update..
This commit is contained in:
@ -0,0 +1,49 @@
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
|
||||
NhAAAAAwEAAQAAAgEAxe0sdGCZS444N0pvLolycgXiipmRbptw/DMNlUGa1yYGDq1Qf0lQ
|
||||
1zuDeSOjTk+W78bPHOQy1f+CeHsBj+XRkmInqUZ5K0UgVFEuiAsJGH8l63phyd9bkRHzg0
|
||||
QQOFZ7JqcNEpW0NiPSKWMLGg9/yA2XoQ4GgiruA9PyyKa2YdP7vll+5Dhm/E5Jvzwbtkkm
|
||||
wM1EWjF5/1LRrFMq4nJAJhCval2Q7DWIHMDqmWj7ZDGT95gHYsf4CmlldO6FOPc8Qa6Lg/
|
||||
IEVgLP8ji78TntSQ3B9mRMV5fNYyWJVH3ymqwR7FjTRO/YVCJ5x/WE38T9QBAvjMhV8ais
|
||||
M9y5NXUMlKNUxbSU2GPvyB7F0/+ioWzourcIY+1O7mRKmiFsqOjfllS/XxYYJm0qFSBOiq
|
||||
wTOVbTna99wN2vl3jQEBo1upqjnL94jVA4qU5w0ypBAFkFlpyuWEbmicNXlAqIovxQ6dIU
|
||||
U1iKp/kVQoJDhoBIzCEQvLYkKLgl8cH7pH3Kvcw/EvFAsskGNLlkR5t7jORh05ryCRwV31
|
||||
wUl/wfj4HrEmVcCAgokv+mUlk/ug+TmwXShpM9dgO/e2MmjLDe0bSZ+jgYT0axn6kCwiDO
|
||||
5acSRwKEJk0jIrkKf04xy3nYwJtxb8RE9mb6j1oPULb0syKM9iTnSsrGRxoGwXQu6ugrLL
|
||||
8AAAdApTZfwqU2X8IAAAAHc3NoLXJzYQAAAgEAxe0sdGCZS444N0pvLolycgXiipmRbptw
|
||||
/DMNlUGa1yYGDq1Qf0lQ1zuDeSOjTk+W78bPHOQy1f+CeHsBj+XRkmInqUZ5K0UgVFEuiA
|
||||
sJGH8l63phyd9bkRHzg0QQOFZ7JqcNEpW0NiPSKWMLGg9/yA2XoQ4GgiruA9PyyKa2YdP7
|
||||
vll+5Dhm/E5JvzwbtkkmwM1EWjF5/1LRrFMq4nJAJhCval2Q7DWIHMDqmWj7ZDGT95gHYs
|
||||
f4CmlldO6FOPc8Qa6Lg/IEVgLP8ji78TntSQ3B9mRMV5fNYyWJVH3ymqwR7FjTRO/YVCJ5
|
||||
x/WE38T9QBAvjMhV8aisM9y5NXUMlKNUxbSU2GPvyB7F0/+ioWzourcIY+1O7mRKmiFsqO
|
||||
jfllS/XxYYJm0qFSBOiqwTOVbTna99wN2vl3jQEBo1upqjnL94jVA4qU5w0ypBAFkFlpyu
|
||||
WEbmicNXlAqIovxQ6dIUU1iKp/kVQoJDhoBIzCEQvLYkKLgl8cH7pH3Kvcw/EvFAsskGNL
|
||||
lkR5t7jORh05ryCRwV31wUl/wfj4HrEmVcCAgokv+mUlk/ug+TmwXShpM9dgO/e2MmjLDe
|
||||
0bSZ+jgYT0axn6kCwiDO5acSRwKEJk0jIrkKf04xy3nYwJtxb8RE9mb6j1oPULb0syKM9i
|
||||
TnSsrGRxoGwXQu6ugrLL8AAAADAQABAAACAChfUIoMijhXMjBVBoi/kJChkqwi1v9wxYMs
|
||||
BsFDOIpaPzIPODQ+iDbe9Npo4o6+vVL7gpOqGJR+IebhcFgh0LXDP8PPlDe3Sfjo9kzZs2
|
||||
lDxkBaHkhHPy5AMyO7ZnOXcFdaC9iWoMPKWrwGb+VI9A+idiNr8PfsOdCeEw/KsbkSvG7/
|
||||
Ylq7BobAkVposF5mXXlGZYLgRLpH8mzsKfs2ws8A6EcR/tWvtavnzfKs71poon4GjLshfv
|
||||
7gsMlBPft4stnS+LJZU3kX6cLGv89cuYIFRGM14jybwlFO/sw1RJ84Kg/DrpSJN98xiRW4
|
||||
hvn9/IpswsY8twssFLQfecflsELlfkzVNE1YR1d2rHdBEHKSa0piNvaUgPuIP9oggDkE/m
|
||||
pF4Oz/aW71fHLWQVxf3qlCnYfshf86XqJTZvJ8N7edF4XZ+UiOWPl5c8vXBJDFLrydenWF
|
||||
9z4IExHZafmYygnbLdEP4cFq8fPsb7zbhNr8aLOLfIyLj30brvIE9/gc7VnME0PdK3n2FO
|
||||
u4GDTYSE0UNpjctw5Fg4+89Yv1xD/onLIA43scw3l3NhCtLI5QHnsO8cckga6/wcdfOG2f
|
||||
V8kMzICZt3IFnR4EgDlavLMx+FthyYKDE4JYOKM2Qy6xGRg9p6kFyb7SQEFy91JgCN5tpJ
|
||||
V5ezfJF7bgTW8tuQpBAAABABSvsV4UpatmjpicZChtXMQHuDob/ZUcVwJ3emORxD5vfKd8
|
||||
zuySbJxlJBIIUVT2ako8AmUYQBjIU+vPI18CHdhDhL4rDmeletC6Sl1KB089dc2qavIvtC
|
||||
N0E5+iozCXHGirr79t3UTVGBMGr5UYG9y5nfa7WWY38UqVc63TK2EVT0wrNxgS9hUtZWbk
|
||||
LsEiIAUEp/8N5wKKv4+uVfzSfg0sEy/JGNU0KNcxFUZNolSEeieQUdmopALD04f/YOdhO5
|
||||
mV5oS3lDUC8cnbefQmoK/kszfgOb/qMC76RqLa7IUm91IZbKfA78x81gjSsuiqfPXsE9El
|
||||
GxqXrnggbHarFG4AAAEBAOwpW++DbYcI3AJn44o3sH6bGVVsNbAualMxFz0XYwdnoD7UUG
|
||||
aOhlRFWZXqOQEbvt1LOp4SYyT50puwdvg0as6+78FnlwVXVaHKjP0Igh2e8Ls5YYpp8jas
