kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity
bundlewrap/bundles/postfix/metadata.py

93 lines
2.2 KiB
Python
Raw Blame History

from bundlewrap.metadata import atomic
defaults = {
'apt': {
'packages': {
'postfix': {},
},
},
'icinga2_api': {
'postfix': {
'services': {
'POSTFIX PROCESS': {
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit postfix@-',
},
'POSTFIX QUEUE': {
'command_on_monitored_host': 'sudo /usr/local/share/icinga/plugins/check_postfix_queue -w 20 -c 40 -d 50',
},
},
},
},
}
if node.has_bundle('postfixadmin'):
defaults['backups'] = {
'paths': {
'/var/mail',
},
}
defaults['icinga2_api']['postfix']['services'].update({
'SMTP CONNECT': {
'check_command': 'check_smtp',
'vars.notification.sms': True,
},
'SMTP SUBMISSION CONNECT': {
'check_command': 'check_smtp',
'vars.port': '587',
'vars.notification.sms': True,
},
})
else:
defaults['icinga2_api']['postfix']['services'].update({
'SMTP CONNECT': {
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_smtp -H localhost',
},
})
@metadata_reactor.provides(
'letsencrypt/domains',
'letsencrypt/reload_after',
)
def letsencrypt(metadata):
if not node.has_bundle('letsencrypt') or not node.has_bundle('postfixadmin'):
raise DoNotRunAgain
result = {
'reload_after': {
'postfix',
},
}
result['domains'] = {
metadata.get('postfix/myhostname', metadata.get('hostname')): set(),
}
return {
'letsencrypt': result,
}
@metadata_reactor.provides(
'iptables/port_rules/25',
'iptables/port_rules/587',
)
def iptables(metadata):
if node.has_bundle('postfixadmin'):
default = set('*')
else:
default = metadata.get('postfix/mynetworks', set())
rules = {
'25': atomic(metadata.get('postfix/restrict-to', default)),
}
if node.has_bundle('postfixadmin'):
rules['587'] = atomic(metadata.get('postfix/restrict-to', default))
return {
'iptables': {
'port_rules': rules,
},
}
Reference in a new issue View git blame Copy permalink