From: Frank Brehm Date: Tue, 13 Apr 2021 16:06:59 +0000 (+0200) Subject: daily autocommit X-Git-Url: https://git.uhu-banane.net/?a=commitdiff_plain;h=06069898bc07d8755b2ce755156af5e16389a7c4;p=config%2Fhelga-hetzner%2Fetc.git daily autocommit --- diff --git a/.etckeeper b/.etckeeper index 9dc9d46..3f3aec5 100755 --- a/.etckeeper +++ b/.etckeeper @@ -26,6 +26,9 @@ mkdir -p './initramfs-tools/scripts/nfs-premount' mkdir -p './initramfs-tools/scripts/nfs-top' mkdir -p './initramfs-tools/scripts/panic' mkdir -p './kernel/install.d' +mkdir -p './letsencrypt/renewal-hooks/deploy' +mkdir -p './letsencrypt/renewal-hooks/post' +mkdir -p './letsencrypt/renewal-hooks/pre' mkdir -p './logwatch/conf/logfiles' mkdir -p './logwatch/conf/services' mkdir -p './logwatch/scripts/services' @@ -347,6 +350,7 @@ maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes' maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/timesyncd' maybe chmod 0644 'dhcp/dhclient.conf' maybe chmod 0755 'dovecot' +maybe chmod 0755 'dovecot/.old' maybe chmod 0755 'dovecot/conf.d' maybe chmod 0644 'dovecot/conf.d/10-auth.conf' maybe chmod 0644 'dovecot/conf.d/10-director.conf' @@ -395,7 +399,6 @@ maybe chown 'dovecot' 'dovecot/dovecot-used-quota.conf' maybe chgrp 'dovecot' 'dovecot/dovecot-used-quota.conf' maybe chmod 0500 'dovecot/dovecot-used-quota.conf' maybe chmod 0664 'dovecot/dovecot.conf' -maybe chmod 0644 'dovecot/dovecot.conf.2021.04.08.22.02.11' maybe chmod 0700 'dovecot/private' maybe chmod 0755 'dpkg' maybe chmod 0644 'dpkg/dpkg.cfg' @@ -610,7 +613,40 @@ maybe chmod 0644 'ldap/ldap.conf' maybe chmod 0755 'ldap/schema' maybe chmod 0644 'ldap/schema/amavis.schema' maybe chmod 0755 'letsencrypt' +maybe chmod 0755 'letsencrypt/accounts' +maybe chmod 0755 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org' +maybe chmod 0700 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory' +maybe chmod 0700 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646' +maybe chmod 0644 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/meta.json' +maybe chmod 0400 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/private_key.json' +maybe chmod 0644 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/regr.json' +maybe chmod 0755 'letsencrypt/accounts/acme-v02.api.letsencrypt.org' +maybe chmod 0700 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory' +maybe chmod 0700 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517' +maybe chmod 0644 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/meta.json' +maybe chmod 0400 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/private_key.json' +maybe chmod 0644 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/regr.json' +maybe chmod 0644 'letsencrypt/archive' +maybe chmod 0755 'letsencrypt/archive/mail.uhu-banane.eu' +maybe chmod 0644 'letsencrypt/archive/mail.uhu-banane.eu/cert1.pem' +maybe chmod 0644 'letsencrypt/archive/mail.uhu-banane.eu/chain1.pem' +maybe chmod 0644 'letsencrypt/archive/mail.uhu-banane.eu/fullchain1.pem' +maybe chmod 0600 'letsencrypt/archive/mail.uhu-banane.eu/privkey1.pem' maybe chmod 0644 'letsencrypt/cli.ini' +maybe chmod 0755 'letsencrypt/csr' +maybe chmod 0644 'letsencrypt/csr/0000_csr-certbot.pem' +maybe chmod 0700 'letsencrypt/keys' +maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem' +maybe chmod 0644 'letsencrypt/live' +maybe chmod 0644 'letsencrypt/live/README' +maybe chmod 0755 'letsencrypt/live/mail.uhu-banane.eu' +maybe chmod 0644 'letsencrypt/live/mail.uhu-banane.eu/README' +maybe chmod 0755 'letsencrypt/renewal' +maybe chmod 0755 'letsencrypt/renewal-hooks' +maybe chmod 0755 'letsencrypt/renewal-hooks/deploy' +maybe chmod 0755 'letsencrypt/renewal-hooks/post' +maybe chmod 0755 'letsencrypt/renewal-hooks/pre' +maybe chmod 0644 'letsencrypt/renewal/mail.uhu-banane.eu.conf' maybe chmod 0644 'libaudit.conf' maybe chmod 0755 'libnl-3' maybe chmod 0644 'libnl-3/classid' @@ -735,6 +771,9 @@ maybe chmod 0644 'networks' maybe chmod 0755 'nftables.conf' maybe chmod 0755 'nftables.conf.2021.04.08.22.02.11' maybe chmod 0755 'nginx' +maybe chmod 0755 'nginx/.old' +maybe chmod 0755 'nginx/.old/sites-available.bak' +maybe chmod 0755 'nginx/.old/sites-enabled.bak' maybe chmod 0755 'nginx/conf-available' maybe chmod 0644 'nginx/conf-available/0-general.conf' maybe chmod 0644 'nginx/conf-available/cache.conf' @@ -761,16 +800,12 @@ maybe chown 'www-data' 'nginx/netdata.users' maybe chgrp 'www-data' 'nginx/netdata.users' maybe chmod 0400 'nginx/netdata.users' maybe chmod 0644 'nginx/nginx.conf' -maybe chmod 0644 'nginx/nginx.conf.2021.04.08.22.02.11' maybe chmod 0644 'nginx/proxy_params' maybe chmod 0644 'nginx/scgi_params' maybe chmod 0755 'nginx/sites-available' -maybe chmod 0755 'nginx/sites-available.bak' -maybe chmod 0644 'nginx/sites-available.bak/default' maybe chmod 0644 'nginx/sites-available/00-default-ssl.conf' maybe chmod 0644 'nginx/sites-available/00-default.conf' maybe chmod 0755 'nginx/sites-enabled' -maybe chmod 0755 'nginx/sites-enabled.bak' maybe chmod 0755 'nginx/snippets' maybe chmod 0644 'nginx/snippets/fastcgi-php.conf' maybe chmod 0644 'nginx/snippets/snakeoil.conf' @@ -874,6 +909,7 @@ maybe chmod 0644 'php/7.3/mods-available/xmlwriter.ini' maybe chmod 0644 'php/7.3/mods-available/xsl.ini' maybe chmod 0644 'php/7.3/mods-available/zip.ini' maybe chmod 0755 'postfix' +maybe chmod 0755 'postfix/.old' maybe chmod 0644 'postfix/aliases' maybe chmod 0644 'postfix/aliases.db' maybe chgrp 'postfix' 'postfix/body_checks.pcre' @@ -887,13 +923,10 @@ maybe chgrp 'postfix' 'postfix/header_checks' maybe chmod 0640 'postfix/header_checks' maybe chgrp 'postfix' 'postfix/helo_access.pcre' maybe chmod 0640 'postfix/helo_access.pcre' -maybe chmod 0640 'postfix/helo_access.pcre.2021.04.08.22.02.11' maybe chmod 0644 'postfix/main.cf' -maybe chmod 0644 'postfix/main.cf.2021.04.08.22.02.11' maybe chmod 0644 'postfix/main.cf.initial' maybe chmod 0644 'postfix/main.cf.proto' maybe chmod 0644 'postfix/master.cf' -maybe chmod 0644 'postfix/master.cf.2021.04.08.22.02.11' maybe chmod 0644 'postfix/master.cf.initial' maybe chmod 0644 'postfix/master.cf.proto' maybe chmod 0755 'postfix/mysql' @@ -1073,14 +1106,14 @@ maybe chmod 0644 'ssh/sshd_config' maybe chmod 0755 'ssl' maybe chmod 0755 'ssl/certs' maybe chmod 0644 'ssl/certs/ca-certificates.crt' -maybe chmod 0644 'ssl/certs/iRedMail.crt' +maybe chmod 0644 'ssl/certs/iRedMail.crt.bak' maybe chmod 0644 'ssl/certs/ssl-cert-snakeoil.pem' maybe chmod 0644 'ssl/dh2048_param.pem' maybe chmod 0644 'ssl/dh512_param.pem' maybe chmod 0644 'ssl/openssl.cnf' maybe chgrp 'ssl-cert' 'ssl/private' maybe chmod 0710 'ssl/private' -maybe chmod 0644 'ssl/private/iRedMail.key' +maybe chmod 0644 'ssl/private/iRedMail.key.bak' maybe chgrp 'ssl-cert' 'ssl/private/ssl-cert-snakeoil.key' maybe chmod 0640 'ssl/private/ssl-cert-snakeoil.key' maybe chmod 0644 'subgid' diff --git a/cron.d/certbot b/cron.d/certbot index e38dbb9..f24dc1d 100644 --- a/cron.d/certbot +++ b/cron.d/certbot @@ -14,4 +14,4 @@ SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew +0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --post-hook /usr/local/sbin/restart_mailservices diff --git a/dovecot/dovecot.conf.2021.04.08.22.02.11 b/dovecot/dovecot.conf.2021.04.08.22.02.11 deleted file mode 100644 index c802011..0000000 --- a/dovecot/dovecot.conf.2021.04.08.22.02.11 +++ /dev/null @@ -1,102 +0,0 @@ -## Dovecot configuration file - -# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration - -# "doveconf -n" command gives a clean output of the changed settings. Use it -# instead of copy&pasting files when posting to the Dovecot mailing list. - -# '#' character and everything after it is treated as comments. Extra spaces -# and tabs are ignored. If you want to use either of these explicitly, put the -# value inside quotes, eg.: key = "# char and trailing whitespace " - -# Most (but not all) settings can be overridden by different protocols and/or -# source/destination IPs by placing the settings inside sections, for example: -# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { } - -# Default values are shown for each setting, it's not required to uncomment -# those. These are exceptions to this though: No sections (e.g. namespace {}) -# or plugin settings are added by default, they're listed only as examples. -# Paths are also just examples with the real defaults being based on configure -# options. The paths listed here are for configure --prefix=/usr -# --sysconfdir=/etc --localstatedir=/var - -# Enable installed protocols -!include_try /usr/share/dovecot/protocols.d/*.protocol - -# A comma separated list of IPs or hosts where to listen in for connections. -# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces. -# If you want to specify non-default ports or anything more complex, -# edit conf.d/master.conf. -#listen = *, :: - -# Base directory where to store runtime data. -#base_dir = /var/run/dovecot/ - -# Name of this instance. In multi-instance setup doveadm and other commands -# can use -i to select which instance is used (an alternative -# to -c ). The instance name is also added to Dovecot processes -# in ps output. -#instance_name = dovecot - -# Greeting message for clients. -#login_greeting = Dovecot ready. - -# Space separated list of trusted network ranges. Connections from these -# IPs are allowed to override their IP addresses and ports (for logging and -# for authentication checks). disable_plaintext_auth is also ignored for -# these networks. Typically you'd specify your IMAP proxy servers here. -#login_trusted_networks = - -# Space separated list of login access check sockets (e.g. tcpwrap) -#login_access_sockets = - -# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do -# proxying. This isn't necessary normally, but may be useful if the destination -# IP is e.g. a load balancer's IP. -#auth_proxy_self = - -# Show more verbose process titles (in ps). Currently shows user name and -# IP address. Useful for seeing who are actually using the IMAP processes -# (eg. shared mailboxes or if same uid is used for multiple accounts). -#verbose_proctitle = no - -# Should all processes be killed when Dovecot master process shuts down. -# Setting this to "no" means that Dovecot can be upgraded without -# forcing existing client connections to close (although that could also be -# a problem if the upgrade is e.g. because of a security fix). -#shutdown_clients = yes - -# If non-zero, run mail commands via this many connections to doveadm server, -# instead of running them directly in the same process. -#doveadm_worker_count = 0 -# UNIX socket or host:port used for connecting to doveadm server -#doveadm_socket_path = doveadm-server - -# Space separated list of environment variables that are preserved on Dovecot -# startup and passed down to all of its child processes. You can also give -# key=value pairs to always set specific settings. -#import_environment = TZ - -## -## Dictionary server settings -## - -# Dictionary can be used to store key=value lists. This is used by several -# plugins. The dictionary can be accessed either directly or though a -# dictionary server. The following dict block maps dictionary names to URIs -# when the server is used. These can then be referenced using URIs in format -# "proxy::". - -dict { - #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext - #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext -} - -# Most of the actual configuration gets included below. The filenames are -# first sorted by their ASCII value and parsed in that order. The 00-prefixes -# in filenames are intended to make it easier to understand the ordering. -!include conf.d/*.conf - -# A config file can also tried to be included without giving an error if -# it's not found: -!include_try local.conf diff --git a/iptables/rules.v4 b/iptables/rules.v4 index e9554ec..2d79e54 100644 --- a/iptables/rules.v4 +++ b/iptables/rules.v4 @@ -1,4 +1,4 @@ -# Generated by xtables-save v1.8.2 on Mon Apr 12 16:21:35 2021 +# Generated by xtables-save v1.8.2 on Tue Apr 13 10:07:12 2021 *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] @@ -7,7 +7,8 @@ :rejects - [0:0] :mysql - [0:0] :portrejects - [0:0] --A INPUT -j rejects +:drops - [0:0] +-A INPUT -j drops -A INPUT -m state --state ESTABLISHED -j ACCEPT -A INPUT -m state --state RELATED -j ACCEPT -A INPUT -i lo -m comment --comment myself -j ACCEPT @@ -27,6 +28,7 @@ -A INPUT -p tcp -m tcp --dport 25565 -m comment --comment Minecraft -j ACCEPT -A INPUT -p tcp -m tcp --dport 3306 -j mysql -A INPUT -p tcp -m tcp --dport 5665 -j icinga2 +-A INPUT -j rejects -A INPUT -j portrejects -A INPUT -j NFLOG --nflog-prefix "IPv4 INPUT Reject " --nflog-threshold 1 -A INPUT -j REJECT --reject-with icmp-port-unreachable @@ -54,5 +56,6 @@ -A portrejects -p tcp -m tcp --dport 2323 -j REJECT --reject-with icmp-port-unreachable -A portrejects -p tcp -m tcp --dport 3389 -j REJECT --reject-with icmp-port-unreachable -A portrejects -j RETURN +-A drops -j RETURN COMMIT -# Completed on Mon Apr 12 16:21:35 2021 +# Completed on Tue Apr 13 10:07:12 2021 diff --git a/iptables/rules.v6 b/iptables/rules.v6 index aad94c2..1e00b90 100644 --- a/iptables/rules.v6 +++ b/iptables/rules.v6 @@ -1,10 +1,14 @@ -# Generated by xtables-save v1.8.2 on Mon Apr 12 16:21:35 2021 +# Generated by xtables-save v1.8.2 on Tue Apr 13 10:07:12 2021 *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :mysql - [0:0] :icinga2 - [0:0] +:drops - [0:0] +:rejects - [0:0] +:portrejects - [0:0] +-A INPUT -j drops -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT -A INPUT -m conntrack --ctstate RELATED -j ACCEPT -A INPUT -p ipv6-icmp -j ACCEPT @@ -17,6 +21,8 @@ -A INPUT -p tcp -m tcp --dport 4190 -m comment --comment Sieve -j ACCEPT -A INPUT -p tcp -m tcp --dport 3306 -j mysql -A INPUT -p tcp -m tcp --dport 5665 -m comment --comment Icinga -j icinga2 +-A INPUT -j rejects +-A INPUT -j portrejects -A INPUT -j NFLOG --nflog-prefix "IPv6 INPUT Reject " --nflog-threshold 1 -A INPUT -j REJECT --reject-with icmp6-port-unreachable -A mysql -s ::1/128 -j ACCEPT @@ -28,5 +34,18 @@ -A icinga2 -s 2a06:2380:0:1::3a/128 -m comment --comment ns3 -j ACCEPT -A icinga2 -j NFLOG --nflog-prefix "IPv6 icinga2 Reject " --nflog-threshold 1 -A icinga2 -j REJECT --reject-with icmp6-port-unreachable +-A drops -j RETURN +-A rejects -j RETURN +-A portrejects -p tcp -m tcp --dport 23 -m comment --comment Telnet -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p udp -m udp --dport 137 -m comment --comment "Netbios NS" -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 137 -m comment --comment "Netbios NS" -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 445 -m comment --comment "Microsoft DS" -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 1433 -m comment --comment "MS SQL" -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p udp -m udp --dport 5060 -m comment --comment SIP -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 5060 -m comment --comment SIP -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 8080 -m comment --comment "HTTP alternativ" -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 1900 -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 2323 -j REJECT --reject-with icmp6-port-unreachable +-A portrejects -p tcp -m tcp --dport 3389 -j REJECT --reject-with icmp6-port-unreachable COMMIT -# Completed on Mon Apr 12 16:21:35 2021 +# Completed on Tue Apr 13 10:07:12 2021 diff --git a/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/meta.json b/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/meta.json new file mode 100644 index 0000000..f60432d --- /dev/null +++ b/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/meta.json @@ -0,0 +1 @@ +{"creation_dt": "2021-04-13T08:37:30Z", "creation_host": "helga.uhu-banane.de"} \ No newline at end of file diff --git a/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/private_key.json b/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/private_key.json new file mode 100644 index 0000000..f6f633d --- /dev/null +++ b/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/private_key.json @@ -0,0 +1 @@ +{"n": "wtKjwDBsKYyiv-fwdimyjQwvN_5yh3rMF6yTYdK-3MjJvmDp6w0mwNpAITSKHpN3ZVhMfhElmCyX4OUxaig0UOH9yARNjhK1008g0rtaE0uDEngXnD45Z1OD2G_VVo1jL6wvH1Mg94ZNW4l0TGWOmwLHwBDZCZIWFoKIbS8eh0GfiSVRxWKFj6S13Zk_kdbEn1eHjZPxnQ8pzP3dL4x_SmPo6N5Gf7T1p-_2ocb3v5cqDIrVCCHZ0FzABwQnsulQ7fSWR2ti7xOqFF5xFkFKNoTFxG1sS3dPl1i-OlNnioinRTSAghq0BYXOk6b77jz5vw2tAlA-ALO2JrwwM0SbEQ", "e": "AQAB", "d": "pE7SG_y6vDAH8qHCg2WXWK22BRtrrCc8iZrakd4TalFNFGrX3Y0x6eQnwdl1w2PLhoV5vbjoY_b4AIxLqKRPuwdd6Zr3baMKBjTuEcxAo5VD7geqofM4ppQg1iE7Y8vKoyIse9a4LwntpA3BL81XABTQMoQDB7dVOZbNSIg8zwRnRJsNWIOcXuDLKkLlThX-bXbtQLPAgBI5ziCRj6YoEvjoXzCvEC73ErvAilN2w-yV9PUL7afIPZdNrFLuyz0KlQvxkch5AIwwJWPQ4WtsJdzP9LslbG8gwdeRNVMoX3fX9O9t1triFTaPixjgBCIIkm67p1eLv5_OJ1RPWV6JgQ", "p": "8_TNLx-TVG3dJp5wz-ODA6omiSc4OMSmM5e0GCzn3BmtGoSP-nVda7gax_UdxN0teUX3WZB1kKmsbZ6GUaZUw0C9CWgJCMYGQciM6DFE7HjXlsBEfBVI9lv_B2W8kMdOT48fh0VuJCHuRbMqFrmQwxpc5zNn6SYzgSN7z7y0qJU", "q": "zHDfqqc2gqyhdaD8tzBeSwBuRFubtQxYidz6xhV3qACA4OGA4fQLi9sR5bBPhnEpumcAkAT59XXWGdkq0pyWhv9VYmuVb3-MIDh1Wsaxh7dWAf1T6POAXDEMVUixhx-QMoZcQD0diF3mu3JdM1PcqDo9eOUWaUYMr40m2nPnfY0", "dp": "KDabOABZddpiUQJfEDWtnAYJMiSP5POtfeWs3ytP0P0-hpeBcES2cJI5f-qMzK202D_LRS1F4-HENZGjDISBhmn-fzVx_8s8rs1TRNcSSHSm_QeWgmmzzEBf6qU_jxH7e6vZA6BTRot9Tmn5LyPJlA-dbtMPduRAKzJhL14o3X0", "dq": "Djvxpr0bs393gmwiDFMmzYwLIWFLdxCT_Y1QPIh0G1NlpcKtqY3HXAZ1uYtMDi1E3YCcbmqaSLfan1Qagi164Y1XkZGyBuBXjkrACQD6jVt7don_1KFXl5Omqy1zhtfwv0PRmntm2f7HuNdem9tD6sabTxaMN-ozqelnAiC9xmU", "qi": "IRIiT23pHJXqPqTD2H1ivanynhrHneRYUmjJV1k5AcxHYnajNb0qOY4iEVxwog-ozPxuvnKj9TlWRZqvp36EzYAOa0nTs89M62KXb71z-Zu9oOl33-3Xnr7WPYG3_FZHE89W8YEUqQ86Y6D00w8MOpV45_jKz64iiCe1MvBKSPc", "kty": "RSA"} \ No newline at end of file diff --git a/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/regr.json b/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/regr.json new file mode 100644 index 0000000..e05022c --- /dev/null +++ b/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/b1df8a0a7a88e01d424d4d08a2873646/regr.json @@ -0,0 +1 @@ +{"body": {}, "uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/19053712"} \ No newline at end of file diff --git a/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/meta.json b/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/meta.json new file mode 100644 index 0000000..5c93398 --- /dev/null +++ b/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/meta.json @@ -0,0 +1 @@ +{"creation_dt": "2021-04-13T08:44:23Z", "creation_host": "helga.uhu-banane.de"} \ No newline at end of file diff --git a/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/private_key.json b/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/private_key.json new file mode 100644 index 0000000..209aecb --- /dev/null +++ b/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/private_key.json @@ -0,0 +1 @@ +{"n": "52e3kuxgGV-HPcpfU8NayEwDg8_EGH-plTo8ORvOd9GHUoJCoyxqmQYNSa4fYvEV952LFCrG71Ubw4hOp6HS1XR_Cbm2v4bKBU9kWta8TVSLiELeXOtXsxth2MyzA9YVl0K8DybHvT4IIg8G7EUL5dPNkOqYQ8DeWy0pEjfPthJZTzjWaX9CAfFso1ij3NvOyX3bxOxFf8bi1Kp2lJzni4iymva1UI9JbYXsjVo68Hv7rGix5i8379kf-bZLtUvgTBJ21Ugo6z_5qt5IHQcqS4E8JR8ZdTCEKhWpdgdvYTxBTEYs4uS2B0Ahsseq9NBZCgreirpxbrgeIEV0jOGq0Q", "e": "AQAB", "d": "Qw40DPhANLoQ55_wFcbDVM1qK1UWfv7ndl3Eu8vJ_cCS1R74Dm69iRBO4234nGQ-OF3HwpVOxmXEQNoL6NmkzcQPWBMf2MpHWliSPRyCvmnkcRzncMelxzoFFZzjtxXfddCZzE4xjS4fjzcJi4fKldPVesvwSZnnFUa14xiXMSv84ZBNzE1ex3slthfjEZZzFdVuoa0aXm7H3bWh0oUV7Xf7_r6o6Q6Z1SxZXoeks6FkRRB5lfLVoCVyoSigjZUV6QAU1hBbBHW_IlK6vEFtwd4Pqf_mkzWMSvD5OrcK69sf9SQmamSQQnbeoyfD0zkhnagJzwltMBFmWMwn_qpHHQ", "p": "-0ZDw-_k9s2_xmOY9bp3tSU8kR-9zDIJSIpb7opmD19ZlPU_xlin5NtzjaIP2Sx0aH_cU-vnKpaLRk7VobANBYLFfyhII2tN2mbsuU9PuVMNzXxoScjktFYXedEatbCB4_erPCrq_DVhdvnT0luB-PY8loIivFYjEPrjrUdubN8", "q": "68HLJO89srSzT8Vot9VmPAMRHvtZh1DTV46rxBCJogrqmpWR8uUXoENtNKWxWl_-I-PQNBpU1kUAi4rU_omm0dyChqgr8D6ER0zehe8T2NSYq6fRGmQ-VqYvHdB2L8AKbNsfE_K_tlrkmMRFNkkWO6TC-pN5ftvp-9JMKL-CLk8", "dp": "gcerznKEBrkD-PqOETTLCUN_QdFsHSAmzVGw48aVqhDsWtREqTQ3GywBRcDTgK7GPQb1DF9GWSfCLYEgM8-TGiqNyPxMLgcJAemxEJEXMzfjZCOCVcGt5jqlC2Tl77uHiu_rgDsGfVcwzNuB_R8IRUcgyffS6wVuPSHoICJJtW8", "dq": "TiimT21dOAS-OaEJsYB270hZAbt0l-7M0gdDnLGa33TdCDiz9SHMLl6MMtsHrB2M5JsfKFbeb1ba8mgpauV5v7NqNnhEcNZZBkZOs3pqSwVYQ_hT03sOS622ixzUQcpZ6nLOn89njW4ewSK4i2G5lDZwSaBgtBT2Qn0asJuk7fM", "qi": "jmQrY0GfpNajOfnkGHhaVbF5bS9o8vHfo7I4DlefRQDLJmm2MuFES99Ux68zVuPL1APz2ARomC0k9TgRbWcNKnnh2VqVMZJgvAMcvtu7jYLzLRZn4UBO-ThXLgOoYc8K-TJzhM7ZdmQexDJsl53u7BmlYbdF3lTSggYOw9OLLrM", "kty": "RSA"} \ No newline at end of file diff --git a/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/regr.json b/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/regr.json new file mode 100644 index 0000000..66de1c0 --- /dev/null +++ b/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ea47d6e6656dd977c998af55bc578517/regr.json @@ -0,0 +1 @@ +{"body": {}, "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/119078474"} \ No newline at end of file diff --git a/letsencrypt/archive/mail.uhu-banane.eu/cert1.pem b/letsencrypt/archive/mail.uhu-banane.eu/cert1.pem new file mode 100644 index 0000000..04d5a48 --- /dev/null +++ b/letsencrypt/archive/mail.uhu-banane.eu/cert1.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFsjCCBJqgAwIBAgISA/zzBuIMc+4ZPqoZzATOa6v+MA0GCSqGSIb3DQEBCwUA +MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD +EwJSMzAeFw0yMTA0MTMwNzQ0MzdaFw0yMTA3MTIwNzQ0MzdaMB0xGzAZBgNVBAMT +Em1haWwudWh1LWJhbmFuZS5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMB2KiReJonVDG/9o14AZlb7grk6W2CEhEsXtugWJeW5Xhgav6kISct4by7k +VrCIZcsrQsnzYgY8etUyZUXKVRnXYbCUUYxRiJ0co7WpJBzFRnsOVNgyIKK+c9vs +mTcLbFcJnEun6JbnsH2OS16OIIG8BhYvAImvemBI0hKQjjUw6Hh7wx9JzRmHmr7g +VM2IkvKmh+6VDh3t6q+Wj3gKj6MCwcMcc/FTAg+DKTidTjJYkfFz6NRYl2rdesUy +9+2zwUlP5ha8PLJlrOz8e8ZlkZ5zG+NxlH9POdFOOV68Yk40F7XTjRF44xzzh1Ol +s0XHIqX3xn3RM7SQ3FvRb4xvaqkCAwEAAaOCAtUwggLRMA4GA1UdDwEB/wQEAwIF +oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd +BgNVHQ4EFgQU2osG5FjJKoviwjuBupWLtFd9C/IwHwYDVR0jBBgwFoAUFC6zF7dY +VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw +Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy +Lm9yZy8wgaQGA1UdEQSBnDCBmYIVaGVsZ2EuYnJlaG0tYmVybGluLmRlghZoZWxn +YS5icmVobS1vbmxpbmUuY29tghNoZWxnYS51aHUtYmFuYW5lLmRlghNoZWxnYS51 +aHUtYmFuYW5lLmV1ghRoZWxnYS51aHUtYmFuYW5lLm5ldIIUbWFpbC5icmVobS1i +ZXJsaW4uZGWCEm1haWwudWh1LWJhbmFuZS5ldTBMBgNVHSAERTBDMAgGBmeBDAEC +ATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl +bmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AG9Tdqwx8DEZ2JkA +pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABeMpnaDAAAAQDAEcwRQIhAKpBQ7DxLMyx +4aBKUjku9Xjv0wza3hnxsHO9pFIFnqTMAiB8qxCkt9uquu/ibXt45Q4+uhN1RpHs +vV1AgFVV2PFcSQB2AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAAB +eMpnaNYAAAQDAEcwRQIhAJmUi8IJFBFJalM9KJaFPOi7AHGo7FbaS5HaCwMAeCmc +AiAo7ps4lBywOHRYwxDeRa73u/xhDiqNAgJ7BZye9snctTANBgkqhkiG9w0BAQsF +AAOCAQEAca/zdei31sB4k8tyTnrbVCJEi0hatHstpltlUFU7FQSe3WVDrbJjvi+d +2jamFjd62BUChyNt09JpTjRmXKj5atVGgoaGXtB+RkIjD5YxYPPPAUYCoTH68EN+ +LzI2voE1epC6pIL6FXIkDYJUP3zP3l2laks51ADHpUT3JoZb+DTOLA4w5FR86Vy5 +QR8CU4CNKxvlYL5f6wRxsFKGqlolmcjdneB9Ieyxh8V3bCP19k45YQjRXUOXqWrq +K+NsF+nHwy7DNJFnOp0HNMzOhKKfKNDMhTgrwy76BbzAubUtLw6oizLZZsaNH3Ih +4zYEv2Ozz+On6VP0hQ0f155FO8We1Q== +-----END CERTIFICATE----- diff --git a/letsencrypt/archive/mail.uhu-banane.eu/chain1.pem b/letsencrypt/archive/mail.uhu-banane.eu/chain1.pem new file mode 100644 index 0000000..1d82449 --- /dev/null +++ b/letsencrypt/archive/mail.uhu-banane.eu/chain1.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow +MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT +AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs +jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp +Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB +U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7 +gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel +/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R +oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E +BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p +ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE +p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE +AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu +Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0 +LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf +r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH +ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8 +S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL +qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p +O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw +UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg== +-----END CERTIFICATE----- diff --git a/letsencrypt/archive/mail.uhu-banane.eu/fullchain1.pem b/letsencrypt/archive/mail.uhu-banane.eu/fullchain1.pem new file mode 100644 index 0000000..3419bf2 --- /dev/null +++ b/letsencrypt/archive/mail.uhu-banane.eu/fullchain1.pem @@ -0,0 +1,59 @@ +-----BEGIN CERTIFICATE----- +MIIFsjCCBJqgAwIBAgISA/zzBuIMc+4ZPqoZzATOa6v+MA0GCSqGSIb3DQEBCwUA +MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD +EwJSMzAeFw0yMTA0MTMwNzQ0MzdaFw0yMTA3MTIwNzQ0MzdaMB0xGzAZBgNVBAMT +Em1haWwudWh1LWJhbmFuZS5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMB2KiReJonVDG/9o14AZlb7grk6W2CEhEsXtugWJeW5Xhgav6kISct4by7k +VrCIZcsrQsnzYgY8etUyZUXKVRnXYbCUUYxRiJ0co7WpJBzFRnsOVNgyIKK+c9vs +mTcLbFcJnEun6JbnsH2OS16OIIG8BhYvAImvemBI0hKQjjUw6Hh7wx9JzRmHmr7g +VM2IkvKmh+6VDh3t6q+Wj3gKj6MCwcMcc/FTAg+DKTidTjJYkfFz6NRYl2rdesUy +9+2zwUlP5ha8PLJlrOz8e8ZlkZ5zG+NxlH9POdFOOV68Yk40F7XTjRF44xzzh1Ol +s0XHIqX3xn3RM7SQ3FvRb4xvaqkCAwEAAaOCAtUwggLRMA4GA1UdDwEB/wQEAwIF +oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd +BgNVHQ4EFgQU2osG5FjJKoviwjuBupWLtFd9C/IwHwYDVR0jBBgwFoAUFC6zF7dY +VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw +Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy +Lm9yZy8wgaQGA1UdEQSBnDCBmYIVaGVsZ2EuYnJlaG0tYmVybGluLmRlghZoZWxn +YS5icmVobS1vbmxpbmUuY29tghNoZWxnYS51aHUtYmFuYW5lLmRlghNoZWxnYS51 +aHUtYmFuYW5lLmV1ghRoZWxnYS51aHUtYmFuYW5lLm5ldIIUbWFpbC5icmVobS1i +ZXJsaW4uZGWCEm1haWwudWh1LWJhbmFuZS5ldTBMBgNVHSAERTBDMAgGBmeBDAEC +ATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl +bmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AG9Tdqwx8DEZ2JkA +pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABeMpnaDAAAAQDAEcwRQIhAKpBQ7DxLMyx +4aBKUjku9Xjv0wza3hnxsHO9pFIFnqTMAiB8qxCkt9uquu/ibXt45Q4+uhN1RpHs +vV1AgFVV2PFcSQB2AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAAB +eMpnaNYAAAQDAEcwRQIhAJmUi8IJFBFJalM9KJaFPOi7AHGo7FbaS5HaCwMAeCmc +AiAo7ps4lBywOHRYwxDeRa73u/xhDiqNAgJ7BZye9snctTANBgkqhkiG9w0BAQsF +AAOCAQEAca/zdei31sB4k8tyTnrbVCJEi0hatHstpltlUFU7FQSe3WVDrbJjvi+d +2jamFjd62BUChyNt09JpTjRmXKj5atVGgoaGXtB+RkIjD5YxYPPPAUYCoTH68EN+ +LzI2voE1epC6pIL6FXIkDYJUP3zP3l2laks51ADHpUT3JoZb+DTOLA4w5FR86Vy5 +QR8CU4CNKxvlYL5f6wRxsFKGqlolmcjdneB9Ieyxh8V3bCP19k45YQjRXUOXqWrq +K+NsF+nHwy7DNJFnOp0HNMzOhKKfKNDMhTgrwy76BbzAubUtLw6oizLZZsaNH3Ih +4zYEv2Ozz+On6VP0hQ0f155FO8We1Q== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow +MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT +AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs +jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp +Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB +U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7 +gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel +/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R +oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E +BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p +ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE +p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE +AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu +Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0 +LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf +r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH +ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8 +S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL +qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p +O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw +UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg== +-----END CERTIFICATE----- diff --git a/letsencrypt/archive/mail.uhu-banane.eu/privkey1.pem b/letsencrypt/archive/mail.uhu-banane.eu/privkey1.pem new file mode 100644 index 0000000..3ec969a --- /dev/null +++ b/letsencrypt/archive/mail.uhu-banane.eu/privkey1.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDAdiokXiaJ1Qxv +/aNeAGZW+4K5OltghIRLF7boFiXluV4YGr+pCEnLeG8u5FawiGXLK0LJ82IGPHrV +MmVFylUZ12GwlFGMUYidHKO1qSQcxUZ7DlTYMiCivnPb7Jk3C2xXCZxLp+iW57B9 +jktejiCBvAYWLwCJr3pgSNISkI41MOh4e8MfSc0Zh5q+4FTNiJLypofulQ4d7eqv +lo94Co+jAsHDHHPxUwIPgyk4nU4yWJHxc+jUWJdq3XrFMvfts8FJT+YWvDyyZazs +/HvGZZGecxvjcZR/TznRTjlevGJONBe1040ReOMc84dTpbNFxyKl98Z90TO0kNxb +0W+Mb2qpAgMBAAECggEAGdxG0VgtSXvtDedA2lKnbayh5g2nVZK4y/ZFx22ibfm4 +YPjHJAlPER3/oodf9px9QQ1xDf28ACaEQr1gyj3jrXM5Vya2xmn2N1Yv0SsHBS6k +x8gnMl2Z8QQyQSzLcZABYLiT3b6UDCLZniVOj0f9qjD/iF+MbPO9N87RG1l9IjxR +5+v8xEd/2BkmdRhouQDzN31OVLNWfu1vZj6yikKVUCqThJaQBg+d9NERw+tkUXQt +LHP5+/GmhK2aWtKMQ7clO5s3ofGp2VgDhXLYlMAIPeSJfIe0euwQDWAghxvyDMtd +eg4OMmX7EJWqW9UU87vXfOg4Dr0KOn02im7NwzAueQKBgQD+0BRZ/3alYxOGYANm +zStQT66z//z8RGadhljJHQKbQmhtxH+PczMSFYY6gF4bc5xcisle+QXGuWFbgsI1 +RxG0HN3FwW3NX74vFcw91y7x/oRzN/wh/cViQZG88cO/ap/bZ5yDpOgdJ0uQ9CUH +F1YOLterh9fenjeAcgEgrPof7wKBgQDBW7evWjEb+sy68NUzuyBhCDyOoFgi/nNo +Q8BW3oQZvbESJM9XmJcDF7ocN17DNCsCZF18xu0ccWidTKWyP0X8HbkGE8z1T7Fo +omJ51SXZiVm3dwm9FY16BuwqWeMIJrEut5ULnsuSFJEG5mijFmfqhebsa1TDDD+h +WGtPONMG5wKBgDKAkRgJPr2mtk7yppnwXf5L3KdGPCDPebsMznoFqueUsNfYkyOe +RGf4JiNgH8a3Ei1xQFn3ZwKs6TPW5aDjlgmpkvbH0Hhc2nfAjTtQc7h4pk2jsfAW +uNExh634CMDeZBJ7JZUd0Pc+O4beLJyMLn0fIZWYldtEZmGptrmALw63AoGAeRF/ +mukjNLy9shOXuzNg28C3gip95TNjeZZqeToMhr2SgKTRuqxNad9SZdZ5nEou3+mN +69H2p0ePVGaonUom/OxzbI27WKJUmAqNFHHUqDfrGAgN7fnvwsdQ2le74t+vM2w5 +g7QjDM2Z3TMps2wVFvBOnhu6UAJ8WP8u+cS/xWMCgYBQZXAgbmUQNG+0hO1iHSco +KDRpkaELj31W7U/tM2przAu3mKeCS3qi0jTFJzfE8V5X0gW9FDCAQczVIfk85Ze9 +F3mFCj6Tiua8fnlVOBjoB9C83W+gb9AoYtR1sjo49aRYvrVPQBS0+0fANJgmwxqG +1hPSQzYedLGPZn7ZHtNGbQ== +-----END PRIVATE KEY----- diff --git a/letsencrypt/csr/0000_csr-certbot.pem b/letsencrypt/csr/0000_csr-certbot.pem new file mode 100644 index 0000000..c22e5c7 --- /dev/null +++ b/letsencrypt/csr/0000_csr-certbot.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDATCCAekCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB2 +KiReJonVDG/9o14AZlb7grk6W2CEhEsXtugWJeW5Xhgav6kISct4by7kVrCIZcsr +QsnzYgY8etUyZUXKVRnXYbCUUYxRiJ0co7WpJBzFRnsOVNgyIKK+c9vsmTcLbFcJ +nEun6JbnsH2OS16OIIG8BhYvAImvemBI0hKQjjUw6Hh7wx9JzRmHmr7gVM2IkvKm +h+6VDh3t6q+Wj3gKj6MCwcMcc/FTAg+DKTidTjJYkfFz6NRYl2rdesUy9+2zwUlP +5ha8PLJlrOz8e8ZlkZ5zG+NxlH9POdFOOV68Yk40F7XTjRF44xzzh1Ols0XHIqX3 +xn3RM7SQ3FvRb4xvaqkCAwEAAaCBuzCBuAYJKoZIhvcNAQkOMYGqMIGnMIGkBgNV +HREEgZwwgZmCEm1haWwudWh1LWJhbmFuZS5ldYIUbWFpbC5icmVobS1iZXJsaW4u +ZGWCFGhlbGdhLnVodS1iYW5hbmUubmV0ghNoZWxnYS51aHUtYmFuYW5lLmV1ghNo +ZWxnYS51aHUtYmFuYW5lLmRlghZoZWxnYS5icmVobS1vbmxpbmUuY29tghVoZWxn +YS5icmVobS1iZXJsaW4uZGUwDQYJKoZIhvcNAQELBQADggEBAAuBMUthes6+XZLF +fULcPJVTDosbqWJcaTto7jzoLEh3/QPAVjlHV1gCf+US7fDwFELLJUO9r66VqASa +tD6rlu+Yc7/DndwFfGBNtBtX5TdUqoKWJSBg1ckSE0fSOE9Mr9WajPWWwXhMvN7A +DRZUILC0W3BFPXArbRSRdcv3UQ129SE0LL1ozAzhSTV6jbQ6bJ8L6dTtPoq7elNW +FjQOuvVzSGByvzX2cwwYioiF+lcHqS5D/EQLlZVIC89NZ/GbTZQDkZ28PY7iXuFI +L96/aFhuW33blUXsAjphFPtl4xeYDVK0X02aX/tncr5XWMMzyrFAHFz1Kolz7e23 +75hL18k= +-----END CERTIFICATE REQUEST----- diff --git a/letsencrypt/keys/0000_key-certbot.pem b/letsencrypt/keys/0000_key-certbot.pem new file mode 100644 index 0000000..3ec969a --- /dev/null +++ b/letsencrypt/keys/0000_key-certbot.