Franziska Kunsmann
d44c87e8a7
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
somehow, we tend to get false positives if we run that check on the node itself.
95 lines
2.2 KiB
Python
95 lines
2.2 KiB
Python
if node.has_bundle('postfixadmin'):
|
|
repo.libs.tools.require_bundle(node, 'letsencrypt')
|
|
|
|
mynetworks = {
|
|
'127.0.0.0/8',
|
|
'[::1]/128',
|
|
'[::ffff:127.0.0.0]/104',
|
|
}
|
|
for identifier in node.metadata.get('postfix/mynetworks', set()):
|
|
ips = repo.libs.tools.resolve_identifier(repo, identifier)
|
|
|
|
for ip in ips['ipv4']:
|
|
mynetworks.add(str(ip))
|
|
|
|
for ip in ips['ipv6']:
|
|
ip = str(ip)
|
|
if '/' in ip:
|
|
ip6, netmask = ip.split('/', 2)
|
|
else:
|
|
ip6 = ip
|
|
netmask = '128'
|
|
mynetworks.add(f'[{ip6}]/{netmask}')
|
|
|
|
my_package = 'pkg_pacman:postfix' if node.os == 'arch' else 'pkg_apt:postfix'
|
|
|
|
files = {
|
|
'/etc/mailname': {
|
|
'content': node.metadata.get('postfix/myhostname', node.metadata['hostname']),
|
|
'triggers': {
|
|
'svc_systemd:postfix:restart',
|
|
},
|
|
},
|
|
'/etc/aliases': {
|
|
'content_type': 'mako',
|
|
'triggers': {
|
|
'action:postfix_newaliases',
|
|
},
|
|
},
|
|
'/etc/postfix/master.cf': {
|
|
'content_type': 'mako',
|
|
'triggers': {
|
|
'svc_systemd:postfix:restart',
|
|
},
|
|
},
|
|
'/etc/postfix/main.cf': {
|
|
'content_type': 'mako',
|
|
'context': {
|
|
'mynetworks': mynetworks,
|
|
},
|
|
'triggers': {
|
|
'svc_systemd:postfix:restart',
|
|
},
|
|
},
|
|
'/etc/postfix/submission_header_cleanup': {
|
|
'triggers': {
|
|
'svc_systemd:postfix:restart',
|
|
},
|
|
},
|
|
'/usr/local/bin/postfix-telegraf-queue': {
|
|
'mode': '0755',
|
|
},
|
|
'/usr/local/share/icinga/plugins/check_postfix_queue': {
|
|
'mode': '0755',
|
|
},
|
|
}
|
|
|
|
actions = {
|
|
'postfix_newaliases': {
|
|
'command': 'newaliases',
|
|
'triggered': True,
|
|
'needs': {
|
|
my_package,
|
|
},
|
|
},
|
|
}
|
|
|
|
svc_systemd = {
|
|
'postfix': {
|
|
'needs': {
|
|
'file:/etc/postfix/master.cf',
|
|
'file:/etc/postfix/main.cf',
|
|
my_package,
|
|
},
|
|
},
|
|
}
|
|
|
|
if node.os == 'arch':
|
|
files['/etc/systemd/system/postfix.service.d/bundlewrap.conf'] = {
|
|
'source': 'arch-override.conf',
|
|
'content_type': 'mako',
|
|
'triggers': {
|
|
'action:systemd-reload',
|
|
'svc_systemd:postfix:restart',
|
|
},
|
|
}
|