diff options
Diffstat (limited to 'playbooks/roles/outbound')
4 files changed, 52 insertions, 2 deletions
diff --git a/playbooks/roles/outbound/tasks/main.yml b/playbooks/roles/outbound/tasks/main.yml index 863351f..107e71a 100644 --- a/playbooks/roles/outbound/tasks/main.yml +++ b/playbooks/roles/outbound/tasks/main.yml @@ -94,6 +94,18 @@ with_filetree: '../templates/proxy' when: item.state == 'file' +- name: Allow mail ports + with_items: + - "25" + - "587" + - "465" + - "993" + - "4190" + community.general.ufw: + rule: allow + port: "{{ item }}" + state: "enabled" + - name: Daemon-reload and enable proxy ansible.builtin.systemd_service: state: started diff --git a/playbooks/roles/outbound/templates/headscale/config/config.yaml b/playbooks/roles/outbound/templates/headscale/config/config.yaml index 660708e..6bfbfb9 100644 --- a/playbooks/roles/outbound/templates/headscale/config/config.yaml +++ b/playbooks/roles/outbound/templates/headscale/config/config.yaml @@ -105,10 +105,9 @@ database: # SQLite config sqlite: path: /var/lib/headscale/db.sqlite - write_ahead_log: true + write_ahead_log: false # cuz we sometimes need to rollout. ahhhhh. wal_autocheckpoint: 1000 - log: # Output formatting for logs: text or json format: text diff --git a/playbooks/roles/outbound/templates/proxy/docker-compose.yml b/playbooks/roles/outbound/templates/proxy/docker-compose.yml index 7deea56..9642d6a 100644 --- a/playbooks/roles/outbound/templates/proxy/docker-compose.yml +++ b/playbooks/roles/outbound/templates/proxy/docker-compose.yml @@ -28,6 +28,7 @@ services: - headscale-client volumes: - ./sites-enabled:/etc/nginx/conf.d + - ./toplevel.conf.d:/etc/nginx/toplevel.conf.d networks: proxy: diff --git a/playbooks/roles/outbound/templates/proxy/toplevel.conf.d/stream.conf b/playbooks/roles/outbound/templates/proxy/toplevel.conf.d/stream.conf new file mode 100644 index 0000000..68d5445 --- /dev/null +++ b/playbooks/roles/outbound/templates/proxy/toplevel.conf.d/stream.conf @@ -0,0 +1,38 @@ +stream { + upstream imaps { + server {{ loadbalancer_ip }}:993; + } + upstream smtps { + server {{ loadbalancer_ip }}:465; + } + upstream smtptls { + server {{ loadbalancer_ip }}:587; + } + upstream smtp { + server {{ loadbalancer_ip }}:25; + } + upstream managesieve { + server {{ loadbalancer_ip }}:4190; + } + + server { + listen 993; + proxy_pass imaps; + } + server { + listen 25; + proxy_pass smtp; + } + server { + listen 587; + proxy_pass smtptls; + } + server { + listen 465; + proxy_pass smtps; + } + server { + listen 4190; + proxy_pass managesieve; + } +} |