updated mail.bitmask.net cert with real CA signed version.

author: elijah <elijah@riseup.net> 2015-10-14 13:41:10 -0700
committer: elijah <elijah@riseup.net> 2015-10-14 13:41:10 -0700
commit: ba1a620e64a358cf5a74a5fa09e9e14707f161d9 (patch)
tree: 76e5d346bbd91acd336c77b946c644ebbb93627d /hiera
parent: 0012f53720e0bef256b0faf9d33d310175ad8117 (diff)
1 files changed, 60 insertions, 38 deletions
diff --git a/hiera/antelope.yaml b/hiera/antelope.yaml
index 3c87bb8..19782ac 100644
--- a/hiera/antelope.yaml
+++ b/hiera/antelope.yaml
@@ -3,6 +3,8 @@ api:
   ca_cert_uri: "https://mail.bitmask.net/ca.crt"
   domain: api.mail.bitmask.net
   port: 4430
+clamav: 
+  whitelisted_addresses: []
 contacts: 
   - sysdev@leap.se
 couch: 
@@ -35,10 +37,6 @@ couch:
       password: vR8CqkNx9XeLDWMZWaQNYFsQHsPDTPve
       salt: efac408f3cda73ebcb02f80c9c3a0bfa
       username: soledad
-    tapicero: 
-      password: gdEJmtMRYvqFt7IzaFmqFv8E42ZbDyrc
-      salt: 9297d1bb44210b0a683fc7cb4de5ba8c
-      username: tapicero
     webapp: 
       password: BUHSRknNYnLEzQHuLesseraW8WZ9IMpM
       salt: 1d0e3f0b126a69e19a1f6109fe8e2e40
@@ -145,6 +143,30 @@ domain:
   name: antelope.mail.bitmask.net
 enabled: true
 environment: mail
+firewall: 
+  mx: 
+    from: "*"
+    port: 
+      - 25
+      - 465
+    to: "199.119.112.167"
+  soledad: 
+    from: "*"
+    port: 2323
+    to: "199.119.112.167"
+  ssh: 
+    from: sysadmin
+    port: 22
+    to: "199.119.112.167"
+  stunnel: []
+  webapp: 
+    from: "*"
+    port: 
+      - 443
+      - 4430
+      - 6425
+      - 80
+    to: "199.119.112.167"
 haproxy: 
   couch: 
     listen_port: 4096
@@ -240,10 +262,6 @@ sources:
     package: soledad-server
     revision: latest
     type: apt
-  tapicero: 
-    revision: origin/version/0.7
-    source: "https://leap.se/git/tapicero"
-    type: git
   webapp: 
     revision: origin/version/0.7.1
     source: "https://leap.se/git/leap_web"
@@ -629,36 +647,40 @@ x509:
       -----END CERTIFICATE-----
   commercial_cert: |
       -----BEGIN CERTIFICATE-----
-      MIIFcDCCA1igAwIBAgIQb7RTJ2OIIfgd7Cdk7X8fcjANBgkqhkiG9w0BAQsFADBK
-      MRgwFgYDVQQDDA9CaXRtYXNrIFJvb3QgQ0ExEDAOBgNVBAoMB0JpdG1hc2sxHDAa
-      BgNVBAsME2h0dHBzOi8vYml0bWFzay5uZXQwHhcNMTUxMDA0MDAwMDAwWhcNMTYx
-      MDA0MDAwMDAwWjAtMRAwDgYDVQQKDAdCaXRtYXNrMRkwFwYDVQQDDBBtYWlsLmJp
