2.4 KiB
2.4 KiB
Machine virtuelle MAIL
Cette machine est destinée à accueillir le serveur d'envoi, réception et consultation de courriel de l'association.
Matériel virtuel
CPU : 2
RAM : 1000 Mio
Stockage de masse : 50 Gio
Logiciel
Système d'exploitation : Debian GNU/Linux-libre 11 (Bullseye)
Noyau : Linux-libre LTS (linux-libre-lts des dépôts https://linux-libre.fsfla.org)
Sécurités de la maintenance : etckeeper, mollyguard, git, tig, screen
Serveur IMAP (et authentification) : courier
Mail Transfer Agent : postfix
Webmail : roundcube (upstream)
Serveur http : nginx
Caractéristiques notables
Domaine : mail.a-lec.org
Adresse ipv4 publique : 80.67.176.33
Adresse ipv4 interne : 192.168.1.201
Adresse ipv6 publique : 2001:910:1021::201
Configuration MTA
(à compléter)
Configuration serveur web (nginx)
server {
set_real_ip_from 192.169.1.1;
real_ip_header proxy_protocol;
listen 443 ssl proxy_protocol;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/mail.a-lec.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mail.a-lec.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# Add index.php to the list if you are using PHP
root /var/www/html/roundcube;
server_name mail.a-lec.org;
client_max_body_size 100M;
# Add index.php to the list if you are using PHP
index index.html index.htm index.php;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ^~ /data {
deny all;
}
}