From ba1a620e64a358cf5a74a5fa09e9e14707f161d9 Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 14 Oct 2015 13:41:10 -0700 Subject: updated mail.bitmask.net cert with real CA signed version. --- hiera/antelope.yaml | 98 ++++++++++++++++++++++++++++++++--------------------- 1 file changed, 60 insertions(+), 38 deletions(-) (limited to 'hiera/antelope.yaml') diff --git a/hiera/antelope.yaml b/hiera/antelope.yaml index 3c87bb8..19782ac 100644 --- a/hiera/antelope.yaml +++ b/hiera/antelope.yaml @@ -3,6 +3,8 @@ api: ca_cert_uri: "https://mail.bitmask.net/ca.crt" domain: api.mail.bitmask.net port: 4430 +clamav: + whitelisted_addresses: [] contacts: - sysdev@leap.se couch: @@ -35,10 +37,6 @@ couch: password: vR8CqkNx9XeLDWMZWaQNYFsQHsPDTPve salt: efac408f3cda73ebcb02f80c9c3a0bfa username: soledad - tapicero: - password: gdEJmtMRYvqFt7IzaFmqFv8E42ZbDyrc - salt: 9297d1bb44210b0a683fc7cb4de5ba8c - username: tapicero webapp: password: BUHSRknNYnLEzQHuLesseraW8WZ9IMpM salt: 1d0e3f0b126a69e19a1f6109fe8e2e40 @@ -145,6 +143,30 @@ domain: name: antelope.mail.bitmask.net enabled: true environment: mail +firewall: + mx: + from: "*" + port: + - 25 + - 465 + to: "199.119.112.167" + soledad: + from: "*" + port: 2323 + to: "199.119.112.167" + ssh: + from: sysadmin + port: 22 + to: "199.119.112.167" + stunnel: [] + webapp: + from: "*" + port: + - 443 + - 4430 + - 6425 + - 80 + to: "199.119.112.167" haproxy: couch: listen_port: 4096 @@ -240,10 +262,6 @@ sources: package: soledad-server revision: latest type: apt - tapicero: - revision: origin/version/0.7 - source: "https://leap.se/git/tapicero" - type: git webapp: revision: origin/version/0.7.1 source: "https://leap.se/git/leap_web" @@ -629,36 +647,40 @@ x509: -----END CERTIFICATE----- commercial_cert: | -----BEGIN CERTIFICATE----- - MIIFcDCCA1igAwIBAgIQb7RTJ2OIIfgd7Cdk7X8fcjANBgkqhkiG9w0BAQsFADBK - MRgwFgYDVQQDDA9CaXRtYXNrIFJvb3QgQ0ExEDAOBgNVBAoMB0JpdG1hc2sxHDAa - BgNVBAsME2h0dHBzOi8vYml0bWFzay5uZXQwHhcNMTUxMDA0MDAwMDAwWhcNMTYx - MDA0MDAwMDAwWjAtMRAwDgYDVQQKDAdCaXRtYXNrMRkwFwYDVQQDDBBtYWlsLmJp - dG1hc2submV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt706crHa - w2Ve3eJ81C1vPxKwqfH47aSRFxEAqxAO2Ld691crRXt1QUe0NAh5uEwa+vtEnPhI - q+/PFrjwwgZfayTwsdHNPtEKxhD1PnH32vF2ZhYrU60h9UOaS0WRDYwt2I47eUVo - QoUyZJiYcCKvE5mfxYdzq/8MWVTDaEHOPfhJCIqEtz37VnA6y06xSLB418JI9UMm - 6n2ebjOzjGdDwOGdQ/oBPa3EkwV3VQv/5cjjWyEPt4aTT5sWwphMZ2RMn1MJ8uZu - 1Og3GJE3X68ykhszP6Rw2fvU31DX3Lyavmkl0GQ/VkSGqQ3p6cK56dBSYdpXS6w1 - qrimbT7lxgmomwOlRFwsFpL0RJs7Uh8HWjG/nm14vppjWg4sfJoyuWVrj+mI9y5+ - 85tj2RHKRLh+/xEMGSkqEK2fW1KXCC8wEJpf9Qd5K25YXeYgIrQ0JG9/5PMA0d4F - +2hfR/Th9M8vWFnteOZQp7JwFzrJcLHBRcQTmqLzpAqbCRvBX0/MUCCEYIlxfzXo - RxwPwbQ282Icb2WH//K2TzlVVwF41yaPmzgyoMsS45qBmse2h2NyvWqg7E7qtKZW - iercR/XmzF3MfkDk+PyIV6V/+nGypi7bdbwDgKBoyrDbysp4dTzakt+ffuRtATRB - PQCTpOUI+RLFCkdLzdrHTjTIUybpJ+whFecCAwEAAaNvMG0wHQYDVR0OBBYEFF3u - zJtJHEvY0gueWCmdkSNRPwRzMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEF - BQcDATAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFLmBgyy9rLMJ2KRx7z66LdSVPg+P - MA0GCSqGSIb3DQEBCwUAA4ICAQBf2EQP+D6W3RCp0+ZuO9JkRZ5t2sYll1nnRNLd - OFkmkcRCCsncnxoOGCld3PV2WOXj26vkiNhSsHkMGDU328YixXV+fBs2rTnyFEKx - ws2CGW9FMcOH/5gqYlAvT41yZwRm9ZvEvtBEc8FgkUgzdVyUkMoMiTJSOHbdbRAC - MavPa7N8U9OfzxRS3VbMKfMrk4jKnNqs3f3zXHdmXsCULGDoZts/1otCM4jbwXvR - T8JxDVM7hvfDKW1u+n4XwzHw6FGyb0zJ3AzOTkZXPlWC1AVSfbwxJMWLYd9sqK6g - lfIS8bKaxc2SL+4wEBJEBHM0/E0WAwlylOahJXHf0SRt6nIp4Fem364gy/gjIbx2 - d3CyKwCammVwsfvJbwK+bhEZbzvL1LqZM8ZA49u3BnTforU1yjFhiLc/moKqSbxn - kVE5z4kb32nRI1DuyTzEdsrOYVWkZoD53+AkGkDaNumPdL6ASNiPSS5nnwk/TGG9 - Q+i98yQKH5qu+5Uqe1S3z6JZEJXoXW/YJed3aE//UT7XerUvuma4W2EBQjoe5iqM - THctfk5+Tg0iSUWoONIBjJDSlf2cG9sz9W0nqmesg0SoZblPdzGZn4bq1J4FIdRf - zh90BFtAYBDtOE+yzGsoXvzVBeh4MIOWKZh0lpyNOnrb4gGARoMjE4jjdyptWXOW - FTYMyQ== + MIIGVTCCBT2gAwIBAgIRAIEOrsAoP7mHOGeCRvoopkkwDQYJKoZIhvcNAQELBQAw + gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO + BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD + VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg + Q0EwHhcNMTUxMDA1MDAwMDAwWhcNMTYxMDA0MjM1OTU5WjBUMSEwHwYDVQQLExhE + b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAsTC1Bvc2l0aXZlU1NMMRkw + FwYDVQQDExBtYWlsLmJpdG1hc2submV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A + MIICCgKCAgEAt706crHaw2Ve3eJ81C1vPxKwqfH47aSRFxEAqxAO2Ld691crRXt1 + QUe0NAh5uEwa+vtEnPhIq+/PFrjwwgZfayTwsdHNPtEKxhD1PnH32vF2ZhYrU60h + 9UOaS0WRDYwt2I47eUVoQoUyZJiYcCKvE5mfxYdzq/8MWVTDaEHOPfhJCIqEtz37 + VnA6y06xSLB418JI9UMm6n2ebjOzjGdDwOGdQ/oBPa3EkwV3VQv/5cjjWyEPt4aT + T5sWwphMZ2RMn1MJ8uZu1Og3GJE3X68ykhszP6Rw2fvU31DX3Lyavmkl0GQ/VkSG + qQ3p6cK56dBSYdpXS6w1qrimbT7lxgmomwOlRFwsFpL0RJs7Uh8HWjG/nm14vppj + Wg4sfJoyuWVrj+mI9y5+85tj2RHKRLh+/xEMGSkqEK2fW1KXCC8wEJpf9Qd5K25Y + XeYgIrQ0JG9/5PMA0d4F+2hfR/Th9M8vWFnteOZQp7JwFzrJcLHBRcQTmqLzpAqb + CRvBX0/MUCCEYIlxfzXoRxwPwbQ282Icb2WH//K2TzlVVwF41yaPmzgyoMsS45qB + mse2h2NyvWqg7E7qtKZWiercR/XmzF3MfkDk+PyIV6V/+nGypi7bdbwDgKBoyrDb + ysp4dTzakt+ffuRtATRBPQCTpOUI+RLFCkdLzdrHTjTIUybpJ+whFecCAwEAAaOC + AeMwggHfMB8GA1UdIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQW + BBRd7sybSRxL2NILnlgpnZEjUT8EczAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/ + BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6 + BgsrBgEEAbIxAQICBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21v + ZG8uY29tL0NQUzAIBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2Ny + bC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNl + cnZlckNBLmNybDCBhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8v + Y3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJl + U2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5j + b20wMQYDVR0RBCowKIIQbWFpbC5iaXRtYXNrLm5ldIIUd3d3Lm1haWwuYml0bWFz + ay5uZXQwDQYJKoZIhvcNAQELBQADggEBAAjzdbp3b2azWvI9xVw6i9SjAVWgiGPE + n9fMs7o9/JdyjcwqPPIi1D5zusczwx9bBnvWYMVdW5ziJoXMMVEHHGn16fadPEaH + WcQx7NXeJnXKEtvY3Rej4VTRFZ22F3gRcTkgueQeRSDm1AgfkskwsQlwnH0tTTHi + TxKVB0pPxdokk85sX1YIqFwebk2bTiDBlKzG3uhHMpGTKpSuXB59h+cyi7cc+pE9 + iIZiMsNqdMytMztiO1LeEg2Tg/tpU6Sp74BGDCGuH0+h0olPSeBCy/AkPdGSejzr + NZw/QUPyzHSdGGiy9qDROp2HGgC1OfxH8PoxZgn+MyvEPJcG2e9wC/c= -----END CERTIFICATE----- commercial_key: | -----BEGIN RSA PRIVATE KEY----- -- cgit v1.2.3