From 73137b735c6894c24f24faf0f66094445f852013 Mon Sep 17 00:00:00 2001 From: ertopogo Date: Mon, 23 Feb 2026 23:20:02 +0100 Subject: Application:ajout du serveur mail huinca --- micro/reseau/caddy_reverse_proxy.mmd | 10 ++++-- micro/reseau/topologie_reseau.mmd | 9 +++--- micro/vms/huinca.mmd | 63 ++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 6 deletions(-) create mode 100644 micro/vms/huinca.mmd (limited to 'micro') diff --git a/micro/reseau/caddy_reverse_proxy.mmd b/micro/reseau/caddy_reverse_proxy.mmd index 92ff28f..de89f35 100644 --- a/micro/reseau/caddy_reverse_proxy.mmd +++ b/micro/reseau/caddy_reverse_proxy.mmd @@ -32,6 +32,7 @@ flowchart LR r_pm["pm.arauco.online"] r_lsb["lsb.arauco.online"] r_api_lsb["api-lsb.arauco.online"] + r_mail["mail.arauco.online"] r_redir["arauco.online
-> 301 www.*"] end end @@ -52,6 +53,10 @@ flowchart LR ws_note["WebSocket HA
read_timeout 0"] end + subgraph huinca ["huinca .66"] + mail_status["mail.arauco.online
status page / webmail
:80"] + end + dns_pub --> nat nat --> listen @@ -62,6 +67,7 @@ flowchart LR r_pm -->|"HTTP"| pm r_lsb -->|"HTTP"| lsb_sf r_api_lsb -->|"HTTP"| lsb_be + r_mail -->|"HTTP"| mail_status tls --> routing @@ -75,6 +81,6 @@ flowchart LR class dns_pub,client,gw,nat extStyle class listen,tls netStyle class headers,kc_block secStyle - class r_www,r_kc,r_ha,r_vk,r_pm,r_lsb,r_api_lsb,r_redir routeStyle + class r_www,r_kc,r_ha,r_vk,r_pm,r_lsb,r_api_lsb,r_mail,r_redir routeStyle class keycloak iamStyle - class dt,ha,vk,pm,lsb_sf,lsb_be,ws_note svcStyle + class dt,ha,vk,pm,lsb_sf,lsb_be,ws_note,mail_status svcStyle diff --git a/micro/reseau/topologie_reseau.mmd b/micro/reseau/topologie_reseau.mmd index 95d9364..6886369 100644 --- a/micro/reseau/topologie_reseau.mmd +++ b/micro/reseau/topologie_reseau.mmd @@ -2,13 +2,13 @@ flowchart LR subgraph internet ["Internet"] direction TB - ddns["DDNS Namecheap
arauco.online
git.arauco.online
www.arauco.online"] + ddns["DDNS Namecheap
arauco.online
git.arauco.online
www.arauco.online
mail.arauco.online"] upstream["Forwarders DNS
8.8.8.8 / 8.8.4.4 / 1.1.1.1"] end subgraph swisscom ["Routeur Swisscom"] gw["Gateway 192.168.99.1"] - nat["NAT ext:2222
-> .51:1220"] + nat["NAT ext:2222
-> .51:1220
mail:25/465/587/993
-> .66"] end subgraph host_if ["araucaria - Interfaces"] @@ -30,7 +30,8 @@ flowchart LR r_chillka[".55 git.arauco.online
.55 chillka.local"] r_npagnun[".35 npagnun.local
.35 keycloak.arauco.local"] r_huitral[".22 huitral.local"] - r_other[".33 lemolemo | .44 toki
.11 copihue | .66 huinca"] + r_huinca[".66 mail.arauco.online
.66 huinca.local"] + r_other[".33 lemolemo | .44 toki
.11 copihue"] end subgraph ptr ["PTR Records"] @@ -72,7 +73,7 @@ flowchart LR class ddns,upstream,nat,gw extStyle class eth0,br0,eth1 netStyle class virbr0 dormStyle - class dns_svc,r_araucaria,r_chillka,r_npagnun,r_huitral,r_other dnsStyle + class dns_svc,r_araucaria,r_chillka,r_npagnun,r_huitral,r_huinca,r_other dnsStyle class ptr1,ptr2 dnsStyle class vnet1,vnet7,vnet8 netStyle class rt1,rt2,rt3,rt4 routeStyle diff --git a/micro/vms/huinca.mmd b/micro/vms/huinca.mmd new file mode 100644 index 0000000..8c265a7 --- /dev/null +++ b/micro/vms/huinca.mmd @@ -0,0 +1,63 @@ +%%{init: {'theme': 'base', 'flowchart': {'nodeSpacing': 40, 'rankSpacing': 50}}}%% +flowchart LR + subgraph mail_stack ["Services Mail natifs"] + direction TB + postfix["Postfix
SMTP :25 :465 :587"] + dovecot["Dovecot
IMAP :993
LMTP + Sieve"] + opendkim["OpenDKIM
milter DKIM"] + spamassassin["SpamAssassin
anti-spam"] + clamav["ClamAV + Amavis
antivirus"] + fail2ban_m["fail2ban
postfix, dovecot, sasl"] + postfix -->|"milter"| opendkim + postfix -->|"content_filter"| spamassassin + spamassassin --> clamav + end + + subgraph tls ["TLS"] + direction TB + certs["/etc/ssl/mail/
fullchain.pem
privkey.pem"] + sync["rsync cron depuis
araucaria Caddy
Let's Encrypt"] + sync --> certs + end + + subgraph config ["Config huinca"] + direction TB + vm_info["huinca .66
Ubuntu 24.04 LTS
2 vCPU 4 GB RAM
LVM 70 GB"] + partitions["/var/mail 40 GB
/var/log 5 GB
/ 15 GB"] + user_info["user: toshiro
SSH cle uniquement"] + end + + subgraph access ["Acces reseau"] + direction TB + dns["mail.arauco.online
huinca.local
-> 192.168.99.66"] + nat["NAT Swisscom
:25 :465 :587 :993
-> .66"] + clients["Clients mail
Thunderbird / K-9"] + end + + subgraph mailboxes ["Boites mail"] + direction TB + maildir["Maildir
/home/*/Maildir/"] + aliases["Aliases
postmaster -> toshiro
root -> toshiro"] + end + + clients -->|"IMAPS :993"| dovecot + clients -->|"SMTPS :465/587"| postfix + nat --> postfix + dns -.-> postfix + certs -.-> postfix + certs -.-> dovecot + dovecot --> maildir + + classDef mailStyle fill:#1e4a2e,stroke:#4a9a6a,color:#a8e0c0 + classDef secStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8 + classDef netStyle fill:#1e3a5f,stroke:#4a90d9,color:#a8d0f0 + classDef configStyle fill:#2a3a4a,stroke:#6a8aaa,color:#b0d0e8 + classDef storStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8 + classDef tlsStyle fill:#3a1e5f,stroke:#8a6ad9,color:#c8b0f0 + + class postfix,dovecot mailStyle + class opendkim,spamassassin,clamav,fail2ban_m secStyle + class dns,nat,clients netStyle + class vm_info,partitions,user_info configStyle + class maildir,aliases storStyle + class certs,sync tlsStyle -- cgit v1.2.3