summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Löthberg <johannes@kyriasis.com>2024-10-25 15:43:17 +0200
committerJohannes Löthberg <johannes@kyriasis.com>2024-10-25 15:43:17 +0200
commitd4abab3058822a2b78d8d10a281738b592714a77 (patch)
treea087888e5387ab6a957e79155674f5d6fe749483
parent2ebdc54ea23cb57e1fa7ee03420e3f34dca2363e (diff)
downloadpillar-d4abab3058822a2b78d8d10a281738b592714a77.tar.xz
Drop remmy.io
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
-rw-r--r--nginx/gallery_remmy_io.sls111
-rw-r--r--nginx/remmy_io.sls56
-rw-r--r--opensmtpd/theos.sls8
-rw-r--r--top.sls3
4 files changed, 4 insertions, 174 deletions
diff --git a/nginx/gallery_remmy_io.sls b/nginx/gallery_remmy_io.sls
deleted file mode 100644
index 76b0fb1..0000000
--- a/nginx/gallery_remmy_io.sls
+++ /dev/null
@@ -1,111 +0,0 @@
-nginx:
- servers:
- managed:
- gallery.remmy.io:
- enabled: True
- config:
- - server:
- - server_name: .gallery.remmy.io
- - listen: 80
- - listen: '[::]:80'
-
- - location /.well-known/acme-challenge:
- - root: /srv/http
-
- - location /:
- - return: '301 https://gallery.remmy.foo$request_uri'
-
- - server:
- - server_name: .gallery.remmy.io
- - listen: 443 ssl http2
- - listen: '[::]:443 ssl http2'
-
- - ssl_certificate: /etc/letsencrypt/live/gallery.remmy.io/fullchain.pem
- - ssl_certificate_key: /etc/letsencrypt/live/gallery.remmy.io/privkey.pem
- - ssl_dhparam: /etc/nginx/dhparam.pem
-
- - ssl_stapling: 'on'
- - ssl_stapling_verify: 'on'
- - ssl_trusted_certificate: /etc/letsencrypt/live/gallery.remmy.io/fullchain.pem
-
- # https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
- - add_header: 'Strict-Transport-Security "max-age=31536000"'
-
- # Tell browsers not to render the page inside a frame, and avoid clickjacking.
- - add_header: X-Frame-Options SAMEORIGIN
-
- # Tell browsers to not try to auto-detect the Content-Type.
- - add_header: X-Content-Type-Options nosniff
-
- # Enable the Cross-site scripting filter in most recent browsers.
- # Normally enabled by default, but enable it anyway if user has disabled it.
- - add_header: 'X-XSS-Protection "1; mode=block"'
-
- # http://www.gnuterrypratchett.com/
- - add_header: 'X-Clacks-Overhead "GNU Terry Pratchett"'
-
- - error_log: /var/log/nginx/gallery_remmy_io.error.log
-
- - try_files: $uri $uri.html $uri/ =404
-
-
- - location /.well-known/acme-challenge:
- - root: /srv/http
-
- - location /:
- - return: '301 https://gallery.remmy.foo$request_uri'
-
-
- gallery-static.remmy.io:
- enabled: True
- config:
- - server:
- - server_name: .gallery-static.remmy.io
- - listen: 80
- - listen: '[::]:80'
-
- - location /.well-known/acme-challenge:
- - root: /srv/http
-
- - location /:
- - return: '301 https://gallery-static.remmy.foo$request_uri'
-
-
- - server:
- - server_name: .gallery-static.remmy.io
- - listen: 443 ssl http2
- - listen: '[::]:443 ssl http2'
-
- - ssl_certificate: /etc/letsencrypt/live/gallery-static.remmy.io/fullchain.pem
- - ssl_certificate_key: /etc/letsencrypt/live/gallery-static.remmy.io/privkey.pem
- - ssl_dhparam: /etc/nginx/dhparam.pem
-
- - ssl_stapling: 'on'
- - ssl_stapling_verify: 'on'
- - ssl_trusted_certificate: /etc/letsencrypt/live/gallery-static.remmy.io/fullchain.pem
-
- # https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
- - add_header: 'Strict-Transport-Security "max-age=31536000"'
-
- # Tell browsers not to render the page inside a frame, and avoid clickjacking.
- - add_header: X-Frame-Options SAMEORIGIN
-
- # Tell browsers to not try to auto-detect the Content-Type.
- - add_header: X-Content-Type-Options nosniff
-
- # Enable the Cross-site scripting filter in most recent browsers.
- # Normally enabled by default, but enable it anyway if user has disabled it.
- - add_header: 'X-XSS-Protection "1; mode=block"'
-
- # http://www.gnuterrypratchett.com/
- - add_header: 'X-Clacks-Overhead "GNU Terry Pratchett"'
-
- - error_log: /var/log/nginx/gallery_static_remmy_io.error.log
-
- - location /.well-known/acme-challenge:
- - root: /srv/http
-
- - location /:
- - return: '301 https://gallery-static.remmy.foo$request_uri'
-
-# vim: ft=yaml et:
diff --git a/nginx/remmy_io.sls b/nginx/remmy_io.sls
deleted file mode 100644
index 7a2b57a..0000000
--- a/nginx/remmy_io.sls
+++ /dev/null
@@ -1,56 +0,0 @@
-nginx:
- servers:
- managed:
- remmy.io:
- enabled: True
- config:
- - server:
- - server_name: .remmy.io
- - listen: 80
- - listen: '[::]:80'
-
- - location /.well-known/acme-challenge:
- - root: /srv/http
-
- - location /:
- - return: '301 https://remmy.foo$request_uri'
-
-
- - server:
- - server_name: .remmy.io
- - listen: 443 ssl http2
- - listen: '[::]:443 ssl http2'
-
- - ssl_certificate: /etc/letsencrypt/live/remmy.io/fullchain.pem
- - ssl_certificate_key: /etc/letsencrypt/live/remmy.io/privkey.pem
- - ssl_dhparam: /etc/nginx/dhparam.pem
-
- - ssl_stapling: 'on'
- - ssl_stapling_verify: 'on'
- - ssl_trusted_certificate: /etc/letsencrypt/live/remmy.io/fullchain.pem
-
- # https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
- - add_header: 'Strict-Transport-Security "max-age=31536000"'
-
- # Tell browsers not to render the page inside a frame, and avoid clickjacking.
- - add_header: X-Frame-Options SAMEORIGIN
-
- # Tell browsers to not try to auto-detect the Content-Type.
- - add_header: X-Content-Type-Options nosniff
-
- # Enable the Cross-site scripting filter in most recent browsers.
- # Normally enabled by default, but enable it anyway if user has disabled it.
- - add_header: 'X-XSS-Protection "1; mode=block"'
-
- # http://www.gnuterrypratchett.com/
- - add_header: 'X-Clacks-Overhead "GNU Terry Pratchett"'
-
- - error_log: /var/log/nginx/remmy_io.error.log
-
- - location /.well-known/acme-challenge:
- - root: /srv/http
-
- - location /:
- - return: '301 https://remmy.foo$request_uri'
-
-# vim: ft=yaml et:
diff --git a/opensmtpd/theos.sls b/opensmtpd/theos.sls
index 71e0778..8e8ec2e 100644
--- a/opensmtpd/theos.sls
+++ b/opensmtpd/theos.sls
@@ -30,7 +30,7 @@ opensmtpd:
- '@kyriasis.com: kyrias@theos.kyriasis.com'
- '@lists.kyriasis.com: lists@theos.kyriasis.com'
- - '@remmy.io: kyrias@theos.kyriasis.com'
+ - '@remmy.foo: kyrias@theos.kyriasis.com'
sendertable:
type: file
@@ -39,7 +39,7 @@ opensmtpd:
- 'sysbunny: @lucifer.kyriasis.com,sysbunny@kyriasis.com,erik@kyriasis.com'
- 'grawity: grawity@theos.kyriasis.com,grawity@kyriasis.com'
- 'halosghost: halosghost@theos.kyriasis.com,halosghost@kyriasis.com'
- - 'kyrias: @theos.kyriasis.com,@kyriasis.com,@remmy.io'
+ - 'kyrias: @theos.kyriasis.com,@kyriasis.com,@remmy.foo'
- 'xanadu: xan@kyriasis.com,xanadu@kyriasis.com'
listeners:
@@ -98,13 +98,13 @@ opensmtpd:
- incoming to top-level domains:
type: accept
tagged: SpamAssassin
- for: 'domain { kyriasis.com, remmy.io } virtual <users>'
+ for: 'domain { kyriasis.com, remmy.foo } virtual <users>'
deliver_to: lmtp "/var/run/dovecot/lmtp"
- relay incoming through dkimproxy:
type: accept
from: any
- for: domain { kyriasis.com, theos.kyriasis.com, lists.kyriasis.com, remmy.io }
+ for: domain { kyriasis.com, theos.kyriasis.com, lists.kyriasis.com, remmy.foo }
relay: via smtp://127.0.0.1:10025
- outgoing from dkimproxy:
diff --git a/top.sls b/top.sls
index 4222672..6c4e2e2 100644
--- a/top.sls
+++ b/top.sls
@@ -15,9 +15,6 @@ base:
- nginx.gallery_remmy_foo
- nginx.remmy_foo
- - nginx.gallery_remmy_io
- - nginx.remmy_io
-
- nginx.pie_in_the_sky_kitchen
- opensmtpd.theos