disable fail2ban on mailserver as it was bannign too much [ci skip]
This commit is contained in:
Viktor Barzin
parent
f18509db98
commit
5665308fd2
2 changed files with 15 additions and 26 deletions
|
|
@ -33,9 +33,10 @@ resource "kubernetes_config_map" "mailserver_env_config" {
|
||||||
}
|
}
|
||||||
|
|
||||||
data = {
|
data = {
|
||||||
DMS_DEBUG = "0"
|
DMS_DEBUG = "0"
|
||||||
|
# LOG_LEVEL = "debug"
|
||||||
ENABLE_CLAMAV = "0"
|
ENABLE_CLAMAV = "0"
|
||||||
ENABLE_FAIL2BAN = "1"
|
ENABLE_FAIL2BAN = "0"
|
||||||
ENABLE_FETCHMAIL = "0"
|
ENABLE_FETCHMAIL = "0"
|
||||||
ENABLE_POSTGREY = "0"
|
ENABLE_POSTGREY = "0"
|
||||||
ENABLE_SASLAUTHD = "0"
|
ENABLE_SASLAUTHD = "0"
|
||||||
|
|
@ -46,12 +47,12 @@ resource "kubernetes_config_map" "mailserver_env_config" {
|
||||||
OVERRIDE_HOSTNAME = "mail.viktorbarzin.me"
|
OVERRIDE_HOSTNAME = "mail.viktorbarzin.me"
|
||||||
POSTFIX_MESSAGE_SIZE_LIMIT = 1024 * 1024 * 200 # 200 MB
|
POSTFIX_MESSAGE_SIZE_LIMIT = 1024 * 1024 * 200 # 200 MB
|
||||||
POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME = "1"
|
POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME = "1"
|
||||||
TLS_LEVEL = "intermediate"
|
# TLS_LEVEL = "intermediate"
|
||||||
DEFAULT_RELAY_HOST = "[smtp.sendgrid.net]:587"
|
DEFAULT_RELAY_HOST = "[smtp.sendgrid.net]:587"
|
||||||
SPOOF_PROTECTION = "1"
|
SPOOF_PROTECTION = "1"
|
||||||
SSL_TYPE = "manual"
|
SSL_TYPE = "manual"
|
||||||
SSL_CERT_PATH = "/tmp/ssl/tls.crt"
|
SSL_CERT_PATH = "/tmp/ssl/tls.crt"
|
||||||
SSL_KEY_PATH = "/tmp/ssl/tls.key"
|
SSL_KEY_PATH = "/tmp/ssl/tls.key"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -218,12 +219,12 @@ resource "kubernetes_deployment" "mailserver" {
|
||||||
sub_path = "fetchmail.cf"
|
sub_path = "fetchmail.cf"
|
||||||
read_only = true
|
read_only = true
|
||||||
}
|
}
|
||||||
volume_mount {
|
# volume_mount {
|
||||||
name = "config"
|
# name = "config"
|
||||||
mount_path = "/tmp/docker-mailserver/dovecot.cf"
|
# mount_path = "/tmp/docker-mailserver/dovecot.cf"
|
||||||
sub_path = "dovecot.cf"
|
# sub_path = "dovecot.cf"
|
||||||
read_only = true
|
# read_only = true
|
||||||
}
|
# }
|
||||||
# volume_mount {
|
# volume_mount {
|
||||||
# name = "user-patches"
|
# name = "user-patches"
|
||||||
# mount_path = "/tmp/user-patches.sh"
|
# mount_path = "/tmp/user-patches.sh"
|
||||||
|
|
@ -299,11 +300,6 @@ resource "kubernetes_deployment" "mailserver" {
|
||||||
container_port = 587
|
container_port = 587
|
||||||
protocol = "TCP"
|
protocol = "TCP"
|
||||||
}
|
}
|
||||||
port {
|
|
||||||
name = "imap"
|
|
||||||
container_port = 143
|
|
||||||
protocol = "TCP"
|
|
||||||
}
|
|
||||||
port {
|
port {
|
||||||
name = "imap-secure"
|
name = "imap-secure"
|
||||||
container_port = 993
|
container_port = 993
|
||||||
|
|
@ -460,13 +456,6 @@ resource "kubernetes_service" "mailserver" {
|
||||||
target_port = "smtp-auth"
|
target_port = "smtp-auth"
|
||||||
}
|
}
|
||||||
|
|
||||||
port {
|
|
||||||
name = "imap"
|
|
||||||
protocol = "TCP"
|
|
||||||
port = 143
|
|
||||||
target_port = "imap"
|
|
||||||
}
|
|
||||||
|
|
||||||
port {
|
port {
|
||||||
name = "imap-secure"
|
name = "imap-secure"
|
||||||
protocol = "TCP"
|
protocol = "TCP"
|
||||||
|
|
|
||||||
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue