From fe2f7ffa9850c5621c3b66adeb6951073d065a43 Mon Sep 17 00:00:00 2001
From: Viktor Barzin <vbarzin@gmail.com>
Date: Sat, 1 Jun 2024 10:59:06 +0000
Subject: [PATCH] remove body size limit for immich; remove dnscat2 deployment
 and some other random fixes [ci skip]

---
 modules/kubernetes/immich/chart_values.tpl | 2 +-
 modules/kubernetes/immich/main.tf          | 2 +-
 modules/kubernetes/mailserver/variables.tf | 2 +-
 modules/kubernetes/main.tf                 | 8 ++++----
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/modules/kubernetes/immich/chart_values.tpl b/modules/kubernetes/immich/chart_values.tpl
index 2bab86e2..38ac3011 100644
--- a/modules/kubernetes/immich/chart_values.tpl
+++ b/modules/kubernetes/immich/chart_values.tpl
@@ -25,7 +25,7 @@ env:
   IMMICH_MACHINE_LEARNING_URL: "http://immich-machine-learning.immich.svc.cluster.local:3003"
 
 image:
-  tag: v1.103.1
+  tag: v1.105.1
 
 immich:
   persistence:
diff --git a/modules/kubernetes/immich/main.tf b/modules/kubernetes/immich/main.tf
index 90dacfe7..e197dd2a 100644
--- a/modules/kubernetes/immich/main.tf
+++ b/modules/kubernetes/immich/main.tf
@@ -108,7 +108,7 @@ resource "kubernetes_ingress_v1" "immich" {
       "kubernetes.io/ingress.class" = "nginx"
       # "nginx.ingress.kubernetes.io/auth-url" : "https://oauth2.viktorbarzin.me/oauth2/auth"
       # "nginx.ingress.kubernetes.io/auth-signin" : "https://oauth2.viktorbarzin.me/oauth2/start?rd=/redirect/$http_host$escaped_request_uri"
-      "nginx.ingress.kubernetes.io/proxy-body-size" : "100000m"
+      "nginx.ingress.kubernetes.io/proxy-body-size" : "0"
     }
   }
 
diff --git a/modules/kubernetes/mailserver/variables.tf b/modules/kubernetes/mailserver/variables.tf
index de211589..164401f6 100644
--- a/modules/kubernetes/mailserver/variables.tf
+++ b/modules/kubernetes/mailserver/variables.tf
@@ -11,7 +11,7 @@ smtp_tls_security_level = encrypt
 header_size_limit = 4096000
 
 # Debug mail tls
-smtpd_tls_loglevel = 3
+smtpd_tls_loglevel = 1
 #smtpd_tls_ciphers = TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:!aNULL:!SEED:!CAMELLIA:!RSA+AES:!SHA1
 #tls_medium_cipherlist = ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:!aNULL:!SEED:!CAMELLIA:!RSA+AES:!SHA1
 EOT
diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf
index 601e517a..68b360a0 100644
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@@ -451,7 +451,7 @@ module "servarr" {
   tls_secret_name = var.tls_secret_name
 }
 
-module "dnscat2" {
-  source = "./dnscat2"
-  # tls_secret_name = var.tls_secret_name
-}
+# module "dnscat2" {
+#   source = "./dnscat2"
+#   # tls_secret_name = var.tls_secret_name
+# }