bundlewrap/bundles/postfix/items.py

110 lines
2.6 KiB
Python

if node.has_bundle('postfixadmin'):
repo.libs.tools.require_bundle(node, 'letsencrypt')
mynetworks = {
'127.0.0.0/8',
'[::1]/128',
'[::ffff:127.0.0.0]/104',
}
for identifier in node.metadata.get('postfix/mynetworks', set()):
ips = repo.libs.tools.resolve_identifier(repo, identifier)
for ip in ips['ipv4']:
mynetworks.add(str(ip))
for ip in ips['ipv6']:
ip = str(ip)
if '/' in ip:
ip6, netmask = ip.split('/', 2)
else:
ip6 = ip
netmask = '128'
mynetworks.add(f'[{ip6}]/{netmask}')
files = {
'/etc/mailname': {
'content': node.metadata.get('postfix/myhostname'),
'before': {
'pkg_apt:postfix',
},
'triggers': {
'svc_systemd:postfix:restart',
},
},
'/etc/aliases': {
'content_type': 'mako',
'triggers': {
'action:postfix_newaliases',
},
},
'/etc/postfix/blocked_recipients': {
'content_type': 'mako',
'context': {
'blocked': node.metadata.get('postfix/blocked_recipients', set()),
},
'triggers': {
'action:postfix_postmap_blocked_recipients',
'svc_systemd:postfix:restart',
},
},
'/etc/postfix/master.cf': {
'content_type': 'mako',
'triggers': {
'svc_systemd:postfix:restart',
},
},
'/etc/postfix/main.cf': {
'content_type': 'mako',
'context': {
'mynetworks': mynetworks,
},
'triggers': {
'svc_systemd:postfix:restart',
},
},
'/etc/postfix/submission_header_cleanup': {
'triggers': {
'svc_systemd:postfix:restart',
},
},
'/usr/local/bin/postfix-telegraf-queue': {
'mode': '0755',
},
'/usr/local/share/icinga/plugins/check_postfix_queue': {
'mode': '0755',
},
}
actions = {
'postfix_newaliases': {
'command': 'newaliases',
'triggered': True,
'needs': {
'pkg_apt:postfix',
},
'before': {
'svc_systemd:postfix',
},
},
'postfix_postmap_blocked_recipients': {
'command': 'postmap hash:/etc/postfix/blocked_recipients',
'triggered': True,
'needs': {
'pkg_apt:postfix',
},
'before': {
'svc_systemd:postfix',
},
},
}
svc_systemd = {
'postfix': {
'needs': {
'file:/etc/postfix/master.cf',
'file:/etc/postfix/main.cf',
'pkg_apt:postfix',
},
},
}