-      dG1hc2submV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt706crHa
-      w2Ve3eJ81C1vPxKwqfH47aSRFxEAqxAO2Ld691crRXt1QUe0NAh5uEwa+vtEnPhI
-      q+/PFrjwwgZfayTwsdHNPtEKxhD1PnH32vF2ZhYrU60h9UOaS0WRDYwt2I47eUVo
-      QoUyZJiYcCKvE5mfxYdzq/8MWVTDaEHOPfhJCIqEtz37VnA6y06xSLB418JI9UMm
-      6n2ebjOzjGdDwOGdQ/oBPa3EkwV3VQv/5cjjWyEPt4aTT5sWwphMZ2RMn1MJ8uZu
-      1Og3GJE3X68ykhszP6Rw2fvU31DX3Lyavmkl0GQ/VkSGqQ3p6cK56dBSYdpXS6w1
-      qrimbT7lxgmomwOlRFwsFpL0RJs7Uh8HWjG/nm14vppjWg4sfJoyuWVrj+mI9y5+
-      85tj2RHKRLh+/xEMGSkqEK2fW1KXCC8wEJpf9Qd5K25YXeYgIrQ0JG9/5PMA0d4F
-      +2hfR/Th9M8vWFnteOZQp7JwFzrJcLHBRcQTmqLzpAqbCRvBX0/MUCCEYIlxfzXo
-      RxwPwbQ282Icb2WH//K2TzlVVwF41yaPmzgyoMsS45qBmse2h2NyvWqg7E7qtKZW
-      iercR/XmzF3MfkDk+PyIV6V/+nGypi7bdbwDgKBoyrDbysp4dTzakt+ffuRtATRB
-      PQCTpOUI+RLFCkdLzdrHTjTIUybpJ+whFecCAwEAAaNvMG0wHQYDVR0OBBYEFF3u
-      zJtJHEvY0gueWCmdkSNRPwRzMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEF
-      BQcDATAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFLmBgyy9rLMJ2KRx7z66LdSVPg+P
-      MA0GCSqGSIb3DQEBCwUAA4ICAQBf2EQP+D6W3RCp0+ZuO9JkRZ5t2sYll1nnRNLd
-      OFkmkcRCCsncnxoOGCld3PV2WOXj26vkiNhSsHkMGDU328YixXV+fBs2rTnyFEKx
-      ws2CGW9FMcOH/5gqYlAvT41yZwRm9ZvEvtBEc8FgkUgzdVyUkMoMiTJSOHbdbRAC
-      MavPa7N8U9OfzxRS3VbMKfMrk4jKnNqs3f3zXHdmXsCULGDoZts/1otCM4jbwXvR
-      T8JxDVM7hvfDKW1u+n4XwzHw6FGyb0zJ3AzOTkZXPlWC1AVSfbwxJMWLYd9sqK6g
-      lfIS8bKaxc2SL+4wEBJEBHM0/E0WAwlylOahJXHf0SRt6nIp4Fem364gy/gjIbx2
-      d3CyKwCammVwsfvJbwK+bhEZbzvL1LqZM8ZA49u3BnTforU1yjFhiLc/moKqSbxn
-      kVE5z4kb32nRI1DuyTzEdsrOYVWkZoD53+AkGkDaNumPdL6ASNiPSS5nnwk/TGG9
-      Q+i98yQKH5qu+5Uqe1S3z6JZEJXoXW/YJed3aE//UT7XerUvuma4W2EBQjoe5iqM
-      THctfk5+Tg0iSUWoONIBjJDSlf2cG9sz9W0nqmesg0SoZblPdzGZn4bq1J4FIdRf
-      zh90BFtAYBDtOE+yzGsoXvzVBeh4MIOWKZh0lpyNOnrb4gGARoMjE4jjdyptWXOW
-      FTYMyQ==
+      MIIGVTCCBT2gAwIBAgIRAIEOrsAoP7mHOGeCRvoopkkwDQYJKoZIhvcNAQELBQAw
+      gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+      BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
+      VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
+      Q0EwHhcNMTUxMDA1MDAwMDAwWhcNMTYxMDA0MjM1OTU5WjBUMSEwHwYDVQQLExhE
+      b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAsTC1Bvc2l0aXZlU1NMMRkw
+      FwYDVQQDExBtYWlsLmJpdG1hc2submV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+      MIICCgKCAgEAt706crHaw2Ve3eJ81C1vPxKwqfH47aSRFxEAqxAO2Ld691crRXt1
+      QUe0NAh5uEwa+vtEnPhIq+/PFrjwwgZfayTwsdHNPtEKxhD1PnH32vF2ZhYrU60h
+      9UOaS0WRDYwt2I47eUVoQoUyZJiYcCKvE5mfxYdzq/8MWVTDaEHOPfhJCIqEtz37
+      VnA6y06xSLB418JI9UMm6n2ebjOzjGdDwOGdQ/oBPa3EkwV3VQv/5cjjWyEPt4aT
+      T5sWwphMZ2RMn1MJ8uZu1Og3GJE3X68ykhszP6Rw2fvU31DX3Lyavmkl0GQ/VkSG
+      qQ3p6cK56dBSYdpXS6w1qrimbT7lxgmomwOlRFwsFpL0RJs7Uh8HWjG/nm14vppj
+      Wg4sfJoyuWVrj+mI9y5+85tj2RHKRLh+/xEMGSkqEK2fW1KXCC8wEJpf9Qd5K25Y
+      XeYgIrQ0JG9/5PMA0d4F+2hfR/Th9M8vWFnteOZQp7JwFzrJcLHBRcQTmqLzpAqb
+      CRvBX0/MUCCEYIlxfzXoRxwPwbQ282Icb2WH//K2TzlVVwF41yaPmzgyoMsS45qB
+      mse2h2NyvWqg7E7qtKZWiercR/XmzF3MfkDk+PyIV6V/+nGypi7bdbwDgKBoyrDb
+      ysp4dTzakt+ffuRtATRBPQCTpOUI+RLFCkdLzdrHTjTIUybpJ+whFecCAwEAAaOC
+      AeMwggHfMB8GA1UdIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQW
+      BBRd7sybSRxL2NILnlgpnZEjUT8EczAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+      BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6
+      BgsrBgEEAbIxAQICBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21v
+      ZG8uY29tL0NQUzAIBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2Ny
+      bC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNl
+      cnZlckNBLmNybDCBhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8v
+      Y3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJl
+      U2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5j
+      b20wMQYDVR0RBCowKIIQbWFpbC5iaXRtYXNrLm5ldIIUd3d3Lm1haWwuYml0bWFz
+      ay5uZXQwDQYJKoZIhvcNAQELBQADggEBAAjzdbp3b2azWvI9xVw6i9SjAVWgiGPE
+      n9fMs7o9/JdyjcwqPPIi1D5zusczwx9bBnvWYMVdW5ziJoXMMVEHHGn16fadPEaH
+      WcQx7NXeJnXKEtvY3Rej4VTRFZ22F3gRcTkgueQeRSDm1AgfkskwsQlwnH0tTTHi
+      TxKVB0pPxdokk85sX1YIqFwebk2bTiDBlKzG3uhHMpGTKpSuXB59h+cyi7cc+pE9
+      iIZiMsNqdMytMztiO1LeEg2Tg/tpU6Sp74BGDCGuH0+h0olPSeBCy/AkPdGSejzr
+      NZw/QUPyzHSdGGiy9qDROp2HGgC1OfxH8PoxZgn+MyvEPJcG2e9wC/c=
       -----END CERTIFICATE-----
   commercial_key: |
       -----BEGIN RSA PRIVATE KEY-----
author	elijah <elijah@riseup.net>	2015-10-14 13:41:10 -0700
committer	elijah <elijah@riseup.net>	2015-10-14 13:41:10 -0700
commit	ba1a620e64a358cf5a74a5fa09e9e14707f161d9 (patch)
tree	76e5d346bbd91acd336c77b946c644ebbb93627d /hiera
parent	0012f53720e0bef256b0faf9d33d310175ad8117 (diff)