From ca52bfe8342b53531c418761613b25ed57976cb7 Mon Sep 17 00:00:00 2001 From: Mario Alegre Date: Fri, 29 May 2020 00:17:29 -0500 Subject: [PATCH] working on stuff --- bin/pdm-launch | 1 - install.sh | 22 ------------- src/mailsrv/Containerfile | 1 - src/mailsrv/assets/bin/mkvirt | 4 +++ src/mailsrv/assets/postfix/master.cf | 20 ++++++------ src/startpage/assets/data.json | 9 ++++-- src/startpage/assets/thumbnails/discord.svg | 34 +++++++++++++++++++++ 7 files changed, 56 insertions(+), 35 deletions(-) create mode 100644 src/startpage/assets/thumbnails/discord.svg diff --git a/bin/pdm-launch b/bin/pdm-launch index 79c4fba..f88bba9 100755 --- a/bin/pdm-launch +++ b/bin/pdm-launch @@ -53,5 +53,4 @@ if [[ $FLAGS_overwrite ]]; then fi podman run -itd --name $name --hostname $name $deployopts $image -# --userns=keep-id echo "Done!" diff --git a/install.sh b/install.sh index 15f195a..6b8d29c 100755 --- a/install.sh +++ b/install.sh @@ -34,27 +34,6 @@ else exit 1 fi -echo "Creating containers user ..." -user_id=$(id -u $myusr > /dev/null 2>&1) -user_exists=$(echo $?) -if [[ $user_exists != 0 ]]; then - sudo addgroup $myusr --gid $myuid --system - sudo adduser $myusr --ingroup $myusr --uid $myuid --disabled-password --gecos "Containers User" --shell /usr/sbin/nologin --no-create-home --home /srv/$myusr --system -elif [[ $user_id != $myuid ]]; then - echo "Error: User \"$myusr\" already exists, but does not have UID $myuid." - echo "Please delete user \"$myusr\" and then re-run the install script." - exit 2 -else - echo "User \"$myusr\" is already configured. Skipping ..." -fi - -echo "Configuring subuids and subgids ..." -echo "$myusr:1000000:1000000000" | sudo tee -a /etc/subuid /etc/subgid - -echo "Configuring kernel parameters ..." -kernel.unprivileged_userns_clone=1 -#net.ipv4.ping_group_range=0 1001000000 - echo "Copying scripts to /usr/local/bin ..." # copy bin files to /usr/local/bin sudo cp bin/* /usr/local/bin/ @@ -72,4 +51,3 @@ fi sudo chmod +x /etc/containers/startup.sh echo "Installed containers startup script in /etc/containers/startup.sh." echo "Put any podman-related commands that should run on startup in that file." - diff --git a/src/mailsrv/Containerfile b/src/mailsrv/Containerfile index 7f48e17..0396bad 100644 --- a/src/mailsrv/Containerfile +++ b/src/mailsrv/Containerfile @@ -7,7 +7,6 @@ FROM localhost/debian # -p (port) and -v (volume) both go host:container LABEL deployopts="\ -p 25:25 \ --p 465:465 \ -p 587:587 \ -p 143:143 \ -p 993:993 \ diff --git a/src/mailsrv/assets/bin/mkvirt b/src/mailsrv/assets/bin/mkvirt index be82318..ae7b96e 100755 --- a/src/mailsrv/assets/bin/mkvirt +++ b/src/mailsrv/assets/bin/mkvirt @@ -2,6 +2,10 @@ set -e +# copy users passwd-file to /etc/dovecot and set appropriate permissions +cp /vol/db/users /etc/dovecot/users +chown dovecot:dovecot /etc/dovecot/users + # make self-referential users list # this is needed for the reject_sender_login_mismatch restriction to work, # otherwise users cannot send emails as their own address diff --git a/src/mailsrv/assets/postfix/master.cf b/src/mailsrv/assets/postfix/master.cf index 7cdb294..4c84df1 100644 --- a/src/mailsrv/assets/postfix/master.cf +++ b/src/mailsrv/assets/postfix/master.cf @@ -18,15 +18,17 @@ submission inet n - y - - smtpd -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject -o smtpd_sender_login_maps=hash:/etc/postfix/aliases -o smtpd_sender_restrictions=reject_sender_login_mismatch -smtps inet n - y - - smtpd - -o smtpd_sasl_local_domain=$myhostname - -o smtpd_tls_security_level=encrypt - -o smtpd_sasl_security_options=noanonymous - -o smtpd_client_restrictions=permit_sasl_authenticated,reject - -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject - -o smtpd_sender_login_maps=hash:/etc/postfix/aliases - -o smtpd_sender_restrictions=reject_sender_login_mismatch - +#smtps inet n - y - - smtpd +# -o syslog_name=postfix/smtps +# -o smtpd_tls_wrappermode=yes +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_reject_unlisted_recipient=no +# -o smtpd_client_restrictions=$mua_client_restrictions +# -o smtpd_helo_restrictions=$mua_helo_restrictions +# -o smtpd_sender_restrictions=$mua_sender_restrictions +# -o smtpd_recipient_restrictions= +# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING # Local services # ========================================================================== pickup unix n - y 60 1 pickup diff --git a/src/startpage/assets/data.json b/src/startpage/assets/data.json index 08b7c2e..c60f760 100644 --- a/src/startpage/assets/data.json +++ b/src/startpage/assets/data.json @@ -4,12 +4,12 @@ "content": { "General" : [ { - "url": "http://medusa.casa.alemor.org/nextcloud/", + "url": "https://medusa.alemor.org/nextcloud/", "title": "Nextcloud", "image": "assets/thumbnails/nextcloud.svg" }, { - "url": "http://medusa.casa.alemor.org/git/", + "url": "https://medusa.alemor.org/git/", "title": "Gitea", "image": "assets/thumbnails/gitea.svg" }, @@ -57,6 +57,11 @@ "url": "https://hangouts.google.com/", "title": "Google Hangouts", "image": "assets/thumbnails/google_hangouts.svg" + }, + { + "url": "https://discord.com/app", + "title": "Discord", + "image": "assets/thumbnails/discord.svg" } ], "Work" : [ diff --git a/src/startpage/assets/thumbnails/discord.svg b/src/startpage/assets/thumbnails/discord.svg new file mode 100644 index 0000000..1522846 --- /dev/null +++ b/src/startpage/assets/thumbnails/discord.svg @@ -0,0 +1,34 @@ + + + + + + + + +