Egor Savkin
683a565a1d
Uses strongswan and GRE for mail connection, iptables for port forwarding to the smtp, nginx for website and webhook service, with static files getting uploaded from nixbld Signed-off-by: Egor Savkin <es@m-labs.hk>
34 lines
732 B
Plaintext
34 lines
732 B
Plaintext
|
|
|
|
connections {
|
|
m_labs {
|
|
version = 2
|
|
encap = no
|
|
mobike = no
|
|
send_certreq = no
|
|
proposals = aes128gcm128-sha256-prfsha256-curve25519,aes128gcm128-sha256-prfsha256-ecp256
|
|
local_addrs = 5.78.86.156
|
|
remote_addrs = 94.190.212.123
|
|
local {
|
|
auth = pubkey
|
|
id = fqdn:m-labs-intl.com
|
|
pubkeys = m-labs-intl.com
|
|
}
|
|
remote {
|
|
auth = pubkey
|
|
id = fqdn:m-labs.hk
|
|
pubkeys = m-labs.hk
|
|
}
|
|
children {
|
|
con1 {
|
|
mode = transport
|
|
ah_proposals = sha256-curve25519,sha256-ecp256
|
|
esp_proposals =
|
|
local_ts = 5.78.86.156[gre]
|
|
remote_ts = 94.190.212.123[gre]
|
|
start_action = start
|
|
close_action = none
|
|
}
|
|
}
|
|
}
|
|
} |