update..
This commit is contained in:
@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKAIBAAKCAgEA8Q7zcxe+VCBbnLzMVLlLKBfjle1hBDwTAv18dSSvpXc6iy4R
|
||||
1UGWoS4tm+8EV8uBdd40vvkwdGGrLDPplsSqdPFaSj5wlRh7zHTYbRwq9RFFLnk0
|
||||
xvJQk8HrQTV+MNAI4Of0nqf1JcgPL0d0mcug7gZ9gQCdFHjcKZafpbl4Afri2Chc
|
||||
SHd4HGlXmVMYwM9W4TzWfauxaYVLxhpO/aBQ4v5NKFGIYlZN/D67JNA0uSZ/geGq
|
||||
lCWQpVMLh7avWR2mdRo6hHcM9hmF7J1R3GZKzXIlSHHEIy+fru7Da+Ak2ufWI/P8
|
||||
aY1lQrHOkxK91oOk8BT/WIFKKVxby5mI+jdO4rTn95Ha4pYvGrxTPiywwO0Lmpzm
|
||||
1ti1iRSV4aFIQ7BpFKCzb4/vdFUjM/cTI4qGNbCv/dpAVSRuAcZ2T82QKSK6FpgE
|
||||
FJJ6v6pk6oB/9E+vOyW+2gOB5Rva5h6OpSIQmbRfPbXIujEQ6lFmqV7dbBrf6nkG
|
||||
Gk6xf3ZJyqFCwTy+ea9RZ1ZiXlF+p9xVJPhSiAfwL7+EdfkDjfQaS2SJKy1qQw+v
|
||||
2mG315hjJzL7y/KoiNcNG9VVrKAc4v0mG7fHs+4+YdMEBRvpciYgdEVRtJBGePe3
|
||||
RyBS4zwqJHJP9Ev3xUFFPw0dT3FaXRFLzeXOC3fCeBCM6tb5HkXUuk0DxdcCAwEA
|
||||
AQKCAgAWbf+1C9aH2WLs2JxincMifeaNQsMuM7DJLHDyLXGygb+Ox8CdCTdM1BEm
|
||||
Wz0aNjNblktuIZ2ilpvoxwPLJY1+yB5QnjK3jMmoIo8ox+AvYWYAhwKkKFPbC8Yq
|
||||
ESImxJSu6KZYROSImW7gRVPSI6Jbw3rWEAqNpxlFPWCpePJzrLaCym6bx5IDgsHF
|
||||
4HeDKUe6OYDzvJALc32zdys2aj5cgLEJOVzpWYJ0IBoluMHPIIfou+i1VDF7UJjY
|
||||
DeWO8zVT3Bbp0HICTCmr9I9zZIk9SIuzi/JmG75N9qV0WizTuZKxUbiA0clERWsl
|
||||
QC8t0J3+QNXplE4kPxXDggu+zHqoa1VK4ZeNFMMOHv2R87PXgwOhIEBRY5/QQdKH
|
||||
M0RWLcUHiyakx+QyfWNOUTwPNHpwwicHJR/k2oppIYvQj121acsSo0br+Zncg0Dg
|
||||
WagHBGbZncjXCXWsZktRTz4srNoTEytVUqbVt6RCdUeEI6K6rh0X6w+qpu0GmS0X
|
||||
CykA/VzxAVZT2F9FBrp/l+6MeoiBSdwjqmBPp+2NcIJNLfS8NrjRIbWI03CIkCuR
|
||||
dKEDVnHIX2O4QAQgNfxFIbnelbQ6fZ74scpsF1pqhIwsajEgIuDINx3pd0OQCK4U
|
||||
yjK6BkpoOXn1AbM0l5F63st5zjb35iibIUP/baQ8UZCRYKiEsQKCAQEA+08MrI/f
|
||||
SrelrhuBZvXicxL2MDBz1FZwSgltIsCrtBZQrCyrh7myISor2DZLe0XftFSRaZQa
|
||||
iBjrhsgHD2EetGmPT/zaQEc/fJo20JDkWs8E5Z6b18NYaOuhMXlpinXgS/myD9UX
|
||||
vLY3DN+YVnb0q/uhm+ddYQaxQ24rdFbI3EH66fgy33NB4A0yVTjazp29RdKHXL3m
|
||||
2OtXIh2BqUPeau639iLRU9PzjYVzX7M6ddKuhYatblOrprnJyUx1jrGjfjRUt8D1
|
||||
Mn4scMfmRYg8eH3bh+Kp4l0QHYRq8+KR2i7QZ4Gh4WHp7ROiwuHf3IBPyYHgb6FI
|
||||
tnaRmXOzwkV8bQKCAQEA9Y7qxkr8D5iVzH0M5xJOch1pZ4e4Eq2wsZQ4eFX+1aZr
|
||||
nqAgCCs/UuEdbJh7AdUQhjtLsEW2WjOEEqMyXAVc5wgNGh6Zw46CvCIJ+k7rKccF
|
||||
xx4b/Fwm8D0eXTGdiGA0shkelRGX8HN3AJp8dKy6vDrumSDZXdqZi8lkjz09NdYm
|
||||
rt/qC3/4getxOkeDS6tlUSCISm15XoL00taDskpUl0hqqxzsd1+RDvmCcook3Re6
|
||||
iBi1RwCmoF4Dil94q8fjMEAxg5RtHnYxWWDpFSHzhE7TAkE8jW3V9tg1Pfb9JMYU
|
||||
glojMEHOsETyNqNVqIwHMvmXIVW7aiigv6ctneQY0wKCAQAKSM/h9/lRW3aiS2ne
|
||||
Rs2/m9ULX9A9rlPmE8CtnWjpc8hVY3aZlVXe2ZT1wjMQlmlzPcq9oVv8mdh5qZHw
|
||||
ZS8WfwNoaJad7syAUudPXb6aoMI4i2chS1NA5/OuzKMvEWfedBd/Yl8YT/SsyDG5
|
||||
yCB3MVMJyEwf/mAevFF2715E9UZJcOjUEClv+9pFdpAtyHLIercjanoaAneMY9y8
|
||||
ipR9l8tbfU1HuvLKpd102ybXT4no2Pwb+byalBvX6xMchdSFA6s74d+m81bqPqQD
|
||||
0HF5FN15ECOXqetQ6exekrUZUrUgp0Nyr8kc9KLCiu/YXD/npTMEHnuVTADlYMDI
|
||||
gIN5AoIBABq59Gmira6Q3/UCw02/G1SmSNug1PMLfojFZiQK0BK26023heT9uAWw
|
||||
RMCWFAVOCF9jwsgrvj4xDzXsF0YWu1bV9H8cR4YWU7pgRg+9WTER3Voft9IOwZoy
|
||||
PMTN6qR2PCYKP97frFbaamBhcBxO1IA6Nc/q2F2ztjSVteE1PB1I8qrj6hhYVFbn
|
||||
pko+kFbDD+L1lH/tTGFyBW2RNYJJPs28bweyvTX868/ibkVDLeH2fDHl5o0U0A3y
|
||||
TZZY78xalCqjQgBdPkcrfBGLT7MiH9wNrD+5k/qcssYMIDdfU4wWFxNc9imBcBqV
|
||||
VnuF6YPPwdTVf5J8P0q9o0lYy8k8k0sCggEBAMLlHCucicV2ldGH1hvcsUEBbsS1
|
||||
Ave+1utiGpb9QCHKpMLmBzxNFq6ZgV52F03pDjR/ACiuT40Uc2uxAiw6EQ6UtU6s
|
||||
dd8mKUjJUAUi/fujCFs0nn9VETZGBSyUipLA4AH6LyJSwXLZ4HKN37o34K9CcMJ0
|
||||
XBYm+67Inn37Z/lRSViGTBSyOizwN1KHGQoEtUlTD5iMBdvmr44unaPB4WXzbKX7
|
||||
nm9yeN+OjAvxfvYRczmmlOJ3+p6CqRqOOv21pdV6DOfJ4kml1Y2A+gYft4rANOGC
|
||||
KaBJaopIm11AMyiauOMrGy7L968xOfKRLnXGjxNqg5+I9YD6V91y32vOJWc=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@ -0,0 +1 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDxDvNzF75UIFucvMxUuUsoF+OV7WEEPBMC/Xx1JK+ldzqLLhHVQZahLi2b7wRXy4F13jS++TB0YassM+mWxKp08VpKPnCVGHvMdNhtHCr1EUUueTTG8lCTwetBNX4w0Ajg5/Sep/UlyA8vR3SZy6DuBn2BAJ0UeNwplp+luXgB+uLYKFxId3gcaVeZUxjAz1bhPNZ9q7FphUvGGk79oFDi/k0oUYhiVk38Prsk0DS5Jn+B4aqUJZClUwuHtq9ZHaZ1GjqEdwz2GYXsnVHcZkrNciVIccQjL5+u7sNr4CTa59Yj8/xpjWVCsc6TEr3Wg6TwFP9YgUopXFvLmYj6N07itOf3kdrili8avFM+LLDA7QuanObW2LWJFJXhoUhDsGkUoLNvj+90VSMz9xMjioY1sK/92kBVJG4BxnZPzZApIroWmAQUknq/qmTqgH/0T687Jb7aA4HlG9rmHo6lIhCZtF89tci6MRDqUWapXt1sGt/qeQYaTrF/dknKoULBPL55r1FnVmJeUX6n3FUk+FKIB/Avv4R1+QON9BpLZIkrLWpDD6/aYbfXmGMnMvvL8qiI1w0b1VWsoBzi/SYbt8ez7j5h0wQFG+lyJiB0RVG0kEZ497dHIFLjPCokck/0S/fFQUU/DR1PcVpdEUvN5c4Ld8J4EIzq1vkeRdS6TQPF1w== root@mail.cadus.org
|
||||
@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKgIBAAKCAgEAzOY9bQkcFRrxmrVUFS8VM1eK+ROUBEV8ZBBnBqGrCxfMwUDu
|
||||
SmOtIqlPwyw419M09ho7uXZVVHf7NTf3or9C4X4MTnCit9bVjlZvKF+YLCAvsr/X
|
||||
CGwCaLobLVcQIBqFHIuZtv4rP6tln1EVrrxhaAlc6yUXqk4f8jJGHoHEaZxUr/vz
|
||||
rnCLf6kMrDkEh8if5qyF+h50yr1oGx41Zz49I5InEeccnxmcT2EGEuKLDcnlskeX
|
||||
+UGiFxVB4VpkHfpsN5u+ZJJMcKPEJtP8o+1uymTWg9gGsIhRTcstN+EC1BJMf8WZ
|
||||
KdoA//Gq6i2eUv5q4R+Luy6zeQXhPvEaCsilZR1onWlw9cvUunCunEP3zvhqti4X
|
||||
Pi4ITwGh9Mk4H2FO2AQnKjWBMku7BhDIfLvGkBU2AljqWWouW/p7vWOh5g2T+woH
|
||||
w+GzSATQZdQrBk4VoUk+wyA4T6CeMbaAop7saKqvEXY21aQHz1HnJL82Yp8H+qdX
|
||||
3ynAYUyWCP/mmKzaj6Cwp+vqT/9G9QOu5MpdButMTtdz558SUrEQYk4qg/DmDzOg
|
||||
Q5kLn7XO91ziWWx8Q91RTtAeONJPeP0vVkKjDVWh+wADEmm1PXa7yPGn4MMXX7ke
|
||||
3c0GWDLWVavcYHP514m01un7fO8mNoPHibDzTC0rznbhPGvlZ1JgIfqdEqUCAwEA
|
||||
AQKCAgAMQxMV/V+S28PtsEBR7Dlmkyyb71ICV240Rs8DlJU52rjEL/CSvxhTZLKD
|
||||
SZg1Qkx/Fd7RIIXGwk9kRe8p7CxCdlqiLxdtzQuGsyF/1wiyS1LPba+er2gNgGWz
|
||||
9uveH/grVydhziAkdUtll2KmzFs/8J+A6v1ZkcdTpTKRDM8GSva+eWOB4vZWM3Ww
|
||||
sNDWl2kKUvTJnRz8LQ2X4dzsSss537s61QvfcZbrITFN3ATaVGTMoIA1yHm8y+bf
|
||||
Z5tqN9xWD5n7Rs4QR5yrfjA2VzU0I4i65yivU9kZwLj6CRs0OcweMWMTIBrDNmE2
|
||||
FnjNGrCmvE6OayMOcQ2jyKX4Uz2ijgVcelY/KzVl6VZK1bj3ooZYEqZOhj2dKnvJ
|
||||
rqAKzOTjVUMPAi52I/l8/lTmJbJlkaNpAgu64xXRquxhJNCNhqTn0I2OzM5oTV0c
|
||||
gcCrOLmCN4qwuronM7JI1Zj0PRKNOavhIg4qI2hgNqIeE4RBURGLzvnquz1vhPyr
|
||||
