diff --git a/pillar.example b/pillar.example index a475ac3..061ddd2 100644 --- a/pillar.example +++ b/pillar.example @@ -34,6 +34,8 @@ postfix: tlsproxy: enable: True chroot: True + uucp: + enable: True enable_service: True diff --git a/postfix/files/master.cf b/postfix/files/master.cf index 584eeeb..76dc5f7 100644 --- a/postfix/files/master.cf +++ b/postfix/files/master.cf @@ -1,10 +1,11 @@ {%- from "postfix/map.jinja" import postfix with context -%} {%- set master_config = salt['pillar.get']('postfix:master_config', {}) -%} -{%- from "postfix/services.jinja" import postfix_master_services_defaults, postfix_master_services_order -%} +{%- from "postfix/services.jinja" import postfix_master_services_defaults, + postfix_master_services_order -%} {#- # Handle the case that the pillar data does not provide any service - # configuration but submission parameters are provided in the pillar.. + # configuration but submission parameters are provided in the pillar. # This is important for backwards compatibility with sites that are using # the previous enable_submission pillar settings. -#} @@ -110,6 +111,45 @@ y {%- endif %} {%- endfor %} # +{%- macro extra_service(service_name, wrap=False, force_enable=False) -%} +{%- set service = salt['pillar.get']('postfix:master_config:services:%s' % ( + service_name,), + postfix_master_services_defaults[service_name]) -%} +{%- if force_enable -%} +{%- do service.update({'enable': True}) -%} +{%- endif -%} +{%- if service.get('enable', True) -%} +{%- set comment = '' -%} +{%- else -%} +{%- set comment = '#' -%} +{%- endif -%} +{{ "%s%-9s %-5s %-7s %-7s %-7s %-7s %-7s %s" | format(comment, + service_param(service, service_name, 'service', service_name), + service_param(service, service_name, 'type'), + service_param(service, service_name, 'private'), + service_param(service, service_name, 'unpriv'), + service_param(service, service_name, 'chroot'), + service_param(service, service_name, 'wakeup'), + service_param(service, service_name, 'maxproc'), + service_param(service, service_name, 'command', service_name)) }} +{%- if 'flags' in service or 'flags' in postfix_master_services_defaults[service_name] -%} +{%- set parameter_str = "%s flags=%s user=%s argv=%s %s" | format(comment, + service_param(service, service_name, 'flags'), + service_param(service, service_name, 'user'), + service_param(service, service_name, 'argv'), + service_param(service, service_name, 'extras', '')) -%} +{%- else -%} +{%- set parameter_str = "%s user=%s argv=%s %s" | format(comment, + service_param(service, service_name, 'user'), + service_param(service, service_name, 'argv'), + service_param(service, service_name, 'extras', '')) -%} +{%- endif -%} +{%- if wrap %} +{{ parameter_str | wordwrap(width=wrap, break_long_words=False, wrapstring='\n%s ' | format(comment)) }} +{%- else %} +{{ parameter_str }} +{%- endif -%} +{%- endmacro %} # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. @@ -122,8 +162,7 @@ y # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # -#maildrop unix - n n - - pipe -# flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} +{{ extra_service('maildrop') }} # # ==================================================================== # @@ -141,46 +180,38 @@ y # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 # -#cyrus unix - n n - - pipe -# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +{{ extra_service('cyrus') }} # # ==================================================================== # # Old example of delivery via Cyrus. # -#old-cyrus unix - n n - - pipe -# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +{{ extra_service('old-cyrus') }} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # -#uucp unix - n n - - pipe -# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +{{ extra_service('uucp') }} # # ==================================================================== # # Other external delivery methods. # -#ifmail unix - n n - - pipe -# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +{{ extra_service('ifmail') }} # -#bsmtp unix - n n - - pipe -# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient +{{ extra_service('bsmtp') }} # -#scalemail-backend unix - n n - 2 pipe -# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store -# ${nexthop} ${user} ${extension} +{{ extra_service('scalemail-backend', 79) }} # -#mailman unix - n n - - pipe -# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py -# ${nexthop} ${user} +{{ extra_service('mailman', 79) }} {%- if salt['pillar.get']('postfix:policyd-spf:enabled', False) %} -policy-spf unix - n n - - spawn - user=nobody argv={{ postfix.xbin_prefix }}/bin/policyd-spf +# +{{ extra_service('policy-spf', False, True) }} {%- endif %} {%- if master_config.get('enable_dovecot', False) -%} {%- set dovecot = master_config.get('dovecot', {} )%} +# dovecot unix - n n - - pipe flags={{ dovecot.get('flags', 'DRhu') }} user={{ dovecot.get('user', 'vmail') }}:{{ dovecot.get('group', 'vmail') }} argv={{ dovecot.get('argv', postfix.dovecot_deliver) ~ ' -d ${recipient}' }} {% endif -%} diff --git a/postfix/services.jinja b/postfix/services.jinja index 8bb1689..3af44ea 100644 --- a/postfix/services.jinja +++ b/postfix/services.jinja @@ -1,3 +1,5 @@ +{%- from "postfix/map.jinja" import postfix with context -%} + {#- # Default Postfix master processes as defined by postfix # @@ -221,7 +223,104 @@ 'maxproc': 1, 'chroot': False, 'type': 'unix' - } + }, + 'maildrop': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '-d ${recipient}', + 'flags': 'DRhu', + 'type': 'unix', + 'unpriv': False, + 'user': 'vmail', + 'argv': '/usr/local/bin/maildrop', + }, + 'cyrus': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '-e -r ${sender} -m ${extension} ${user}', + 'type': 'unix', + 'unpriv': False, + 'user': 'cyrus', + 'argv': '/cyrus/bin/deliver', + }, + 'old-cyrus': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '-e -m ${extension} ${user}', + 'flags': 'R', + 'type': 'unix', + 'unpriv': False, + 'user': 'cyrus', + 'argv': '/cyrus/bin/deliver', + }, + 'uucp': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '-r -n -z -a$sender - $nexthop!rmail ($recipient)', + 'flags': 'Fqhu', + 'type': 'unix', + 'unpriv': False, + 'user': 'uucp', + 'argv': 'uux', + }, + 'ifmail': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '-r $nexthop ($recipient)', + 'flags': 'F', + 'type': 'unix', + 'unpriv': False, + 'user': 'ftn', + 'argv': '/usr/lib/ifmail/ifmail', + }, + 'bsmtp': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '-f $sender $nexthop $recipient', + 'flags': 'Fq.', + 'type': 'unix', + 'unpriv': False, + 'user': 'bsmtp', + 'argv': '/usr/local/sbin/bsmtp', + }, + 'scalemail-backend': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '${nexthop} ${user} ${extension}', + 'flags': 'R', + 'maxproc': 2, + 'type': 'unix', + 'unpriv': False, + 'user': 'scalemail', + 'argv': '/usr/lib/scalemail/bin/scalemail-store', + }, + 'mailman': { + 'command': 'pipe', + 'chroot': False, + 'enable': False, + 'extras': '${nexthop} ${user}', + 'flags': 'FR', + 'type': 'unix', + 'unpriv': False, + 'user': 'list', + 'argv': '/usr/lib/mailman/bin/postfix-to-mailman.py', + }, + 'policy-spf': { + 'command': 'spawn', + 'chroot': False, + 'enable': False, + 'type': 'unix', + 'unpriv': False, + 'user': 'nobody', + 'argv': '%s/bin/policyd-spf' | format(postfix.xbin_prefix), + }, } %} {# Service order inside the master.cf file #}