micro/vms/huinca.mmd


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

%%{init: {'theme': 'base', 'flowchart': {'nodeSpacing': 40, 'rankSpacing': 50}}}%%
flowchart LR
    subgraph mail_stack ["Services Mail natifs"]
        direction TB
        postfix["Postfix<br/>SMTP :25 :465 :587"]
        dovecot["Dovecot<br/>IMAP :993<br/>LMTP + Sieve"]
        opendkim["OpenDKIM<br/>milter DKIM"]
        spamassassin["SpamAssassin<br/>anti-spam"]
        clamav["ClamAV + Amavis<br/>antivirus"]
        fail2ban_m["fail2ban<br/>postfix, dovecot, sasl"]
        postfix -->|"milter"| opendkim
        postfix -->|"content_filter"| spamassassin
        spamassassin --> clamav
    end

    subgraph tls ["TLS"]
        direction TB
        certs["/etc/ssl/mail/<br/>fullchain.pem<br/>privkey.pem"]
        sync["rsync cron depuis<br/>araucaria Caddy<br/>Let's Encrypt"]
        sync --> certs
    end

    subgraph config ["Config huinca"]
        direction TB
        vm_info["huinca .66<br/>Ubuntu 24.04 LTS<br/>2 vCPU 4 GB RAM<br/>LVM 70 GB"]
        partitions["/var/mail 40 GB<br/>/var/log 5 GB<br/>/ 15 GB"]
        user_info["user: toshiro<br/>SSH cle uniquement"]
    end

    subgraph access ["Acces reseau"]
        direction TB
        dns["mail.arauco.online<br/>huinca.local<br/>-> 192.168.99.66"]
        nat["NAT Swisscom<br/>:25 :465 :587 :993<br/>-> .66"]
        clients["Clients mail<br/>Thunderbird / K-9"]
    end

    subgraph mailboxes ["Boites mail"]
        direction TB
        maildir["Maildir<br/>/home/*/Maildir/"]
        aliases["Aliases<br/>postmaster -> toshiro<br/>root -> toshiro"]
    end

    clients -->|"IMAPS :993"| dovecot
    clients -->|"SMTPS :465/587"| postfix
    nat --> postfix
    dns -.-> postfix
    certs -.-> postfix
    certs -.-> dovecot
    dovecot --> maildir

    classDef mailStyle fill:#1e4a2e,stroke:#4a9a6a,color:#a8e0c0
    classDef secStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8
    classDef netStyle fill:#1e3a5f,stroke:#4a90d9,color:#a8d0f0
    classDef configStyle fill:#2a3a4a,stroke:#6a8aaa,color:#b0d0e8
    classDef storStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8
    classDef tlsStyle fill:#3a1e5f,stroke:#8a6ad9,color:#c8b0f0

    class postfix,dovecot mailStyle
    class opendkim,spamassassin,clamav,fail2ban_m secStyle
    class dns,nat,clients netStyle
    class vm_info,partitions,user_info configStyle
    class maildir,aliases storStyle
    class certs,sync tlsStyle