saltstack-formulas
/
postfix-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

More pillar managed services 

Most of the services in master.cf were already configurable through
the formula but specific ones such as cyrus or uucp were not managed
yet.

This commit adds functionality to manage these services as well
through pillar variables, e.g.:

postfix:
  master_config:
    services:
      uucp:
	enable: True
This commit is contained in:
Andreas Thienemann 2018-09-26 21:48:38 -07:00
parent 3ded29687e
commit 1b9ac1eb4e
3 changed files with 155 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pillar.example
View File

@ -34,6 +34,8 @@ postfix:
tlsproxy: tlsproxy:
enable: True enable: True
chroot: True chroot: True
uucp:
enable: True
enable_service: True enable_service: True

75
postfix/files/master.cf
View File

@ -1,10 +1,11 @@
{%- from "postfix/map.jinja" import postfix with context -%} {%- from "postfix/map.jinja" import postfix with context -%}
{%- set master_config = salt['pillar.get']('postfix:master_config', {}) -%} {%- set master_config = salt['pillar.get']('postfix:master_config', {}) -%}
{%- from "postfix/services.jinja" import postfix_master_services_defaults, postfix_master_services_order -%} {%- from "postfix/services.jinja" import postfix_master_services_defaults,
postfix_master_services_order -%}
{#- {#-
# Handle the case that the pillar data does not provide any service # Handle the case that the pillar data does not provide any service
# configuration but submission parameters are provided in the pillar.. # configuration but submission parameters are provided in the pillar.
# This is important for backwards compatibility with sites that are using # This is important for backwards compatibility with sites that are using
# the previous enable_submission pillar settings. # the previous enable_submission pillar settings.
-#} -#}
@ -110,6 +111,45 @@ y
{%- endif %} {%- endif %}
{%- endfor %} {%- endfor %}
# #
{%- macro extra_service(service_name, wrap=False, force_enable=False) -%}
{%- set service = salt['pillar.get']('postfix:master_config:services:%s' % (
service_name,),
postfix_master_services_defaults[service_name]) -%}
{%- if force_enable -%}
{%- do service.update({'enable': True}) -%}
{%- endif -%}
{%- if service.get('enable', True) -%}
{%- set comment = '' -%}
{%- else -%}
{%- set comment = '#' -%}
{%- endif -%}
{{ "%s%-9s %-5s %-7s %-7s %-7s %-7s %-7s %s" | format(comment,
service_param(service, service_name, 'service', service_name),
service_param(service, service_name, 'type'),
service_param(service, service_name, 'private'),
service_param(service, service_name, 'unpriv'),
service_param(service, service_name, 'chroot'),
service_param(service, service_name, 'wakeup'),
service_param(service, service_name, 'maxproc'),
service_param(service, service_name, 'command', service_name)) }}
{%- if 'flags' in service or 'flags' in postfix_master_services_defaults[service_name] -%}
{%- set parameter_str = "%s flags=%s user=%s argv=%s %s" | format(comment,
service_param(service, service_name, 'flags'),
service_param(service, service_name, 'user'),
service_param(service, service_name, 'argv'),
service_param(service, service_name, 'extras', '')) -%}
{%- else -%}
{%- set parameter_str = "%s user=%s argv=%s %s" | format(comment,
service_param(service, service_name, 'user'),
service_param(service, service_name, 'argv'),
service_param(service, service_name, 'extras', '')) -%}
{%- endif -%}
{%- if wrap %}
{{ parameter_str | wordwrap(width=wrap, break_long_words=False, wrapstring='\n%s ' | format(comment)) }}
{%- else %}
{{ parameter_str }}
{%- endif -%}
{%- endmacro %}
# ==================================================================== # ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual # Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants. # pages of the non-Postfix software to find out what options it wants.
@ -122,8 +162,7 @@ y
# maildrop. See the Postfix MAILDROP_README file for details. # maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1 # Also specify in main.cf: maildrop_destination_recipient_limit=1
# #
#maildrop unix - n n - - pipe {{ extra_service('maildrop') }}
# flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
# #
# ==================================================================== # ====================================================================
# #
@ -141,46 +180,38 @@ y
# Cyrus 2.1.5 (Amos Gouaux) # Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1 # Also specify in main.cf: cyrus_destination_recipient_limit=1
# #
#cyrus unix - n n - - pipe {{ extra_service('cyrus') }}
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
# #
# ==================================================================== # ====================================================================
# #
# Old example of delivery via Cyrus. # Old example of delivery via Cyrus.
# #
#old-cyrus unix - n n - - pipe {{ extra_service('old-cyrus') }}
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# #
# ==================================================================== # ====================================================================
# #
# See the Postfix UUCP_README file for configuration details. # See the Postfix UUCP_README file for configuration details.
# #
#uucp unix - n n - - pipe {{ extra_service('uucp') }}
# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
# #
# ==================================================================== # ====================================================================
# #
# Other external delivery methods. # Other external delivery methods.
# #
#ifmail unix - n n - - pipe {{ extra_service('ifmail') }}
# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
# #
#bsmtp unix - n n - - pipe {{ extra_service('bsmtp') }}
# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
# #
#scalemail-backend unix - n n - 2 pipe {{ extra_service('scalemail-backend', 79) }}
# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
# ${nexthop} ${user} ${extension}
# #
#mailman unix - n n - - pipe {{ extra_service('mailman', 79) }}
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user}
{%- if salt['pillar.get']('postfix:policyd-spf:enabled', False) %} {%- if salt['pillar.get']('postfix:policyd-spf:enabled', False) %}
policy-spf unix - n n - - spawn #
user=nobody argv={{ postfix.xbin_prefix }}/bin/policyd-spf {{ extra_service('policy-spf', False, True) }}
{%- endif %} {%- endif %}
{%- if master_config.get('enable_dovecot', False) -%} {%- if master_config.get('enable_dovecot', False) -%}
{%- set dovecot = master_config.get('dovecot', {} )%} {%- set dovecot = master_config.get('dovecot', {} )%}
#
dovecot unix - n n - - pipe dovecot unix - n n - - pipe
flags={{ dovecot.get('flags', 'DRhu') }} user={{ dovecot.get('user', 'vmail') }}:{{ dovecot.get('group', 'vmail') }} argv={{ dovecot.get('argv', postfix.dovecot_deliver) ~ ' -d ${recipient}' }} flags={{ dovecot.get('flags', 'DRhu') }} user={{ dovecot.get('user', 'vmail') }}:{{ dovecot.get('group', 'vmail') }} argv={{ dovecot.get('argv', postfix.dovecot_deliver) ~ ' -d ${recipient}' }}
{% endif -%} {% endif -%}

