-root:x:0:0:root:/root:/bin/bash
+root:x:0:0:root Stralsund:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/false
daemon:x:2:2:daemon:/sbin:/bin/false
adm:x:3:4:adm:/var/adm:/bin/false
--- /dev/null
+/^root@profitbricks\.com$/ frank.brehm@profitbricks.com
+/^root@profitbricks\.localdomain$/ frank.brehm@profitbricks.com
+/^root@.*dc1\.de\.profitbricks.net$/ frank.brehm@profitbricks.com
+/^ppd@.*dc1\.de\.profitbricks.net$/ frank.brehm@profitbricks.com
+/^vcb@.*dc1\.de\.profitbricks.net$/ frank.brehm@profitbricks.com
+/.*@.*dc1\.de\.profitbricks.net$/ @profitbricks.com
+/^bind@profitbricks\.com$/ frank.brehm@profitbricks.com
+/.*@localhost$/ @profitbricks.com
+/.*@.*profitbricks\.localdomain$/ @profitbricks.com
+/.*@.*\.pb.local$/ @profitbricks.com
+/.*@stralsund.profitbricks.com$/ @profitbricks.com
+/.*@samara.profitbricks.com$/ @profitbricks.com
+
#relayhost = [mailserver.isp.tld]
#relayhost = uucphost
#relayhost = [an.ip.add.ress]
+#relayhost = [mail.pb.local]
+relayhost = [smtp.googlemail.com]
# REJECTING UNKNOWN RELAY USERS
#
#
readme_directory = no
home_mailbox = .maildir/
+mydomain = pb.local
+canonical_maps = pcre:/etc/postfix/canonical
+myorigin = profitbricks.com
+smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
+smtp_sasl_auth_enable = yes
+smtp_tls_cert_file = /etc/postfix/postfix.pem
+smtp_sasl_security_options = noanonymous
+smtp_tls_enforce_peername = no
+smtp_tls_key_file = /etc/postfix/postfix.pem
+smtp_use_tls = yes
+tls_random_source = dev:/dev/urandom
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDVyqLn5YIkyll4
+zLi5GBRf8cr4rWV6iUFnlSH/RdLR9XXGXFlMInsx3hc3v4jkUS6zyIOzDuxV7jlA
+eKdT820lRYapZ9qd+Wsdu4o9MvsJyCvBF22LqFiz4xi6Ir5j3+ZmhHz3mS67Q+rj
+VAHODJXOW6tbDzI9cODDWU2rN5I2ilGD/86Dm124pXk5WVrXULE2ovr7IYf7zoja
+9rb53GHwMy5AxJ34eyyV5aKK9I7nRTtMT6zs9AiiMQuS6+/Qxhph1rWn+AHJs44W
+EsQW8RIsehKY8pSHhgw1MVlq1kuCdbkAHrDDeNsqEkHUe6D2byzyVs/5QZGuMYNf
+VFPxWOd/AgMBAAECggEBAIRndvS/gxZd64OQ5mZbr2KsUNQqL0rwbn1EM0XxbFtz
+9XjgAL3SLRH5Rc/U42bjkFTvvgDLITsmynZPQvIPNG183aVVGGP18Iz9dOPqCudH
+/TEc3U8895KQ9uNwWRFpvTuImgyN5g88ROB9SpDd4nlm9Hz0sFy0576UNDHxvK/h
+YAhaoyTI5bIOQBEY2dZ4dgKc1rqzOG4G8eMiQo3ePavcsvEeo+a4I8qKoquysP+o
+JfDajQogSLPRApaxgHxP+OtvtSV2pflvjCVujhdsQLnbb5CnwVf6SYWlFNFEnlbr
