jketreno/ketr.services
1
0
Fork 0
Code Issues Activity
ketr.services/README.md
James Ketrenos e2af62042a Mailman is loading 
Signed-off-by: James Ketrenos <james_git@ketrenos.com>
2024-05-14 17:56:26 -07:00

81 lines
2.5 KiB
Markdown
Raw Permalink Blame History

# ketreweb containers
| Container | Purpose |
|:----------------------|:-----------------------------------------------|
| ketrenet-web | Main webserver entry for https://ketrenos.com |
| ketrenet-mail | Email MTA and mailbox management |
| ketrenet-roundcube | Email web interface. https://mail.ketrenos.com |
| ketrenet-cron | Update letsencrypt keys, etc. |
| ketrenet-dns | DNS server |
| ketrenet-mailman-core | Mailman3 Core backend |
| ketrenet-mailman-web | Mailman3 Web frontend |
| ketrenet-database | Mailman3 Postgres DB |
## Disk structure
| Directory | Purpose |
|:----------------------|:-----------------------------------------------|
| $PWD/data/$SERVICE | Logs, error reporting, databases |
| $SERVICE/etc | Configuration files for $SERVICE |
| $PWD/www | Web content hosted by ketrenet-web directly |
## Update certificates
The cron job to update certificates isn't quite working yet. To update
certificates:
```bash
docker exec -it ketrenet-cron /bin/bash
/usr/bin/certbot renew --no-self-upgrade --webroot \
-w /var/www/ketrenos.com
/usr/bin/scp -q \
-i /keys/opnsense-letsencrypt \
/etc/letsencrypt/live/ketrenos.com/{fullchain,privkey}.pem \
letsencrypt@opnsense.ketrenos.com:.
/usr/bin/ssh \
-i /keys/opnsense-letsencrypt \
letsencrypt@opnsense.ketrenos.com \
sudo ./update-cert.sh fullchain.pem privkey.pem
```
After that completes (without errors) outside the container use `./sync-certs`
to push the updated certificates to all the service containers and servers.
## ketreweb
nginx and apache2
monitors keys from ./config/letsencrypt and restarts nginx and apache if changed
apache2 is only being used for mailman, which is currently offline
## ketreweb-roundcube
default container for roundcube. Provides https://mail.ketrenos.com
## ketreweb-cron
Runs letsencrypt via cron once per day
Runs email-check via cron once per day
## ketreweb-mail
uses LDAP to 192.168.1.78
dovecot
postfix
## ketrenet-dns
Runs dhcp and bind
Host needs to have following in /etc/systemd/resolved.conf:
```bash
[Resolve]
DNSStubListener=no
DNSStubListenerExtra=1053
```
```bash
sudo systemctl restart systemd-resolved
```
Reference in New Issue View Git Blame Copy Permalink