mar
/
container
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

Merge branch 'master' of ssh://git.alemor.org:4323/mar/container

feature/startup-from-labels
Mar Alegre 4 years ago
parent
25dcc76739 0513d7acfb
commit
f3a4dd9ccc
3 changed files with 15 additions and 11 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 22
      mailsrv/assets/postfix/main.cf.part
  2. 2
      nextcloud/Systemdfile
  3. 2
      samba/assets/bin/smbadduser

22
mailsrv/assets/postfix/main.cf.part
View File

@ -28,13 +28,19 @@ local_transport = dovecot
# set recipient limit to 1 so X-Original-To header addition will work # set recipient limit to 1 so X-Original-To header addition will work
dovecot_destination_recipient_limit = 1 dovecot_destination_recipient_limit = 1
### SMTP ### ### Outgoing Mail ###
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # enable opportunistic TLS for outgoing mail
# information on enabling SSL in the smtp client. smtp_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# whether to allow or enforce TLS. Acceptable values are 'none', 'may', or 'encrypt'. # log whether connection has completed encryption handshake
smtpd_tls_security_level=may smtp_tls_loglevel = 1
### Incoming Mail ###
# enable opportunistic TLS for incoming mail
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
# prevent sending passwords over unsecured connections
smtpd_tls_auth_only = yes
# where to find certs # where to find certs
smtpd_tls_cert_file=/vol/ssl/fullchain.pem smtpd_tls_cert_file=/vol/ssl/fullchain.pem
smtpd_tls_key_file=/vol/ssl/privkey.pem smtpd_tls_key_file=/vol/ssl/privkey.pem
@ -45,8 +51,6 @@ smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth smtpd_sasl_path = private/auth
# and the common settings to enable SASL: # and the common settings to enable SASL:
smtpd_sasl_auth_enable = yes smtpd_sasl_auth_enable = yes
### Security ###
# these settings apply to BOTH authenticated and unauthenticated mail # these settings apply to BOTH authenticated and unauthenticated mail
# for security settings for only authenticated mail, use options in master.cf # for security settings for only authenticated mail, use options in master.cf
smtpd_delay_reject = yes smtpd_delay_reject = yes
@ -75,4 +79,4 @@ biff = no
# fresh installs. # fresh installs.
compatibility_level = 2 compatibility_level = 2
# maximum size allowed for sent messages, in bytes # maximum size allowed for sent messages, in bytes
message_size_limit = 33554432 message_size_limit = 102400000

2
nextcloud/Systemdfile
View File

@ -26,7 +26,7 @@ nc-occ app:install bookmarks
nc-occ app:install mail nc-occ app:install mail
# disable apps we don't want # disable apps we don't want
nc-occ app:disable comments federation files_trashbin files_versions firstrunwizard recommendations support survey_client systemtags nc-occ app:disable comments dashboard federation files_trashbin firstrunwizard recommendations support survey_client systemtags
# configure apps # configure apps
# set calendar to refresh subscriptions once a day (to set to one hour use 'PT1H' instead) # set calendar to refresh subscriptions once a day (to set to one hour use 'PT1H' instead)

2
samba/assets/bin/smbadduser
View File

@ -1,4 +1,4 @@
#!/bin/sh #!/bin/bash
if [[ -z $(getent passwd "$1") ]]; then if [[ -z $(getent passwd "$1") ]]; then
adduser "$1" --disabled-password --gecos "" --no-create-home --shell /usr/sbin/nologin adduser "$1" --disabled-password --gecos "" --no-create-home --shell /usr/sbin/nologin
usermod -a -G sambashare "$1" usermod -a -G sambashare "$1"

Write Preview
Loading…
Cancel
Save