From: Frank Brehm Date: Mon, 12 Jun 2017 13:19:49 +0000 (+0200) Subject: saving uncommitted changes in /etc prior to apt run X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=5198c4c1bfb9e4e0d7e76c1a040e0699973be53f;p=config%2Fns1%2Fetc.git saving uncommitted changes in /etc prior to apt run --- diff --git a/.etckeeper b/.etckeeper index 2c99fc9..c93fa98 100755 --- a/.etckeeper +++ b/.etckeeper @@ -62,7 +62,7 @@ maybe chmod 0755 'apache2' maybe chmod 0644 'apache2/apache2.conf' maybe chmod 0755 'apache2/conf-available' maybe chmod 0644 'apache2/conf-available/charset.conf' -maybe chmod 0755 'apache2/conf-available/custom-log.conf' +maybe chmod 0644 'apache2/conf-available/custom-log.conf' maybe chmod 0644 'apache2/conf-available/javascript-common.conf' maybe chmod 0644 'apache2/conf-available/localized-error-pages.conf' maybe chmod 0644 'apache2/conf-available/other-vhosts-access-log.conf' @@ -210,6 +210,7 @@ maybe chmod 0755 'apache2/mods-enabled' maybe chmod 0644 'apache2/ports.conf' maybe chmod 0755 'apache2/sites-available' maybe chmod 0644 'apache2/sites-available/000-default-le-ssl.conf' +maybe chmod 0644 'apache2/sites-available/000-default-ssl.conf' maybe chmod 0644 'apache2/sites-available/000-default.conf' maybe chmod 0644 'apache2/sites-available/default-include.conf' maybe chmod 0644 'apache2/sites-available/default-ssl.conf' diff --git a/apache2/conf-available/custom-log.conf b/apache2/conf-available/custom-log.conf old mode 100755 new mode 100644 diff --git a/apache2/info_users_passwd b/apache2/info_users_passwd index 3643e97..a9cf5ab 100644 --- a/apache2/info_users_passwd +++ b/apache2/info_users_passwd @@ -1,3 +1,3 @@ -monitoring:$apr1$TqC87rAF$vXWiZcbRZMQIfC9XAVUgM. -uhu:$apr1$YDvmWkSk$hBCVtCkgYCtpk0nBafCJW0 -frank:$apr1$ZNUxCrHN$RL75QYUy1Y/FyFi54CAni. +monitoring:$apr1$rq/i6DzS$Qk6YAABQSeIgXe5Z0cc7K0 +uhu:$apr1$cFagqyiq$T2azAWwszStOUz/mmfONd/ +frank:$apr1$q0RMdmRi$5egjyB4c32Ts/swS3hkuN0 diff --git a/apache2/mods-available/info.conf b/apache2/mods-available/info.conf index 0eb5c97..b3e5f59 100644 --- a/apache2/mods-available/info.conf +++ b/apache2/mods-available/info.conf @@ -2,16 +2,17 @@ # Allow remote server configuration reports, with the URL of # http://servername/server-info (requires that mod_info.c be loaded). - # Uncomment and change the "192.0.2.0/24" to allow access from other hosts. # SetHandler server-info AuthName "Server Status Access" AuthType Basic + AuthBasicProvider file AuthUserFile /etc/apache2/info_users_passwd - Require local - Require valid-user - Satisfy Any + + Require local + Require valid-user + diff --git a/apache2/mods-available/status.conf b/apache2/mods-available/status.conf index dd13a38..b61bb58 100644 --- a/apache2/mods-available/status.conf +++ b/apache2/mods-available/status.conf @@ -1,17 +1,17 @@ # Allow server status reports generated by mod_status, # with the URL of http://servername/server-status - # Uncomment and change the "192.0.2.0/24" to allow access from other hosts. SetHandler server-status - #Require ip 192.0.2.0/24 AuthName "Server Status Access" AuthType Basic + AuthBasicProvider file AuthUserFile /etc/apache2/info_users_passwd - Require local - Require valid-user - Satisfy Any + + Require local + Require valid-user + diff --git a/apache2/sites-available/000-default-ssl.conf b/apache2/sites-available/000-default-ssl.conf new file mode 100644 index 0000000..2b203fb --- /dev/null +++ b/apache2/sites-available/000-default-ssl.conf @@ -0,0 +1,54 @@ + + + + + + Include sites-available/default-include.conf + + SSLEngine on + + SSLCertificateFile /etc/letsencrypt/live/ns1.uhu-banane.de-0001/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/ns1.uhu-banane.de-0001/privkey.pem + + Include /etc/letsencrypt/options-ssl-apache.conf + + #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt + + #SSLCACertificatePath /etc/ssl/certs/ + #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt + + #SSLCARevocationPath /etc/apache2/ssl.crl/ + #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl + + #SSLVerifyClient require + #SSLVerifyDepth 10 + + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + # MSIE 7 and newer should be able to use keepalive + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + + ServerName ns1.uhu-banane.de + ServerAlias ns1 + ServerAlias ns1.brehm-online.com + ServerAlias repo + ServerAlias repo.uhu-banane.de + ServerAlias repo.brehm-online.com + ServerAlias repo.uhu-banane.eu + ServerAlias repo.uhu-banane.net + ServerAlias repo.uhu-banane.org + + + + +# vim: filetype=apache ts=8 sw=4 sts=4 sr noet diff --git a/apache2/sites-enabled/000-default-le-ssl.conf b/apache2/sites-enabled/000-default-le-ssl.conf deleted file mode 120000 index 2aae627..0000000 --- a/apache2/sites-enabled/000-default-le-ssl.conf +++ /dev/null @@ -1 +0,0 @@ -/etc/apache2/sites-available/000-default-le-ssl.conf \ No newline at end of file diff --git a/apache2/sites-enabled/000-default-ssl.conf b/apache2/sites-enabled/000-default-ssl.conf new file mode 120000 index 0000000..596612a --- /dev/null +++ b/apache2/sites-enabled/000-default-ssl.conf @@ -0,0 +1 @@ +../sites-available/000-default-ssl.conf \ No newline at end of file diff --git a/apache2/sites-enabled/default-ssl.conf b/apache2/sites-enabled/default-ssl.conf deleted file mode 120000 index 48ae7e4..0000000 --- a/apache2/sites-enabled/default-ssl.conf +++ /dev/null @@ -1 +0,0 @@ -/etc/apache2/sites-available/default-ssl.conf \ No newline at end of file diff --git a/postfix/main.cf b/postfix/main.cf index 6d06643..f6ab268 100644 --- a/postfix/main.cf +++ b/postfix/main.cf @@ -66,11 +66,14 @@ mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, + 10.12.20.2/32, 185.48.118.128/32, 2001:6f8:1c00:365::2/128, + 2001:6f8:1db7::2/128, fe80::1:4eff:feed:632a/128, + fe80::1:d8ff:fea2:5ec1/128, fe80::4f8:1c00:365:2/128, - fe80::4caa:9d73:4396:8258/128, + fe80::9bcd:bbd1:4ef8:6169/128, mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = +