From 90ae486805896af8dc9ed1423a25b47dfd3cf1fa Mon Sep 17 00:00:00 2001
From: Rico Ullmann <rico@ullmann.space>
Date: Wed, 29 Dec 2021 23:26:51 +0100
Subject: [PATCH] postfix: initial bundle

---
 bundles/postfix/files/main.cf | 11 +++++++++++
 bundles/postfix/items.py      | 25 +++++++++++++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 bundles/postfix/files/main.cf
 create mode 100644 bundles/postfix/items.py

diff --git a/bundles/postfix/files/main.cf b/bundles/postfix/files/main.cf
new file mode 100644
index 0000000..7c944aa
--- /dev/null
+++ b/bundles/postfix/files/main.cf
@@ -0,0 +1,11 @@
+smtpd_banner = $myhostname ESMTP
+
+disable_vrfy_command = yes
+
+smtp_use_tls = yes
+smtp_tls_CApath = /etc/pki/tls/certs
+smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
+smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
+smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
+smtp_tls_security_level = may
+smtp_tls_mandatory_ciphers = high
diff --git a/bundles/postfix/items.py b/bundles/postfix/items.py
new file mode 100644
index 0000000..ee26d26
--- /dev/null
+++ b/bundles/postfix/items.py
@@ -0,0 +1,25 @@
+pkg_apt = {
+    'postfix': {},
+}
+
+svc_systemd = {
+    'postfix': {
+        'needs': ['pkg_apt:postfix', 'file:/etc/postfix/main.cf'],
+    }
+}
+
+files = {
+    '/etc/postfix/main.cf': {
+        'content_type': 'mako',
+        'needs': ['pkg_apt:postfix'],
+        'triggers': ['svc_systemd:postfix:restart'],
+    },
+}
+
+directories = {
+    '/etc/postfix': {
+        'owner': 'root',
+        'mode': '1755',
+        'needs': ['pkg_apt:postfix'],
+    },
+}