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDAdiokXiaJ1Qxv +/aNeAGZW+4K5OltghIRLF7boFiXluV4YGr+pCEnLeG8u5FawiGXLK0LJ82IGPHrV +MmVFylUZ12GwlFGMUYidHKO1qSQcxUZ7DlTYMiCivnPb7Jk3C2xXCZxLp+iW57B9 +jktejiCBvAYWLwCJr3pgSNISkI41MOh4e8MfSc0Zh5q+4FTNiJLypofulQ4d7eqv +lo94Co+jAsHDHHPxUwIPgyk4nU4yWJHxc+jUWJdq3XrFMvfts8FJT+YWvDyyZazs +/HvGZZGecxvjcZR/TznRTjlevGJONBe1040ReOMc84dTpbNFxyKl98Z90TO0kNxb +0W+Mb2qpAgMBAAECggEAGdxG0VgtSXvtDedA2lKnbayh5g2nVZK4y/ZFx22ibfm4 +YPjHJAlPER3/oodf9px9QQ1xDf28ACaEQr1gyj3jrXM5Vya2xmn2N1Yv0SsHBS6k +x8gnMl2Z8QQyQSzLcZABYLiT3b6UDCLZniVOj0f9qjD/iF+MbPO9N87RG1l9IjxR +5+v8xEd/2BkmdRhouQDzN31OVLNWfu1vZj6yikKVUCqThJaQBg+d9NERw+tkUXQt +LHP5+/GmhK2aWtKMQ7clO5s3ofGp2VgDhXLYlMAIPeSJfIe0euwQDWAghxvyDMtd +eg4OMmX7EJWqW9UU87vXfOg4Dr0KOn02im7NwzAueQKBgQD+0BRZ/3alYxOGYANm +zStQT66z//z8RGadhljJHQKbQmhtxH+PczMSFYY6gF4bc5xcisle+QXGuWFbgsI1 +RxG0HN3FwW3NX74vFcw91y7x/oRzN/wh/cViQZG88cO/ap/bZ5yDpOgdJ0uQ9CUH +F1YOLterh9fenjeAcgEgrPof7wKBgQDBW7evWjEb+sy68NUzuyBhCDyOoFgi/nNo +Q8BW3oQZvbESJM9XmJcDF7ocN17DNCsCZF18xu0ccWidTKWyP0X8HbkGE8z1T7Fo +omJ51SXZiVm3dwm9FY16BuwqWeMIJrEut5ULnsuSFJEG5mijFmfqhebsa1TDDD+h +WGtPONMG5wKBgDKAkRgJPr2mtk7yppnwXf5L3KdGPCDPebsMznoFqueUsNfYkyOe +RGf4JiNgH8a3Ei1xQFn3ZwKs6TPW5aDjlgmpkvbH0Hhc2nfAjTtQc7h4pk2jsfAW +uNExh634CMDeZBJ7JZUd0Pc+O4beLJyMLn0fIZWYldtEZmGptrmALw63AoGAeRF/ +mukjNLy9shOXuzNg28C3gip95TNjeZZqeToMhr2SgKTRuqxNad9SZdZ5nEou3+mN +69H2p0ePVGaonUom/OxzbI27WKJUmAqNFHHUqDfrGAgN7fnvwsdQ2le74t+vM2w5 +g7QjDM2Z3TMps2wVFvBOnhu6UAJ8WP8u+cS/xWMCgYBQZXAgbmUQNG+0hO1iHSco +KDRpkaELj31W7U/tM2przAu3mKeCS3qi0jTFJzfE8V5X0gW9FDCAQczVIfk85Ze9 +F3mFCj6Tiua8fnlVOBjoB9C83W+gb9AoYtR1sjo49aRYvrVPQBS0+0fANJgmwxqG +1hPSQzYedLGPZn7ZHtNGbQ== +-----END PRIVATE KEY----- diff --git a/letsencrypt/live/README b/letsencrypt/live/README new file mode 100644 index 0000000..00b733c --- /dev/null +++ b/letsencrypt/live/README @@ -0,0 +1,14 @@ +This directory contains your keys and certificates. + +`[cert name]/privkey.pem` : the private key for your certificate. +`[cert name]/fullchain.pem`: the certificate file used in most server software. +`[cert name]/chain.pem` : used for OCSP stapling in Nginx >=1.3.7. +`[cert name]/cert.pem` : will break many server configurations, and should not be used + without reading further documentation (see link below). + +WARNING: DO NOT MOVE OR RENAME THESE FILES! + Certbot expects these files to remain in this location in order + to function properly! + +We recommend not moving these files. For more information, see the Certbot +User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates. diff --git a/letsencrypt/live/mail.uhu-banane.eu/README b/letsencrypt/live/mail.uhu-banane.eu/README new file mode 100644 index 0000000..5050078 --- /dev/null +++ b/letsencrypt/live/mail.uhu-banane.eu/README @@ -0,0 +1,14 @@ +This directory contains your keys and certificates. + +`privkey.pem` : the private key for your certificate. +`fullchain.pem`: the certificate file used in most server software. +`chain.pem` : used for OCSP stapling in Nginx >=1.3.7. +`cert.pem` : will break many server configurations, and should not be used + without reading further documentation (see link below). + +WARNING: DO NOT MOVE OR RENAME THESE FILES! + Certbot expects these files to remain in this location in order + to function properly! + +We recommend not moving these files. For more information, see the Certbot +User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates. diff --git a/letsencrypt/live/mail.uhu-banane.eu/cert.pem b/letsencrypt/live/mail.uhu-banane.eu/cert.pem new file mode 120000 index 0000000..6a39839 --- /dev/null +++ b/letsencrypt/live/mail.uhu-banane.eu/cert.pem @@ -0,0 +1 @@ +../../archive/mail.uhu-banane.eu/cert1.pem \ No newline at end of file diff --git a/letsencrypt/live/mail.uhu-banane.eu/chain.pem b/letsencrypt/live/mail.uhu-banane.eu/chain.pem new file mode 120000 index 0000000..5b7442c --- /dev/null +++ b/letsencrypt/live/mail.uhu-banane.eu/chain.pem @@ -0,0 +1 @@ +../../archive/mail.uhu-banane.eu/chain1.pem \ No newline at end of file diff --git a/letsencrypt/live/mail.uhu-banane.eu/fullchain.pem b/letsencrypt/live/mail.uhu-banane.eu/fullchain.pem new file mode 120000 index 0000000..3cb320a --- /dev/null +++ b/letsencrypt/live/mail.uhu-banane.eu/fullchain.pem @@ -0,0 +1 @@ +../../archive/mail.uhu-banane.eu/fullchain1.pem \ No newline at end of file diff --git a/letsencrypt/live/mail.uhu-banane.eu/privkey.pem b/letsencrypt/live/mail.uhu-banane.eu/privkey.pem new file mode 120000 index 0000000..b66051b --- /dev/null +++ b/letsencrypt/live/mail.uhu-banane.eu/privkey.pem @@ -0,0 +1 @@ +../../archive/mail.uhu-banane.eu/privkey1.pem \ No newline at end of file diff --git a/letsencrypt/renewal/mail.uhu-banane.eu.conf b/letsencrypt/renewal/mail.uhu-banane.eu.conf new file mode 100644 index 0000000..6b93ffd --- /dev/null +++ b/letsencrypt/renewal/mail.uhu-banane.eu.conf @@ -0,0 +1,22 @@ +# renew_before_expiry = 30 days +version = 0.31.0 +archive_dir = /etc/letsencrypt/archive/mail.uhu-banane.eu +cert = /etc/letsencrypt/live/mail.uhu-banane.eu/cert.pem +privkey = /etc/letsencrypt/live/mail.uhu-banane.eu/privkey.pem +chain = /etc/letsencrypt/live/mail.uhu-banane.eu/chain.pem +fullchain = /etc/letsencrypt/live/mail.uhu-banane.eu/fullchain.pem + +# Options used in the renewal process +[renewalparams] +account = ea47d6e6656dd977c998af55bc578517 +authenticator = webroot +webroot_path = /var/www/html, +server = https://acme-v02.api.letsencrypt.org/directory +[[webroot_map]] +helga.brehm-berlin.de = /var/www/html +helga.brehm-online.com = /var/www/html +helga.uhu-banane.de = /var/www/html +helga.uhu-banane.eu = /var/www/html +helga.uhu-banane.net = /var/www/html +mail.brehm-berlin.de = /var/www/html +mail.uhu-banane.eu = /var/www/html diff --git a/motd b/motd index bad1628..cfb40bb 100644 --- a/motd +++ b/motd @@ -6,8 +6,8 @@ Debian GNU/Linux 10 (buster) |_| |_|\___|_|\__, |\__,_| |___/ -25 Jahre alt und schon keine Ziele mehr. - -- Mehmet Scholl (nach dem gewonnen EM-Finale 1996) +Unglück wird zu Glück, indem man es bejaht. + -- Hermann Hesse Today is Pungenday, the 30th day of Discord in the YOLD 3187 diff --git a/mysql/mariadb.conf.d/50-server.cnf b/mysql/mariadb.conf.d/50-server.cnf index e7e88ef..e830846 100644 --- a/mysql/mariadb.conf.d/50-server.cnf +++ b/mysql/mariadb.conf.d/50-server.cnf @@ -88,6 +88,10 @@ expire_logs_days = 10 #ssl-ca = /etc/mysql/cacert.pem #ssl-cert = /etc/mysql/server-cert.pem #ssl-key = /etc/mysql/server-key.pem +ssl-ca = /etc/ssl/certs/iRedMail.crt +ssl-cert = /etc/ssl/certs/iRedMail.crt +ssl-key = /etc/ssl/private/iRedMail.key + # # Accept only connections using the latest and most secure TLS protocol version. # ..when MariaDB is compiled with OpenSSL: diff --git a/nginx/nginx.conf.2021.04.08.22.02.11 b/nginx/nginx.conf.2021.04.08.22.02.11 deleted file mode 100644 index 132f680..0000000 --- a/nginx/nginx.conf.2021.04.08.22.02.11 +++ /dev/null @@ -1,85 +0,0 @@ -user www-data; -worker_processes auto; -pid /run/nginx.pid; -include /etc/nginx/modules-enabled/*.conf; - -events { - worker_connections 768; - # multi_accept on; -} - -http { - - ## - # Basic Settings - ## - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - # server_tokens off; - - # server_names_hash_bucket_size 64; - # server_name_in_redirect off; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # SSL Settings - ## - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE - ssl_prefer_server_ciphers on; - - ## - # Logging Settings - ## - - access_log /var/log/nginx/access.log; - error_log /var/log/nginx/error.log; - - ## - # Gzip Settings - ## - - gzip on; - - # gzip_vary on; - # gzip_proxied any; - # gzip_comp_level 6; - # gzip_buffers 16 8k; - # gzip_http_version 1.1; - # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - - ## - # Virtual Host Configs - ## - - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; -} - - -#mail { -# # See sample authentication script at: -# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript -# -# # auth_http localhost/auth.php; -# # pop3_capabilities "TOP" "USER"; -# # imap_capabilities "IMAP4rev1" "UIDPLUS"; -# -# server { -# listen localhost:110; -# protocol pop3; -# proxy on; -# } -# -# server { -# listen localhost:143; -# protocol imap; -# proxy on; -# } -#} diff --git a/nginx/sites-available.bak/default b/nginx/sites-available.bak/default deleted file mode 100644 index f5c5e1b..0000000 --- a/nginx/sites-available.bak/default +++ /dev/null @@ -1,91 +0,0 @@ -## -# You should look at the following URL's in order to grasp a solid understanding -# of Nginx configuration files in order to fully unleash the power of Nginx. -# https://www.nginx.com/resources/wiki/start/ -# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ -# https://wiki.debian.org/Nginx/DirectoryStructure -# -# In most cases, administrators will remove this file from sites-enabled/ and -# leave it as reference inside of sites-available where it will continue to be -# updated by the nginx packaging team. -# -# This file will automatically load configuration files provided by other -# applications, such as Drupal or Wordpress. These applications will be made -# available underneath a path with that package name, such as /drupal8. -# -# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. -## - -# Default server configuration -# -server { - listen 80 default_server; - listen [::]:80 default_server; - - # SSL configuration - # - # listen 443 ssl default_server; - # listen [::]:443 ssl default_server; - # - # Note: You should disable gzip for SSL traffic. - # See: https://bugs.debian.org/773332 - # - # Read up on ssl_ciphers to ensure a secure configuration. - # See: https://bugs.debian.org/765782 - # - # Self signed certs generated by the ssl-cert package - # Don't use them in a production server! - # - # include snippets/snakeoil.conf; - - root /var/www/html; - - # Add index.php to the list if you are using PHP - index index.html index.htm index.nginx-debian.html; - - server_name _; - - location / { - # First attempt to serve request as file, then - # as directory, then fall back to displaying a 404. - try_files $uri $uri/ =404; - } - - # pass PHP scripts to FastCGI server - # - #location ~ \.php$ { - # include snippets/fastcgi-php.conf; - # - # # With php-fpm (or other unix sockets): - # fastcgi_pass unix:/run/php/php7.3-fpm.sock; - # # With php-cgi (or other tcp sockets): - # fastcgi_pass 127.0.0.1:9000; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -} - - -# Virtual Host configuration for example.com -# -# You can move that to a different file under sites-available/ and symlink that -# to sites-enabled/ to enable it. -# -#server { -# listen 80; -# listen [::]:80; -# -# server_name example.com; -# -# root /var/www/example.com; -# index index.html; -# -# location / { -# try_files $uri $uri/ =404; -# } -#} diff --git a/nginx/sites-enabled.bak/default b/nginx/sites-enabled.bak/default deleted file mode 120000 index ad35b83..0000000 --- a/nginx/sites-enabled.bak/default +++ /dev/null @@ -1 +0,0 @@ -/etc/nginx/sites-available/default \ No newline at end of file diff --git a/postfix/aliases b/postfix/aliases index 5947f3b..523c9a2 100644 --- a/postfix/aliases +++ b/postfix/aliases @@ -1,10 +1,44 @@ # See man 5 aliases for format -postmaster: root -#clamav: root -nobody: root -vmail: root -root: postmaster@brehm-berlin.de -www-data: root -clamav: root -amavis: root -iredapd: root + +adm: root +amavis: postmaster +apache: webmaster +apt: frank +bind: hostmaster +clamav: root +daemon: root +fail2ban: root +f-brehm: frank +f.brehm: frank +fbr: frank +fbrehm: frank +frak: frank +frank-brehm: frank +frank.brehm: frank +frank: frank@brehm-online.com +hostmaster: root +iredapd: root +mail: postmaster +mailer-daemon: postmaster +me: frank +nagios: root +named: hostmaster +news: root +nginx: webmaster +nobody: noreply +noreply: /dev/null +package: frank +packages: frank +portage: frank +postfix: postmaster +postmaster: frank@brehm-online.com +root: frank +security: root +usenet: news +uucp: root +virusalert: root +vmail: root +webmaster: root +www: webmaster +www-data: webmaster + diff --git a/postfix/aliases.db b/postfix/aliases.db index a06b976..bd04359 100644 Binary files a/postfix/aliases.db and b/postfix/aliases.db differ diff --git a/postfix/helo_access.pcre.2021.04.08.22.02.11 b/postfix/helo_access.pcre.2021.04.08.22.02.11 deleted file mode 100644 index e69de29..0000000 diff --git a/postfix/main.cf b/postfix/main.cf index dd0798a..a1f2119 100644 --- a/postfix/main.cf +++ b/postfix/main.cf @@ -235,9 +235,9 @@ virtual_alias_domains = #smtpd_tls_auth_only = yes # hostname -myhostname = helga.uhu-banane.de -myorigin = helga.uhu-banane.de -mydomain = helga.uhu-banane.de +myhostname = mail.brehm-berlin.de +myorigin = mail.brehm-berlin.de +mydomain = brehm-berlin.de # trusted SMTP clients which are allowed to relay mail through Postfix. # @@ -247,16 +247,16 @@ mydomain = helga.uhu-banane.de # # MYNETWORKS = ['xx.xx.xx.xx', 'xx.xx.xx.0/24', ...] # -mynetworks = 127.0.0.1 [::1] +mynetworks = 127.0.0.1, [::1], 188.34.187.246, [2a01:4f8:c010:80ee::]/64, [fe80::9400:ff:fea8:762] # Accepted local emails -mydestination = $myhostname, localhost, localhost.localdomain +mydestination = $myhostname, helga, helga.uhu-banane.de, helga.$mydomain, localhost, localhost.localdomain alias_maps = hash:/etc/postfix/aliases alias_database = hash:/etc/postfix/aliases # Default message_size_limit. -message_size_limit = 15728640 +message_size_limit = 52428800 # The set of characters that can separate a user name from its extension # (example: user+foo), or a .forward file name from its extension (example: @@ -315,9 +315,9 @@ recipient_bcc_maps = # # Postscreen # -postscreen_greet_action = drop -postscreen_blacklist_action = drop -postscreen_dnsbl_action = drop +postscreen_greet_action = enforce +postscreen_blacklist_action = enforce +postscreen_dnsbl_action = enforce postscreen_dnsbl_threshold = 2 # Attention: @@ -337,7 +337,7 @@ postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*2 postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply -postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access.cidr +postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr # Require Postfix-2.11+ postscreen_dnsbl_whitelist_threshold = -2 @@ -362,3 +362,8 @@ content_filter = smtp-amavis:[127.0.0.1]:10024 # Concurrency per recipient limit. smtp-amavis_destination_recipient_limit = 1 + +# Frank Brehm spezial +smtpd_banner = $myhostname ESMTP $mail_name $mail_version +smtpd_sasl_authenticated_header = yes +smtpd_tls_received_header = yes diff --git a/postfix/main.cf.2021.04.08.22.02.11 b/postfix/main.cf.2021.04.08.22.02.11 deleted file mode 100644 index 8623373..0000000 --- a/postfix/main.cf.2021.04.08.22.02.11 +++ /dev/null @@ -1,48 +0,0 @@ -# See /usr/share/postfix/main.cf.dist for a commented, more complete version - - -# Debian specific: Specifying a file name will cause the first -# line of that file to be used as the name. The Debian default -# is /etc/mailname. -#myorigin = /etc/mailname - -smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) -biff = no - -# appending .domain is the MUA's job. -append_dot_mydomain = no - -# Uncomment the next line to generate "delayed mail" warnings -#delay_warning_time = 4h - -readme_directory = no - -# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on -# fresh installs. -compatibility_level = 2 - - - -# TLS parameters -smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key -smtpd_use_tls=yes -smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache -smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache - -# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for -# information on enabling SSL in the smtp client. - -smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination -myhostname = helga.uhu-banane.de -alias_maps = hash:/etc/aliases -alias_database = hash:/etc/aliases -myorigin = /etc/mailname -mydestination = $myhostname, helga.uhu-banane.de, localhost.uhu-banane.de, , localhost -relayhost = -mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 -mailbox_command = procmail -a "$EXTENSION" -mailbox_size_limit = 0 -recipient_delimiter = + -inet_interfaces = all -inet_protocols = all diff --git a/postfix/master.cf.2021.04.08.22.02.11 b/postfix/master.cf.2021.04.08.22.02.11 deleted file mode 100644 index ea53632..0000000 --- a/postfix/master.cf.2021.04.08.22.02.11 +++ /dev/null @@ -1,127 +0,0 @@ -# -# Postfix master process configuration file. For details on the format -# of the file, see the master(5) manual page (command: "man 5 master" or -# on-line: http://www.postfix.org/master.5.html). -# -# Do not forget to execute "postfix reload" after editing this file. -# -# ========================================================================== -# service type private unpriv chroot wakeup maxproc command + args -# (yes) (yes) (no) (never) (100) -# ========================================================================== -smtp inet n - y - - smtpd -#smtp inet n - y - 1 postscreen -#smtpd pass - - y - - smtpd -#dnsblog unix - - y - 0 dnsblog -#tlsproxy unix - - y - 0 tlsproxy -#submission inet n - y - - smtpd -# -o syslog_name=postfix/submission -# -o smtpd_tls_security_level=encrypt -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_tls_auth_only=yes -# -o smtpd_reject_unlisted_recipient=no -# -o smtpd_client_restrictions=$mua_client_restrictions -# -o smtpd_helo_restrictions=$mua_helo_restrictions -# -o smtpd_sender_restrictions=$mua_sender_restrictions -# -o smtpd_recipient_restrictions= -# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING -#smtps inet n - y - - smtpd -# -o syslog_name=postfix/smtps -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_reject_unlisted_recipient=no -# -o smtpd_client_restrictions=$mua_client_restrictions -# -o smtpd_helo_restrictions=$mua_helo_restrictions -# -o smtpd_sender_restrictions=$mua_sender_restrictions -# -o smtpd_recipient_restrictions= -# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING -#628 inet n - y - - qmqpd -pickup unix n - y 60 1 pickup -cleanup unix n - y - 0 cleanup -qmgr unix n - n 300 1 qmgr -#qmgr unix n - n 300 1 oqmgr -tlsmgr unix - - y 1000? 1 tlsmgr -rewrite unix - - y - - trivial-rewrite -bounce unix - - y - 0 bounce -defer unix - - y - 0 bounce -trace unix - - y - 0 bounce -verify unix - - y - 1 verify -flush unix n - y 1000? 0 flush -proxymap unix - - n - - proxymap -proxywrite unix - - n - 1 proxymap -smtp unix - - y - - smtp -relay unix - - y - - smtp - -o syslog_name=postfix/$service_name -# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 -showq unix n - y - - showq -error unix - - y - - error -retry unix - - y - - error -discard unix - - y - - discard -local unix - n n - - local -virtual unix - n n - - virtual -lmtp unix - - y - - lmtp -anvil unix - - y - 1 anvil -scache unix - - y - 1 scache -postlog unix-dgram n - n - 1 postlogd -# -# ==================================================================== -# Interfaces to non-Postfix software. Be sure to examine the manual -# pages of the non-Postfix software to find out what options it wants. -# -# Many of the following services use the Postfix pipe(8) delivery -# agent. See the pipe(8) man page for information about ${recipient} -# and other message envelope options. -# ==================================================================== -# -# maildrop. See the Postfix MAILDROP_README file for details. -# Also specify in main.cf: maildrop_destination_recipient_limit=1 -# -maildrop unix - n n - - pipe - flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} -# -# ==================================================================== -# -# Recent Cyrus versions can use the existing "lmtp" master.cf entry. -# -# Specify in cyrus.conf: -# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 -# -# Specify in main.cf one or more of the following: -# mailbox_transport = lmtp:inet:localhost -# virtual_transport = lmtp:inet:localhost -# -# ==================================================================== -# -# Cyrus 2.1.5 (Amos Gouaux) -# Also specify in main.cf: cyrus_destination_recipient_limit=1 -# -#cyrus unix - n n - - pipe -# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} -# -# ==================================================================== -# Old example of delivery via Cyrus. -# -#old-cyrus unix - n n - - pipe -# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} -# -# ==================================================================== -# -# See the Postfix UUCP_README file for configuration details. -# -uucp unix - n n - - pipe - flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) -# -# Other external delivery methods. -# -ifmail unix - n n - - pipe - flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) -bsmtp unix - n n - - pipe - flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient -scalemail-backend unix - n n - 2 pipe - flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} -mailman unix - n n - - pipe - flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py - ${nexthop} ${user} - diff --git a/postfix/postscreen_access.cidr b/postfix/postscreen_access.cidr index 20b00cc..dec0340 100644 --- a/postfix/postscreen_access.cidr +++ b/postfix/postscreen_access.cidr @@ -3,4 +3,6 @@ #2.3.4.5 reject # Permit local clients -127.0.0.0/8 permit +127.0.0.0/8 permit +2a01:4f8:c010:80ee::/64 permit + diff --git a/ssl/certs/iRedMail.crt b/ssl/certs/iRedMail.crt deleted file mode 100644 index 46fd586..0000000 --- a/ssl/certs/iRedMail.crt +++ /dev/null @@ -1,36 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGLzCCBBegAwIBAgIUUDTsI1RzjR/xSTdy6Ynw0lEl1oUwDQYJKoZIhvcNAQEL -BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM -CFNoZW5aaGVuMRwwGgYDVQQKDBNoZWxnYS51aHUtYmFuYW5lLmRlMQswCQYDVQQL -DAJJVDEcMBoGA1UEAwwTaGVsZ2EudWh1LWJhbmFuZS5kZTEnMCUGCSqGSIb3DQEJ -ARYYcm9vdEBoZWxnYS51aHUtYmFuYW5lLmRlMB4XDTIxMDQwODIwMDIzMVoXDTMx -MDQwNjIwMDIzMVowgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx -ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNoZWxnYS51aHUtYmFuYW5lLmRl -MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTaGVsZ2EudWh1LWJhbmFuZS5kZTEnMCUG -CSqGSIb3DQEJARYYcm9vdEBoZWxnYS51aHUtYmFuYW5lLmRlMIICIjANBgkqhkiG -9w0BAQEFAAOCAg8AMIICCgKCAgEAyft3/rLPQDxUEZ8FrkmTqtLPssxy8p+hYh0G -P40UwB0s/B+gAU7t/Dut+i8Gl+sLdjb2hVus7j3Qq36vpe+pMyG3R3Cg5vhgQDAN -5nnUYxSLL3jo24dyYsGjpIaxBA0UpR0I1l6+vSH+Ogl3SOtvDJ7mJSD3btLDDAcl -MRhhVYFox45OQVbrz6waza7+mfBC6uRGWzwUi09Whn21GX7F5g6YrvLmcflDc2IO -mSwTmlG5V/pbTw6NtyqYEm7Dr179Uogd6gU92mQNA76kJi0I/MnAkwWNL//ASw3e -b7mkjgxUMgN/RFzpvLl4QJsoA7DEOTPF4yuqrHhnWSU8Ctztjfj6R8sPXfy5s5Ot -fZFZeGotFagTt7UmxUQHVb9MP0S+eSYAhLKz/8cH24OWzkeoyBeD8aXCUmsbDRdP -mOlLOpPFmSwzwsVcWHobf9dy7DuzfeTFIAIFWXH8yZEz1FeNncqiFSFILwlxDftY -hcJcVyPtHjjQOk8NMzxd/pPmgiJL5AIwHCLEmJWYHEASqEtCPUIPE3leSW++d6Rs -hEfPrKm3aN5NA6RBXVBePwkjhzQBPKUcu4RdoXY3RHriZ2DCXcCb/aGlTBVtG2ki -y/6AJU1hlz9I9FAscHOWkjt/0dt/aCPD5EJRKsqbEX5OQJtBNkMduhfZ63/w4bsb -u2SCNmMCAwEAAaNTMFEwHQYDVR0OBBYEFLgUu6zRtIHhBv/bTp9wxAlr3fSfMB8G -A1UdIwQYMBaAFLgUu6zRtIHhBv/bTp9wxAlr3fSfMA8GA1UdEwEB/wQFMAMBAf8w -DQYJKoZIhvcNAQELBQADggIBAJoM5mlxmVYvbHPmNUFF3D5eK0ETZZILGrD9WLuQ -UJ9Zgf73bUTdGIp9arohFoQdyMe20EVbeMt/VeYwCQ1a970IaOHMWjwMPmHL6M5d -J5/gssomLHtyF3L4oRxkubvIsowwSDkoCBbc3GzYt1RELdfbH52GO3hzqhhuYntU -/po/TTBCNFh9HjBIC0ztFeuBtQcsCaqZzhobDVRxc1jF8ASJm0YzOpENd32MdUwC -7dr+lRpXgdy+3s0yyd0Col53W47hcSLdCoF4x4swQmUjV4dTXlkHnXa5qUB55WvN -7jcyHEpYyiJH/9tDYmDjTrDDgaS/M3zvxds0jZlklZTvxzKNtfMJxRv4nq7Kgipg -5ED9VeaDmXSLuVjq7qmARtLN2jh+XNZD0esITrVbDCv57yHR1nKMCZYHN99/xl3h -pUe7iHcSbaHDGGX8Tt4lHFipVDfFtC1bvy8mrlYb1SCyO0PXvs3/v9YHmviFtd4k -P/iYPT2BM83FqMmvAJPQ/sdW6IamkcdCr6RKOkgjNjrHDmEfmU8gNbaK2FbTZ1aY -4+SvtG89N3mmlcbjF7M3FANacGEEzHtPyU8JDrkOmcxd2sxWVcLwGlI1XSv8f4Az -dRKeO1xpiGERp4GiMP5/4AAvHCIeoebsRODPMko0wWIaOU4cUVGlTyIla9Yi9N9p -BSwD ------END CERTIFICATE----- diff --git a/ssl/certs/iRedMail.crt b/ssl/certs/iRedMail.crt new file mode 120000 index 0000000..826abd9 --- /dev/null +++ b/ssl/certs/iRedMail.crt @@ -0,0 +1 @@ +/etc/letsencrypt/live/mail.uhu-banane.eu/fullchain.pem \ No newline at end of file diff --git a/ssl/certs/iRedMail.crt.bak b/ssl/certs/iRedMail.crt.bak new file mode 100644 index 0000000..46fd586 --- /dev/null +++ b/ssl/certs/iRedMail.crt.bak @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIGLzCCBBegAwIBAgIUUDTsI1RzjR/xSTdy6Ynw0lEl1oUwDQYJKoZIhvcNAQEL +BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM +CFNoZW5aaGVuMRwwGgYDVQQKDBNoZWxnYS51aHUtYmFuYW5lLmRlMQswCQYDVQQL +DAJJVDEcMBoGA1UEAwwTaGVsZ2EudWh1LWJhbmFuZS5kZTEnMCUGCSqGSIb3DQEJ +ARYYcm9vdEBoZWxnYS51aHUtYmFuYW5lLmRlMB4XDTIxMDQwODIwMDIzMVoXDTMx +MDQwNjIwMDIzMVowgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx +ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNoZWxnYS51aHUtYmFuYW5lLmRl +MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTaGVsZ2EudWh1LWJhbmFuZS5kZTEnMCUG +CSqGSIb3DQEJARYYcm9vdEBoZWxnYS51aHUtYmFuYW5lLmRlMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAyft3/rLPQDxUEZ8FrkmTqtLPssxy8p+hYh0G +P40UwB0s/B+gAU7t/Dut+i8Gl+sLdjb2hVus7j3Qq36vpe+pMyG3R3Cg5vhgQDAN +5nnUYxSLL3jo24dyYsGjpIaxBA0UpR0I1l6+vSH+Ogl3SOtvDJ7mJSD3btLDDAcl +MRhhVYFox45OQVbrz6waza7+mfBC6uRGWzwUi09Whn21GX7F5g6YrvLmcflDc2IO +mSwTmlG5V/pbTw6NtyqYEm7Dr179Uogd6gU92mQNA76kJi0I/MnAkwWNL//ASw3e +b7mkjgxUMgN/RFzpvLl4QJsoA7DEOTPF4yuqrHhnWSU8Ctztjfj6R8sPXfy5s5Ot +fZFZeGotFagTt7UmxUQHVb9MP0S+eSYAhLKz/8cH24OWzkeoyBeD8aXCUmsbDRdP +mOlLOpPFmSwzwsVcWHobf9dy7DuzfeTFIAIFWXH8yZEz1FeNncqiFSFILwlxDftY +hcJcVyPtHjjQOk8NMzxd/pPmgiJL5AIwHCLEmJWYHEASqEtCPUIPE3leSW++d6Rs +hEfPrKm3aN5NA6RBXVBePwkjhzQBPKUcu4RdoXY3RHriZ2DCXcCb/aGlTBVtG2ki +y/6AJU1hlz9I9FAscHOWkjt/0dt/aCPD5EJRKsqbEX5OQJtBNkMduhfZ63/w4bsb +u2SCNmMCAwEAAaNTMFEwHQYDVR0OBBYEFLgUu6zRtIHhBv/bTp9wxAlr3fSfMB8G +A1UdIwQYMBaAFLgUu6zRtIHhBv/bTp9wxAlr3fSfMA8GA1UdEwEB/wQFMAMBAf8w +DQYJKoZIhvcNAQELBQADggIBAJoM5mlxmVYvbHPmNUFF3D5eK0ETZZILGrD9WLuQ +UJ9Zgf73bUTdGIp9arohFoQdyMe20EVbeMt/VeYwCQ1a970IaOHMWjwMPmHL6M5d +J5/gssomLHtyF3L4oRxkubvIsowwSDkoCBbc3GzYt1RELdfbH52GO3hzqhhuYntU +/po/TTBCNFh9HjBIC0ztFeuBtQcsCaqZzhobDVRxc1jF8ASJm0YzOpENd32MdUwC +7dr+lRpXgdy+3s0yyd0Col53W47hcSLdCoF4x4swQmUjV4dTXlkHnXa5qUB55WvN +7jcyHEpYyiJH/9tDYmDjTrDDgaS/M3zvxds0jZlklZTvxzKNtfMJxRv4nq7Kgipg +5ED9VeaDmXSLuVjq7qmARtLN2jh+XNZD0esITrVbDCv57yHR1nKMCZYHN99/xl3h +pUe7iHcSbaHDGGX8Tt4lHFipVDfFtC1bvy8mrlYb1SCyO0PXvs3/v9YHmviFtd4k +P/iYPT2BM83FqMmvAJPQ/sdW6IamkcdCr6RKOkgjNjrHDmEfmU8gNbaK2FbTZ1aY +4+SvtG89N3mmlcbjF7M3FANacGEEzHtPyU8JDrkOmcxd2sxWVcLwGlI1XSv8f4Az +dRKeO1xpiGERp4GiMP5/4AAvHCIeoebsRODPMko0wWIaOU4cUVGlTyIla9Yi9N9p +BSwD +-----END CERTIFICATE----- diff --git a/ssl/private/iRedMail.key b/ssl/private/iRedMail.key deleted file mode 100644 index c90951e..0000000 --- a/ssl/private/iRedMail.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDJ+3f+ss9APFQR -nwWuSZOq0s+yzHLyn6FiHQY/jRTAHSz8H6ABTu38O636LwaX6wt2NvaFW6zuPdCr -fq+l76kzIbdHcKDm+GBAMA3medRjFIsveOjbh3JiwaOkhrEEDRSlHQjWXr69If46 -CXdI628MnuYlIPdu0sMMByUxGGFVgWjHjk5BVuvPrBrNrv6Z8ELq5EZbPBSLT1aG -fbUZfsXmDpiu8uZx+UNzYg6ZLBOaUblX+ltPDo23KpgSbsOvXv1SiB3qBT3aZA0D -vqQmLQj8ycCTBY0v/8BLDd5vuaSODFQyA39EXOm8uXhAmygDsMQ5M8XjK6qseGdZ -JTwK3O2N+PpHyw9d/Lmzk619kVl4ai0VqBO3tSbFRAdVv0w/RL55JgCEsrP/xwfb -g5bOR6jIF4PxpcJSaxsNF0+Y6Us6k8WZLDPCxVxYeht/13LsO7N95MUgAgVZcfzJ -kTPUV42dyqIVIUgvCXEN+1iFwlxXI+0eONA6Tw0zPF3+k+aCIkvkAjAcIsSYlZgc -QBKoS0I9Qg8TeV5Jb753pGyER8+sqbdo3k0DpEFdUF4/CSOHNAE8pRy7hF2hdjdE -euJnYMJdwJv9oaVMFW0baSLL/oAlTWGXP0j0UCxwc5aSO3/R239oI8PkQlEqypsR -fk5Am0E2Qx26F9nrf/Dhuxu7ZII2YwIDAQABAoICADREVY3cOZNWyS5yJycttP+s -Y8DR9SDhvAJGnnpNiMQaCK0Jhf8wrJbr3p5yEtO3KBUkLfDeg0Z3SotGUi+vb+pi -XCopdAmw1j9l8ALnHdWx2D6lnCRKzYfOsgj+LcptlB0SAVpv1A3fQQlFr8931Rm/ -+LA88qqD8aMoKjClLXLR9QpGwetYkdcAo0L8eLffG4HrJmWvi2VtV2egGgAJ9S4O -MuZ6xrVRmmm+QybR6BSz9zFUANLZYkS2yfljHlJAU29K9+q6BoKAB3ojmBik6MF5 -d9LTyfBUzy7c3OWudW2otRToIMPRA08p83tMazNhR7XBtwCNKTJOSfggkYQCHZp8 -1lh79+XYE2aFV1Jrx+o5MQ40dZyWVv9I2ZHQM63d7hARSpcnvHq+kG+B4JXow4hh -ARyjqharrzTWbHlQGaAwKKGO/Lvi3VEp9dbcjl/8RbU3A6AS/HobM+GG/zwUhWv9 -8uupQCDevYX2qnYEkt6Z8RSF70lPegQKUXLonFrzXsWr/ZiNqJkl4UqFiApx98JR -8QtHIZa6RKNH/g70VViSdItKcUVOfdYHmObsFslOgZieo86JV42Zinr4xXUDqLtq -eLNKBCungyapB9TS1rxkjN3RfXS+vlJgi9V1GU4MseWQjcHrMotkVYq5jBK7rVhA -NVLjBy5Ms+zJ486i2Ub5AoIBAQDkOLY4rJA2RhyATYZIeDmoz8tFUvpsa+lsK6FT -yhRjrawM3TOvwwKiW39RAqKXsB7KJyL8CS/8QuqFeLC/ntAljpqBxTa9XUl07KSP -J2X7nELeKwlFqXJ+1mxKMsrCt4wUf8AFoVYfkGSuKhSjD94anBCOjmXh4jwNEbhX -eJHDHRlqllkIPEvksp1W8g9zXL2IycxDs9HPLrPpSKemuc9X9S+Ma66nd2k6cRqG -BL/UHPxCl18zpbvtufZKGV9t7WsDK4onwEU2q+A9P4Qo4Ij73IZpzR3enbvpG4RX -S5ZEL90BVMbdYkmZX8F/VWc1H755Eg8sPgFGOgOuDN9j//MfAoIBAQDikSdEN5Lr -Vy/fnZ5TsrTb2jKWgInmkmjCbNm5RYtEooP02qvlGoYOa5IB4VNaNWrgFKwse29s -DbM7nF8en+15uFmeyfsQDdoAabNRwZN2yQ9jwcm172lNTHvgkkhWAJWu9xcrcc0F -QR/TjYBWdVkZBTz1TGSLTt6LV12tlE10ANdCuzCZwLLB+kabrikUAKp+NmvQG3Ev -BlwISWOuKx664U8OozgJ1Dm2oZVJ7cYSbKKPh0pGNfFSNLCMGt2TEk8mYSnJF6Vn -r8NrEauiTmzLWXcVaGvxmBuVPYqIo9ResHdOw4znRgAb8stK37n9Usj+RDKmvlt4 -u8fwdWxsWbg9AoIBAG09oCucniL8iGP5t880jRT68eerAmend8HpWH2M+xmDZhl6 -QGVfSQGCHn0eb8l/6h0Fgr91flyXgz6EOMZgNG3lxptbVQprft/S7in/x9caQv+p -RfTsWPvRk2Ao09lElm6xf66yPVE6gpbDWcF7tOqzzVEPZEEtU2VGGCD2e38TjLjy -YoeIpSNBRAL8Nt0XhTnWrkmx5znutvtxZZ5uzorht/LVEHLku5/Xx8RivZfAkBcn -8c/9AumV3Ag4AO/Tdye7TZQdeoPi3aEzqAURBUDZnBVEs4l9oxa/rydB7RmSd41N -kSsjAuvBZBOZQ5+wJDI7rLuWqnF9D4nea4eoWi0CggEAJBao4YXUoiXuGzlZCc3y -Xv6fhjeNP6vcgfOiro80Qsd8K1lVfhW+ereJt0Dz7O+LSYwhbKhwtA5umTUsNY2V -3wiNRey4T/NU4TH0/TXPTmFyURqCDbfH1ycyqC/E0+Yd8ZOsHiBvXsHj1ue4JI1m -lsSt1AjKDyKN8jYFVuvDdpHXt+pnMGZwUtORwaR5KJV+ksIKZEiqu6nQqQU/mnOF -3pCa7iLzfyVN2Bhe1jrIjRC+yAvtucdH3CdGY9q3poCJGPzrEfvxPdXSU9CpvR2u -2Kk0fbV3VDE9W4VE9sTZxAdpyaL+Y6xTwh/nX9LJJl+0YkPsqYCyw0Vt8JBTp+KW -pQKCAQEAtpUbpWpRbnj09XLrFupvacWDFPcrkKDVXD7cY0JWp/aLAFoxzswuRT0k -qhniZIDLTH8fsVGkeJBDgzc5E8q6/w0yIPpICp47qFK63HVvJDz0lEYmK3rHN6pu -LFLD4ibLTr4mc9mRRowVHlJPFugh7icI3ejcXcE7o0GHWb0/DgdWCfB3gXpGuEGP -Uh3wZbacK48AiFATWCwgF171nBM55KbT055jJqob2C/Ci2t1SJoZtCvLydzM5Wnk -2HtKx1l6A9d6hMqSFLQYA20P+4lHO0Q4rb27b7rJyz+1Q23KLlNvzlwGKY9qWt9r -UEyvPYOkCr8/qEVcHTMhf/daAMCpGQ== ------END PRIVATE KEY----- diff --git a/ssl/private/iRedMail.key b/ssl/private/iRedMail.key new file mode 120000 index 0000000..839e1ed --- /dev/null +++ b/ssl/private/iRedMail.key @@ -0,0 +1 @@ +/etc/letsencrypt/live/mail.uhu-banane.eu/privkey.pem \ No newline at end of file diff --git a/ssl/private/iRedMail.key.bak b/ssl/private/iRedMail.key.bak new file mode 100644 index 0000000..c90951e --- /dev/null +++ b/ssl/private/iRedMail.key.bak @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDJ+3f+ss9APFQR +nwWuSZOq0s+yzHLyn6FiHQY/jRTAHSz8H6ABTu38O636LwaX6wt2NvaFW6zuPdCr +fq+l76kzIbdHcKDm+GBAMA3medRjFIsveOjbh3JiwaOkhrEEDRSlHQjWXr69If46 +CXdI628MnuYlIPdu0sMMByUxGGFVgWjHjk5BVuvPrBrNrv6Z8ELq5EZbPBSLT1aG +fbUZfsXmDpiu8uZx+UNzYg6ZLBOaUblX+ltPDo23KpgSbsOvXv1SiB3qBT3aZA0D +vqQmLQj8ycCTBY0v/8BLDd5vuaSODFQyA39EXOm8uXhAmygDsMQ5M8XjK6qseGdZ +JTwK3O2N+PpHyw9d/Lmzk619kVl4ai0VqBO3tSbFRAdVv0w/RL55JgCEsrP/xwfb +g5bOR6jIF4PxpcJSaxsNF0+Y6Us6k8WZLDPCxVxYeht/13LsO7N95MUgAgVZcfzJ +kTPUV42dyqIVIUgvCXEN+1iFwlxXI+0eONA6Tw0zPF3+k+aCIkvkAjAcIsSYlZgc +QBKoS0I9Qg8TeV5Jb753pGyER8+sqbdo3k0DpEFdUF4/CSOHNAE8pRy7hF2hdjdE +euJnYMJdwJv9oaVMFW0baSLL/oAlTWGXP0j0UCxwc5aSO3/R239oI8PkQlEqypsR +fk5Am0E2Qx26F9nrf/Dhuxu7ZII2YwIDAQABAoICADREVY3cOZNWyS5yJycttP+s +Y8DR9SDhvAJGnnpNiMQaCK0Jhf8wrJbr3p5yEtO3KBUkLfDeg0Z3SotGUi+vb+pi +XCopdAmw1j9l8ALnHdWx2D6lnCRKzYfOsgj+LcptlB0SAVpv1A3fQQlFr8931Rm/ ++LA88qqD8aMoKjClLXLR9QpGwetYkdcAo0L8eLffG4HrJmWvi2VtV2egGgAJ9S4O +MuZ6xrVRmmm+QybR6BSz9zFUANLZYkS2yfljHlJAU29K9+q6BoKAB3ojmBik6MF5 +d9LTyfBUzy7c3OWudW2otRToIMPRA08p83tMazNhR7XBtwCNKTJOSfggkYQCHZp8 +1lh79+XYE2aFV1Jrx+o5MQ40dZyWVv9I2ZHQM63d7hARSpcnvHq+kG+B4JXow4hh +ARyjqharrzTWbHlQGaAwKKGO/Lvi3VEp9dbcjl/8RbU3A6AS/HobM+GG/zwUhWv9 +8uupQCDevYX2qnYEkt6Z8RSF70lPegQKUXLonFrzXsWr/ZiNqJkl4UqFiApx98JR +8QtHIZa6RKNH/g70VViSdItKcUVOfdYHmObsFslOgZieo86JV42Zinr4xXUDqLtq +eLNKBCungyapB9TS1rxkjN3RfXS+vlJgi9V1GU4MseWQjcHrMotkVYq5jBK7rVhA +NVLjBy5Ms+zJ486i2Ub5AoIBAQDkOLY4rJA2RhyATYZIeDmoz8tFUvpsa+lsK6FT +yhRjrawM3TOvwwKiW39RAqKXsB7KJyL8CS/8QuqFeLC/ntAljpqBxTa9XUl07KSP +J2X7nELeKwlFqXJ+1mxKMsrCt4wUf8AFoVYfkGSuKhSjD94anBCOjmXh4jwNEbhX +eJHDHRlqllkIPEvksp1W8g9zXL2IycxDs9HPLrPpSKemuc9X9S+Ma66nd2k6cRqG +BL/UHPxCl18zpbvtufZKGV9t7WsDK4onwEU2q+A9P4Qo4Ij73IZpzR3enbvpG4RX +S5ZEL90BVMbdYkmZX8F/VWc1H755Eg8sPgFGOgOuDN9j//MfAoIBAQDikSdEN5Lr +Vy/fnZ5TsrTb2jKWgInmkmjCbNm5RYtEooP02qvlGoYOa5IB4VNaNWrgFKwse29s +DbM7nF8en+15uFmeyfsQDdoAabNRwZN2yQ9jwcm172lNTHvgkkhWAJWu9xcrcc0F +QR/TjYBWdVkZBTz1TGSLTt6LV12tlE10ANdCuzCZwLLB+kabrikUAKp+NmvQG3Ev +BlwISWOuKx664U8OozgJ1Dm2oZVJ7cYSbKKPh0pGNfFSNLCMGt2TEk8mYSnJF6Vn +r8NrEauiTmzLWXcVaGvxmBuVPYqIo9ResHdOw4znRgAb8stK37n9Usj+RDKmvlt4 +u8fwdWxsWbg9AoIBAG09oCucniL8iGP5t880jRT68eerAmend8HpWH2M+xmDZhl6 +QGVfSQGCHn0eb8l/6h0Fgr91flyXgz6EOMZgNG3lxptbVQprft/S7in/x9caQv+p +RfTsWPvRk2Ao09lElm6xf66yPVE6gpbDWcF7tOqzzVEPZEEtU2VGGCD2e38TjLjy +YoeIpSNBRAL8Nt0XhTnWrkmx5znutvtxZZ5uzorht/LVEHLku5/Xx8RivZfAkBcn +8c/9AumV3Ag4AO/Tdye7TZQdeoPi3aEzqAURBUDZnBVEs4l9oxa/rydB7RmSd41N +kSsjAuvBZBOZQ5+wJDI7rLuWqnF9D4nea4eoWi0CggEAJBao4YXUoiXuGzlZCc3y +Xv6fhjeNP6vcgfOiro80Qsd8K1lVfhW+ereJt0Dz7O+LSYwhbKhwtA5umTUsNY2V +3wiNRey4T/NU4TH0/TXPTmFyURqCDbfH1ycyqC/E0+Yd8ZOsHiBvXsHj1ue4JI1m +lsSt1AjKDyKN8jYFVuvDdpHXt+pnMGZwUtORwaR5KJV+ksIKZEiqu6nQqQU/mnOF +3pCa7iLzfyVN2Bhe1jrIjRC+yAvtucdH3CdGY9q3poCJGPzrEfvxPdXSU9CpvR2u +2Kk0fbV3VDE9W4VE9sTZxAdpyaL+Y6xTwh/nX9LJJl+0YkPsqYCyw0Vt8JBTp+KW +pQKCAQEAtpUbpWpRbnj09XLrFupvacWDFPcrkKDVXD7cY0JWp/aLAFoxzswuRT0k +qhniZIDLTH8fsVGkeJBDgzc5E8q6/w0yIPpICp47qFK63HVvJDz0lEYmK3rHN6pu +LFLD4ibLTr4mc9mRRowVHlJPFugh7icI3ejcXcE7o0GHWb0/DgdWCfB3gXpGuEGP +Uh3wZbacK48AiFATWCwgF171nBM55KbT055jJqob2C/Ci2t1SJoZtCvLydzM5Wnk +2HtKx1l6A9d6hMqSFLQYA20P+4lHO0Q4rb27b7rJyz+1Q23KLlNvzlwGKY9qWt9r +UEyvPYOkCr8/qEVcHTMhf/daAMCpGQ== +-----END PRIVATE KEY-----