|
||||
FDcZa0F5JiAFPamxY+ypvaD/Fmc3ha7JBGOGkV67qktOO+Dtd2NSKB6EIt8ShKbjZA6U2i
|
||||
UAQCp2AC+f3CDL+3vN/Gj4oBI2ysYl3QVG/nuBT8Lxdf+JabEYwPBMlOqYVfjYQj0FL6Ht
|
||||
/+MCeVyaeww+a0/i+W5RqqBn1ptOw1YlamsOvLG2Z0FL6s2/uTE9+dYfQXto6j6vkAGrIr
|
||||
yugIYwC0abzxsAAAEBANaNkiXeqKssyYZ14OEfzXyD7M3l2vvfGRvCS0XgqEodvVGbB/A4
|
||||
AAWtkuPvOPqSzaOIfdbIcN1dvccJuxU/SPanL33aX7PLROuq7ApIbhzFI5QblvoivUAMST
|
||||
ND9QjAu8hHiO9K6qRU3evEpJVvN2iOznTuU/A91n5ChJLeQAjqpMhgB45ZlWKmPE+y0kw6
|
||||
aCZq7qmqqCRr5nzY1YYFy2UilbOUyeO5wCDa6bN8FXYvKTBWOmTvsoILPjTjiaZbfITmfd
|
||||
f2n4mNITViGU6kirtZSzjRRqqQRj0Vz9f5Qn2TBZ/uCkTDQEBtr/rdAHL9eBaSXYXWVIpl
|
||||
RsBCSs/Sny0AAAAHcm9vdEBteAECAwQ=
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
@ -0,0 +1 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDF7Sx0YJlLjjg3Sm8uiXJyBeKKmZFum3D8Mw2VQZrXJgYOrVB/SVDXO4N5I6NOT5bvxs8c5DLV/4J4ewGP5dGSYiepRnkrRSBUUS6ICwkYfyXremHJ31uREfODRBA4Vnsmpw0SlbQ2I9IpYwsaD3/IDZehDgaCKu4D0/LIprZh0/u+WX7kOGb8Tkm/PBu2SSbAzURaMXn/UtGsUyrickAmEK9qXZDsNYgcwOqZaPtkMZP3mAdix/gKaWV07oU49zxBrouD8gRWAs/yOLvxOe1JDcH2ZExXl81jJYlUffKarBHsWNNE79hUInnH9YTfxP1AEC+MyFXxqKwz3Lk1dQyUo1TFtJTYY+/IHsXT/6KhbOi6twhj7U7uZEqaIWyo6N+WVL9fFhgmbSoVIE6KrBM5VtOdr33A3a+XeNAQGjW6mqOcv3iNUDipTnDTKkEAWQWWnK5YRuaJw1eUCoii/FDp0hRTWIqn+RVCgkOGgEjMIRC8tiQouCXxwfukfcq9zD8S8UCyyQY0uWRHm3uM5GHTmvIJHBXfXBSX/B+PgesSZVwICCiS/6ZSWT+6D5ObBdKGkz12A797YyaMsN7RtJn6OBhPRrGfqQLCIM7lpxJHAoQmTSMiuQp/TjHLedjAm3FvxET2ZvqPWg9QtvSzIoz2JOdKysZHGgbBdC7q6Cssvw== root@ga-st-mail-dehydrated
|
||||
@ -0,0 +1,49 @@
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
|
||||
NhAAAAAwEAAQAAAgEAr9qw2oQHkAUfTXEJBxuVR2zDRpTsxyT24eVd+KIJaALVtFVTu8Z3
|
||||
rNwJN0P3jNLRWxTBuDEbYtTN1J9Bic01fR9m6jdNk5lKeTJw1Q3BzXxuC+4aix9ircJ4in
|
||||
geNSCiHiVHYaSsXRRajPGe/F5+RAEjuRbt95UHB/kU25qGIpBK9Vq0m0Ad8HKrV0vpTb3s
|
||||
hVJSQ/VydDC82pwXj0IfW6HPdwnzmt8hU2/dIK3weUI56S+9euzKUh+jqvw1YeTXJzM76G
|
||||
I2X/YLDEx7jgFMlChnlHYNivPYBY5Aatq90t6LiqQ0MT0kVx7jQwUnhyRB8vAz+qznftKm
|
||||
VTmjxL90IvwUTzvS1nHNmlIPMnSO8NaDHf0k2iueD2lCSe7l1d2U0LMRss4sGZcfhqtDzQ
|
||||
DIyhXWFwHLhj55WMQxoVXCSRJRLruwyUKqVn86H6L9lRJ4kEPBJJJ6cXeTBWJGtDT9N/Ja
|
||||
SGcjM8tdwxSeilHIW0xn85B3MCphV/t72RRAaqua2VjrmN9N6nuYD+3iobAVf4ruOzXtTr
|
||||
U0tjdEBT0xJbIZNwi22Snq0KPly8aN2deXEQ8Q7IJHQB7WNT4jI13l/GWocFwtr7NWXwaD
|
||||
eJCtoiB9RraK+EBvoO3IYymvpGQyqhXeMtBGc3kdCI2AslrdpjXd4TGxIwbWae+Xa2JkZa
|
||||
kAAAdAgUVtA4FFbQMAAAAHc3NoLXJzYQAAAgEAr9qw2oQHkAUfTXEJBxuVR2zDRpTsxyT2
|
||||
4eVd+KIJaALVtFVTu8Z3rNwJN0P3jNLRWxTBuDEbYtTN1J9Bic01fR9m6jdNk5lKeTJw1Q
|
||||
3BzXxuC+4aix9ircJ4ingeNSCiHiVHYaSsXRRajPGe/F5+RAEjuRbt95UHB/kU25qGIpBK
|
||||
9Vq0m0Ad8HKrV0vpTb3shVJSQ/VydDC82pwXj0IfW6HPdwnzmt8hU2/dIK3weUI56S+9eu
|
||||
zKUh+jqvw1YeTXJzM76GI2X/YLDEx7jgFMlChnlHYNivPYBY5Aatq90t6LiqQ0MT0kVx7j
|
||||
QwUnhyRB8vAz+qznftKmVTmjxL90IvwUTzvS1nHNmlIPMnSO8NaDHf0k2iueD2lCSe7l1d
|
||||
2U0LMRss4sGZcfhqtDzQDIyhXWFwHLhj55WMQxoVXCSRJRLruwyUKqVn86H6L9lRJ4kEPB
|
||||
JJJ6cXeTBWJGtDT9N/JaSGcjM8tdwxSeilHIW0xn85B3MCphV/t72RRAaqua2VjrmN9N6n
|
||||
uYD+3iobAVf4ruOzXtTrU0tjdEBT0xJbIZNwi22Snq0KPly8aN2deXEQ8Q7IJHQB7WNT4j
|
||||
I13l/GWocFwtr7NWXwaDeJCtoiB9RraK+EBvoO3IYymvpGQyqhXeMtBGc3kdCI2Aslrdpj
|
||||
Xd4TGxIwbWae+Xa2JkZakAAAADAQABAAACABJKDFqtoJu57KeBOg8jL0NebHDKzFVp4sNb
|
||||
t4pET/YhVViMB0lgOtIfkFXPG8/pnRx77Cnb8Z01xLJ4XbiXPxjkSy/Q0KCpMLWqKVH/PE
|
||||
jCyC81dE1D1l97+k1scLfVzQaVmfbtyX9kvoYqGv7kVP19oNl/KQC23yRVI3Yze//cQe+C
|
||||
n4YGBRcc1fUeUAVl21OCXEv1GxI6f2m9EjY0Ck7dZVZcEpno2u5yk+zyKjByUtONw4clWW
|
||||
VxJPSDhonH4xiQm4pvrHgOfteonLEIMY63JQ6ruHzbH3x0bv6uAVANFTY2HbeBRGZLMBeo
|
||||
UZQckT9S/BT2Jp1qCyKR/BZaUxmkLOAfJl2rW5IfOOOtKEE/q0DVRidfDf2A2ihmsfbCqR
|
||||
hbhOmf7IbqC4XTGm6W9U3pNyu8Oz4QxRyhwlTWTa3hqvF/xJo6C82yy3p4HYRTX5VfZNbN
|
||||
iQ7CM/UY0ee69br80MPPdxLetmGX9VvR6g1lsRK8/447DiOD9TZtAXMAiCOf3FUyhwRmRP
|
||||
qUdGOXHjXsBAjDMWA0OwwdiGFI7dk5zdyQNTpRsM38cctGeBixPs9SOrTKr10zSaf9NzX4
|
||||
srsXnoAdm2LHQIa0Awfd1TJydFjC6KIGgtZgXy4UDpPE6RzlDnkY8DO/pLLhXMAgtts+G/
|
||||
ZiaRBKY65VYOHKqVoBAAABAHsbFe8LTyYnDhzgKrlLbeGDySEHTeBbVpKbIUhDjkqoyHvc
|
||||
HzEt7b2idhJtjXsEIcMUO+0ut1A2toY/JHkHOKnyXPpqv1NxXR/4ru6rAXrOGB/LQCUtcl
|
||||
5Q4StZvvOtcKbt8b0kvvvBMmkFGEtJr5ybDy6K5CFyyROGlUTpXPfjZjuv6YuzqCsLYXXM
|
||||
o4cWK1ZUQ7Yf1YovZr3zk6VMzd4gHHQzyTVP5iNflSB3k+AQZClLy771bw2caPFgdpu87a
|
||||
kAvhtW+anGLkFxSCZFRMkv9rXl8tB2ZPKWqQb8jEzAfH0CC7sDkddLE2l45RapGMUtsJ1V
|
||||
fF8pGpFiHX7FABoAAAEBAN9JT4Tc29Wc5lDVZEqz8IYT+/eRVBAlALmt7jTVwclY+KSZ5g
|
||||
i+QONIWj+Js+1Z84bzOzcQ6pZIFAZ57+5qkFeUpfVJB+UL7bLqNF2GeBAvtZ+GgguBK5uN
|
||||
H+uXrnyeEWn8ppcHebA5vi/GxzCebZ29VnUbh/nHn0WmMvOBAFYqtjGNxo1diYyp8vS0k+
|
||||
pmhZA5xtgGKzGGwrlAJrWLPzAieFPkNJsDMcY03RkU9u0XI3SkrtlmRqaykSzJpIAtDuT/
|
||||
D7gyjrNBH6a8qv57LxaUyeWEBOtlC7C4mtTrWcu/+zS8dkh7Y4ZaNR83Zx24DRzAfbuA/R
|
||||
04eb6Jd55ATr0AAAEBAMmeXjYdwqh2gbizFgyP8ZgTxXUWp5B0YQ7XUOC8CuQqAL8/HlE3
|
||||
gVHLwrUIKAwTUADfqvzyG86IgJOw1byU3DWY9b5dKfrWm1RhcvLWMgIjRHH3sqnVWxIBam
|
||||
RkfDkRZ/B8236SoAxe5k7yqZ3wQ6BNJstY1Nya+iJG1h6mLPasEzqZH+JOd0Uc9Fsr8uYR
|
||||
CmvojolkAaa2We44y9oCXTTHCBfpFUZf0gySmG7ZEXA6MqwTCcbFCP599YmRQ2BmdO0SQF
|
||||
YHIhpmc3xBjKMiNqhNBii2PUejVp7OVqHQBCeWq/GH9yTj00JeX9KoL7DdoyCoCWHG4eB0
|
||||
JVW9wg49J10AAAAHcm9vdEBteAECAwQ=
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
@ -0,0 +1 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCv2rDahAeQBR9NcQkHG5VHbMNGlOzHJPbh5V34ogloAtW0VVO7xnes3Ak3Q/eM0tFbFMG4MRti1M3Un0GJzTV9H2bqN02TmUp5MnDVDcHNfG4L7hqLH2KtwniKeB41IKIeJUdhpKxdFFqM8Z78Xn5EASO5Fu33lQcH+RTbmoYikEr1WrSbQB3wcqtXS+lNveyFUlJD9XJ0MLzanBePQh9boc93CfOa3yFTb90grfB5QjnpL7167MpSH6Oq/DVh5NcnMzvoYjZf9gsMTHuOAUyUKGeUdg2K89gFjkBq2r3S3ouKpDQxPSRXHuNDBSeHJEHy8DP6rOd+0qZVOaPEv3Qi/BRPO9LWcc2aUg8ydI7w1oMd/STaK54PaUJJ7uXV3ZTQsxGyziwZlx+Gq0PNAMjKFdYXAcuGPnlYxDGhVcJJElEuu7DJQqpWfzofov2VEniQQ8Ekknpxd5MFYka0NP038lpIZyMzy13DFJ6KUchbTGfzkHcwKmFX+3vZFEBqq5rZWOuY303qe5gP7eKhsBV/iu47Ne1OtTS2N0QFPTElshk3CLbZKerQo+XLxo3Z15cRDxDsgkdAHtY1PiMjXeX8ZahwXC2vs1ZfBoN4kK2iIH1Gtor4QG+g7chjKa+kZDKqFd4y0EZzeR0IjYCyWt2mNd3hMbEjBtZp75drYmRlqQ== root@ga-st-mail-opendkim
