bundles/postfix: provide myhostname from reactor
This commit is contained in:
parent
6647e71484
commit
84867ff1e6
4 changed files with 18 additions and 7 deletions
|
@ -29,8 +29,8 @@ mail_location = maildir:/var/mail/vmail/%d/%n
|
||||||
protocols = imap lmtp sieve
|
protocols = imap lmtp sieve
|
||||||
|
|
||||||
ssl = required
|
ssl = required
|
||||||
ssl_cert = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/fullchain.pem
|
ssl_cert = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/fullchain.pem
|
||||||
ssl_key = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/privkey.pem
|
ssl_key = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/privkey.pem
|
||||||
ssl_dh = </etc/ssl/certs/dhparam.pem
|
ssl_dh = </etc/ssl/certs/dhparam.pem
|
||||||
ssl_min_protocol = TLSv1.2
|
ssl_min_protocol = TLSv1.2
|
||||||
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
|
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
|
||||||
|
|
|
@ -3,7 +3,7 @@ biff = no
|
||||||
append_dot_mydomain = no
|
append_dot_mydomain = no
|
||||||
readme_directory = no
|
readme_directory = no
|
||||||
compatibility_level = 2
|
compatibility_level = 2
|
||||||
myhostname = ${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}
|
myhostname = ${node.metadata.get('postfix/myhostname')}
|
||||||
myorigin = /etc/mailname
|
myorigin = /etc/mailname
|
||||||
mydestination = $myhostname, localhost
|
mydestination = $myhostname, localhost
|
||||||
mynetworks = ${' '.join(sorted(mynetworks))}
|
mynetworks = ${' '.join(sorted(mynetworks))}
|
||||||
|
@ -38,8 +38,8 @@ smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
||||||
</%text>
|
</%text>
|
||||||
|
|
||||||
% if node.has_bundle('postfixadmin'):
|
% if node.has_bundle('postfixadmin'):
|
||||||
smtpd_tls_cert_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/fullchain.pem
|
smtpd_tls_cert_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/fullchain.pem
|
||||||
smtpd_tls_key_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/privkey.pem
|
smtpd_tls_key_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/privkey.pem
|
||||||
<%text>
|
<%text>
|
||||||
smtpd_use_tls=yes
|
smtpd_use_tls=yes
|
||||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||||
|
|
|
@ -25,7 +25,7 @@ my_package = 'pkg_pacman:postfix' if node.os == 'arch' else 'pkg_apt:postfix'
|
||||||
|
|
||||||
files = {
|
files = {
|
||||||
'/etc/mailname': {
|
'/etc/mailname': {
|
||||||
'content': node.metadata.get('postfix/myhostname', node.metadata['hostname']),
|
'content': node.metadata.get('postfix/myhostname'),
|
||||||
'before': {
|
'before': {
|
||||||
my_package,
|
my_package,
|
||||||
},
|
},
|
||||||
|
|
|
@ -87,7 +87,7 @@ def letsencrypt(metadata):
|
||||||
}
|
}
|
||||||
|
|
||||||
result['domains'] = {
|
result['domains'] = {
|
||||||
metadata.get('postfix/myhostname', metadata.get('hostname')): set(),
|
metadata.get('postfix/myhostname'): set(),
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
|
@ -148,3 +148,14 @@ def icinga2(metadata):
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@metadata_reactor.provides(
|
||||||
|
'postfix/myhostname',
|
||||||
|
)
|
||||||
|
def myhostname(metadata):
|
||||||
|
return {
|
||||||
|
'postfix': {
|
||||||
|
'myhostname': metadata.get('hostname'),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue