From: Frank Brehm <frank@brehm-online.com>
Date: Sun, 9 Aug 2020 04:38:12 +0000 (+0200)
Subject: daily autocommit
X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=50eb8d7bbd072b1c5a504bf594ad0c118df8ee21;p=config%2Fsarah%2Fetc.git

daily autocommit
---

diff --git a/.etckeeper b/.etckeeper
index d93b3ba..3c44cc7 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -28,7 +28,6 @@ mkdir -p './initramfs-tools/scripts/nfs-top'
 mkdir -p './initramfs-tools/scripts/panic'
 mkdir -p './insserv/overrides'
 mkdir -p './kernel/install.d'
-mkdir -p './letsencrypt/renewal'
 mkdir -p './letsencrypt/renewal-hooks/deploy'
 mkdir -p './letsencrypt/renewal-hooks/post'
 mkdir -p './letsencrypt/renewal-hooks/pre'
@@ -940,6 +939,8 @@ maybe chmod 0644 'ldap/ldap.conf'
 maybe chmod 0755 'ldap/schema'
 maybe chmod 0644 'ldap/schema/amavis.schema'
 maybe chmod 0755 'letsencrypt'
+maybe chmod 0644 'letsencrypt/.updated-options-ssl-nginx-conf-digest.txt'
+maybe chmod 0644 'letsencrypt/.updated-ssl-dhparams-pem-digest.txt'
 maybe chmod 0755 'letsencrypt/accounts'
 maybe chmod 0755 'letsencrypt/accounts/acme-v02.api.letsencrypt.org'
 maybe chmod 0700 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory'
@@ -947,16 +948,35 @@ maybe chmod 0700 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/f8
 maybe chmod 0644 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/f8ceb21f0246f5173cb38ecbde9a58d6/meta.json'
 maybe chmod 0400 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/f8ceb21f0246f5173cb38ecbde9a58d6/private_key.json'
 maybe chmod 0644 'letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/f8ceb21f0246f5173cb38ecbde9a58d6/regr.json'
+maybe chmod 0700 'letsencrypt/archive'
+maybe chmod 0755 'letsencrypt/archive/mail.uhu-banane.net'
+maybe chmod 0644 'letsencrypt/archive/mail.uhu-banane.net/cert1.pem'
+maybe chmod 0644 'letsencrypt/archive/mail.uhu-banane.net/chain1.pem'
+maybe chmod 0644 'letsencrypt/archive/mail.uhu-banane.net/fullchain1.pem'
+maybe chmod 0600 'letsencrypt/archive/mail.uhu-banane.net/privkey1.pem'
 maybe chmod 0644 'letsencrypt/cli.ini'
 maybe chmod 0755 'letsencrypt/csr'
 maybe chmod 0644 'letsencrypt/csr/0000_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0001_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0002_csr-certbot.pem'
+maybe chmod 0644 'letsencrypt/csr/0003_csr-certbot.pem'
 maybe chmod 0700 'letsencrypt/keys'
 maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0001_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0002_key-certbot.pem'
+maybe chmod 0600 'letsencrypt/keys/0003_key-certbot.pem'
+maybe chmod 0700 'letsencrypt/live'
+maybe chmod 0644 'letsencrypt/live/README'
+maybe chmod 0755 'letsencrypt/live/mail.uhu-banane.net'
+maybe chmod 0644 'letsencrypt/live/mail.uhu-banane.net/README'
+maybe chmod 0644 'letsencrypt/options-ssl-nginx.conf'
 maybe chmod 0755 'letsencrypt/renewal'
 maybe chmod 0755 'letsencrypt/renewal-hooks'
 maybe chmod 0755 'letsencrypt/renewal-hooks/deploy'
 maybe chmod 0755 'letsencrypt/renewal-hooks/post'
 maybe chmod 0755 'letsencrypt/renewal-hooks/pre'
+maybe chmod 0644 'letsencrypt/renewal/mail.uhu-banane.net.conf'
+maybe chmod 0644 'letsencrypt/ssl-dhparams.pem'
 maybe chmod 0644 'lftp.conf'
 maybe chmod 0644 'libaudit.conf'
 maybe chmod 0755 'libnl-3'
@@ -1561,6 +1581,8 @@ maybe chmod 0644 'systemd/sleep.conf'
 maybe chmod 0755 'systemd/system'
 maybe chmod 0644 'systemd/system.conf'
 maybe chmod 0755 'systemd/system/.old'
+maybe chmod 0755 'systemd/system/certbot.service.d'
+maybe chmod 0644 'systemd/system/certbot.service.d/posthook.conf'
 maybe chmod 0755 'systemd/system/clamav-daemon.service.d'
 maybe chmod 0644 'systemd/system/clamav-daemon.service.d/extend.conf'
 maybe chmod 0755 'systemd/system/default.target.wants'
diff --git a/cron.d/certbot b/cron.d/certbot
index e38dbb9..f24dc1d 100644
--- a/cron.d/certbot
+++ b/cron.d/certbot
@@ -14,4 +14,4 @@
 SHELL=/bin/sh
 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 
-0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew
+0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --post-hook /usr/local/sbin/restart_mailservices
diff --git a/dovecot/dovecot.conf b/dovecot/dovecot.conf
index a885485..50a1bb7 100644
--- a/dovecot/dovecot.conf
+++ b/dovecot/dovecot.conf
@@ -2,13 +2,13 @@
 # Pigeonhole version 0.5.4 ()
 # OS: Linux 4.19.0-10-amd64 x86_64 Debian 10.5 
 # Hostname: sarah.uhu-banane.de
-auth_debug = yes
-auth_debug_passwords = yes
+auth_debug = no
+auth_debug_passwords = no
 auth_default_realm = uhu-banane.net
 auth_master_user_separator = *
 auth_mechanisms = PLAIN LOGIN
 auth_verbose = yes
-auth_verbose_passwords = plain
+auth_verbose_passwords = no
 dict {
   acl = mysql:/etc/dovecot/dovecot-share-folder.conf
   quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf
@@ -171,10 +171,12 @@ service quota-warning {
   }
 }
 ssl = required
-ssl_cert = </etc/ssl/certs/iRedMail.crt
+# ssl_cert = </etc/ssl/certs/iRedMail.crt
+ssl_cert = </etc/letsencrypt/live/mail.uhu-banane.net/fullchain.pem
 ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 ssl_dh = </usr/share/dovecot/dh.pem
-ssl_key = </etc/ssl/private/iRedMail.key
+# ssl_key = </etc/ssl/private/iRedMail.key
+ssl_key = </etc/letsencrypt/live/mail.uhu-banane.net/privkey.pem
 ssl_prefer_server_ciphers = yes
 # ssl_protocols = TLSv1.2 TLSv1.1 TLSv1 !SSLv3
 ssl_min_protocol = TLSv1
diff --git a/letsencrypt/.updated-options-ssl-nginx-conf-digest.txt b/letsencrypt/.updated-options-ssl-nginx-conf-digest.txt
new file mode 100644
index 0000000..1ca9f28
--- /dev/null
+++ b/letsencrypt/.updated-options-ssl-nginx-conf-digest.txt
@@ -0,0 +1 @@
+4b16fec2bcbcd8a2f3296d886f17f9953ffdcc0af54582452ca1e52f5f776f16
\ No newline at end of file
diff --git a/letsencrypt/.updated-ssl-dhparams-pem-digest.txt b/letsencrypt/.updated-ssl-dhparams-pem-digest.txt
new file mode 100644
index 0000000..42a8ee2
--- /dev/null
+++ b/letsencrypt/.updated-ssl-dhparams-pem-digest.txt
@@ -0,0 +1 @@
+9ba6429597aeed2d8617a7705b56e96d044f64b07971659382e426675105654b
\ No newline at end of file
diff --git a/letsencrypt/archive/mail.uhu-banane.net/cert1.pem b/letsencrypt/archive/mail.uhu-banane.net/cert1.pem
new file mode 100644
index 0000000..15cb953
--- /dev/null
+++ b/letsencrypt/archive/mail.uhu-banane.net/cert1.pem
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFXTCCBEWgAwIBAgISAxNNQOAgIcPgC+Bf+WLmOTKoMA0GCSqGSIb3DQEBCwUA
+MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
+ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA4MDgxNTE5MzFaFw0y
+MDExMDYxNTE5MzFaMB4xHDAaBgNVBAMTE21haWwudWh1LWJhbmFuZS5uZXQwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPWYpnSih/4qz557xdXTXrsyOV
+hp7KjMNgdLPsWchMBEpKblc8vIhHwGYXIetBwuNJw6grEDJmEZ/Bs1zf2GGyxXcs
+7OfMhtwotVQDbHrpU6wnybq3DyL4zjn5g2MkpddT5qjqryfF+iS1rZGrvYTdtBk9
+8ypIyRD9kW/6eP4DWSHlSFoXj6KoWjQH8UcD5YB8hhE5zfHGwmhDLB2vEvX1Kr2r
++SvsedKDLDELQCa523HDb2BOK2OAG02D8ZXk7wP5HnoQbZuli6R6I1WKzdvjrXYJ
+a08R1YjgDxEnsIvX1vB0qc050xbdY8xGhRg5RliUTQl0jcyhY+ItNVTPTNZ3AgMB
+AAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBRezTl3pSxbFMtQNc3L
+j/YthYHDMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUF
+BwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy
+eXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNy
+eXB0Lm9yZy8wHgYDVR0RBBcwFYITbWFpbC51aHUtYmFuYW5lLm5ldDBMBgNVHSAE
+RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw
+Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2
+AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vyQVRuAAABc87ewmwAAAQDAEcw
+RQIgZWbBdL3YrEDvS0Nkj2cAgN16wcHYqlsx0unfDmMyAFwCIQCD8qNytIc5K9mW
+Dv7CXaAz4pNZysTmV858mZLTSxWHxwB1AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq
+7rxhOhpp06IcAAABc87ewpoAAAQDAEYwRAIgQB6A8OWdOZfqTa7T5xEDrZzJXv5P
+SjzTbnLLGXVbZEMCIF08LJGu2OT/da8Ut9mGhUUhUiv0x4CrVc75ao4RWYYfMA0G
+CSqGSIb3DQEBCwUAA4IBAQADAw6pjKJ8B8YNt1i6OKBk5kK8kzjyz8Pv8v4HKc/l
+XKwNC63oTewqGJchmB+zyGmTTdT/VF5cR39f3cUbQd/+yP46thXKD1qsmYYTABZx
+YiZCxEjsWDWL3Hz8i/5LFp798dGHrp0CDatkST3rVAlXkg01QG4JX+naeosyTU1i
+2bKn6nyfTK8os4csN2kTMOiuCKa0QiH7pHJGMN8109Oo10QFzazmCU107lrVIOX2
+UPyhkb64C133GKZMwOSQr1lXzwYX/VRf7q6yJqHbedS+WRcci1onLvAaKkd7C/dZ
+1aSHYwBD/lHqOQ7dTzArFvfVfTFOLCkYoSNmyJ73gGNM
+-----END CERTIFICATE-----
diff --git a/letsencrypt/archive/mail.uhu-banane.net/chain1.pem b/letsencrypt/archive/mail.uhu-banane.net/chain1.pem
new file mode 100644
index 0000000..0002462
--- /dev/null
+++ b/letsencrypt/archive/mail.uhu-banane.net/chain1.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
+SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
+GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
+q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
+SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
+Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
+a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
+/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
+CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
+bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
+c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
+VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
+ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
+MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
+Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
+AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
+uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
+wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
+X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
+PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
+KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+-----END CERTIFICATE-----
diff --git a/letsencrypt/archive/mail.uhu-banane.net/fullchain1.pem b/letsencrypt/archive/mail.uhu-banane.net/fullchain1.pem
new file mode 100644
index 0000000..0ccfe3b
--- /dev/null
+++ b/letsencrypt/archive/mail.uhu-banane.net/fullchain1.pem
@@ -0,0 +1,58 @@
+-----BEGIN CERTIFICATE-----
+MIIFXTCCBEWgAwIBAgISAxNNQOAgIcPgC+Bf+WLmOTKoMA0GCSqGSIb3DQEBCwUA
+MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
+ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA4MDgxNTE5MzFaFw0y
+MDExMDYxNTE5MzFaMB4xHDAaBgNVBAMTE21haWwudWh1LWJhbmFuZS5uZXQwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPWYpnSih/4qz557xdXTXrsyOV
+hp7KjMNgdLPsWchMBEpKblc8vIhHwGYXIetBwuNJw6grEDJmEZ/Bs1zf2GGyxXcs
+7OfMhtwotVQDbHrpU6wnybq3DyL4zjn5g2MkpddT5qjqryfF+iS1rZGrvYTdtBk9
+8ypIyRD9kW/6eP4DWSHlSFoXj6KoWjQH8UcD5YB8hhE5zfHGwmhDLB2vEvX1Kr2r
++SvsedKDLDELQCa523HDb2BOK2OAG02D8ZXk7wP5HnoQbZuli6R6I1WKzdvjrXYJ
+a08R1YjgDxEnsIvX1vB0qc050xbdY8xGhRg5RliUTQl0jcyhY+ItNVTPTNZ3AgMB
+AAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBRezTl3pSxbFMtQNc3L
+j/YthYHDMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUF
+BwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy
+eXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNy
+eXB0Lm9yZy8wHgYDVR0RBBcwFYITbWFpbC51aHUtYmFuYW5lLm5ldDBMBgNVHSAE
+RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw
+Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2
+AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vyQVRuAAABc87ewmwAAAQDAEcw
+RQIgZWbBdL3YrEDvS0Nkj2cAgN16wcHYqlsx0unfDmMyAFwCIQCD8qNytIc5K9mW
+Dv7CXaAz4pNZysTmV858mZLTSxWHxwB1AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq
+7rxhOhpp06IcAAABc87ewpoAAAQDAEYwRAIgQB6A8OWdOZfqTa7T5xEDrZzJXv5P
+SjzTbnLLGXVbZEMCIF08LJGu2OT/da8Ut9mGhUUhUiv0x4CrVc75ao4RWYYfMA0G
+CSqGSIb3DQEBCwUAA4IBAQADAw6pjKJ8B8YNt1i6OKBk5kK8kzjyz8Pv8v4HKc/l
+XKwNC63oTewqGJchmB+zyGmTTdT/VF5cR39f3cUbQd/+yP46thXKD1qsmYYTABZx
+YiZCxEjsWDWL3Hz8i/5LFp798dGHrp0CDatkST3rVAlXkg01QG4JX+naeosyTU1i
+2bKn6nyfTK8os4csN2kTMOiuCKa0QiH7pHJGMN8109Oo10QFzazmCU107lrVIOX2
+UPyhkb64C133GKZMwOSQr1lXzwYX/VRf7q6yJqHbedS+WRcci1onLvAaKkd7C/dZ
+1aSHYwBD/lHqOQ7dTzArFvfVfTFOLCkYoSNmyJ73gGNM
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
+SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
+GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
+q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
+SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
+Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
+a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
+/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
+CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
+bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
+c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
+VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
+ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
+MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
+Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
+AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
+uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
+wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
+X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
+PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
+KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+-----END CERTIFICATE-----
diff --git a/letsencrypt/archive/mail.uhu-banane.net/privkey1.pem b/letsencrypt/archive/mail.uhu-banane.net/privkey1.pem
new file mode 100644
index 0000000..535d47d
--- /dev/null
+++ b/letsencrypt/archive/mail.uhu-banane.net/privkey1.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDPWYpnSih/4qz5
+57xdXTXrsyOVhp7KjMNgdLPsWchMBEpKblc8vIhHwGYXIetBwuNJw6grEDJmEZ/B
+s1zf2GGyxXcs7OfMhtwotVQDbHrpU6wnybq3DyL4zjn5g2MkpddT5qjqryfF+iS1
+rZGrvYTdtBk98ypIyRD9kW/6eP4DWSHlSFoXj6KoWjQH8UcD5YB8hhE5zfHGwmhD
+LB2vEvX1Kr2r+SvsedKDLDELQCa523HDb2BOK2OAG02D8ZXk7wP5HnoQbZuli6R6
+I1WKzdvjrXYJa08R1YjgDxEnsIvX1vB0qc050xbdY8xGhRg5RliUTQl0jcyhY+It
+NVTPTNZ3AgMBAAECggEAJEyHlzd7SZAUOhegeTPFKcMNmrKbf9gOqAcmLF03XF9v
+5gHVEdPrg6wh8zDD75o/kf1HpmpKeGXjctSEkMdfqx04lMvQdJSzXAkKcSL/jXNR
+cxG0tzFWLPplWdHvfE3wGUcLETKiotz8qjV9h/RAm1NZC+hS4bUZXVqloNKnnUwf
+WgSyTTEN9IHzUYYrCQ82o+uhyCgHpTnDktH4D03v+5TXqT3G0MNBZNQml41vF4OP
+aVq2z6njrEhZxNFQL5MxIDZBDMYGEaXSybdM5HQFGqLDEjVnp8VV85MywjIzZXqB
+jWyEGXPJ+Frq+0AGXMqVV8rIBO9lnvWxcGyU8uqR4QKBgQD6UKU8ZUEmTxi0LvO/
+46aLR+9p8IucmrxjzP+KHb8G6H04tU3Bro7hMf01QgA0gdc5csvIuQOVmxBOJKtM
+B4uPAMau7ijAH9TITRtBPetiuDqCJmYZD6unSKyJAIO01Y0cv4xMS51ZPgR/Nwm4
+EaFtoEF6sISFILvGhnOI4zaJRwKBgQDUDxdcZjXe9fEQYd8OyRW1EvqIxC/iUeb7
+8n3SWeEl4klZikMTsvL+hlJRf3tI+VLxXFnGsya0Ew1n/spLLwvtviQ4wh6YAn4Q
+J1ytdsp5YNNJGg55WI+L7shW/PWZ8dh/TEk511dhMqRrg6q7pLBciq3eV1bOMyIn
+Err7knzhUQKBgHgxszYN9LudbWJPzVFN0dG9Z/O5woAfOOi/LdE3OVvq1P4e6Mhg
+tlDh/RDOsWSFGECIo9utI1B6Fdk/+FTYpqWzHLQwvbaLUlQf2j94qQdNKSMHpyzP
+foAkAF0Etzlk9Y5hV8/m2xZYFjazyeHt7VLDic2M5wU505CfTOjlGXHPAoGBAI2X
+cgK5IHk6AHbu0pA9xee8v1n4nPxhsXhCxq5gYwv3lwBZaEZL8yHtsCNImpn0F+Se
+xDb/QfV0zzvEDXC7/hwFHIxlWSYoa+H/VktgiPsYopsp8cYmUtqdWlly186tg+Aj
+oLUlSuvUc6JyLNrTsQppcoSGDqjpzYEHaaA2hHmxAoGALXns3BezPCbgGWWcJ8nh
+Jzf5vDo221By1qJsxcQnzOv9dtR1pO116jQZP1R6yCV7hyVyE/wr6GvKppRZbJuj
+uGOWObm6vV8QRNLBgBE9uSagszYpXESnYgVB8F2KJFdR0CGhyNFoz+6yPMLYNxiG
+W2VR8E3i2eafDWeE/GeZOew=
+-----END PRIVATE KEY-----
diff --git a/letsencrypt/csr/0001_csr-certbot.pem b/letsencrypt/csr/0001_csr-certbot.pem
new file mode 100644
index 0000000..ab099f5
--- /dev/null
+++ b/letsencrypt/csr/0001_csr-certbot.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICdjCCAV4CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7e
+dFDBbh/gWh0YdH7U2TqzuJiNanVInl5aqGH34hIgHTgyuT/valUbuW3pLIGhv3Dh
+cubitDE1S/8083RJwC/IFL3nx1meQ5yW65/cjD9aB3D3rmPrC9toZFHppkr+W+BY
+hh9JKSwztRk9XApDmuH71fhvjWlOmqZ/PYnxthiE2bpJKzkLyD/UGdrOj7KbjvT/
+701xzWM1feHq3P3oWe76tBwixriPq8ovnBHUj56mxtEGzvExqxsMeeTm2k2h3zla
+nSooVfa/KBYHNrLv2YibFoBtYn8MbI4zLFQtwbhxus4tcF+64jNfF4rAMTTR+JmT
+wM5hMetuhZrFiLmbdMcCAwEAAaAxMC8GCSqGSIb3DQEJDjEiMCAwHgYDVR0RBBcw
+FYITbWFpbC51aHUtYmFuYW5lLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAcoYjcxrQ
+w0U+/U9LoGleCvUY/IKyAjjc5WzfwNrT1FiC1KhswC3vGUlRavbR71kX7nKkF5BO
+v5RyWBiacfpBQxRZgao1kV3cpk+dpFGRSE5Bvqw/44x0GXn87vib/umjbjTuy/6m
+xdF9YEM+t3Vfj4vnwYx8+bZlqSDVRJFRJk2lUct18rjOUaUe5w/50zDk2mFHI/Oj
+vIwPiMBH5sJyiMOtFqdJvw0iBruhUot0bD9+Nqb2mLF2mX0DKzdgylFudKRU06xp
+g2OjnwnsorUipfuZN9gAZdHoPW9pyXjl28yGjysBUeHQaIbpwzu7297Z2uHsrS5u
+iEOAziaoyDqpvg==
+-----END CERTIFICATE REQUEST-----
diff --git a/letsencrypt/csr/0002_csr-certbot.pem b/letsencrypt/csr/0002_csr-certbot.pem
new file mode 100644
index 0000000..f117021
--- /dev/null
+++ b/letsencrypt/csr/0002_csr-certbot.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICdjCCAV4CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALz9
+5bmKhj924kTvQqoynIuuonwLc2htrBHFGqQL0rWQY+vGgpXcsx3kDIUcc3oPGxk7
+WWt0Dl1qdwvmRokjtVGP0Sgoye46DQMh8nuIwfjuZmUe6CFzpcmbviom/Y0OvEnC
+xjJy9H87jlTi+g+OVVTzsTX6K4rBNoS0jMihlqvwbqFucRRyGui+x68PuAp5eJFC
++tNjU6D5VkyrV8mbzKTySb5XZyu2vM7ZpEQee99HMrBncvvt54EYMAjfReEhBcDf
+9xlSjmgW3+yw4M3e4EUSbwm5n57v0DIoqlnHZJfUsj/01IQxUtRGdg3OkePwrUuK
+Q+TkBGwoLaSXgfNMgk8CAwEAAaAxMC8GCSqGSIb3DQEJDjEiMCAwHgYDVR0RBBcw
+FYITbWFpbC51aHUtYmFuYW5lLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAhkqOVqxz
+H+1IhvDNa4uH/XyPJb6eWRJX5UHYoKtmpwTSTFA26J/lxRJf6NaF8Tca3fJ1qxeW
+Z5MNP7cvO671iywJPgqMCZlnB17+fxHgUuHRYxEWox9OahQ2bhJheS4Meyt8k/un
+WzhB4XtwFdPbO0vuIH3swzr4BKa/QZen6w+rmNT0iwc67Iqz3GvWMy+N3QKxCvZA
+fGO3D5fhNZOejjaAsEpNfMfZhmyjDlMFAIIwcP5wG2F7/ZqBZW84eMyXYxVr3TXM
+Jp+TsAUiMEkrKCi/WK1dazWtQETrzZAlYLTjeU3W9PYyOxBsrhgtlWlmx8usZscZ
+8nXcadyltD99CQ==
+-----END CERTIFICATE REQUEST-----
diff --git a/letsencrypt/csr/0003_csr-certbot.pem b/letsencrypt/csr/0003_csr-certbot.pem
new file mode 100644
index 0000000..0e39e9d
--- /dev/null
+++ b/letsencrypt/csr/0003_csr-certbot.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICdjCCAV4CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM9Z
+imdKKH/irPnnvF1dNeuzI5WGnsqMw2B0s+xZyEwESkpuVzy8iEfAZhch60HC40nD
+qCsQMmYRn8GzXN/YYbLFdyzs58yG3Ci1VANseulTrCfJurcPIvjOOfmDYySl11Pm
+qOqvJ8X6JLWtkau9hN20GT3zKkjJEP2Rb/p4/gNZIeVIWhePoqhaNAfxRwPlgHyG
+ETnN8cbCaEMsHa8S9fUqvav5K+x50oMsMQtAJrnbccNvYE4rY4AbTYPxleTvA/ke
+ehBtm6WLpHojVYrN2+OtdglrTxHViOAPESewi9fW8HSpzTnTFt1jzEaFGDlGWJRN
+CXSNzKFj4i01VM9M1ncCAwEAAaAxMC8GCSqGSIb3DQEJDjEiMCAwHgYDVR0RBBcw
+FYITbWFpbC51aHUtYmFuYW5lLm5ldDANBgkqhkiG9w0BAQsFAAOCAQEANa8kv+x8
+ZhFO5w3uMo0aAEy/uW7ildSk25bexaW8fY2wqhqt1y4Oz9T87XHMq3AP4S7RJzDj
+hnolKcMFemX6nfRbkvz5FmbxpGCfAqRmE+rhyphQAtAGV4mDAHZ04PQwr1WZ0RSg
+YFzKnUe6TEDWW+/W5kaZCJNrXh72M/xB/fPCqbyystjSY40pdH2IqUU7mK7YUJWA
+3FhMbYe45fiP9EqLWbLuCovcyvj20FA42eFNk6gqaqTINbGv2NOjeOD0SClFDb+n
+MhCHEicT9w4xLmVyPP7D3kAvaz4i6SuUjlf6ouGKoJL7yBp0iXKtZuOTCP3SzuuG
+Lr1Czy6vdecEWA==
+-----END CERTIFICATE REQUEST-----
diff --git a/letsencrypt/keys/0001_key-certbot.pem b/letsencrypt/keys/0001_key-certbot.pem
new file mode 100644
index 0000000..56452b8
--- /dev/null
+++ b/letsencrypt/keys/0001_key-certbot.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC+3nRQwW4f4Fod
+GHR+1Nk6s7iYjWp1SJ5eWqhh9+ISIB04Mrk/72pVG7lt6SyBob9w4XLm4rQxNUv/
+NPN0ScAvyBS958dZnkOcluuf3Iw/Wgdw965j6wvbaGRR6aZK/lvgWIYfSSksM7UZ
+PVwKQ5rh+9X4b41pTpqmfz2J8bYYhNm6SSs5C8g/1Bnazo+ym470/+9Ncc1jNX3h
+6tz96Fnu+rQcIsa4j6vKL5wR1I+epsbRBs7xMasbDHnk5tpNod85Wp0qKFX2vygW
+Bzay79mImxaAbWJ/DGyOMyxULcG4cbrOLXBfuuIzXxeKwDE00fiZk8DOYTHrboWa
+xYi5m3THAgMBAAECggEBAK9+lnASChFhFTofXC2pwzpIOPh7PmEsLgEPVjcN1l1Y
+DcW4TcBNf/VVEn/On09pyz4c7KsB0zBTktbKdvZ7QSwtyXR7Aj6SWBRIZ8mK3aD6
+RFFISp4wZayNJYBzVqUpjoyOmHN3r1WnDWJxmokNdAFIropI9zrWPTfNUmXdStLq
+62TdCOIhBkh81pF2SHxB/a4I946j8Rj/t3SUuju1phEd1XPCW6hKqaFAKxMPcqf3
+zBs7zrmJz5kDhyYDb+cpl1KELyC83fA7fXSY1qqbmX7sQtKBlEbbxSk86xB+RHpI
+l1neQBmPDop8InBhVg2Baro2X/Chp5NGQAOgDa5isUECgYEA85pAeYkrO/KdxPdh
+6d9lmdoIagZXErkN72nU1VYE4Z50tekuVFOqvG7Ek5xP/2SwByNavyzyOBTY7qw4
+gtjFsFoywzkLY2+M+TrwmOiZS7wWUYqwnJZg1u/F1S98Jly59eVu43qoQU8kUK+e
+io7bZTnKSBr1XznTYlN48MjFvTcCgYEAyJUrQphOsuM8RDDefPHUydBlb9m6LmDo
+nmqTS3MsyALhTj2X+otF4BJdDe8sOTAN/uPj+qv8ukZdR4eFM1NXpeLJMKXSrrgQ
+Q+Bjm+XgBeylY8DX1y5V1a4wNpGxixN5Oc5fOZWjyY8jyf02ivH19oIEEsCEN2ku
+F8qXZvr4TPECgYBeJvZYgw20w9b6s+qiK/fm+QBbikvJLsEWEb9zHSYR1d6iGJgR
+e6z325AaxUWeHlpyx9VhIowT5OrbhLDq0cHGoXYRQlEGg6zm/0LStsPZI780kPgl
+7XFMYawC87F2Wkx9n8m2Hkg9xcrxbI9IWmKtwyJNsC26Om1bCYwq9E6JDQKBgQCq
+mEwJwLY2aROpv5KK27cpyedsANbbeSp/CY+q/RMaLXDodXRb77YHRDcGkeOf4+IT
+ZklQupQg7ZWKL5W3OGv0N3T7vhz44q1avW6aeiFViJaFx88LQWpZaWOyFanV6kMR
+ShctR7rcw7QhqA2KkQ2rkZrbRAdvhTJho7mvKUajUQKBgFx0B8s1ESzvhtrgq7xp
+bxnGOxTyc7/pVXlXoIVd+kR15vWxpqNClhneH7bPuaWeB0qk+HF/sU7tw6rXyM13
+HY07cSLtybV3XaYVPOs2teJgSBXhi8VRrvGcwEiyH1vXtdl7ACwQGj6Jp16rmNwp
+wn7H78Lp2WeOrYlBtIMGF6yy
+-----END PRIVATE KEY-----
diff --git a/letsencrypt/keys/0002_key-certbot.pem b/letsencrypt/keys/0002_key-certbot.pem
new file mode 100644
index 0000000..1a2d83d
--- /dev/null
+++ b/letsencrypt/keys/0002_key-certbot.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8/eW5ioY/duJE
+70KqMpyLrqJ8C3NobawRxRqkC9K1kGPrxoKV3LMd5AyFHHN6DxsZO1lrdA5dancL
+5kaJI7VRj9EoKMnuOg0DIfJ7iMH47mZlHughc6XJm74qJv2NDrxJwsYycvR/O45U
+4voPjlVU87E1+iuKwTaEtIzIoZar8G6hbnEUchrovsevD7gKeXiRQvrTY1Og+VZM
+q1fJm8yk8km+V2crtrzO2aREHnvfRzKwZ3L77eeBGDAI30XhIQXA3/cZUo5oFt/s
+sODN3uBFEm8JuZ+e79AyKKpZx2SX1LI/9NSEMVLURnYNzpHj8K1LikPk5ARsKC2k
+l4HzTIJPAgMBAAECggEAIczi7hkZQ3Z2p0+HQ7tDhjPYeYjuvgmHUbJHvnki2TgW
+ts9NAZJ0Mm9b0d6xxG25Mf0MVAxwmUJ2QhmQGezZ+9lV1fHdk46sTxgeLvvZfTTd
++U3axEjTqMgC7bUFednd0O9V1SX8FllHbmUdxfR1zHi9A+NXMDy4DGniF+vWb6+E
+gxc81qPDO/AGmlbia38/I+uca3nxX/LVODU0WSbDRz/pQrZM32WQWM3Yd3Ekj0e4
+3pSHfLtX5nXiixDI03ntLVKSv1bnaCRxwmSVEpdkMiOQ9g22lrJJ2vbYWvtvyCXE
+T9XamS25fuAcJtvNivR+jQ2upru/v6Ry/fulNKD3AQKBgQDxn1SkioVcNoQ4JgGB
+O2Caz+Sx3nYarqzTsJM2G1GXI10q7n8WhJrlt2pNTP1Hk3J2yjDd3rJUtJSu5TNU
+1nfSBGoqMOE9hzTvKFrC359npss5UQl7pNGHnITu/+G3FTP3t3/sWcliqcxxHUv2
+fJ1cyLVfcgIr5J8ZAsT0CYjOzwKBgQDIPNZKIMS2fZBoCeLBZ446AjhW6UybH/E7
+fn2BiKe5L6b5qxiPFNRAI68ALykniCDTQz9tOgBN+1Lt/yVnCysvsKvgp36lAm8O
+6Ui9bsXdRcLfSFKPHubF7OEvklbXhRV7OWjzSDZM4+qhsayZSlHReJVA9XCWx3A2
+Jhmv05H0gQKBgQDBa8nHWjg9xEp95DbKLC0+YPPzS2GCJJinca+23ZGoCqA3kOpd
+rVOOVxCaxunulWNJIryRsAdT9acchtBbtr/+eJhAJBb7OTQvyz80xu0Ffakrvep4
+d01gYPStmlsnQ6rxP40BODMVb1YAqvI3ZDRYpTdEK7D/UCnoTKY7sTI6UwKBgBzn
+SzdgC4UcEuAxrR2lyQ3ujBtficNKlRO1aoBsLWm5yyx22hCtPQYVIImyRQqDx9k2
+98zYdnrLMGlSTx/UqOM1aVoAU3OWKlnIqstNVhpem4aHdgNavo0LaGXphceOWk9z
+NgcIAW6P56p3byahZ7YI5eJ+i0X4e+YVEdgjfgoBAoGBAMhw8cTwHyT0C3+gp3J/
+soe+FY6LddJBQZC9smdV9GsJqkP9C2kgkC6NTy2uCajfyil9PWjQ32+rriU10XMi
+mYvNGGb/KJM7SYifhlvoVuVQmrDwEN3S7cvXx/qJ4xMoCFZImpyFK52ghq3SwxKP
+ZALPcVgwJSRoJvtuNCt4pCnK
+-----END PRIVATE KEY-----
diff --git a/letsencrypt/keys/0003_key-certbot.pem b/letsencrypt/keys/0003_key-certbot.pem
new file mode 100644
index 0000000..535d47d
--- /dev/null
+++ b/letsencrypt/keys/0003_key-certbot.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDPWYpnSih/4qz5
+57xdXTXrsyOVhp7KjMNgdLPsWchMBEpKblc8vIhHwGYXIetBwuNJw6grEDJmEZ/B
+s1zf2GGyxXcs7OfMhtwotVQDbHrpU6wnybq3DyL4zjn5g2MkpddT5qjqryfF+iS1
+rZGrvYTdtBk98ypIyRD9kW/6eP4DWSHlSFoXj6KoWjQH8UcD5YB8hhE5zfHGwmhD
+LB2vEvX1Kr2r+SvsedKDLDELQCa523HDb2BOK2OAG02D8ZXk7wP5HnoQbZuli6R6
+I1WKzdvjrXYJa08R1YjgDxEnsIvX1vB0qc050xbdY8xGhRg5RliUTQl0jcyhY+It
+NVTPTNZ3AgMBAAECggEAJEyHlzd7SZAUOhegeTPFKcMNmrKbf9gOqAcmLF03XF9v
+5gHVEdPrg6wh8zDD75o/kf1HpmpKeGXjctSEkMdfqx04lMvQdJSzXAkKcSL/jXNR
+cxG0tzFWLPplWdHvfE3wGUcLETKiotz8qjV9h/RAm1NZC+hS4bUZXVqloNKnnUwf
+WgSyTTEN9IHzUYYrCQ82o+uhyCgHpTnDktH4D03v+5TXqT3G0MNBZNQml41vF4OP
+aVq2z6njrEhZxNFQL5MxIDZBDMYGEaXSybdM5HQFGqLDEjVnp8VV85MywjIzZXqB
+jWyEGXPJ+Frq+0AGXMqVV8rIBO9lnvWxcGyU8uqR4QKBgQD6UKU8ZUEmTxi0LvO/
+46aLR+9p8IucmrxjzP+KHb8G6H04tU3Bro7hMf01QgA0gdc5csvIuQOVmxBOJKtM
+B4uPAMau7ijAH9TITRtBPetiuDqCJmYZD6unSKyJAIO01Y0cv4xMS51ZPgR/Nwm4
+EaFtoEF6sISFILvGhnOI4zaJRwKBgQDUDxdcZjXe9fEQYd8OyRW1EvqIxC/iUeb7
+8n3SWeEl4klZikMTsvL+hlJRf3tI+VLxXFnGsya0Ew1n/spLLwvtviQ4wh6YAn4Q
+J1ytdsp5YNNJGg55WI+L7shW/PWZ8dh/TEk511dhMqRrg6q7pLBciq3eV1bOMyIn
+Err7knzhUQKBgHgxszYN9LudbWJPzVFN0dG9Z/O5woAfOOi/LdE3OVvq1P4e6Mhg
+tlDh/RDOsWSFGECIo9utI1B6Fdk/+FTYpqWzHLQwvbaLUlQf2j94qQdNKSMHpyzP
+foAkAF0Etzlk9Y5hV8/m2xZYFjazyeHt7VLDic2M5wU505CfTOjlGXHPAoGBAI2X
+cgK5IHk6AHbu0pA9xee8v1n4nPxhsXhCxq5gYwv3lwBZaEZL8yHtsCNImpn0F+Se
+xDb/QfV0zzvEDXC7/hwFHIxlWSYoa+H/VktgiPsYopsp8cYmUtqdWlly186tg+Aj
+oLUlSuvUc6JyLNrTsQppcoSGDqjpzYEHaaA2hHmxAoGALXns3BezPCbgGWWcJ8nh
+Jzf5vDo221By1qJsxcQnzOv9dtR1pO116jQZP1R6yCV7hyVyE/wr6GvKppRZbJuj
+uGOWObm6vV8QRNLBgBE9uSagszYpXESnYgVB8F2KJFdR0CGhyNFoz+6yPMLYNxiG
+W2VR8E3i2eafDWeE/GeZOew=
+-----END PRIVATE KEY-----
diff --git a/letsencrypt/live/README b/letsencrypt/live/README
new file mode 100644
index 0000000..00b733c
--- /dev/null
+++ b/letsencrypt/live/README
@@ -0,0 +1,14 @@
+This directory contains your keys and certificates.
+
+`[cert name]/privkey.pem`  : the private key for your certificate.
+`[cert name]/fullchain.pem`: the certificate file used in most server software.
+`[cert name]/chain.pem`    : used for OCSP stapling in Nginx >=1.3.7.
+`[cert name]/cert.pem`     : will break many server configurations, and should not be used
+                 without reading further documentation (see link below).
+
+WARNING: DO NOT MOVE OR RENAME THESE FILES!
+         Certbot expects these files to remain in this location in order
+         to function properly!
+
+We recommend not moving these files. For more information, see the Certbot
+User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.
diff --git a/letsencrypt/live/mail.uhu-banane.net/README b/letsencrypt/live/mail.uhu-banane.net/README
new file mode 100644
index 0000000..5050078
--- /dev/null
+++ b/letsencrypt/live/mail.uhu-banane.net/README
@@ -0,0 +1,14 @@
+This directory contains your keys and certificates.
+
+`privkey.pem`  : the private key for your certificate.
+`fullchain.pem`: the certificate file used in most server software.
+`chain.pem`    : used for OCSP stapling in Nginx >=1.3.7.
+`cert.pem`     : will break many server configurations, and should not be used
+                 without reading further documentation (see link below).
+
+WARNING: DO NOT MOVE OR RENAME THESE FILES!
+         Certbot expects these files to remain in this location in order
+         to function properly!
