Add unbound to mail server
All checks were successful
ShellCheck / shellcheck (push) Successful in 17s
All checks were successful
ShellCheck / shellcheck (push) Successful in 17s
This commit is contained in:
parent
ee71250f17
commit
e6cb13cdf5
GPG key ID:
782A42E461BC6824
7 changed files with 17 additions and 20 deletions
|
|
@ -1,13 +1,6 @@
|
|||
server:
|
||||
interface: 0.0.0.0
|
||||
interface: ::
|
||||
access-control: 192.168.0.0/16 allow
|
||||
access-control: fe80::/10 allow
|
||||
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
|
||||
trust-anchor-file: /opt/unbound/etc/unbound/var/root.key
|
||||
forward-zone:
|
||||
name: .
|
||||
forward-tls-upstream: yes
|
||||
forward-addr: 2620:fe::10#dns10.quad9.net
|
||||
forward-addr: 9.9.9.10#dns10.quad9.net
|
||||
include: /opt/unbound/etc/unbound/local.conf
|
||||
access-control: 0.0.0.0/0 allow
|
||||
access-control: ::/0 allow
|
||||
trust-anchor-file: /usr/share/dnssec-root/trusted-key.key
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
machine:
|
||||
install:
|
||||
image: factory.talos.dev/installer-secureboot/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.7.3
|
||||
image: factory.talos.dev/installer-secureboot/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.7.6
|
||||
systemDiskEncryption:
|
||||
state:
|
||||
provider: luks2
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
[Unit]
|
||||
Requires=dovecot.service rspamd.service
|
||||
After=dovecot.service rspamd.service
|
||||
Requires=dovecot.service rspamd.service unbound.service
|
||||
After=dovecot.service rspamd.service unbound.service
|
||||
[Container]
|
||||
Image=git.strypsteen.com/mathieu/postfix
|
||||
UserNS=host
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
[Container]
|
||||
Image=cgr.dev/chainguard/valkey
|
||||
Network=redis.network
|
||||
Network=mail.network
|
||||
Volume=redis.volume:/data:U,Z
|
||||
AutoUpdate=registry
|
||||
[Install]
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
[Network]
|
||||
IPv6=true
|
||||
Options=isolate=true
|
||||
|
|
@ -1,10 +1,9 @@
|
|||
[Unit]
|
||||
Requires=redis.service
|
||||
After=redis.service
|
||||
Requires=redis.service unbound.service
|
||||
After=redis.service unbound.service
|
||||
[Container]
|
||||
Image=docker.io/rspamd/rspamd
|
||||
Network=mail.network
|
||||
Network=redis.network
|
||||
Volume=/var/lib/system-config/container-config/rspamd:/etc/rspamd/local.d:z,ro
|
||||
Volume=rspamd.volume:/var/lib/rspamd:U,Z
|
||||
Secret=dkim.key
|
||||
|
|
|
|||
8
vps/etc/containers/systemd/unbound.container
Normal file
8
vps/etc/containers/systemd/unbound.container
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
[Container]
|
||||
Image=docker.io/alpinelinux/unbound
|
||||
Network=mail.network
|
||||
Volume=/var/lib/system-config/container-config/unbound/unbound.conf:/etc/unbound/unbound.conf:z,ro
|
||||
Tmpfs=/etc/unbound
|
||||
AutoUpdate=registry
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Loading…
Add table
Reference in a new issue