101
postfix/services.jinja
View File

@ -1,3 +1,5 @@
{%- from "postfix/map.jinja" import postfix with context -%}
{#- {#-
# Default Postfix master processes as defined by postfix # Default Postfix master processes as defined by postfix
# #
@ -221,7 +223,104 @@
'maxproc': 1, 'maxproc': 1,
'chroot': False, 'chroot': False,
'type': 'unix' 'type': 'unix'
} },
'maildrop': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '-d ${recipient}',
'flags': 'DRhu',
'type': 'unix',
'unpriv': False,
'user': 'vmail',
'argv': '/usr/local/bin/maildrop',
},
'cyrus': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '-e -r ${sender} -m ${extension} ${user}',
'type': 'unix',
'unpriv': False,
'user': 'cyrus',
'argv': '/cyrus/bin/deliver',
},
'old-cyrus': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '-e -m ${extension} ${user}',
'flags': 'R',
'type': 'unix',
'unpriv': False,
'user': 'cyrus',
'argv': '/cyrus/bin/deliver',
},
'uucp': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '-r -n -z -a$sender - $nexthop!rmail ($recipient)',
'flags': 'Fqhu',
'type': 'unix',
'unpriv': False,
'user': 'uucp',
'argv': 'uux',
},
'ifmail': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '-r $nexthop ($recipient)',
'flags': 'F',
'type': 'unix',
'unpriv': False,
'user': 'ftn',
'argv': '/usr/lib/ifmail/ifmail',
},
'bsmtp': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '-f $sender $nexthop $recipient',
'flags': 'Fq.',
'type': 'unix',
'unpriv': False,
'user': 'bsmtp',
'argv': '/usr/local/sbin/bsmtp',
},
'scalemail-backend': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '${nexthop} ${user} ${extension}',
'flags': 'R',
'maxproc': 2,
'type': 'unix',
'unpriv': False,
'user': 'scalemail',
'argv': '/usr/lib/scalemail/bin/scalemail-store',
},
'mailman': {
'command': 'pipe',
'chroot': False,
'enable': False,
'extras': '${nexthop} ${user}',
'flags': 'FR',
'type': 'unix',
'unpriv': False,
'user': 'list',
'argv': '/usr/lib/mailman/bin/postfix-to-mailman.py',
},
'policy-spf': {
'command': 'spawn',
'chroot': False,
'enable': False,
'type': 'unix',
'unpriv': False,
'user': 'nobody',
'argv': '%s/bin/policyd-spf' | format(postfix.xbin_prefix),
},
} %} } %}
{# Service order inside the master.cf file #} {# Service order inside the master.cf file #}