|
||||
@ -0,0 +1,135 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
#---------------------------------------
|
||||
#-----------------------------
|
||||
# Settings for script check_cert_for_dovecot.sh
|
||||
#-----------------------------
|
||||
#---------------------------------------
|
||||
|
||||
# - service_domain
|
||||
# -
|
||||
# - The main domain for which the certificate was issued
|
||||
# -
|
||||
# - Example:
|
||||
# - service_domain="a.mx.oopen.de"
|
||||
# - service_domain="mail.cadus.org"
|
||||
# - service_domain="mx.warenform.de"
|
||||
# -
|
||||
#service_domain=""
|
||||
service_domain="mx.gemeinschaft-altenschlirf.de"
|
||||
|
||||
|
||||
# - service_name
|
||||
# -
|
||||
# - Name of service.
|
||||
# -
|
||||
# - Note: this var will also be used to determin systemd service file
|
||||
# - or sysVinit script.
|
||||
# -
|
||||
# - Example:
|
||||
# - service_name="Mumble"
|
||||
# - service_name="Prosody"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - service_name="Dovecot"
|
||||
# -
|
||||
#service_name=""
|
||||
|
||||
|
||||
# - check_string_ps
|
||||
# -
|
||||
# - String wich (clearly) identifies the service at the process list (ps)
|
||||
# -
|
||||
# - Example:
|
||||
# - check_string_ps="[[:digit:]]\ /usr/sbin/murmurd"
|
||||
# - check_string_ps=""
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - check_string_ps="[[:digit:]]\ /usr/local/dovecot-[[:digit:]]{1,2}\.[[:digit:]]{1,2}\.[[:digit:]]{1,2}(\.[[:digit:]]{1,2})?/sbin/dovecot"
|
||||
# -
|
||||
#check_string_ps=""
|
||||
|
||||
|
||||
# - service_user
|
||||
# -
|
||||
# - User under which the service is running.
|
||||
# -
|
||||
# - Example:
|
||||
# - service_user="mumble-server"
|
||||
# - service_user="prosody"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - service_user="prosody"
|
||||
# -
|
||||
#service_user=""
|
||||
|
||||
|
||||
# - service_group
|
||||
# -
|
||||
# - Group under which the service is running.
|
||||
# -
|
||||
# - Example:
|
||||
# - service_group="mumble-server"
|
||||
# - service_group="prosody"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - service_group="prosody"
|
||||
# -
|
||||
#service_group=""
|
||||
|
||||
|
||||
# - cert_installed
|
||||
# -
|
||||
# - Locataion of certificate read by service
|
||||
# -
|
||||
# - Example:
|
||||
# - cert_installed="/var/lib/mumble-server/fullchain.pem"
|
||||
# - cert_installed="/var/lib/dehydrated/certs/jabber.so36.net/fullchain.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /etc/dovecot/ssl/mailserver.crt
|
||||
# -
|
||||
#cert_installed=""
|
||||
|
||||
|
||||
# - key_installed
|
||||
# -
|
||||
# - Location of the key read by service
|
||||
# -
|
||||
# - Example:
|
||||
# - key_installed="/var/lib/mumble-server/privkey.pem"
|
||||
# - key_installed="/etc/prosody/certs/privkey_jabber.so36.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /etc/dovecot/ssl/mailserver.key
|
||||
# -
|
||||
#key_installed=""
|
||||
|
||||
|
||||
# - cert_newest
|
||||
# -
|
||||
# - Location of the newest certificate.
|
||||
# -
|
||||
# - Example:
|
||||
# - cert_newest="/var/lib/dehydrated/certs/il-mumble.oopen.de/fullchain.pem"
|
||||
# - cert_newest="/var/lib/dehydrated/certs/jabber.so36.net/fullchain.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /var/lib/dehydrated/certs/${service_domain}/fullchain.pem
|
||||
# -
|
||||
#cert_newest=""
|
||||
|
||||
|
||||
# - key_newest
|
||||
# -
|
||||
# - Location of the newest Key
|
||||
# -
|
||||
# - Example:
|
||||
# - key_newest="/var/lib/dehydrated/certs/il-mumble.oopen.de/privkey.pem"
|
||||
# - key_newest="/var/lib/dehydrated/certs/jabber.so36.net/privkey.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /var/lib/dehydrated/certs/${service_domain}/privkey.pem
|
||||
# -
|
||||
#key_newest=""
|
||||
|
||||
@ -0,0 +1,178 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
#---------------------------------------
|
||||
#-----------------------------
|
||||
# Settings
|
||||
#-----------------------------
|
||||
#---------------------------------------
|
||||
|
||||
|
||||
# ---
|
||||
# - LOGGING
|
||||
# -
|
||||
# - This Parameter is now obsolete. If script is running in a terminal, then output ist verbose,
|
||||
# - the output will be verbos. If running as cronjob, output will only be written, if warnings or
|
||||
# - errors occurs.
|
||||
# ---
|
||||
|
||||
|
||||
# - What to check
|
||||
# -
|
||||
check_load=true
|
||||
check_mysql=false
|
||||
|
||||
# - PostgreSQL
|
||||
# -
|
||||
# - NOT useful, if more than one PostgreSQL instances are running!
|
||||
# -
|
||||
check_postgresql=true
|
||||
|
||||
check_apache=true
|
||||
check_nginx=false
|
||||
check_php_fpm=true
|
||||
check_redis=false
|
||||
check_website=false
|
||||
|
||||
# - If service is not listen on 127.0.0.1/loclhost, curl check must
|
||||
# - be ommited
|
||||
# -
|
||||
# - Defaults to: ommit_curl_check_nginx=false
|
||||
# -
|
||||
#ommit_curl_check_nginx=false
|
||||
|
||||
# - Is this a vserver guest machine?
|
||||
# -
|
||||
# - Not VSerber guest host does not support systemd!
|
||||
# -
|
||||
# - defaults to: vserver_guest=false
|
||||
# -
|
||||
#vserver_guest=false
|
||||
|
||||
|
||||
# - Additional Settings for check_mysql
|
||||
# -
|
||||
# - MySQL / MariaDB credentials
|
||||
# -
|
||||
# - Giving password on command line is insecure an sind mysql 5.5
|
||||
# - you will get a warning doing so.
|
||||
# -
|
||||
# - Reading username/password fro file ist also possible, using MySQL/MariaDB
|
||||
# - commandline parameter '--defaults-file'.
|
||||
# -
|
||||
# - Since Mysql Version 5.6, you can read username/password from
|
||||
# - encrypted file.
|
||||
# -
|
||||
# - Create (encrypted) option file:
|
||||
# - $ mysql_config_editor set --login-path=local --socket=/tmp/mysql.sock --user=root --password
|
||||
# - $ Password:
|
||||
# -
|
||||
# - Use of option file:
|
||||
# - $ mysql --login-path=local ...
|
||||
# -
|
||||
# - Example
|
||||
# - mysql_credential_args="--login-path=local"
|
||||
# - mysql_credential_args="--defaults-file=/etc/mysql/debian.cnf" (Debian default)
|
||||
# - mysql_credential_args="--defaults-file=/usr/local/mysql/sys-maint.cnf"
|
||||
# -
|
||||
mysql_credential_args=""
|
||||
|
||||
|
||||
# - Additional Settings for check_php_fpm
|
||||
# -
|
||||
# - On Linux Vserver System set
|
||||
# - curl_check_host=localhost
|
||||
# -
|
||||
# - On LX-Container set
|
||||
# - curl_check_host=127.0.0.1
|
||||
# -
|
||||
curl_check_host=127.0.0.1
|
||||
|
||||
# - Which PHP versions should be supported by this script. If more than one,
|
||||
# - give a blank separated list
|
||||
# -
|
||||
# - Example:
|
||||
# - php_versions="5.4 5.6 7.0 7.1"
|
||||
# -
|
||||
php_versions="7.4"
|
||||
|
||||
# - If PHP-FPM's ping.path setting does not match ping-$php_major_version,
|
||||
# - set the value given in your ping.path setting here. Give ping_path also
|
||||
# - the concerning php_version in form
|
||||
# - <php-version>:<ping-path>
|
||||
# -
|
||||
# - Multiple settings are possible, give a blank separated list.
|
||||
# -
|
||||
# - Example:
|
||||
# -
|
||||
# - ping_path="5.4:ping-site36_net 5.6:ping-oopen_de"
|
||||
# -
|
||||
ping_path=""
