viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1360 commits 2 branches 0 tags 2.3 GiB
Commit graph

4 commits

Author SHA1 Message Date
Viktor Barzin
00e1682ec8 [ci skip] mailserver: add Postfix rate limiting 
Add connection and message rate limits to protect against brute-force
attacks on SMTP/IMAP ports. 10 connections and 30 messages per minute
per client IP.
 2026-02-23 20:29:45 +00:00
Viktor Barzin
ed6d505433 [ci skip] roundcubemail: pin to 1.6-apache, disable debug logging 
Pin Roundcubemail to stable 1.6-apache tag instead of :latest to
prevent unexpected breakage. Disable SMTP debug and reduce debug
level from 6 to 1 for production use.
 2026-02-23 20:29:39 +00:00
Viktor Barzin
491f9f4d49 [ci skip] mailserver: enable Rspamd, disable OpenDKIM 
Enable Rspamd for spam filtering and DKIM signing, replacing
OpenDKIM. Rspamd reads existing DKIM keys from the same mount path.
 2026-02-23 20:29:32 +00:00
Viktor Barzin
e6420c7b36 [ci skip] Move Terraform modules into stack directories 
Move all 88 service modules (66 individual + 22 platform) from
modules/kubernetes/<service>/ into their corresponding stack directories:

- Service stacks: stacks/<service>/module/
- Platform stack: stacks/platform/modules/<service>/

This collocates module source code with its Terragrunt definition.
Only shared utility modules remain in modules/kubernetes/:
ingress_factory, setup_tls_secret, dockerhub_secret, oauth-proxy.

All cross-references to shared modules updated to use correct
relative paths. Verified with terragrunt run --all -- plan:
0 adds, 0 destroys across all 68 stacks.
 2026-02-22 14:38:14 +00:00