Mercurial > code > home > repos > infra

changeset 324:99c81fa0f2fc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add chat.bigasterisk.com dns and dkim
author drewp@bigasterisk.com
date Mon, 20 Jan 2025 14:09:37 -0800
parents 7f6244802f97
children 4d1b6a6e65d2
files mail.py templates/dnsmasq/hosts.j2 templates/mail/main.cf.j2 templates/mail/mydestination.j2 templates/mail/opendkim-KeyTable.j2 templates/mail/opendkim-SigningTable.j2 templates/mail/opendkim.conf.j2
diffstat 7 files changed, 17 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/mail.py	Tue Dec 10 15:00:15 2024 -0800
+++ b/mail.py	Mon Jan 20 14:09:37 2025 -0800
@@ -3,6 +3,16 @@
 
 if host.name == 'prime':
     apt.packages(packages=['postfix', 'isync', 'opendkim', 'opendkim-tools'])
+    '''
+    per domain keygen:
+        prime(pts/4):~# mkdir /etc/opendkim/keys/chat.bigasterisk.com
+        prime(pts/4):~# opendkim-genkey -b 1024 -d chat.bigasterisk.com -D /etc/opendkim/keys/chat.bigasterisk.com -s default -v
+        opendkim-genkey: generating private key
+        opendkim-genkey: private key written to default.private
+        opendkim-genkey: extracting public key
+        opendkim-genkey: DNS TXT record written to default.txt
+        prime(pts/4):~# chown opendkim /etc/opendkim/keys/*/*
+    '''
 
     files.template(src='templates/mail/opendkim-KeyTable.j2', dest='/etc/opendkim/KeyTable')
     files.template(src='templates/mail/opendkim-SigningTable.j2', dest='/etc/opendkim/SigningTable')
--- a/templates/dnsmasq/hosts.j2	Tue Dec 10 15:00:15 2024 -0800
+++ b/templates/dnsmasq/hosts.j2	Mon Jan 20 14:09:37 2025 -0800
@@ -5,7 +5,7 @@
 # This is the dns trick-- hosts at home should use the local address
 # for 'bigasterisk.com' etc instead of taking a trip to prime.
 10.2.0.1 bang bang.bigasterisk.com 
-10.2.0.133 bigasterisk.com cam-int.bigasterisk.com cam-ext.bigasterisk.com imap.bigasterisk.com repo.bigasterisk.com drewp.quickwitretort.com photo.bigasterisk.com projects.bigasterisk.com quickwitretort.com whatsplayingnext.com whopickedthis.com vpn-home.bigasterisk.com file.bigasterisk.com antigen-superset.bigasterisk.com authenticate.bigasterisk.com authenticate2.bigasterisk.com authenticate3.bigasterisk.com megasecond.club hass.bigasterisk.com bitwarden.bigasterisk.com livegrep.bigasterisk.com dev.bigasterisk.com apprise.bigasterisk.com sco-bot-prefect.bigasterisk.com paperless.bigasterisk.com linkwarden.bigasterisk.com jellyfin.bigasterisk.com viseron.bigasterisk.com
+10.2.0.133 bigasterisk.com cam-int.bigasterisk.com cam-ext.bigasterisk.com imap.bigasterisk.com repo.bigasterisk.com drewp.quickwitretort.com photo.bigasterisk.com projects.bigasterisk.com quickwitretort.com whatsplayingnext.com whopickedthis.com vpn-home.bigasterisk.com file.bigasterisk.com antigen-superset.bigasterisk.com authenticate.bigasterisk.com authenticate2.bigasterisk.com authenticate3.bigasterisk.com megasecond.club hass.bigasterisk.com bitwarden.bigasterisk.com livegrep.bigasterisk.com dev.bigasterisk.com apprise.bigasterisk.com sco-bot-prefect.bigasterisk.com paperless.bigasterisk.com linkwarden.bigasterisk.com jellyfin.bigasterisk.com viseron.bigasterisk.com chat.bigasterisk.com
 
 # deleteme
 162.243.138.136 light9.bigasterisk.com
--- a/templates/mail/main.cf.j2	Tue Dec 10 15:00:15 2024 -0800
+++ b/templates/mail/main.cf.j2	Mon Jan 20 14:09:37 2025 -0800
@@ -93,7 +93,7 @@
 
 # Postfix is the final destination for the specified list
 {% if host.name == 'prime' %}
-virtual_alias_domains = adkinslawgroup.com iveseenyoubefore.com fantasyfamegame.com maxradi.us whopickedthis.com quickwitretort.com drewp.quickwitretort.com kelsi.quickwitretort.com photo.bigasterisk.com whatsplayingnext.com williamperttula.com
+virtual_alias_domains = adkinslawgroup.com iveseenyoubefore.com fantasyfamegame.com maxradi.us whopickedthis.com quickwitretort.com drewp.quickwitretort.com kelsi.quickwitretort.com photo.bigasterisk.com whatsplayingnext.com williamperttula.com 
 
 # Optional lookup tables that alias specific mail addresses or domains to other local or remote addresses
 virtual_alias_maps = hash:/etc/postfix/virtual
--- a/templates/mail/mydestination.j2	Tue Dec 10 15:00:15 2024 -0800
+++ b/templates/mail/mydestination.j2	Mon Jan 20 14:09:37 2025 -0800
@@ -16,3 +16,5 @@
 maxradi.us
 williamperttula.com
 ditto.bigasterisk.com
+chat.bigasterisk.com
+
--- a/templates/mail/opendkim-KeyTable.j2	Tue Dec 10 15:00:15 2024 -0800
+++ b/templates/mail/opendkim-KeyTable.j2	Mon Jan 20 14:09:37 2025 -0800
@@ -1,1 +1,2 @@
 default._domainkey.bigasterisk.com bigasterisk.com:default:/etc/opendkim/keys/bigasterisk.com/default.private
+default._domainkey.chat.bigasterisk.com chat.bigasterisk.com:default:/etc/opendkim/keys/chat.bigasterisk.com/default.private
--- a/templates/mail/opendkim-SigningTable.j2	Tue Dec 10 15:00:15 2024 -0800
+++ b/templates/mail/opendkim-SigningTable.j2	Mon Jan 20 14:09:37 2025 -0800
@@ -1,1 +1,2 @@
 *@bigasterisk.com default._domainkey.bigasterisk.com
+*@chat.bigasterisk.com default._domainkey.chat.bigasterisk.com
--- a/templates/mail/opendkim.conf.j2	Tue Dec 10 15:00:15 2024 -0800
+++ b/templates/mail/opendkim.conf.j2	Mon Jan 20 14:09:37 2025 -0800
@@ -160,7 +160,7 @@
 ##  Specify for which domain(s) signing should be done.  No default; must
 ##  be specified for signing.
 
-Domain			bigasterisk.com
+Domain			bigasterisk.com,chat.bigasterisk.com
 
 ##  DomainKeysCompat { yes | no }
 ##  	default "no"