From 61c6188454b408df45a21b22f2c2ea5b39e29416 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Thu, 1 Apr 2021 16:59:49 +0200 Subject: [PATCH] bundles/postfix: mynetworks now supports identifiers --- bundles/postfix/files/main.cf | 2 +- bundles/postfix/items.py | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/bundles/postfix/files/main.cf b/bundles/postfix/files/main.cf index cd7ca56..24eaa80 100644 --- a/bundles/postfix/files/main.cf +++ b/bundles/postfix/files/main.cf @@ -6,7 +6,7 @@ compatibility_level = 2 myhostname = ${node.metadata.get('postfix/myhostname', node.metadata['hostname'])} myorigin = /etc/mailname mydestination = $myhostname, localhost -mynetworks = 127.0.0.0/8 [::1]/128 [::ffff:127.0.0.0]/104 ${' '.join(sorted(node.metadata.get('postfix/mynetworks', set())))} +mynetworks = ${' '.join(sorted(mynetworks))} mailbox_size_limit = 0 recipient_delimiter = + inet_protocols = all diff --git a/bundles/postfix/items.py b/bundles/postfix/items.py index 15ee32d..5977555 100644 --- a/bundles/postfix/items.py +++ b/bundles/postfix/items.py @@ -1,6 +1,27 @@ if node.has_bundle('postfixadmin'): assert node.has_bundle('letsencrypt') +mynetworks = { + '127.0.0.0/8', + '[::1]/128', + '[::ffff:127.0.0.0]/104', +} +for identifier in node.metadata.get('postfix/mynetworks', set()): + print(identifier) + ips = repo.libs.tools.resolve_identifier(repo, identifier) + + for ip in ips['ipv4']: + mynetworks.add(str(ip)) + + for ip in ips['ipv6']: + ip = str(ip) + if '/' in ip: + ip6, netmask = ip.split('/', 2) + else: + ip6 = ip + netmask = '128' + mynetworks.add(f'[{ip6}]/{netmask}') + files = { '/etc/mailname': { 'content': node.metadata.get('postfix/myhostname', node.metadata['hostname']), @@ -22,6 +43,9 @@ files = { }, '/etc/postfix/main.cf': { 'content_type': 'mako', + 'context': { + 'mynetworks': mynetworks, + }, 'triggers': { 'svc_systemd:postfix:restart', },