|
||||
|
||||
|
||||
# - Additional Settings for check_website - checking (expected) website response
|
||||
# -
|
||||
# - example:
|
||||
# - is_working_url="https://www.outoflineshop.de/"
|
||||
# - check_string='ool-account-links'
|
||||
# - include_cleanup_function=true
|
||||
# - extra_alert_address="ilker@so36.net"
|
||||
# - cleanup_function='
|
||||
# - rm -rf /var/www/www.outoflineshop.de/htdocs/var/cache/*
|
||||
# - rm -rf /var/www/www.outoflineshop.de/htdocs/var/session/*
|
||||
# - /usr/local/bin/redis-cli flushall > /dev/null 2>&1
|
||||
# - if [[ "$?" = "0" ]]; then
|
||||
# - ok "I have cleaned up directory \"/var/www/www.outoflineshop.de/htdocs/var/cache/\""
|
||||
# - else
|
||||
# - error "Cleaning up directory \"/var/www/www.outoflineshop.de/htdocs/var/cache/\" failed!"
|
||||
# - fi
|
||||
# - /etc/init.d/redis_6379 restart
|
||||
# - if [[ "$?" = "0" ]]; then
|
||||
# - ok "I restarted the redis service"
|
||||
# - echo -e "\t[ Ok ]: I restarted the redis service" >> $LOCK_DIR/extra_msg.txt
|
||||
# - else
|
||||
# - error "Restarting the redis server failed!"
|
||||
# - echo -e "\t[ Error ]: Restarting the redis server failed!" >> $LOCK_DIR/extra_msg.txt
|
||||
# - fi
|
||||
# - '
|
||||
# -
|
||||
is_working_url=''
|
||||
|
||||
check_string=''
|
||||
|
||||
include_cleanup_function=true
|
||||
|
||||
# - An extra e-mail address, which will be informed, if the given check URL
|
||||
# - does not response as expected (check_string) AFTER script checking, restarting
|
||||
# - servervices (webserver, php-fpm) and cleaning up (cleanup_function) was done.
|
||||
# -
|
||||
extra_alert_address=''
|
||||
|
||||
# - php_version_of_working_url
|
||||
# -
|
||||
# - If given website (is_working_url) does not response as expected, this PHP FPM
|
||||
# - engines will be restarted.
|
||||
# -
|
||||
# - Type "None" if site does not support php
|
||||
# -
|
||||
# - If php_version_of_working_url is not set, PHP FPM processes of ALL versions (php_versions)
|
||||
# - will be restarted
|
||||
# -
|
||||
php_version_of_working_url=''
|
||||
|
||||
# - Notice:
|
||||
# - If single qoutes "'" not needed inside cleanup function, then use single quotes
|
||||
# - to enclose variable "cleanup_function". Then you don't have do masquerade any
|
||||
# - sign inside.
|
||||
# -
|
||||
# - Otherwise use double quotes and masq any sign to prevent bash from interpreting.
|
||||
# -
|
||||
cleanup_function='
|
||||
'
|
||||
|
||||
|
||||
# - E-Mail settings for sending script messages
|
||||
# -
|
||||
from_address="root@`hostname -f`"
|
||||
content_type='Content-Type: text/plain;\n charset="utf-8"'
|
||||
to_addresses="root"
|
||||
|
||||
@ -0,0 +1,176 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# - Parameter Settings for script 'create_opendkim_key.sh'.
|
||||
# ---------------------------------------------------------
|
||||
|
||||
|
||||
# ----------
|
||||
# DNS Server
|
||||
# ----------
|
||||
|
||||
# - dns_dkim_zone_master_server
|
||||
# -
|
||||
# - The DNS Server who is serving the update zone and is used
|
||||
# - for the dynamic updates (nsupdate)
|
||||
# -
|
||||
#dns_dkim_zone_master_server=""
|
||||
dns_dkim_zone_master_server="b.ns.oopen.de"
|
||||
|
||||
# - update_dns
|
||||
# -
|
||||
# - Possible Values are 'true' or 'false'
|
||||
# -
|
||||
#update_dns=""
|
||||
|
||||
# - update_zone
|
||||
# -
|
||||
# - Zone containing the DKIM TXT record.
|
||||
# -
|
||||
# - Defaults to '_domainkey.<dkim_domaini>'
|
||||
# -
|
||||
# - Note:
|
||||
# - do NOT change/set this option unless you know what you do.
|
||||
# -
|
||||
#update_zone=""
|
||||
|
||||
# - TTL
|
||||
# -
|
||||
# - TTL for the DKIM TXT Record.
|
||||
# -
|
||||
# - Defaults to "" if update_dns=false
|
||||
# - Defaults to "43200" if update_dns=true
|
||||
#
|
||||
#TTL=""
|
||||
|
||||
|
||||
# ----------
|
||||
# TSIG Key
|
||||
# ----------
|
||||
|
||||
# - key_secret
|
||||
# -
|
||||
# - Sectret Key used by 'nsupdate' to create/update the
|
||||
# - DKIM TXT record.
|
||||
# -
|
||||
# - Example:
|
||||
# - key_secret="EtvvMdW0PXD4GMHP+onuHZ0dT/Z8OSJGlce/xH10OwI="
|
||||
# -
|
||||
#key_secret=""
|
||||
key_secret="4woPu0jqf9Jp1IX+gduJ3BVW/1ZMeyCPTQMqEsMXLFw="
