From 70263f4b1f1a645f0e0b5edd9aed04fc7a4157f6 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Fri, 21 Mar 2025 16:54:25 +0000 Subject: [PATCH] feat: setup the mail filter --- ITD/Firewall_Rules.csv | 3 ++- ITD/Server_Inventory.csv | 3 ++- applications/email.nix | 10 +++++++++- config/dns.nix | 6 ++++++ 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/ITD/Firewall_Rules.csv b/ITD/Firewall_Rules.csv index c955339..76cd029 100644 --- a/ITD/Firewall_Rules.csv +++ b/ITD/Firewall_Rules.csv @@ -44,4 +44,5 @@ SKYNET_FIREWALL_00032,Remove,i24-06-04_017,Complete,All,-,193.1.99.90,SKYNET0001 SKYNET_FIREWALL_00033,Add,i24-06-04_017,Complete,All,-,193.1.99.91,SKYNET00017,8080,-,Websocket for admin panel on games management server ,Add,i24-07-15_112,Denied,193.1.99.75,-,-,-,22,-,Response from ITD - 'Our IT Security team have advised that port 22 and port 2222 are only to be allowed through the VPN and will not be opened to allow inbound ssh connections directly from the internet' SKYNET_FIREWALL_00034,Add,i25-01-26_075,Complete,All,-,193.1.99.91,SKYNET00017,-,23318-23325,Ports for Minecraft Bedrock on the main games server. -SKYNET_FIREWALL_00035,Add,i25-02-14_114,Complete,193.1.99.75,SKYNET00008,193.1.96.165,SKYNET00012,22,-,Allow our forgejo runner to access and deploy to teh external server \ No newline at end of file +SKYNET_FIREWALL_00035,Add,i25-02-14_114,Complete,193.1.99.75,SKYNET00008,193.1.96.165,SKYNET00012,22,-,Allow our forgejo runner to access and deploy to teh external server +SKYNET_FIREWALL_00036,Add,i25-03-11_125,Complete,All,-,193.1.99.86,SKYNET00027,25,-,Email Filter \ No newline at end of file diff --git a/ITD/Server_Inventory.csv b/ITD/Server_Inventory.csv index d9a63f5..c7a57f1 100644 --- a/ITD/Server_Inventory.csv +++ b/ITD/Server_Inventory.csv @@ -24,4 +24,5 @@ SKYNET00022,ultron,Active,193.1.99.084,Proxmox,VM Host SKYNET00023,optimus-test,Retired,193.1.99.085,Nixos,Testing flake for Pelecian SKYNET00024,optimus,Active,193.1.99.090,Nixos,Games server manager (replaced SKYNET00016) SKYNET00025,bumblebee,Active,193.1.99.091,Nixos,Game server - Minecraft (replaced SKYNET00017) -SKYNET00027,vision,Active,193.1.99.085,Raspbian,Proxmox Qurom server \ No newline at end of file +SKYNET00026,vision,Active,193.1.99.085,Raspbian,Proxmox Qurom server +SKYNET00027,mimi,Active,193.1.99.086,Proxmox-Mail-Gateway,Proxmox Mail Gateway \ No newline at end of file diff --git a/applications/email.nix b/applications/email.nix index 4d0c905..2129de2 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -288,8 +288,16 @@ in { # set up dns record for it services.skynet.dns.records = [ - # core record { + # This is the mail gateway, try to send all mail to it first + # Lower number = higher priority + record = "@"; + r_type = "MX"; + # the number is the priority in teh case of multiple mailservers + value = "5 mimi.${cfg.domain}."; + } + { + # this is the main email server record = "@"; r_type = "MX"; # the number is the priority in teh case of multiple mailservers diff --git a/config/dns.nix b/config/dns.nix index 9cd7484..636dede 100644 --- a/config/dns.nix +++ b/config/dns.nix @@ -32,6 +32,12 @@ value = "193.1.99.114"; server = true; } + { + record = "mimi"; + r_type = "A"; + value = "193.1.99.86"; + server = true; + } ] # non skynet domains ++ [