LurhblP5+9bcuG0+rO0eWK0TJMzeHuf+AIo3XZGJhP06aoABFhfgtDqcKALZ8gic
|
||||
fa/4mu5jkvCO6a3y+TfJtS1IVpIRLiOfSYJ9As+E1l/ahfG28/DJvOeICv2mR46l
|
||||
t4gnYu+u2j21UxH0VfoT54PJFW3b5fFZpNmP1h/51u+pEmbbgQKCAQEA8j59XYPQ
|
||||
bjvW4zssTWHUGxIfGrzrcOahpZMxk/2F19nhjs55ILk1Tu0niPcLKq0JftjxQ/AN
|
||||
x3SyxXrbngxpH1VdNGFujn61g/FTdSyr5APtORLjbgS3gu6OHocjvQeS7ApZlfGW
|
||||
ptn4bRiHOyZJMu0kv7ZOgR4LfmwMF7mWXAhlOxAu6q3Nl9qc8pBXc62xfHfL+5Zv
|
||||
JapfcjvhonIw1zDHLJ+Z6B+w/+j4PWl/uEfLCQ+waO+wVwjuCABXg4NTiTjfhNol
|
||||
PM7sjmhS3a8INIoLrdF+SdxVlOynCg+t1Y3A8PYc84+4l+jeopYLqtMTHPDsQfU+
|
||||
PdDv//8WJVrlsQKCAQEA2IjeZt6OnvatltY/ynlusRergaOc+8jQeFLlg7Rvs4NO
|
||||
0/dq5bBWpNc0kmY8ARKGMYS13bVv38ZGVeXaxmMTPbf+eUOu2wZJaawq23UWDEor
|
||||
DV7mQutGy7yosVBzIa3bFR+CW0pTHvTyPhQmWgFsflMsjZKSR8IjhIYkW9XIJN2i
|
||||
Ho4Hef5MN2VXjt9hOOt0hH5KsIJ8iQM6fS6eMRw4EjRADp53ps3HfTSNAa1w8op3
|
||||
9YltsarFG+1zRBlbLrbIiWNmmfu5Q5R8pbPgOY29bQTMbWPD3iyrM/rUvVppDOyw
|
||||
g9I0wVYBLfXP4LD/DeWm3X8vm3O3LwGKD5KFwjQVNQKCAQEAw+hHqL42bT/VnHU5
|
||||
cedhCveP0ibg3bCXH/m3SbDpclRRtxVCHnXKJ+dhZsIr9Lp2CHDYRZI5AopdHZor
|
||||
TFlLFr0JoJf/Ohw9HdSoIwYaiU+npNWiulH0O15D72ppO7GJX31LUBlONefnogsJ
|
||||
Kove/OGOK8D7Ii6zKu2kpfdAI3Pism53EvG2aE2zSfPz1ait9jRH8lKJ1tM/V3oY
|
||||
EzD4UL+xBGSaqoAevAej4r6UPOtKxyw6BdN6MBkXr77fB4vInhwxoBZvsQrDgrPZ
|
||||
+FBaeWr+4PaghIk9aTAuMtPVSPTYCcdwSIV9ytTYYHKqQt9rAKfS2dDFImb8AXNB
|
||||
bLpjMQKCAQEAlrm3Lh4PYuHM9akPYG5kucsDLEtqc+1WB9uUPbh05J0rWurnsxir
|
||||
RzUyOBIIBKsTVBbPzZOFW1wWC6bjQaMnepfAAEM3zOg0Y+VfM8Ht5gIes8DyQXSq
|
||||
pBkfx8V7Tt9JGAwF3mv/LhZNJR87jv1cuxZEdgun3WFq/c2uM2q9VcQdHG27EJUO
|
||||
EqVtbFtbvpZPVgbfELzT2T+xEABKR18gPLO4PzTZjvfAvAu/d4J2k64FUJooDDsV
|
||||
15nS2X1Y9kxvjQrvGZKaZEtQ9LsgApACYoerkR2X8uhfB+C7A0+Svldni2rgJBAs
|
||||
5AQufnZWJCNOovHsfqXuxj6pDqvshcFhXQKCAQEAiTdFEQ5phltKANr+viBS4Mec
|
||||
UwbIRUg4MZOaOLqHytCh30uK/a+fX6SwbVcuD2IFheUorox8GsC13a/5ruKO2Vh/
|
||||
JccgfkypMDDYzoAodrX1lBQvlvc5SnNhNTJMlMqkWQcKtILy+f2gzxx/xsA9b92t
|
||||
LpAnrGIKnbf+ewnfOvJqopBxr1H6EanCjo7VtDPU8l5zR/xxaWAwZV1/z0y1CwkP
|
||||
MNTp6Xao1lVrgjUz2s9VykDPIDE8FazmnSKSXbuxuEo3+qlPhDKVVsd7LSMdlukz
|
||||
lkrS7ROdtFNB91sQnwmSPdTCqjso8SUIlpFqGfno5pl7UPD6DuQQDHsF6lMajw==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@ -0,0 +1 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDM5j1tCRwVGvGatVQVLxUzV4r5E5QERXxkEGcGoasLF8zBQO5KY60iqU/DLDjX0zT2Gju5dlVUd/s1N/eiv0LhfgxOcKK31tWOVm8oX5gsIC+yv9cIbAJouhstVxAgGoUci5m2/is/q2WfURWuvGFoCVzrJReqTh/yMkYegcRpnFSv+/OucIt/qQysOQSHyJ/mrIX6HnTKvWgbHjVnPj0jkicR5xyfGZxPYQYS4osNyeWyR5f5QaIXFUHhWmQd+mw3m75kkkxwo8Qm0/yj7W7KZNaD2AawiFFNyy034QLUEkx/xZkp2gD/8arqLZ5S/mrhH4u7LrN5BeE+8RoKyKVlHWidaXD1y9S6cK6cQ/fO+Gq2Lhc+LghPAaH0yTgfYU7YBCcqNYEyS7sGEMh8u8aQFTYCWOpZai5b+nu9Y6HmDZP7CgfD4bNIBNBl1CsGThWhST7DIDhPoJ4xtoCinuxoqq8RdjbVpAfPUeckvzZinwf6p1ffKcBhTJYI/+aYrNqPoLCn6+pP/0b1A67kyl0G60xO13PnnxJSsRBiTiqD8OYPM6BDmQuftc73XOJZbHxD3VFO0B440k94/S9WQqMNVaH7AAMSabU9drvI8afgwxdfuR7dzQZYMtZVq9xgc/nXibTW6ft87yY2g8eJsPNMLSvOduE8a+VnUmAh+p0SpQ== root@mail
|
||||
@ -0,0 +1,135 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
#---------------------------------------
|
||||
#-----------------------------
|
||||
# Settings for script check_cert_for_dovecot.sh
|
||||
#-----------------------------
|
||||
#---------------------------------------
|
||||
|
||||
# - service_domain
|
||||
# -
|
||||
# - The main domain for which the certificate was issued
|
||||
# -
|
||||
# - Example:
|
||||
# - service_domain="a.mx.oopen.de"
|
||||
# - service_domain="mail.cadus.org"
|
||||
# - service_domain="mx.warenform.de"
|
||||
# -
|
||||
#service_domain=""
|
||||
service_domain="mail.cadus.org"
|
||||
|
||||
|
||||
# - service_name
|
||||
# -
|
||||
# - Name of service.
|
||||
# -
|
||||
# - Note: this var will also be used to determin systemd service file
|
||||
# - or sysVinit script.
|
||||
# -
|
||||
# - Example:
|
||||
# - service_name="Mumble"
|
||||
# - service_name="Prosody"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - service_name="Dovecot"
|
||||
# -
|
||||
#service_name=""
|
||||
|
||||
|
||||
# - check_string_ps
|
||||
# -
|
||||
# - String wich (clearly) identifies the service at the process list (ps)
|
||||
# -
|
||||
# - Example:
|
||||
# - check_string_ps="[[:digit:]]\ /usr/sbin/murmurd"
|
||||
# - check_string_ps=""
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - check_string_ps="[[:digit:]]\ /usr/local/dovecot-[[:digit:]]{1,2}\.[[:digit:]]{1,2}\.[[:digit:]]{1,2}(\.[[:digit:]]{1,2})?/sbin/dovecot"
|
||||
# -
|
||||
#check_string_ps=""
|
||||
|
||||
|
||||
# - service_user
|
||||
# -
|
||||
# - User under which the service is running.
|
||||
# -
|
||||
# - Example:
|
||||
# - service_user="mumble-server"
|
||||
# - service_user="prosody"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - service_user="prosody"
|
||||
# -
|
||||
#service_user=""
|
||||
|
||||
|
||||
# - service_group
|
||||
# -
|
||||
# - Group under which the service is running.
|
||||
# -
|
||||
# - Example:
|
||||
# - service_group="mumble-server"
|
||||
# - service_group="prosody"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - service_group="prosody"
|
||||
# -
|
||||
#service_group=""
|
||||
|
||||
|
||||
# - cert_installed
|
||||
# -
|
||||
# - Locataion of certificate read by service
|
||||
# -
|
||||
# - Example:
|
||||
# - cert_installed="/var/lib/mumble-server/fullchain.pem"
|
||||
# - cert_installed="/var/lib/dehydrated/certs/jabber.so36.net/fullchain.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /etc/dovecot/ssl/mailserver.crt
|
||||
# -
|
||||
#cert_installed=""
|
||||
|
||||
|
||||
# - key_installed
|
||||
# -
|
||||
# - Location of the key read by service
|
||||
# -
|
||||
# - Example:
|
||||
# - key_installed="/var/lib/mumble-server/privkey.pem"
|
||||
# - key_installed="/etc/prosody/certs/privkey_jabber.so36.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /etc/dovecot/ssl/mailserver.key
|
||||
# -
|
||||
#key_installed=""
|
||||
|
||||
|
||||
# - cert_newest
|
||||
# -
|
||||
# - Location of the newest certificate.
|
||||
# -
|
||||
# - Example:
|
||||
# - cert_newest="/var/lib/dehydrated/certs/il-mumble.oopen.de/fullchain.pem"
|
||||
# - cert_newest="/var/lib/dehydrated/certs/jabber.so36.net/fullchain.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /var/lib/dehydrated/certs/${service_domain}/fullchain.pem
|
||||
# -
|
||||
#cert_newest=""
|
||||
|
||||
|
||||
# - key_newest
|
||||
# -
|
||||
# - Location of the newest Key
|
||||
# -
|
||||
# - Example:
|
||||
# - key_newest="/var/lib/dehydrated/certs/il-mumble.oopen.de/privkey.pem"
|
||||
# - key_newest="/var/lib/dehydrated/certs/jabber.so36.net/privkey.pem"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - /var/lib/dehydrated/certs/${service_domain}/privkey.pem
|
||||
# -
|
||||
#key_newest=""
|
||||
|
||||
@ -0,0 +1,178 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
#---------------------------------------
|
||||
#-----------------------------
|
||||
# Settings
|
||||
#-----------------------------
|
||||
#---------------------------------------
|
||||
|
||||
|
||||
# ---
|
||||
# - LOGGING
|
||||
# -
|
||||
# - This Parameter is now obsolete. If script is running in a terminal, then output ist verbose,
|
||||
# - the output will be verbos. If running as cronjob, output will only be written, if warnings or
|
||||
# - errors occurs.
|
||||
# ---
|
||||
|
||||
|
||||
# - What to check
|
||||
# -
|
||||
check_load=true
|
||||
check_mysql=true
|
||||
|
||||
# - PostgreSQL
|
||||
# -
|
||||
# - NOT useful, if more than one PostgreSQL instances are running!
|
||||
# -
|
||||
check_postgresql=false
|
||||
|
||||
check_apache=true
|
||||
check_nginx=false
|
||||
check_php_fpm=true
|
||||
check_redis=false
|
||||
check_website=false
|
||||
|
||||
# - If service is not listen on 127.0.0.1/loclhost, curl check must
|
||||
# - be ommited
|
||||
# -
|
||||
# - Defaults to: ommit_curl_check_nginx=false
|
||||
# -
|
||||
#ommit_curl_check_nginx=false
|
||||
|
||||
# - Is this a vserver guest machine?
|
||||
# -
|
||||
# - Not VSerber guest host does not support systemd!
|
||||
# -
|
||||
# - defaults to: vserver_guest=false
|
||||
# -
|
||||
#vserver_guest=false
|
||||
|
||||
|
||||
# - Additional Settings for check_mysql
|
||||
# -
|
||||
# - MySQL / MariaDB credentials
|
||||
# -
|
||||
# - Giving password on command line is insecure an sind mysql 5.5
|
||||
# - you will get a warning doing so.
|
||||
# -
|
||||
# - Reading username/password fro file ist also possible, using MySQL/MariaDB
|
||||
# - commandline parameter '--defaults-file'.
|
||||
# -
|
||||
# - Since Mysql Version 5.6, you can read username/password from
|
||||
# - encrypted file.
|
||||
# -
|
||||
# - Create (encrypted) option file:
|
||||
# - $ mysql_config_editor set --login-path=local --socket=/tmp/mysql.sock --user=root --password
|
||||
# - $ Password:
|
||||
# -
|
||||
# - Use of option file:
|
||||
# - $ mysql --login-path=local ...
|
||||
# -
|
||||
# - Example
|
||||
# - mysql_credential_args="--login-path=local"
|
||||
# - mysql_credential_args="--defaults-file=/etc/mysql/debian.cnf" (Debian default)
|
||||
# - mysql_credential_args="--defaults-file=/usr/local/mysql/sys-maint.cnf"
|
||||
# -
|
||||
mysql_credential_args="--login-path=local"
|
||||
|
||||
|
||||
# - Additional Settings for check_php_fpm
|
||||
# -
|
||||
# - On Linux Vserver System set
|
||||
# - curl_check_host=localhost
|
||||
# -
|
||||
# - On LX-Container set
|
||||
# - curl_check_host=127.0.0.1
|
||||
# -
|
||||
curl_check_host=127.0.0.1
|
||||
|
||||
# - Which PHP versions should be supported by this script. If more than one,
|
||||
# - give a blank separated list
|
||||
# -
|
||||
# - Example:
|
||||
# - php_versions="5.4 5.6 7.0 7.1"
|
||||
# -
|
||||
php_versions="7.4"
|
||||
|
||||
# - If PHP-FPM's ping.path setting does not match ping-$php_major_version,
|
||||
# - set the value given in your ping.path setting here. Give ping_path also
|
||||
# - the concerning php_version in form
|
||||
# - <php-version>:<ping-path>
|
||||
# -
|
||||
# - Multiple settings are possible, give a blank separated list.
|
||||
# -
|
||||
# - Example:
|
||||
# -
|
||||
# - ping_path="5.4:ping-site36_net 5.6:ping-oopen_de"
|
||||
# -
|
||||
ping_path=""
|
||||
|
||||
|
||||
# - Additional Settings for check_website - checking (expected) website response
|
||||
# -
|
||||
# - example:
|
||||
# - is_working_url="https://www.outoflineshop.de/"
|
||||
# - check_string='ool-account-links'
|
||||
# - include_cleanup_function=true
|
||||
# - extra_alert_address="ilker@so36.net"
|
||||
# - cleanup_function='
|
||||
# - rm -rf /var/www/www.outoflineshop.de/htdocs/var/cache/*
|
||||
# - rm -rf /var/www/www.outoflineshop.de/htdocs/var/session/*
|
||||
# - /usr/local/bin/redis-cli flushall > /dev/null 2>&1
|
||||
# - if [[ "$?" = "0" ]]; then
|
||||
# - ok "I have cleaned up directory \"/var/www/www.outoflineshop.de/htdocs/var/cache/\""
|
||||
# - else
|
||||
# - error "Cleaning up directory \"/var/www/www.outoflineshop.de/htdocs/var/cache/\" failed!"
|
||||
# - fi
|
||||
# - /etc/init.d/redis_6379 restart
|
||||
# - if [[ "$?" = "0" ]]; then
|
||||
# - ok "I restarted the redis service"
|
||||
# - echo -e "\t[ Ok ]: I restarted the redis service" >> $LOCK_DIR/extra_msg.txt
|
||||
# - else
|
||||
# - error "Restarting the redis server failed!"
|
||||
# - echo -e "\t[ Error ]: Restarting the redis server failed!" >> $LOCK_DIR/extra_msg.txt
|
||||
# - fi
|
||||
# - '
|
||||
# -
|
||||
is_working_url=''
|
||||
|
||||
check_string=''
|
||||
|
||||
include_cleanup_function=true
|
||||
|
||||
# - An extra e-mail address, which will be informed, if the given check URL
|
||||
# - does not response as expected (check_string) AFTER script checking, restarting
|
||||
# - servervices (webserver, php-fpm) and cleaning up (cleanup_function) was done.
|
||||
# -
|
||||
extra_alert_address=''
|
||||
|
||||
# - php_version_of_working_url
|
||||
# -
|
||||
# - If given website (is_working_url) does not response as expected, this PHP FPM
|
||||
# - engines will be restarted.
|
||||
# -
|
||||
# - Type "None" if site does not support php
|
||||
# -
|
||||
# - If php_version_of_working_url is not set, PHP FPM processes of ALL versions (php_versions)
|
||||
# - will be restarted
|
||||
# -
|
||||
php_version_of_working_url=''
|
||||
|
||||
# - Notice:
|
||||
# - If single qoutes "'" not needed inside cleanup function, then use single quotes
|
||||
# - to enclose variable "cleanup_function". Then you don't have do masquerade any
|
||||
# - sign inside.
|
||||
# -
|
||||
# - Otherwise use double quotes and masq any sign to prevent bash from interpreting.
|
||||
# -
|
||||
cleanup_function='
|
||||
'
|
||||
|
||||
|
||||
# - E-Mail settings for sending script messages
|
||||
# -
|
||||
from_address="root@`hostname -f`"
|
||||
content_type='Content-Type: text/plain;\n charset="utf-8"'
|
||||
to_addresses="root"
|
||||
|
||||
@ -0,0 +1,176 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# - Parameter Settings for script 'create_opendkim_key.sh'.
|
||||
# ---------------------------------------------------------
|
||||
|
||||
|
||||
# ----------
|
||||
# DNS Server
|
||||
# ----------
|
||||
|
||||
# - dns_dkim_zone_master_server
|
||||
# -
|
||||
# - The DNS Server who is serving the update zone and is used
|
||||
# - for the dynamic updates (nsupdate)
|
||||
# -
|
||||
#dns_dkim_zone_master_server=""
|
||||
dns_dkim_zone_master_server="b.ns.oopen.de"
|
||||
|
||||
# - update_dns
|
||||
# -
|
||||
# - Possible Values are 'true' or 'false'
|
||||
# -
|
||||
#update_dns=""
|
||||
|
||||
# - update_zone
|
||||
# -
|
||||
# - Zone containing the DKIM TXT record.
|
||||
# -
|
||||
# - Defaults to '_domainkey.<dkim_domaini>'
|
||||
# -
|
||||
# - Note:
|
||||
# - do NOT change/set this option unless you know what you do.
|
||||
# -
|
||||
#update_zone=""
|
||||
|
||||
# - TTL
|
||||
# -
|
||||
# - TTL for the DKIM TXT Record.
|
||||
# -
|
||||
# - Defaults to "" if update_dns=false
|
||||
# - Defaults to "43200" if update_dns=true
|
||||
#
|
||||
#TTL=""
|
||||
|
||||
|
||||
# ----------
|
||||
# TSIG Key
|
||||
# ----------
|
||||
|
||||
# - key_secret
|
||||
# -
|
||||
# - Sectret Key used by 'nsupdate' to create/update the
|
||||
# - DKIM TXT record.
|
||||
# -
|
||||
# - Example:
|
||||
# - key_secret="EtvvMdW0PXD4GMHP+onuHZ0dT/Z8OSJGlce/xH10OwI="
|
||||
# -
|
||||
#key_secret=""
|
||||
key_secret="4woPu0jqf9Jp1IX+gduJ3BVW/1ZMeyCPTQMqEsMXLFw="
|
||||
|
||||
# - key_algo
|
||||
# -
|
||||
# - The key algorithm used for key creation. Available choices are: hmac-md5,
|
||||
# - hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384 and hmac-sha512. The
|
||||
# - default is hmac-sha256. Options are case-insensitive.
|
||||
# -
|
||||
# - Example:
|
||||
# - key_algo="hmac-md5"
|
||||
# -
|
||||
# - Defaults to 'hmac-sha256'
|
||||
# -
|
||||
#key_algo="hmac-sha256"
|
||||
key_algo="hmac-sha256"
|
||||
|
||||
# - key_name
|
||||
# -
|
||||
# - Name of the Key
|
||||
# -
|
||||
# - Defaults to "$update_zone"
|
||||
# -
|
||||
#key_name=
|
||||
key_name="update-dkim"
|
||||
|
||||
|
||||
# ----------
|
||||
# Access Credentials DNS Server
|
||||
# ----------
|
||||
|
||||
# - dns_ssh_user
|
||||
# -
|
||||
# - Defaults to 'manage-bind'
|
||||
# -
|
||||
#dns_ssh_user="manage-bind"
|
||||
|
||||
# - dns_ssh_port
|
||||
# -
|
||||
# - Defaults to '22'
|
||||
# -
|
||||
#dns_ssh_port=22
|
||||
|
||||
# - dns_ssh_key
|
||||
# -
|
||||
# - Defaults to '/root/.ssh/id_rsa-opendkim'
|
||||
# -
|
||||
#dns_ssh_key="/root/.ssh/id_rsa-opendkim"
|
||||
|
||||
|
||||
# ----------
|
||||
# Scripts envoked at DNS Server
|
||||
# ----------
|
||||
|
||||
# - set_new_serial_script
|
||||
# -
|
||||
# - Script increases the serial for a given domain or a given
|
||||
# - hostname's concerning domain.
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_set_new_serial.sh'
|
||||
# -
|
||||
#set_new_serial_script="/root/bin/bind/bind_set_new_serial.sh"
|
||||
|
||||
# - create_dkim_delegation_script
|
||||
# -
|
||||
# - Script adds DKIM subdomain delegation for a given domain
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_create_dkim_delegation.sh'
|
||||
# -
|
||||
#create_dkim_delegation_script="/root/bin/bind/bind_create_dkim_delegation.sh"
|
||||
|
||||
# - add_dkim_zone_master_script
|
||||
# -
|
||||
# - Script adds zone _domainkey.<dkim domain> as master zone
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_add_dkim_zone_master.sh'
|
||||
# -
|
||||
#add_dkim_zone_master_script="/root/bin/bind/bind_add_dkim_zone_master.sh"
|
||||
|
||||
# - add_dkim_zone_slave_script
|
||||
# -
|
||||
# - Script adds zone _domainkey.<dkim domain> as slave zone
|
||||
# -
|
||||
# - Defaults to '/root/bin/bind/bind_add_dkim_zone_slave.sh'
|
||||
# -
|
||||
#add_dkim_zone_slave_script="/root/bin/bind/bind_add_dkim_zone_slave.sh"
|
||||
|
||||
|
||||
|
||||
# ----------
|
||||
# OpenDKIM Installation
|
||||
# ----------
|
||||
|
||||
# - opendkim_dir
|
||||
# -
|
||||
# - OpenDKIM's etc-directory
|
||||
# -
|
||||
# - Defaults to opendkim_dir="/etc/opendkim"
|
||||
# -
|
||||
#opendkim_dir="/etc/opendkim"
|
||||
|
||||
# - key_base_dir
|
||||
# -
|
||||
# - Defaults to "${opendkim_dir}/keys"
|
||||
# -
|
||||
#key_base_dir=${opendkim_dir}/keys
|
||||
|
||||
# - signing_table_file
|
||||
# -
|
||||
# - Defaults to "${opendkim_dir}/signing.table"
|
||||
# -
|
||||
#signing_table_file="${opendkim_dir}/signing.table"
|
||||
|
||||
# - key_table_file
|
||||
# -
|
||||
# - Defaults to "${opendkim_dir}/key.table"
|
||||
# -
|
||||
#key_table_file="${opendkim_dir}/key.table"
|
||||
@ -0,0 +1,87 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ----------------------------------------------------
|
||||
# ---
|
||||
# - Parameter Settings for script 'postfix_add_mailboxes.sh'.
|
||||
# ---
|
||||
# ----------------------------------------------------
|
||||
|
||||
# - dovecot_enc_method
|
||||
# -
|
||||
# - The (dovecot) password scheme which should be used to generate the hashed
|
||||
# - passwords of EXISTING users.
|
||||
# -
|
||||
# - Possible values are:
|
||||
# -
|
||||
# - See output of 'doveadm pw -l'
|
||||
# -
|
||||
# - DEFAULTS to: dovecot_enc_method="SHA512-CRYPT"
|
||||
# -
|
||||
#dovecot_enc_method="SHA512-CRYPT"
|
||||
|
||||
# - in_file
|
||||
# -
|
||||
# - The file from wich the script reads the e-mail-address/password
|
||||
# - kombination(s). Each line in this file must only contain
|
||||
# - <emal-address> <password>
|
||||
# -
|
||||
# - Defaults to: in_file="${conf_dir}/mailboxes_new.lst"
|
||||
# -
|
||||
#in_file="${conf_dir}/mailboxes_new.lst"
|
||||
|
||||
# - db_type
|
||||
# -
|
||||
# - Type of Postfix Database
|
||||
# -
|
||||
# - Possible values are 'pgsql' (PostgeSQL) or 'mysql' (MySQL)
|
||||
# -
|
||||
# - Defaults to: db_type="pgsql"
|
||||
# -
|
||||
#db_type="pgsql"
|
||||
db_type="mysql"
|
||||
|
||||
# - db_name
|
||||
# -
|
||||
# - Database name for the postfix database
|
||||
# -
|
||||
# - Defaults to: db_name="postfix"
|
||||
# -
|
||||
#db_name="postfix"
|
||||
|
||||
# - db_name
|
||||
# -
|
||||
# - Database name for the postfix database
|
||||
# -
|
||||
# - Defaults to: db_name="postfix"
|
||||
# -
|
||||
#db_name="postfix"
|
||||
|
||||
# - mysql_credential_args (root access to MySQL Database)
|
||||
# -
|
||||
# - Example
|
||||
# - mysql_credential_args="--login-path=local"
|
||||
# - mysql_credential_args="--defaults-file=/etc/mysql/debian.cnf" (Debian default)
|
||||
# - mysql_credential_args="--defaults-file=/usr/local/mysql/sys-maint.cnf"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - '/etc/mysql/debian.cnf' if MySQL is installed from debian package system
|
||||
# - '/usr/local/mysql/sys-maint.cnf' otherwise
|
||||
# -
|
||||
#mysql_credential_args=""
