justin 2e4388a803 mail: add logrotate for Postfix mail.log (postlogd copytruncate) ... mail.log had no logrotate rule and grew unbounded to ~1GB (~150MB/day) since Jun 8. This host logs via Postfix's built-in postlogd (maillog_file mode), not rsyslog (no rsyslog.service exists), so postlogd holds the file open -- a plain rename+create would leave it writing to the stale inode. Use copytruncate (no daemon signal needed). Rotate daily, keep 14 days compressed. Applied live: forced first rotation, compressed the 1GB archive (->99MB), verified logging + bounce watchers + DKIM signing intact. Part of the email-deliverability incident hardening (follows DKIM fix 4d59019).		2026-06-17 19:47:13 -05:00
..
ansible	mail: add logrotate for Postfix mail.log (postlogd copytruncate)	2026-06-17 19:47:13 -05:00
cron	hc: warmup must run DAILY for the full 21-day ramp (not weekdays-only)	2026-06-14 21:02:08 -05:00
fail2ban	Initial commit — Performance West telecom compliance platform	2026-04-27 06:54:22 -05:00
firewall	firewall: allow ezstorehost (207.174.124.51) to reach Forgejo SSH	2026-06-10 22:45:43 -05:00
k8s	infra/k8s: shkeeper liveness+readiness probes (fix recurring crypto.performancewest.net downtime)	2026-06-09 04:57:50 -05:00
monitoring	monitoring: add .91-.93 IP rehab to daily Telegram warmup alert	2026-06-09 20:34:41 -05:00
mta-sts	infra: MTA-STS HTTPS vhost (cert issued, policy live)	2026-06-06 21:03:30 -05:00
nginx	infra: nginx vhost for listmonk-hc admin portal (lists-hc.performancewest.net -> 127.0.0.1:9101, LE cert)	2026-06-06 07:02:50 -05:00
postfix	warmup: ROLL BACK main pool to 200/h after Gmail spam-blocked IPs at 400/h	2026-06-13 20:10:13 -05:00
systemd	hc email: reframe value-add to 'No 2FA. No government portals.' (we have a portal; the pain is CMS 2FA/identity-proofing); cron creates fresh dated campaign when prior is finished; add hc bounce watcher (Postfix->listmonk-hc webhook, hard/complaint->blocklist)	2026-06-06 16:47:12 -05:00