diff options
| author | ertopogo <erwin.t.pombett@gmail.com> | 2026-02-23 23:20:02 +0100 |
|---|---|---|
| committer | ertopogo <erwin.t.pombett@gmail.com> | 2026-02-23 23:20:02 +0100 |
| commit | 73137b735c6894c24f24faf0f66094445f852013 (patch) | |
| tree | e95d727a119603415c9add29b94612b5bdab62a0 /micro | |
| parent | 27e9f08e863e9ca22c1244f3cb24150142571334 (diff) | |
Application:ajout du serveur mail huincamain
Diffstat (limited to 'micro')
| -rw-r--r-- | micro/reseau/caddy_reverse_proxy.mmd | 10 | ||||
| -rw-r--r-- | micro/reseau/topologie_reseau.mmd | 9 | ||||
| -rw-r--r-- | micro/vms/huinca.mmd | 63 |
3 files changed, 76 insertions, 6 deletions
diff --git a/micro/reseau/caddy_reverse_proxy.mmd b/micro/reseau/caddy_reverse_proxy.mmd index 92ff28f..de89f35 100644 --- a/micro/reseau/caddy_reverse_proxy.mmd +++ b/micro/reseau/caddy_reverse_proxy.mmd @@ -32,6 +32,7 @@ flowchart LR r_pm["pm.arauco.online"]
r_lsb["lsb.arauco.online"]
r_api_lsb["api-lsb.arauco.online"]
+ r_mail["mail.arauco.online"]
r_redir["arauco.online<br/>-> 301 www.*"]
end
end
@@ -52,6 +53,10 @@ flowchart LR ws_note["WebSocket HA<br/>read_timeout 0"]
end
+ subgraph huinca ["huinca .66"]
+ mail_status["mail.arauco.online<br/>status page / webmail<br/>:80"]
+ end
+
dns_pub --> nat
nat --> listen
@@ -62,6 +67,7 @@ flowchart LR r_pm -->|"HTTP"| pm
r_lsb -->|"HTTP"| lsb_sf
r_api_lsb -->|"HTTP"| lsb_be
+ r_mail -->|"HTTP"| mail_status
tls --> routing
@@ -75,6 +81,6 @@ flowchart LR class dns_pub,client,gw,nat extStyle
class listen,tls netStyle
class headers,kc_block secStyle
- class r_www,r_kc,r_ha,r_vk,r_pm,r_lsb,r_api_lsb,r_redir routeStyle
+ class r_www,r_kc,r_ha,r_vk,r_pm,r_lsb,r_api_lsb,r_mail,r_redir routeStyle
class keycloak iamStyle
- class dt,ha,vk,pm,lsb_sf,lsb_be,ws_note svcStyle
+ class dt,ha,vk,pm,lsb_sf,lsb_be,ws_note,mail_status svcStyle
diff --git a/micro/reseau/topologie_reseau.mmd b/micro/reseau/topologie_reseau.mmd index 95d9364..6886369 100644 --- a/micro/reseau/topologie_reseau.mmd +++ b/micro/reseau/topologie_reseau.mmd @@ -2,13 +2,13 @@ flowchart LR
subgraph internet ["Internet"]
direction TB
- ddns["DDNS Namecheap<br/>arauco.online<br/>git.arauco.online<br/>www.arauco.online"]
+ ddns["DDNS Namecheap<br/>arauco.online<br/>git.arauco.online<br/>www.arauco.online<br/>mail.arauco.online"]
upstream["Forwarders DNS<br/>8.8.8.8 / 8.8.4.4 / 1.1.1.1"]
end
subgraph swisscom ["Routeur Swisscom"]
gw["Gateway 192.168.99.1"]
- nat["NAT ext:2222<br/>-> .51:1220"]
+ nat["NAT ext:2222<br/>-> .51:1220<br/>mail:25/465/587/993<br/>-> .66"]
end
subgraph host_if ["araucaria - Interfaces"]
@@ -30,7 +30,8 @@ flowchart LR r_chillka[".55 git.arauco.online<br/>.55 chillka.local"]
r_npagnun[".35 npagnun.local<br/>.35 keycloak.arauco.local"]
r_huitral[".22 huitral.local"]
- r_other[".33 lemolemo | .44 toki<br/>.11 copihue | .66 huinca"]