+
+We recommend not moving these files. For more information, see the Certbot
+User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.
diff --git a/letsencrypt/live/mail.uhu-banane.net/cert.pem b/letsencrypt/live/mail.uhu-banane.net/cert.pem
new file mode 120000
index 0000000..d05018c
--- /dev/null
+++ b/letsencrypt/live/mail.uhu-banane.net/cert.pem
@@ -0,0 +1 @@
+../../archive/mail.uhu-banane.net/cert1.pem
\ No newline at end of file
diff --git a/letsencrypt/live/mail.uhu-banane.net/chain.pem b/letsencrypt/live/mail.uhu-banane.net/chain.pem
new file mode 120000
index 0000000..167cb72
--- /dev/null
+++ b/letsencrypt/live/mail.uhu-banane.net/chain.pem
@@ -0,0 +1 @@
+../../archive/mail.uhu-banane.net/chain1.pem
\ No newline at end of file
diff --git a/letsencrypt/live/mail.uhu-banane.net/fullchain.pem b/letsencrypt/live/mail.uhu-banane.net/fullchain.pem
new file mode 120000
index 0000000..9c3ef24
--- /dev/null
+++ b/letsencrypt/live/mail.uhu-banane.net/fullchain.pem
@@ -0,0 +1 @@
+../../archive/mail.uhu-banane.net/fullchain1.pem
\ No newline at end of file
diff --git a/letsencrypt/live/mail.uhu-banane.net/privkey.pem b/letsencrypt/live/mail.uhu-banane.net/privkey.pem
new file mode 120000
index 0000000..ead5dc6
--- /dev/null
+++ b/letsencrypt/live/mail.uhu-banane.net/privkey.pem
@@ -0,0 +1 @@
+../../archive/mail.uhu-banane.net/privkey1.pem
\ No newline at end of file
diff --git a/letsencrypt/options-ssl-nginx.conf b/letsencrypt/options-ssl-nginx.conf
new file mode 100644
index 0000000..292d429
--- /dev/null
+++ b/letsencrypt/options-ssl-nginx.conf
@@ -0,0 +1,13 @@
+# This file contains important security parameters. If you modify this file
+# manually, Certbot will be unable to automatically provide future security
+# updates. Instead, Certbot will print and log an error message with a path to
+# the up-to-date file that you will need to refer to when manually updating
+# this file.
+
+ssl_session_cache shared:le_nginx_SSL:1m;
+ssl_session_timeout 1440m;
+
+ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ssl_prefer_server_ciphers on;
+
+ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";
diff --git a/letsencrypt/renewal/mail.uhu-banane.net.conf b/letsencrypt/renewal/mail.uhu-banane.net.conf
new file mode 100644
index 0000000..7ab9de2
--- /dev/null
+++ b/letsencrypt/renewal/mail.uhu-banane.net.conf
@@ -0,0 +1,13 @@
+# renew_before_expiry = 30 days
+version = 0.31.0
+archive_dir = /etc/letsencrypt/archive/mail.uhu-banane.net
+cert = /etc/letsencrypt/live/mail.uhu-banane.net/cert.pem
+privkey = /etc/letsencrypt/live/mail.uhu-banane.net/privkey.pem
+chain = /etc/letsencrypt/live/mail.uhu-banane.net/chain.pem
+fullchain = /etc/letsencrypt/live/mail.uhu-banane.net/fullchain.pem
+
+# Options used in the renewal process
+[renewalparams]
+account = f8ceb21f0246f5173cb38ecbde9a58d6
+authenticator = nginx
+server = https://acme-v02.api.letsencrypt.org/directory
diff --git a/letsencrypt/ssl-dhparams.pem b/letsencrypt/ssl-dhparams.pem
new file mode 100644
index 0000000..9b182b7
--- /dev/null
+++ b/letsencrypt/ssl-dhparams.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
+-----END DH PARAMETERS-----
diff --git a/motd b/motd
index 7a9abdd..66a2643 100644
--- a/motd
+++ b/motd
@@ -6,8 +6,10 @@ Debian GNU/Linux 10 (buster)
 |____/ \__,_|_|  \__,_|_| |_|
                              
 
-Wie man sein Kind nicht nennen sollte: 
-  Marc Rele 
+GlÃ¼cklichsein ist eine Gabe des Schicksals und kommt nicht von auÃen;
+man muÃ es sich selbst erkÃ¤mpfen. Das ist aber auch trÃ¶stend, denn man
+kann es sich erkÃ¤mpfen.
+		-- Wilhelm von Humboldt
 
-Today is Setting Orange, the 1st day of Bureaucracy in the YOLD 3186
+Today is Sweetmorn, the 2nd day of Bureaucracy in the YOLD 3186
 
diff --git a/postfix/main.cf b/postfix/main.cf
index f784959..07e0320 100644
--- a/postfix/main.cf
+++ b/postfix/main.cf
@@ -92,9 +92,9 @@ inet_interfaces = all
 #
 # SSL key, certificate, CA
 #
-smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
-smtpd_tls_cert_file = /etc/ssl/certs/iRedMail.crt
-smtpd_tls_CAfile = /etc/ssl/certs/iRedMail.crt
+smtpd_tls_key_file = /etc/letsencrypt/live/mail.uhu-banane.net/privkey.pem
+smtpd_tls_cert_file = /etc/letsencrypt/live/mail.uhu-banane.net/fullchain.pem
+smtpd_tls_CAfile = $smtpd_tls_cert_file
 
 #
 # Disable SSLv2, SSLv3
@@ -144,7 +144,7 @@ smtpd_tls_security_level = may
 smtp_tls_security_level = may
 
 # Use the same CA file as smtpd.
-smtp_tls_CAfile = $smtpd_tls_CAfile
+smtp_tls_CAfile = $smtpd_tls_cert_file
 smtp_tls_note_starttls_offer = yes
 
 # Enable long, non-repeating, queue IDs (queue file names).
@@ -309,3 +309,5 @@ smtpd_tls_received_header = yes
 
 smtpd_banner = $myhostname ESMTP $mail_name $mail_version
 smtpd_sasl_authenticated_header = yes
+smtp_tls_cert_file = $smtpd_tls_cert_file
+smtp_tls_key_file = $smtpd_tls_key_file
diff --git a/systemd/system/certbot.service.d/posthook.conf b/systemd/system/certbot.service.d/posthook.conf
new file mode 100644
index 0000000..022e63d
--- /dev/null
+++ b/systemd/system/certbot.service.d/posthook.conf
@@ -0,0 +1,2 @@
+[Service]
+ExecStart=/usr/bin/certbot -q renew --post-hook /usr/local/sbin/restart_mailservices