+N4epOb+fdpVYT6wofw+8x9cStYs01L5+SxifarjDi8ECgYEA9CVqa+fDWC9vUNsy
+spgqF93uCv16xNOAwOKa5de5WXZyzYf6TnOM9Djm1eiV0oSiD9761w/ok3RsWS+O
+7EXAFdZOqrRYPtad3U1r5Bjr2w/NezeTgCIeuayJo/iWKrRv7ozb59XFiSZHbTLn
++tdYJ5O+PnrAPJ+H9GTg9Fc1ovkCgYEA4CvujFDwM2JIiU1eKwN4KWkjYdPcE7TI
+mNqwMp4u+CoQHALtwEjvdz4Ze+/QnaQzXoj0RYX4fijjaSZb1U/VRG3Ouyt1GkRd
+B1BEQd5rMMQk5mwy8PnhHoMDOXsSVvmCAO1QjRRk8dyK8aq73ntallZHjb+H6tjN
+4OEA/Rs/BDcCgYEArxUd6l/8EIOD2oI3KyhAF3mJucvpfLkIPkrDNkyrmOJ+lbIL
+6LKoxIMB1yjCOIPxDFylmhDIguYcxSB76ChlBcP4Cibmmbmi4A8jbiIJEcGVY+WJ
+G3xceF6pHjOozNs04eeV0/3TePVAh6jX/2TqzQcAiSHSNidZggPN5qubxVECgYBd
+VS0usowveJ4mvFWWpw0igKnAk0qv0bcrHPH7QSzhGfI3F2kRg8xf4zUNCt3apIDW
+vUKmp468SB3Wq6fUejabFPTbrM5Gr2vkHaEto4MRfLi4TxguiHsYDwgKqJkMKTnd
+VPESrAkTQfV/hMxPZyBiM237MGFQgA/HryaQOwXTpQKBgQCC1qQSJCDe2CwY5RAl
+/uKu1d83HCgV8wpf6gkmIwprJXGoGOl4p27ZZC8jhWjpoe3RBCXyQUcWJTbP1WNy
+1slOb2tqCjEnq31WFnuvs67cil3VWqGaBNqde+WGpcVSeBr1BjtPE23qGkifNBiJ
+qV515M5fmXRyfi0ffyMxOBN5KQ==
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIID7jCCAtagAwIBAgIJAIy3wz5uAaVaMA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD
+VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
+BAoTBkJlcmxpbjEeMBwGA1UECxMVTG9jYWwgUG9zdGZpeCBTU0wga2V5MRswGQYD
+VQQDExJzdHJhbHN1bmQucGIubG9jYWwxKzApBgkqhkiG9w0BCQEWHGZyYW5rLmJy
+ZWhtQHByb2ZpdGJyaWNrcy5jb20wHhcNMTMwMzEyMTYxNzQxWhcNMjMwMzEwMTYx
+NzQxWjCBqjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMG
+QmVybGluMQ8wDQYDVQQKEwZCZXJsaW4xHjAcBgNVBAsTFUxvY2FsIFBvc3RmaXgg
+U1NMIGtleTEbMBkGA1UEAxMSc3RyYWxzdW5kLnBiLmxvY2FsMSswKQYJKoZIhvcN
+AQkBFhxmcmFuay5icmVobUBwcm9maXRicmlja3MuY29tMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA1cqi5+WCJMpZeMy4uRgUX/HK+K1leolBZ5Uh/0XS
+0fV1xlxZTCJ7Md4XN7+I5FEus8iDsw7sVe45QHinU/NtJUWGqWfanflrHbuKPTL7
+CcgrwRdti6hYs+MYuiK+Y9/mZoR895kuu0Pq41QBzgyVzlurWw8yPXDgw1lNqzeS
+NopRg//Og5tduKV5OVla11CxNqL6+yGH+86I2va2+dxh8DMuQMSd+HssleWiivSO
+50U7TE+s7PQIojELkuvv0MYaYda1p/gBybOOFhLEFvESLHoSmPKUh4YMNTFZatZL
+gnW5AB6ww3jbKhJB1Hug9m8s8lbP+UGRrjGDX1RT8VjnfwIDAQABoxUwEzARBglg
+hkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADggEBAKV21eXL5S6bdXW1pxdF
+RbXZT2iakpO/cLjmlkcWTkgquyOnpcJRhD/wXNJmkD8ZaobxLnpemQ7ve1RjOOCb
+Dvkzz28A3yyJ316k01Pa2O7yHA+XnlYdNYnYonW9NA5dur3Zc48SYp8+6RC3kqzQ
+pmuK4CFi5MN6t6kNF0Sze+qRlrcArtXuW/7fxGk1SZ5rutfGzzSzYT2BVK3DvQFB
+FsRJBLg3xJodZ4KO5gvbB2xraYgV5vDVr/HsbMCotF7UAcHT5gpLP5Kg23aDR90F
+xmHeuemL7ZV1vOgX4EEE2lV5OHrw9lfzjTOpd9sziKsUVQyJzbI1Q7mt2xEIPxfX
+YoM=
+-----END CERTIFICATE-----
+-----BEGIN DH PARAMETERS-----
+MEYCQQDPOMC0amsMEDcf47cl1l+MbVjeXkzw1QGq2sZCuMXaysftE1ZJRcVqzreS
+MyK0pOrAp4ucU6fzy75K6hbBQnJTAgEC
+-----END DH PARAMETERS-----
--- /dev/null
+mail.brehm-online.com vmail:uhu
+smtp.googlemail.com frank.brehm@profitbricks.com:EMsiWgsus
--- /dev/null
+#!/bin/bash
+#
+# This is a short script to quickly generate a self-signed X.509 key for
+# Postfix over SSL. Normally this script would get called by an automatic
+# package installation routine.
+
+test -x /usr/bin/openssl || exit 0
+
+CADir="/etc/ssl/CA-fbrehm/postfix"
+prefix="/usr"
+pemfile="$CADir/postfix.pem"
+randfile="$CADir/postfix.rand"
+conffile="$CADir/postfix-cert.cnf"
+pemfile_orig="/etc/postfix/postfix.pem"
+days=3650
+
+if [ -f $pemfile ]; then
+ echo "$pemfile already exists."
+ exit 1
+fi
+
+if [ ! -f $conffile ] ; then
+ echo "$conffile does not exists!"
+ exit 2
+fi
+
+cp /dev/null $pemfile
+chmod 600 $pemfile
+chown root $pemfile
+
+cleanup() {
+ rm -f $pemfile
+ rm -f $randfile
+ exit 1
+}
+
+dd if=/dev/urandom of=$randfile count=1 2>/dev/null
+/usr/bin/openssl req -new -x509 -days $days -nodes \
+ -config $conffile -out $pemfile -keyout $pemfile || cleanup
+/usr/bin/openssl gendh -rand $randfile 512 >> $pemfile || cleanup
+/usr/bin/openssl x509 -subject -dates -fingerprint -noout -in $pemfile || cleanup
+rm -f $randfile
+cp -pv $pemfile $pemfile_orig
+
+
+# vim: ts=4 et
--- /dev/null
+
+RANDFILE = /usr/share/postfix.rand
+
+[ req ]
+default_bits = 2048
+encrypt_key = yes
+distinguished_name = req_dn
+x509_extensions = cert_type
+prompt = no
+
+[ req_dn ]
+C=DE
+ST=Berlin
+L=Berlin
+O=Berlin
+OU=Local Postfix SSL key
+CN=stralsund.pb.local
+emailAddress=frank.brehm@profitbricks.com
+
+
+[ cert_type ]
+nsCertType = server
+
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDVyqLn5YIkyll4
+zLi5GBRf8cr4rWV6iUFnlSH/RdLR9XXGXFlMInsx3hc3v4jkUS6zyIOzDuxV7jlA
+eKdT820lRYapZ9qd+Wsdu4o9MvsJyCvBF22LqFiz4xi6Ir5j3+ZmhHz3mS67Q+rj