+ r_huinca[".66 mail.arauco.online<br/>.66 huinca.local"]
+ r_other[".33 lemolemo | .44 toki<br/>.11 copihue"]
end
subgraph ptr ["PTR Records"]
@@ -72,7 +73,7 @@ flowchart LR class ddns,upstream,nat,gw extStyle
class eth0,br0,eth1 netStyle
class virbr0 dormStyle
- class dns_svc,r_araucaria,r_chillka,r_npagnun,r_huitral,r_other dnsStyle
+ class dns_svc,r_araucaria,r_chillka,r_npagnun,r_huitral,r_huinca,r_other dnsStyle
class ptr1,ptr2 dnsStyle
class vnet1,vnet7,vnet8 netStyle
class rt1,rt2,rt3,rt4 routeStyle
diff --git a/micro/vms/huinca.mmd b/micro/vms/huinca.mmd new file mode 100644 index 0000000..8c265a7 --- /dev/null +++ b/micro/vms/huinca.mmd @@ -0,0 +1,63 @@ +%%{init: {'theme': 'base', 'flowchart': {'nodeSpacing': 40, 'rankSpacing': 50}}}%%
+flowchart LR
+ subgraph mail_stack ["Services Mail natifs"]
+ direction TB
+ postfix["Postfix<br/>SMTP :25 :465 :587"]
+ dovecot["Dovecot<br/>IMAP :993<br/>LMTP + Sieve"]
+ opendkim["OpenDKIM<br/>milter DKIM"]
+ spamassassin["SpamAssassin<br/>anti-spam"]
+ clamav["ClamAV + Amavis<br/>antivirus"]
+ fail2ban_m["fail2ban<br/>postfix, dovecot, sasl"]
+ postfix -->|"milter"| opendkim
+ postfix -->|"content_filter"| spamassassin
+ spamassassin --> clamav
+ end
+
+ subgraph tls ["TLS"]
+ direction TB
+ certs["/etc/ssl/mail/<br/>fullchain.pem<br/>privkey.pem"]
+ sync["rsync cron depuis<br/>araucaria Caddy<br/>Let's Encrypt"]
+ sync --> certs
+ end
+
+ subgraph config ["Config huinca"]
+ direction TB
+ vm_info["huinca .66<br/>Ubuntu 24.04 LTS<br/>2 vCPU 4 GB RAM<br/>LVM 70 GB"]
+ partitions["/var/mail 40 GB<br/>/var/log 5 GB<br/>/ 15 GB"]
+ user_info["user: toshiro<br/>SSH cle uniquement"]
+ end
+
+ subgraph access ["Acces reseau"]
+ direction TB
+ dns["mail.arauco.online<br/>huinca.local<br/>-> 192.168.99.66"]
+ nat["NAT Swisscom<br/>:25 :465 :587 :993<br/>-> .66"]
+ clients["Clients mail<br/>Thunderbird / K-9"]
+ end
+
+ subgraph mailboxes ["Boites mail"]
+ direction TB
+ maildir["Maildir<br/>/home/*/Maildir/"]
+ aliases["Aliases<br/>postmaster -> toshiro<br/>root -> toshiro"]
+ end
+
+ clients -->|"IMAPS :993"| dovecot
+ clients -->|"SMTPS :465/587"| postfix
+ nat --> postfix
+ dns -.-> postfix
+ certs -.-> postfix
+ certs -.-> dovecot
+ dovecot --> maildir
+
+ classDef mailStyle fill:#1e4a2e,stroke:#4a9a6a,color:#a8e0c0
+ classDef secStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8
+ classDef netStyle fill:#1e3a5f,stroke:#4a90d9,color:#a8d0f0
+ classDef configStyle fill:#2a3a4a,stroke:#6a8aaa,color:#b0d0e8
+ classDef storStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8
+ classDef tlsStyle fill:#3a1e5f,stroke:#8a6ad9,color:#c8b0f0
+
+ class postfix,dovecot mailStyle
+ class opendkim,spamassassin,clamav,fail2ban_m secStyle
+ class dns,nat,clients netStyle
+ class vm_info,partitions,user_info configStyle
+ class maildir,aliases storStyle
+ class certs,sync tlsStyle
|