|
||||
|
||||
# - quota
|
||||
# -
|
||||
# - The quota setting for the new mailboxes.
|
||||
# -
|
||||
# - Defaults to: quota="536870912"
|
||||
# -
|
||||
#quota="536870912"
|
||||
quota="1073741824"
|
||||
|
||||
# - log_file
|
||||
# -
|
||||
# - Where to write logging informations?
|
||||
# -
|
||||
# - Defaults to: log_file="${script_dir}/log/postfix_add_mailboxes.log"
|
||||
# -
|
||||
#log_file="${script_dir}/log/postfix_add_mailboxes.log"
|
||||
@ -0,0 +1,92 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ----------------------------------------------------
|
||||
# ---
|
||||
# - Parameter Settings for script 'sent_userinfo_postfix.sh'.
|
||||
# ---
|
||||
# ----------------------------------------------------
|
||||
|
||||
# - message_body_file
|
||||
# -
|
||||
# - Full path to file containing the user info. This file must contain
|
||||
# - the message body WITHOUT e-mail headers. If file is placed in the
|
||||
# - 'files' directory use '${file_dir}/<file-name>'
|
||||
# -
|
||||
# - Defaults to '${file_dir}/sent_userinfo_postfix.message'
|
||||
# -
|
||||
#message_body_file="${file_dir}/sent_userinfo_postfix.email"
|
||||
|
||||
|
||||
# - email_from
|
||||
# -
|
||||
# - From Address of user info
|
||||
# -
|
||||
# - Example: 'oo@oopen.de'
|
||||
# -
|
||||
email_from="postmaster@cadus.org"
|
||||
|
||||
|
||||
# - email_from_org
|
||||
# -
|
||||
# - Example: email_from_org="O.OPEN"
|
||||
# -
|
||||
email_from_org="Cadus e.V."
|
||||
|
||||
|
||||
# - db_type
|
||||
# -
|
||||
# - Type of Postfix Database
|
||||
# -
|
||||
# - Possible values are 'pgsql' (PostgeSQL) or 'mysql' (MySQL)
|
||||
# -
|
||||
# - Defaults to: db_type="pgsql"
|
||||
# -
|
||||
#db_type="pgsql"
|
||||
|
||||
# - db_name
|
||||
# -
|
||||
# - Database name for the postfix database
|
||||
# -
|
||||
# - Defaults to: db_name="postfix"
|
||||
# -
|
||||
#db_name="postfix"
|
||||
|
||||
# - mysql_credential_args (root access to MySQL Database)
|
||||
# -
|
||||
# - Example
|
||||
# - mysql_credential_args="--login-path=local"
|
||||
# - mysql_credential_args="--defaults-file=/etc/mysql/debian.cnf" (Debian default)
|
||||
# - mysql_credential_args="--defaults-file=/usr/local/mysql/sys-maint.cnf"
|
||||
# -
|
||||
# - Defaults to:
|
||||
# - '/etc/mysql/debian.cnf' if MySQL is installed from debian package system
|
||||
# - '/usr/local/mysql/sys-maint.cnf' otherwise
|
||||
# -
|
||||
#mysql_credential_args=""
|
||||
|
||||
|
||||
# - mail_user
|
||||
# -
|
||||
# - The owner of the mailbox directories and within the e-mails itself.
|
||||
# -
|
||||
# - defaults to mail_user="vmail"
|
||||
# -
|
||||
#mail_user="vmail"
|
||||
|
||||
|
||||
# - mail_group
|
||||
# -
|
||||
# - The group of the mailbox directories
|
||||
# -
|
||||
# - defaults to mail_group="vmail"
|
||||
# -
|
||||
#mail_group="vmail"
|
||||
|
||||
|
||||
# - mail_basedir - No more needed!
|
||||
# -
|
||||
# - The root directory where all mailbox-domains are located.
|
||||
# -
|
||||
# - Defaults to '/var/vmail'.
|
||||
# -
|
||||
#mail_basedir=/var/vmail
|
||||
@ -0,0 +1,44 @@
|
||||
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
|
||||
|
||||
# ======================================================
|
||||
# ---
|
||||
# Parameter Settings for Script 'whitelist_mb_sigs.conf'
|
||||
# ---
|
||||
# ======================================================
|
||||
|
||||
# QUARANTINE_BASE_DIR
|
||||
#
|
||||
# Base directory where amavis stores quarantined e-mails, mostly in
|
||||
#
|
||||
# virus e-mails: $QUARANTINE_BASE_DIR/virus
|
||||
# spam emails: $QUARANTINE_BASE_DIR/spam
|
||||
# ..
|
||||
#
|
||||
# Defaults to:
|
||||
# QUARANTINE_BASE_DIR="/var/QUARANTINE"
|
||||
#
|
||||
#QUARANTINE_BASE_DIR="/var/QUARANTINE"
|
||||
|
||||
|
||||
# CLAMAV_VIRUS_WHITE_LIST
|
||||
#
|
||||
# Full path to clamav's (personal) white list file
|
||||
#
|
||||
# Defaults to:
|
||||
# CLAMAV_VIRUS_WHITE_LIST="/var/lib/clamav/my_whitelist.ign2"
|
||||
#
|
||||
#CLAMAV_VIRUS_WHITE_LIST="/var/lib/clamav/my_whitelist.ign2"
|
||||
|
||||
|
||||
# WHITE_LIST_STRINGS
|
||||
#
|
||||
# A blank separated list of strings to whitelist.
|
||||
#
|
||||
# Example:
|
||||
# WHITE_LIST_STRINGS="google.com tinyurl.com"
|
||||
#
|
||||
# Defaults to:
|
||||
# WHITE_LIST_STRINGS="google.com"
|
||||
#
|
||||
#WHITE_LIST_STRINGS="google.com"
|
||||
WHITE_LIST_STRINGS="google.com tinyurl.com ngosafety.org"
|
||||
Reference in New Issue
Block a user