+VAHODJXOW6tbDzI9cODDWU2rN5I2ilGD/86Dm124pXk5WVrXULE2ovr7IYf7zoja
+9rb53GHwMy5AxJ34eyyV5aKK9I7nRTtMT6zs9AiiMQuS6+/Qxhph1rWn+AHJs44W
+EsQW8RIsehKY8pSHhgw1MVlq1kuCdbkAHrDDeNsqEkHUe6D2byzyVs/5QZGuMYNf
+VFPxWOd/AgMBAAECggEBAIRndvS/gxZd64OQ5mZbr2KsUNQqL0rwbn1EM0XxbFtz
+9XjgAL3SLRH5Rc/U42bjkFTvvgDLITsmynZPQvIPNG183aVVGGP18Iz9dOPqCudH
+/TEc3U8895KQ9uNwWRFpvTuImgyN5g88ROB9SpDd4nlm9Hz0sFy0576UNDHxvK/h
+YAhaoyTI5bIOQBEY2dZ4dgKc1rqzOG4G8eMiQo3ePavcsvEeo+a4I8qKoquysP+o
+JfDajQogSLPRApaxgHxP+OtvtSV2pflvjCVujhdsQLnbb5CnwVf6SYWlFNFEnlbr
+N4epOb+fdpVYT6wofw+8x9cStYs01L5+SxifarjDi8ECgYEA9CVqa+fDWC9vUNsy
+spgqF93uCv16xNOAwOKa5de5WXZyzYf6TnOM9Djm1eiV0oSiD9761w/ok3RsWS+O
+7EXAFdZOqrRYPtad3U1r5Bjr2w/NezeTgCIeuayJo/iWKrRv7ozb59XFiSZHbTLn
++tdYJ5O+PnrAPJ+H9GTg9Fc1ovkCgYEA4CvujFDwM2JIiU1eKwN4KWkjYdPcE7TI
+mNqwMp4u+CoQHALtwEjvdz4Ze+/QnaQzXoj0RYX4fijjaSZb1U/VRG3Ouyt1GkRd
+B1BEQd5rMMQk5mwy8PnhHoMDOXsSVvmCAO1QjRRk8dyK8aq73ntallZHjb+H6tjN
+4OEA/Rs/BDcCgYEArxUd6l/8EIOD2oI3KyhAF3mJucvpfLkIPkrDNkyrmOJ+lbIL
+6LKoxIMB1yjCOIPxDFylmhDIguYcxSB76ChlBcP4Cibmmbmi4A8jbiIJEcGVY+WJ
+G3xceF6pHjOozNs04eeV0/3TePVAh6jX/2TqzQcAiSHSNidZggPN5qubxVECgYBd
+VS0usowveJ4mvFWWpw0igKnAk0qv0bcrHPH7QSzhGfI3F2kRg8xf4zUNCt3apIDW
+vUKmp468SB3Wq6fUejabFPTbrM5Gr2vkHaEto4MRfLi4TxguiHsYDwgKqJkMKTnd
+VPESrAkTQfV/hMxPZyBiM237MGFQgA/HryaQOwXTpQKBgQCC1qQSJCDe2CwY5RAl
+/uKu1d83HCgV8wpf6gkmIwprJXGoGOl4p27ZZC8jhWjpoe3RBCXyQUcWJTbP1WNy
+1slOb2tqCjEnq31WFnuvs67cil3VWqGaBNqde+WGpcVSeBr1BjtPE23qGkifNBiJ
+qV515M5fmXRyfi0ffyMxOBN5KQ==
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIID7jCCAtagAwIBAgIJAIy3wz5uAaVaMA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD
+VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
+BAoTBkJlcmxpbjEeMBwGA1UECxMVTG9jYWwgUG9zdGZpeCBTU0wga2V5MRswGQYD
+VQQDExJzdHJhbHN1bmQucGIubG9jYWwxKzApBgkqhkiG9w0BCQEWHGZyYW5rLmJy
+ZWhtQHByb2ZpdGJyaWNrcy5jb20wHhcNMTMwMzEyMTYxNzQxWhcNMjMwMzEwMTYx
+NzQxWjCBqjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMG
+QmVybGluMQ8wDQYDVQQKEwZCZXJsaW4xHjAcBgNVBAsTFUxvY2FsIFBvc3RmaXgg
+U1NMIGtleTEbMBkGA1UEAxMSc3RyYWxzdW5kLnBiLmxvY2FsMSswKQYJKoZIhvcN
+AQkBFhxmcmFuay5icmVobUBwcm9maXRicmlja3MuY29tMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA1cqi5+WCJMpZeMy4uRgUX/HK+K1leolBZ5Uh/0XS
+0fV1xlxZTCJ7Md4XN7+I5FEus8iDsw7sVe45QHinU/NtJUWGqWfanflrHbuKPTL7
