groups/{gce,home}: send mail via mx0.kunbox.net
All checks were successful
bundlewrap/pipeline/head This commit looks good

This commit is contained in:
Franzi 2020-11-11 13:29:22 +01:00
parent 11701a67c8
commit 087f4bb74d
Signed by: kunsi
GPG key ID: 12E3D2136B818350
4 changed files with 20 additions and 1 deletions

View file

@ -21,7 +21,8 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports.
| 143 | dovecot | dovecot imap |
| 443 | nginx | https |
| 587 | postfix | postfix submission |
| 993 | dovecot | dovecot imap
| 993 | dovecot | dovecot imap |
| 2525 | postfix | postfix postscreen |
| 4190 | dovecot | dovecot managesieve |
| 5232 | radicale | radicale |
| 5432 | postgresql | postgres |

View file

@ -13,6 +13,10 @@ inet_protocols = all
message_size_limit = ${node.metadata.get('postfix', {}).get('message_size_limit_mb', 10)*1024*1024}
alias_database = hash:/etc/aliases
% if 'relayhost' in node.metadata.get('postfix', {}):
relayhost = ${node.metadata['postfix']['relayhost']}
% endif
% if node.has_bundle('postfixadmin'):
inet_interfaces = all
% else:

View file

@ -5,6 +5,8 @@
% if node.has_bundle('postfixadmin'):
smtp inet n - y - 1 postscreen
-o smtpd_sasl_auth_enable=no
2525 inet n - y - 1 postscreen
-o smtpd_sasl_auth_enable=no
% else:
smtp inet n - y - 1 smtpd
% endif

View file

@ -17,6 +17,12 @@ groups['gce'] = {
'8.8.8.8',
'8.8.4.4',
},
'postfix': {
# It's fine to do this without authentificating to the relayhost.
# These Systems are not supposed to send mail anywhere else
# than our own domains.
'relayhost': '[mx0.kunbox.net]:2525',
},
},
}
@ -43,6 +49,12 @@ groups['home'] = {
'nameservers': {
'172.19.138.1',
},
'postfix': {
# It's fine to do this without authentificating to the relayhost.
# These Systems are not supposed to send mail anywhere else
# than our own domains.
'relayhost': '[mx0.kunbox.net]:2525',
},
},
}