|
||||
|
||||
# - key_algo
|
||||
# -
|
||||
# - The key algorithm used for key creation. Available choices are: hmac-md5,
|
||||
# - hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384 and hmac-sha512. The
|
||||
# - default is hmac-sha256. Options are case-insensitive.
|
||||
# -
|
||||
# - Example:
|
||||
# - key_algo="hmac-md5"
|
||||
# -
|
||||
# - Defaults to 'hmac-sha256'
|
||||
# -
|
||||
#key_algo="hmac-sha256"
|
||||
key_algo="hmac-sha256"
|
||||
|
||||
# - key_name
|
||||
# -
|
||||
# - Name of the Key
|
||||
# -
|
||||
# - Defaults to "$update_zone"
|
||||
# -
|
||||
#key_name=
|
||||
key_name="update-dkim"
|
||||
|
||||
|
||||
# ----------
|
||||
# Access Credentials DNS Server
|
||||
# ----------
|
||||
|
||||
# - dns_ssh_user
|
||||
# -
|
||||
# - Defaults to 'manage-bind'
|
||||
# -
|
||||
#dns_ssh_user="manage-bind"
|
||||
|
||||
# - dns_ssh_port
|
||||
# -
|
||||
# - Defaults to '22'
|
||||
# -
|
||||
#dns_ssh_port=22
|
||||
|
||||
# - dns_ssh_key
|
||||
# -
|
||||
# - Defaults to '/root/.ssh/id_rsa-opendkim'
|
||||
# -
|
||||
#dns_ssh_key="/root/.ssh/id_rsa-opendkim"
|
||||
|
||||
|
||||
# ----------
|
||||
# Scripts envoked at DNS Server
|
||||
# ----------
|
||||
|
||||
# - set_new_serial_script
|
||||
# -
|
||||
# - Script increases the serial for a given domain or a given
|
||||
# - hostname's concerning domain.
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_set_new_serial.sh'
|
||||
# -
|
||||
#set_new_serial_script="/root/bin/bind/bind_set_new_serial.sh"
|
||||
|
||||
# - create_dkim_delegation_script
|
||||
# -
|
||||
# - Script adds DKIM subdomain delegation for a given domain
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_create_dkim_delegation.sh'
|
||||
# -
|
||||
#create_dkim_delegation_script="/root/bin/bind/bind_create_dkim_delegation.sh"
|
||||
|
||||
# - add_dkim_zone_master_script
|
||||
# -
|
||||
# - Script adds zone _domainkey.<dkim domain> as master zone
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_add_dkim_zone_master.sh'
|
||||
# -
|
||||
#add_dkim_zone_master_script="/root/bin/bind/bind_add_dkim_zone_master.sh"
|
||||
|
||||
# - add_dkim_zone_slave_script
|
||||
# -
|
||||
# - Script adds zone _domainkey.<dkim domain> as slave zone
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_add_dkim_zone_slave.sh'
|
||||
# -
|
||||
#add_dkim_zone_slave_script="/root/bin/bind/bind_add_dkim_zone_slave.sh"
|
||||
|
||||
|
||||
|
||||
# ----------
|
||||
# OpenDKIM Installation
|
||||
# ----------
|
||||
|
||||
# - opendkim_dir
|
||||
# -
|
||||
# - OpenDKIM's etc-directory
|
||||
# -
|
||||
# - Defaults to opendkim_dir="/etc/opendkim"
|
||||
# -
|
||||
#opendkim_dir="/etc/opendkim"
|
||||
|
||||
# - key_base_dir
|
||||
# -
|
||||
# - Defaults to "${opendkim_dir}/keys"
|
||||
# -
|
||||
#key_base_dir=${opendkim_dir}/keys
|
||||
|
||||
# - signing_table_file
|
||||
# -
|
||||
# - Defaults to "${opendkim_dir}/signing.table"
|
||||
# -
|
||||
#signing_table_file="${opendkim_dir}/signing.table"
|
||||
|
||||
# - key_table_file
|
||||
# -
|
||||
# - Defaults to "${opendkim_dir}/key.table"
|
||||
# -
|
||||
#key_table_file="${opendkim_dir}/key.table"
|
||||
@ -0,0 +1,86 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ----------------------------------------------------
|
||||
# ---
|
||||
# - Parameter Settings for script 'postfix_add_mailboxes.sh'.
|
||||
# ---
|
||||
# ----------------------------------------------------
|
||||
|
||||
# - dovecot_enc_method
|
||||
# -
|
||||
# - The (dovecot) password scheme which should be used to generate the hashed
|
||||
# - passwords of EXISTING users.
|
||||
# -
|
||||
# - Possible values are:
|
||||
# -
|
||||
# - See output of 'doveadm pw -l'
|
||||
# -
|
||||
# - DEFAULTS to: dovecot_enc_method="SHA512-CRYPT"
|
||||
# -
|
||||
#dovecot_enc_method="SHA512-CRYPT"
|
||||
|
||||
# - in_file
|
||||
# -
|
||||
# - The file from wich the script reads the e-mail-address/password
|
||||
# - kombination(s). Each line in this file must only contain
|
||||
# - <emal-address> <password>
|
||||
# -
|
||||
# - Defaults to: in_file="${conf_dir}/mailboxes_new.lst"
|
||||
# -
|
||||
#in_file="${conf_dir}/mailboxes_new.lst"
|
||||
|
||||
# - db_type
|
||||
# -
|
||||
# - Type of Postfix Database
|
||||
# -
|
||||
# - Possible values are 'pgsql' (PostgeSQL) or 'mysql' (MySQL)
|
||||
# -
|
||||
# - Defaults to: db_type="pgsql"
|
||||
# -
|
||||
#db_type="pgsql"
|
||||
|
||||
# - db_name
|
||||
# -
|
||||
# - Database name for the postfix database
|
||||
# -
|
||||
# - Defaults to: db_name="postfix"
|
||||
# -
|
||||
#db_name="postfix"
|
||||
|
||||
# - db_name
|
||||
# -
|
||||
# - Database name for the postfix database
|
||||
# -
|
||||
# - Defaults to: db_name="postfix"
|
||||
# -
|
||||
#db_name="postfix"
|
||||
|
||||
# - mysql_credential_args (root access to MySQL Database)
|
||||
# -
|
||||
# - Example
|
||||
# - mysql_credential_args="--login-path=local"
|
||||
# - mysql_credential_args="--defaults-file=/etc/mysql/debian.cnf" (Debian default)
|
||||
# - mysql_credential_args="--defaults-file=/usr/local/mysql/sys-maint.cnf"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - '--defaults-file=/etc/mysql/debian.cnf' if MySQL is installed from debian package system
|
||||
# - '--defaults-file=/usr/local/mysql/sys-maint.cnf' otherwise
|
||||
# -
|
||||
#mysql_credential_args=""