+CcgrwRdti6hYs+MYuiK+Y9/mZoR895kuu0Pq41QBzgyVzlurWw8yPXDgw1lNqzeS
+NopRg//Og5tduKV5OVla11CxNqL6+yGH+86I2va2+dxh8DMuQMSd+HssleWiivSO
+50U7TE+s7PQIojELkuvv0MYaYda1p/gBybOOFhLEFvESLHoSmPKUh4YMNTFZatZL
+gnW5AB6ww3jbKhJB1Hug9m8s8lbP+UGRrjGDX1RT8VjnfwIDAQABoxUwEzARBglg
+hkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADggEBAKV21eXL5S6bdXW1pxdF
+RbXZT2iakpO/cLjmlkcWTkgquyOnpcJRhD/wXNJmkD8ZaobxLnpemQ7ve1RjOOCb
+Dvkzz28A3yyJ316k01Pa2O7yHA+XnlYdNYnYonW9NA5dur3Zc48SYp8+6RC3kqzQ
+pmuK4CFi5MN6t6kNF0Sze+qRlrcArtXuW/7fxGk1SZ5rutfGzzSzYT2BVK3DvQFB
+FsRJBLg3xJodZ4KO5gvbB2xraYgV5vDVr/HsbMCotF7UAcHT5gpLP5Kg23aDR90F
+xmHeuemL7ZV1vOgX4EEE2lV5OHrw9lfzjTOpd9sziKsUVQyJzbI1Q7mt2xEIPxfX
+YoM=
+-----END CERTIFICATE-----
+-----BEGIN DH PARAMETERS-----
+MEYCQQDPOMC0amsMEDcf47cl1l+MbVjeXkzw1QGq2sZCuMXaysftE1ZJRcVqzreS
+MyK0pOrAp4ucU6fzy75K6hbBQnJTAgEC
+-----END DH PARAMETERS-----
####################################################################
[ CA_default ]
-dir = ./demoCA # Where everything is kept
+dir = /etc/ssl/CA-fbrehm # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
-default_days = 365 # how long to certify for
+default_days = 3650 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = default # use public key default MD
preserve = no # keep passed DN ordering
# For the CA policy
[ policy_match ]
countryName = match
-stateOrProvinceName = match
-organizationName = match
+stateOrProvinceName = optional
+organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
-default_bits = 1024
+default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
-countryName_default = AU
+countryName_default = DE
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = Some-State
+stateOrProvinceName_default = Berlin
localityName = Locality Name (eg, city)
+localityName_default = Berlin
0.organizationName = Organization Name (eg, company)
-0.organizationName_default = Internet Widgits Pty Ltd
+0.organizationName_default = ProfitBricks GmbH
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
-#organizationalUnitName_default =
+organizationalUnitName_default = storage department
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_max = 64
projects / config / samara / etc.git / commitdiff