',