From b47ab11a0eee8fd8640c407d77fca47197622958 Mon Sep 17 00:00:00 2001
From: MichiK <michik@michik.net>
Date: Sat, 26 Oct 2019 00:43:30 +0200
Subject: [PATCH] Add ticket.c3heaven.de and fix postfix role

---
 host_vars/ticket.c3heaven.de    | 23 +++++++++++++++++++++++
 inventory                       |  1 +
 roles/postfix/defaults/main.yml |  2 ++
 3 files changed, 26 insertions(+)
 create mode 100644 host_vars/ticket.c3heaven.de

diff --git a/host_vars/ticket.c3heaven.de b/host_vars/ticket.c3heaven.de
new file mode 100644
index 0000000..dfccdf1
--- /dev/null
+++ b/host_vars/ticket.c3heaven.de
@@ -0,0 +1,23 @@
+# Before changing this, please make sure that the DNS entries exist, otherwise
+# acmetool will fail horribly!
+acmetool_cert_domains:
+ - ticket.c3heaven.de
+
+nginx_http_locations:
+ - location: "/"
+   config: |-
+     access_log off;
+     log_not_found off;
+     return 301 https://$host$request_uri;
+
+nginx_https_default_headers:
+ - 'Strict-Transport-Security "max-age=31536000; includeSubDomains"'
+ - 'X-XSS-Protection "1; mode=block"'
+ - 'X-Frame-Options "SAMEORIGIN"'
+ - 'X-Content-Type-Options "nosniff"'
+ - 'Referrer-Policy "same-origin"'
+
+postfix_mydestination: "localhost, $myhostname"
+postfix_myorigin: "c3heaven.de"
+postfix_alias_maps:
+ - "hash:/etc/aliases"
diff --git a/inventory b/inventory
index 21c781d..7d705f6 100644
--- a/inventory
+++ b/inventory
@@ -6,6 +6,7 @@
 # configuration of the new machine.
 [hetzner]
 gabriel.c3heaven.de
+ticket.c3heaven.de
 
 
 # Monitoring host
diff --git a/roles/postfix/defaults/main.yml b/roles/postfix/defaults/main.yml
index 9105874..5475eb6 100644
--- a/roles/postfix/defaults/main.yml
+++ b/roles/postfix/defaults/main.yml
@@ -11,3 +11,5 @@ postfix_smtpd_tls_mandatory_protocols: "TLSv1.2"
 postfix_ssl_dhparam: "/etc/postfix/dh_2048.pem"
 postfix_ssl_dhparam_bits: 2048
 postfix_additional_admin_aliases: []
+
+rspamd_enabled: false
-- 
GitLab