This page aggregates together stuff having to do with Joey from elsewhere on the net.

identi.ca posts
8

Different power failures in the UK keep setting my work back this week. Just lost 5 days of trying to build ghc on arm.

Particularly "special" because I'm not in the UK, nor on the grid for that matter.

Posted
identi.ca posts
7

Doing a from-scratch rebuild of my mail server this evening. These 90 lines of haskell code set everything up.

A little OTT perhaps, but I think I understand my setup better now, and can find it all in one place when I need to refresh. Also, I'll never forget to run postmap or newaliases when changing a file, since that's automated too.

Also, I'll probably refactor this initial code dump into something less horrrible later.

kiteMailServer :: Property
kiteMailServer = propertyList "kitenet.net mail server"
    [ Postfix.installed
    , Apt.installed ["postfix-pcre"]
    , Apt.serviceInstalledRunning "postgrey"

    , Apt.serviceInstalledRunning "spamassassin"
    , "/etc/default/spamassassin" `File.containsLines`
        [ "ENABLED=1"
        , "OPTIONS=\"--create-prefs --max-children 5 --helper-home-dir\""
        , "CRON=1"
        , "NICE=\"--nicelevel 15\""
        ] `onChange` Service.restarted "spamassassin"
        `describe` "spamd enabled"

    , Apt.serviceInstalledRunning "spamass-milter"
    -- Add -m to prevent modifying messages Subject or body.
    , "/etc/default/spamass-milter" `File.containsLine`
        "OPTIONS=\"-m -u spamass-milter -i 127.0.0.1\""
        `onChange` Service.restarted "spamass-milter"
        `describe` "spamass-milter configured"

    , Apt.installed ["maildrop"]
    , "/etc/maildroprc" `File.hasContent`
        [ "# Global maildrop filter file (deployed with propellor)"
        , "DEFAULT=\"$HOME/Maildir\""
        , "MAILBOX=\"$DEFAULT/.\""
        , "# Filter spam to a spam folder, unless .keepspam exists"
        , "if (/^X-Spam-Status: Yes/)"
        , "{"
        , "  `test -e \"$HOME/.keepspam\"`"
        , "  if ( $RETURNCODE != 0 )"
        , "  to ${MAILBOX}spam"
        , "}"
        ]
        `describe` "maildrop configured"

    , "/etc/aliases" `File.hasPrivContentExposed` ctx
        `onChange` cmdProperty "newaliases" ["newaliases"]
    , hasJoeyCAChain
    , "/etc/ssl/certs/postfix.pem" `File.hasPrivContentExposed` ctx
    , "/etc/ssl/private/postfix.pem" `File.hasPrivContent` ctx

    , "/etc/postfix/mydomain" `File.containsLines`
        [ "/.*\\.kitenet\\.net/\tOK"
        , "/ikiwiki\\.info/\tOK"
        , "/joeyh\\.name/\tOK"
        ]
        `onChange` Service.restarted "postfix"
        `describe` "postfix mydomain file configured"
    , "/etc/postfix/obscure_client_relay.pcre" `File.containsLine`
        "/^Received: from ([^.]+)\\.kitenet\\.net.*using TLS.*by kitenet\\.net \\(([^)]+)\\) with (E?SMTPS?A?) id ([A-F[:digit:]]+)(.*)/ IGNORE"
        `onChange` Service.restarted "postfix"
        `describe` "postfix obscure_client_relay file configured"
    , Postfix.mappedFile "/etc/postfix/virtual"
        (flip File.containsLines
            [ "# *@joeyh.name to joey"
            , "@joeyh.name\tjoey"
            ]
        ) `describe` "postfix virtual file configured"
    , Postfix.mappedFile "/etc/postfix/relay_clientcerts" $
        flip File.hasPrivContentExposed ctx
    , Postfix.mainCf `File.containsLines`
        [ "myhostname = kitenet.net"
        , "mydomain = $myhostname"
        , "append_dot_mydomain = no"
        , "myorigin = kitenet.net"
        , "mydestination = $myhostname, localhost.$mydomain, $mydomain, kite.$mydomain., localhost, regexp:$config_directory/mydomain"
        , "mailbox_command = maildrop"
        , "virtual_alias_maps = hash:/etc/postfix/virtual"

        , "# Allow clients with trusted certs to relay mail through."
        , "relay_clientcerts = hash:/etc/postfix/relay_clientcerts"
        , "smtpd_relay_restrictions = permit_mynetworks,permit_tls_clientcerts,permit_sasl_authenticated,reject_unauth_destination"

        , "# Filter out client relay lines from headers."
        , "header_checks = pcre:$config_directory/obscure_client_relay.pcre"

        , "# Enable postgrey."
        , "smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination,check_policy_service inet:127.0.0.1:10023"

        , "# Enable spamass-milter."
        , "smtpd_milters = unix:/spamass/spamass.sock"
        , "milter_connect_macros = j {daemon_name} v {if_name} _"

        , "# TLS setup -- server"
        , "smtpd_tls_CAfile = /etc/ssl/certs/joeyca.pem"
        , "smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem"
        , "smtpd_tls_key_file = /etc/ssl/private/postfix.pem"
        , "smtpd_tls_loglevel = 1"
        , "smtpd_tls_received_header = yes"
        , "smtpd_use_tls = yes"
        , "smtpd_tls_ask_ccert = yes"
        , "smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache"

        , "# TLS setup -- client"
        , "smtp_tls_CAfile = /etc/ssl/certs/joeyca.pem"
        , "smtp_tls_cert_file = /etc/ssl/certs/postfix.pem"
        , "smtp_tls_key_file = /etc/ssl/private/postfix.pem"
        , "smtp_tls_loglevel = 1"
        , "smtp_use_tls = yes"
        , "smtp_tls_session_cache_database = sdbm:/etc/postfix/smtp_scache"
        ]
        `onChange` Postfix.dedupMainCf
        `onChange` Service.restarted "postfix"
        `describe` "postfix configured"

    , Apt.serviceInstalledRunning "dovecot-imapd"
    , Apt.serviceInstalledRunning "dovecot-pop3d"

    , Apt.serviceInstalledRunning "cron"
    , Apt.installed ["bsd-mailx"]
    ]
  where
    ctx = Context "kitenet.net"
Posted
identi.ca posts
6

Fuming at the horribleness of legacy.com. If you ever find yourself reading an obit of anyone you care about, you should save as pdf.

Posted
identi.ca posts
5

Look on the bright side: You're no longer in LAX.

(Also, the XKCD archive bot appears to be stalking you.)

Posted
identi.ca posts
perfectly simple burgers

No condiments needed, except for juice of excellent tomato, and the liquid that collects in flame roasted mushrooms.

Kind of burger you need a shower after.

Posted
identi.ca posts
wall o wood

starting to feel almost like real work around here..

Posted
identi.ca posts
Ocracoke dune camping

Rescued after laptop death using the excellent photorec.

BTW Sazius, I had to restart pumpa before it could upload this. Network or authorization error [1/8] <https://identi.ca/api/user/joeyh/uploads.>

Posted
identi.ca posts
2
Does it store the bugs in a git repository for easy cloning/backup/forking?

There's an opportunity here to be much better than github *and* move the dial toward a distributed bug tracking model.
Posted
identi.ca posts
today's summer necessities
  • Staking up and pruning tomato plants
  • Hacking on parts of the Haskell Platform
  • Catching up on eating handfulls of blueberries and blackberries from plants that got away from me.
  • Cold showers
Posted
identi.ca posts
22

Just saw M-X spook type line including "debian" keyword for 1st time.

After all, it's the parent of "a comsec mechanism advocated by extremists on extremist forums"

Happy independence day!

Posted
books
Erewhon
Erewhon
author: Samuel Butler
name: Joey
average rating: 3.35
book published: 1872
rating: 0
read at:
date added: 2014/06/30
shelves: currently-reading
review:

Posted
books
Shaman
Shaman
author: Kim Stanley Robinson
name: Joey
average rating: 3.46
book published: 2013
rating: 0
read at:
date added: 2013/10/31
shelves: currently-reading
review:

Posted
books
The Long War (The Long Earth #2)
The Long War (The Long Earth #2)
author: Terry Pratchett
name: Joey
average rating: 3.52
book published: 2013
rating: 2
read at:
date added: 2013/07/26
shelves: currently-reading, and-a-half-stars
review:

Posted
books
Railsea
Railsea
author: China MiƩville
name: Joey
average rating: 3.91
book published: 2012
rating: 0
read at:
date added: 2013/05/18
shelves: currently-reading
review:

Posted

List of feeds:

  • music: last checked (0 posts)
  • identi.ca posts: Can't connect to pump2rss.com:443 (certificate verify failed) (883 posts)
  • twitter grep: last checked (1811 posts)
  • books: last checked (29 posts)