add opensmtpd and ipv6tunnel hosts from krov

2023-11-20 06:05:25 +01:00
parent bff6854de3
commit 7d0773a636
7 changed files with 64 additions and 0 deletions
--- a/hosts/krov/ipv6tunnel12/etc/network/interfaces
+++ b/hosts/krov/ipv6tunnel12/etc/network/interfaces
@@ -0,0 +1,19 @@
+auto lo
+iface lo inet loopback
+
+auto eth0
+iface eth0 inet static
+	address 192.168.1.208/24
+	gateway 192.168.1.1
+
+auto he-ipv6
+iface he-ipv6 inet6 v4tunnel
+        address 2001:470:1f1a:1a4::2
+        netmask 64
+        endpoint 216.66.87.14
+        local 192.168.1.208
+        ttl 255
+        gateway 2001:470:1f1a:1a4::1
+
+iface eth0 inet6 dhcp
+
--- a/hosts/krov/ipv6tunnel12/lib/systemd/system/ifuptunnel.service
+++ b/hosts/krov/ipv6tunnel12/lib/systemd/system/ifuptunnel.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Auto start ipv6 tunnel
+After=network.target
+
+[Service]
+ExecStart=/usr/sbin/ifup he-ipv6
+# Remove restarts if the command is just a one-off
+Restart=on-failure
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target
+
--- a/hosts/krov/opensmtpd12/crontab
+++ b/hosts/krov/opensmtpd12/crontab
@@ -0,0 +1,3 @@
+0 2 * * * scp -r dmzkrovsshfs12:/var/shareddirs/nginx12opensmtpd12/krov.dmz.rs /etc/letsencrypt/live/
+1 2 * * * chmod 600 /etc/letsencrypt/live/krov.dmz.rs/privkey.pem
+2 2 * * * /sbin/service opensmtpd restart
--- a/hosts/krov/opensmtpd12/etc/crontab
+++ b/hosts/krov/opensmtpd12/etc/crontab
--- a/hosts/krov/opensmtpd12/etc/mailname
+++ b/hosts/krov/opensmtpd12/etc/mailname
@@ -0,0 +1 @@
+krov.dmz.rs
--- a/hosts/krov/opensmtpd12/etc/smtpd.conf
+++ b/hosts/krov/opensmtpd12/etc/smtpd.conf
@@ -0,0 +1,28 @@
+#	$OpenBSD: smtpd.conf,v 1.10 2018/05/24 11:40:17 gilles Exp $
+
+# This is the smtpd server system-wide configuration file.
+# See smtpd.conf(5) for more information.
+
+table sendcreds file:/etc/sendcreds
+table aliases file:/etc/aliases
+
+filter "dkimsign" proc-exec "filter-dkimsign -d krov.dmz.rs -s selector1 -k /etc/dkim/selector1.private"
+
+pki krov.dmz.rs cert "/etc/letsencrypt/live/krov.dmz.rs/fullchain.pem"
+pki krov.dmz.rs key "/etc/letsencrypt/live/krov.dmz.rs/privkey.pem"
+
+# To accept external mail, replace with: listen on all
+#
+listen on eth0
+listen on eth0 port 587 auth sendcreds tls-require pki "krov.dmz.rs" filter "dkimsign"
+
+#action "local" maildir alias <aliases>
+action "relay" relay
+action "backup" relay backup
+
+# Uncomment the following to accept external mail for domain "example.org"
+#
+# match from any for domain "example.org" action "local"
+#match for local action "local"
+match from any for domain dmz.rs action "backup"
+match from auth for any action "relay"
--- a/hosts/splintrs/etc/smtpd/smtpd.conf
+++ b/hosts/splintrs/etc/smtpd/smtpd.conf