|
||||
|
||||
# - quota
|
||||
# -
|
||||
# - The quota setting for the new mailboxes.
|
||||
# -
|
||||
# - Defaults to: quota="536870912"
|
||||
# -
|
||||
#quota="536870912"
|
||||
quota="2147483648"
|
||||
|
||||
# - log_file
|
||||
# -
|
||||
# - Where to write logging informations?
|
||||
# -
|
||||
# - Defaults to: log_file="${script_dir}/log/postfix_add_mailboxes.log"
|
||||
# -
|
||||
#log_file="${script_dir}/log/postfix_add_mailboxes.log"
|
||||
@ -0,0 +1,92 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ----------------------------------------------------
|
||||
# ---
|
||||
# - Parameter Settings for script 'sent_userinfo_postfix.sh'.
|
||||
# ---
|
||||
# ----------------------------------------------------
|
||||
|
||||
# - message_body_file
|
||||
# -
|
||||
# - Full path to file containing the user info. This file must contain
|
||||
# - the message body WITHOUT e-mail headers. If file is placed in the
|
||||
# - 'files' directory use '${file_dir}/<file-name>'
|
||||
# -
|
||||
# - Defaults to '${file_dir}/sent_userinfo_postfix.message'
|
||||
# -
|
||||
#message_body_file="${file_dir}/sent_userinfo_postfix.email"
|
||||
|
||||
|
||||
# - email_from
|
||||
# -
|
||||
# - From Address of user info
|
||||
# -
|
||||
# - Example: 'oo@oopen.de'
|
||||
# -
|
||||
email_from="it@gemeinschaft-altenschlirf.de"
|
||||
|
||||
|
||||
# - email_from_org
|
||||
# -
|
||||
# - Example: email_from_org="O.OPEN"
|
||||
# -
|
||||
email_from_org="Gemeinschaft Altenschlirf"
|
||||
|
||||
|
||||
# - db_type
|
||||
# -
|
||||
# - Type of Postfix Database
|
||||
# -
|
||||
# - Possible values are 'pgsql' (PostgeSQL) or 'mysql' (MySQL)
|
||||
# -
|
||||
# - Defaults to: db_type="pgsql"
|
||||
# -
|
||||
#db_type="pgsql"
|
||||
|
||||
# - db_name
|
||||
# -
|
||||
# - Database name for the postfix database
|
||||
# -
|
||||
# - Defaults to: db_name="postfix"
|
||||
# -
|
||||
#db_name="postfix"
|
||||
|
||||
# - mysql_credential_args (root access to MySQL Database)
|
||||
# -
|
||||
# - Example
|
||||
# - mysql_credential_args="--login-path=local"
|
||||
# - mysql_credential_args="--defaults-file=/etc/mysql/debian.cnf" (Debian default)
|
||||
# - mysql_credential_args="--defaults-file=/usr/local/mysql/sys-maint.cnf"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - '/etc/mysql/debian.cnf' if MySQL is installed from debian package system
|
||||
# - '/usr/local/mysql/sys-maint.cnf' otherwise
|
||||
# -
|
||||
#mysql_credential_args=""
|
||||
|
||||
|
||||
# - mail_user
|
||||
# -
|
||||
# - The owner of the mailbox directories and within the e-mails itself.
|
||||
# -
|
||||
# - defaults to mail_user="vmail"
|
||||
# -
|
||||
#mail_user="vmail"
|
||||
|
||||
|
||||
# - mail_group
|
||||
# -
|
||||
# - The group of the mailbox directories
|
||||
# -
|
||||
# - defaults to mail_group="vmail"
|
||||
# -
|
||||
#mail_group="vmail"
|
||||
|
||||
|
||||
# - mail_basedir - No more needed!
|
||||
# -
|
||||
# - The root directory where all mailbox-domains are located.
|
||||
# -
|
||||
# - Defaults to '/var/vmail'.
|
||||
# -
|
||||
#mail_basedir=/var/vmail
|
||||
@ -0,0 +1,44 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ======================================================
|
||||
# ---
|
||||
# Parameter Settings for Script 'whitelist_mb_sigs.conf'
|
||||
# ---
|
||||
# ======================================================
|
||||
|
||||
# QUARANTINE_BASE_DIR
|
||||
#
|
||||
# Base directory where amavis stores quarantined e-mails, mostly in
|
||||
#
|
||||
# virus e-mails: $QUARANTINE_BASE_DIR/virus
|
||||
# spam emails: $QUARANTINE_BASE_DIR/spam
|
||||
# ..
|
||||
#
|
||||
# Defaults to:
|
||||
# QUARANTINE_BASE_DIR="/var/QUARANTINE"
|
||||
#
|
||||
#QUARANTINE_BASE_DIR="/var/QUARANTINE"
|
||||
|
||||
|
||||
# CLAMAV_VIRUS_WHITE_LIST
|
||||
#
|
||||
# Full path to clamav's (personal) white list file
|
||||
#
|
||||
# Defaults to:
|
||||
# CLAMAV_VIRUS_WHITE_LIST="/var/lib/clamav/my_whitelist.ign2"
|
||||
#
|
||||
#CLAMAV_VIRUS_WHITE_LIST="/var/lib/clamav/my_whitelist.ign2"
|
||||
|
||||
|
||||
# WHITE_LIST_STRINGS
|
||||
#
|
||||
# A blank separated list of strings to whitelist.
|
||||
#
|
||||
# Example:
|
||||
# WHITE_LIST_STRINGS="google.com tinyurl.com"
|
||||
#
|
||||
# Defaults to:
|
||||
# WHITE_LIST_STRINGS="google.com"
|
||||
#
|
||||
#WHITE_LIST_STRINGS="google.com"
|
||||
WHITE_LIST_STRINGS="google.com tinyurl.com"
|
||||
Reference in New Issue
Block a user