merge

2024-09-03 20:06:26 +02:00 · 2015-02-12 13:41:29 +01:00 · 2015-02-12 13:41:29 +01:00 · 52bd40589d
commit 52bd40589d
parent 6f00e4b77c
4 changed files with 93 additions and 46 deletions
--- a/apps.md
+++ b/apps.md
@ -160,7 +160,8 @@ The packagers will appreciate your remarks. If you test them and find issues, or
 | [Tor Relay](https://www.torproject.org/docs/tor-doc-relay.html.en) | matlink | <div class="inprogress"/> | https://github.com/matlink/torrelay_ynh | Tor Node |
 | [Webmin](http://webmin.com) | tifred | <div class="inprogress"/> | https://github.com/drfred1981/webmin_ynh | Web-based system configuration tool |
 | [Wordpress multisite](http://codex.wordpress.org/Create_A_Network) | Maniack Crudelis | <div class="ready"/> | https://github.com/maniackcrudelis/wordpress_ynh | Wordpress with network support |
-| [Yourls](http://yourls.org/) | courgette | <div class="ready"/> | https://github.com/courgette/yourls_ynh | URL Shortening service |
+| [YaCy](http://yacy.net) | Moul | <div class="inprogress"/> | https://github.com/M5oul/yacy_ynh/ | Libre and decentralized search engine |
+| [Yourls](http://yourls.org/) | courgette | <div class="ready"/> | https://github.com/courgette/yourls_ynh |  URL Shortening service |
 | Yunofav | [xof](https://forum.yunohost.org/users/xof) | <div class="ready"/> | https://github.com/chtixof/yunofav | Page of favorite links Yunohost-styled |
 | [Zomburl](http://cadav.re/) | courgette | <div class="inprogress"/> | https://github.com/courgette/zomburl_ynh | URL Shortening service |
 | [ZoteroSync](http://blog.holz.ca/2011/11/phpzoterowebdav-installation/) | scith | <div class="inprogress"/> | https://github.com/scith/zoterosync_ynh | Sync Zotero library and files |
@ -239,4 +240,4 @@ The following list is a compiled wishlist of applications that would be nice-to-
 * [Webmpc](https://github.com/ushis/webmpc)
 * [WebODF](http://webodf.org/)
 * [webSync](http://furier.github.io/websync/)
-* [ZNC](http://wiki.znc.in/ZNC)
+* [ZNC](http://wiki.znc.in/ZNC)
--- a/dkim.md
+++ b/dkim.md
@ -1,32 +1,45 @@
-
-
-Hi,
+# DKIM

 Please note that :

-    This is the revision 2 of this Work In Progress How-To
-    Until this is natively integrated in YnH core apps, it will mean to that postfix conf will be blocked (or each time there is a change some configuration lines will need to be added to the end of /etc/postfix/main.cf)
-    To be fully functionnal DKIM requires a modification of the DNS, which propagantion can take up to 24h
-    CREDIT : This tutorial has been initially based on the DKMI section of : http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/ from Drew Crawford
-    CREDIT : This tutorial has been reviewed based on https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy from Popute Sebastian Armin
-    Replace DOMAIN.TLD by your own domain name
+This is the revision 2 of this Work In Progress How-To.

-Changes in rev 2 :
+Until this is natively integrated in YunoHost core apps, it will mean to that Postfix configuration will be blocked (or each time there is a change some configuration lines will need to be added to the end of /etc/postfix/main.cf).

-    Much easier to manage more than one DOMAIN.TLD (future proof)
-    Updated configuration as it seemed that the previous one was based on old software
+To be fully functionnal DKIM requires a modification of the DNS, which propagantion can take up to 24h.

-So, here is the thing :
+Source: This tutorial has been initially based on the DKMI section of: http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/ from Drew Crawford.

-    We start by installing the right software : 
+Source: This tutorial has been reviewed based on https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy from Popute Sebastian Armin

+Replace DOMAIN.TLD by your own domain name.
+
+Changes in rev 2:
+
+Much easier to manage more than one DOMAIN.TLD (future proof).
+Updated configuration as it seemed that the previous one was based on old software.
+
+So, here is the thing:
+### With a script
+Fully automatic script: (single domain)
+```bash
+git clone https://github.com/polytan02/yunohost_auto_config_basic
+sudo ./yunohost_auto_config_basic/5_opendkim.sh
+```
+
+### Manually
+We start by installing the right software: 
+```bash
 sudo aptitude install opendkim opendkim-tools
+```

-    Then we configure opendkim 
-
+Then we configure opendkim 
+```bash
 sudo nano /etc/opendkim.conf
-(Text to be placed in the text file: )
+```

+Text to be placed in the text file:
+```bash
 AutoRestart Yes
 AutoRestartRate 10/1h
 UMask 022
@ -50,70 +63,101 @@ UserID opendkim:opendkim
 Socket inet:8891@127.0.0.1

 Selector mail
+```

-    Connect the milter to Postfix:
-
+Connect the milter to Postfix:
+```bash
 sudo nano /etc/default/opendkim
+```

-(Text to be placed in the text file: )
+Text to be placed in the text file:
+```bash
 SOCKET="inet:8891@localhost"
+```

-    Configure postfix to use this milter:
-
+Configure Postfix to use this milter:
+```bash
 sudo nano /etc/postfix/main.cf
+```
+
+Text to be placed **at the end** in the text file: 
+```bash
+# OpenDKIM milter 

-(Text to be placed AT THE END in the text file: )
 milter_protocol = 2
 milter_default_action = accept
 smtpd_milters = inet:127.0.0.1:8891
 non_smtpd_milters = inet:127.0.0.1:8891
+```

-    Create a directory structure that will hold the trusted hosts, key tables, signing tables and crypto keys:
-
+Create a directory structure that will hold the trusted hosts, key tables, signing tables and crypto keys:
+```bash
 sudo mkdir -pv /etc/opendkim/keys/DOMAIN.TLD
+```

-    Specify trusted hosts:
-
+Specify trusted hosts:
+```bash
 sudo nano /etc/opendkim/TrustedHosts
+```

-(Text to be placed in the text file: )
+Text to be placed in the text file: 
+```bash
 127.0.0.1
 localhost
 192.168.0.1/24
 *.DOMAIN.TLD
+```

-    Create a key table:
-
+Create a key table:
+```bash
 sudo nano /etc/opendkim/KeyTable
+```

-(Text to be placed in the text file: Be very careful, it needs to be on a SINGLE LINE for each domain )
+Text to be placed in the text file: be very careful, it needs to be on a **single line** for each domain.
+```bash
 mail._domainkey.DOMAIN.TLD DOMAIN.TLD:mail:/etc/opendkim/keys/DOMAIN.TLD/mail.private
+```

-    Create a signing table:
-
+Create a signing table:
+```bash
 sudo nano /etc/opendkim/SigningTable
+```

-(Text to be placed in the text file: )
+Text to be placed in the text file: 
+```bash
 *@DOMAIN.TLD mail._domainkey.DOMAIN.TLD
+```

-    Now we generate the keys ! smile 
-
+Now we generate the keys! smile 
+```bash
 sudo cd /etc/opendkim/keys/DOMAIN.TLD
 sudo opendkim-genkey -s mail -d DOMAIN.TLD
+```

-    Output the DKIM DNS line to the terminal. Then, we install it on our DNS server. My ZONE file looks like this. (Be very careful with the formatting, the "p=...." needs to be in a single line.
-
+Output the DKIM DNS line to the terminal. Then, we install it on our DNS server. My ZONE file looks like this. (Be very careful with the formatting, the "p=...." needs to be in a single line.)
+```bash
 cat mail.txt

 mail._domainkey IN TXT "v=DKIM1; k=rsa; p=AAAKKUHGCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFrBM54eXlZPXLJ7EFphiA8qGAcgu4lWuzhzxDDcIHcnA/fdklG2gol1B4r27p87rExxz9hZehJclaiqlaD8otWt8r/UdrAUYNLKNBFGHJ875467jstoAQAB" ; ----- DKIM key mail for DOMAIN.TLD
+```

-    And we don't forget to put the right rights otherwise opendkim will get grumpy...
-
+And we don't forget to put the right rights otherwise opendkim will get grumpy...
+```bash
 chown -Rv opendkim:opendkim /etc/opendkim*
+```

-    And finally, we restart everything :
-    sudo service opendkim restart
-    sudo service postfix restart
+And finally, we restart everything:
+```bash
+sudo service opendkim restart
+sudo service postfix restart
+```

-    To test if it is all working well (don't forget that the DNS propagation can take a bit of take....) you can simply send an email to check-auth@verifier.port25.com and a reply will be received. If everything works correctly you should see DKIM check: pass under Summary of Results.
+To test if it is all working well (don't forget that the DNS propagation can take a bit of take…) you can simply send an email to check-auth@verifier.port25.com and a reply will be received. If everything works correctly you should see DKIM check: pass under Summary of Results.
+
+You can also go to http://www.mail-tester.com
+
+Lastly, don't forget to add a SPF key in your DNS such as:
+```bash
+DOMAIN.TLD 300 TXT "v=spf1 a:DOMAIN.TLD mx ?all"
+```

--- a/sitemap.md
+++ b/sitemap.md
@ -41,6 +41,7 @@
        * [Security](/security)
        * [Connect to your server with SSH](/ssh)
        * [Command line administration](/moulinette)
+        * [Change administration password](/change_admin_password)
        * Email:
           * [DKIM](dkim)
        * [Certificates](/certificate)
--- a/sitemap_fr.md
+++ b/sitemap_fr.md
@ -47,6 +47,7 @@
        * [Sécurité](/security_fr)
        * [Connexion à son serveur en ligne de commande avec SSH](/ssh_fr)
        * [Administration en ligne de commande avec la Moulinette](/moulinette_fr)
+        * [Changer le mot de passe d'administration](/change_admin_password_fr)
        * Email:
           * [DKIM](dkim_fr)
        * [Gestion du certificat](/certificate_fr)