Added a new playbook for Roundcube if you want a webmail, and reworked all of the firewall rules to work with Docker containers. The Roundcube install also uses the managesieve plugin for easy filtering on the server.
-
Added roles for Docker and Roundcube, plus a webmail playbook that
sets up a Roundcube container on a separate machine. -
Reworked firewall to cover both native applications and Docker
containers. Now blocking in the PREROUTING chain of the "mangle"
table. This is lower cost because it is early in the process, and
before the split between INPUT (used by native apps) and FORWARD
(used by Docker) so it covers both. Also added rules for DHCP
because connection tracking can break in some situations. -
Reworked fail2ban configuration to allow customization of the jails,
to change bantimes or retarget to the DOCKER-USER chain. -
Tightened permissions on DKIM folder.
-
Added managesieve plugins for Dovecot and Roundcube.