Replace postmap_macro by generic handling of map files

Merge existing handling of postfix lookup table/map files into a single template. Mappings are read from pillar in `postfix:mapping`. Configuration is written to the file pointed to by the relevant directive in `postfix:config`. A single target file is supported at the moment. The file is postmap'ed if needed. The pillar accepts a dict or an OrderedDict.
2016-04-08 17:50:52 +02:00 · 2016-04-08 17:50:52 +02:00 · 62ab827c34
commit 62ab827c34
parent 1442318df1
7 changed files with 78 additions and 92 deletions
--- a/pillar.example
+++ b/pillar.example
@ -5,22 +5,6 @@ postfix:

  enable_service: True

-  virtual:
-    groupaliasexample: 
-     - someuser_1@example.com
-     - someuser_2@example.com
-    singlealiasexample: 'someuser_3@example.com'
-
-  relay_domains:
-    example.com: 'OK'
-
-  sasl_passwd:
-    smtp.example.com: 'somepassword'
-
-  sender_canonical:
-    root: 'servers@example.com'
-    nagios: 'alerts@example.com'
-
  postgrey:
    enabled: True
    enable_service: True
@ -62,6 +46,14 @@ postfix:
    smtp_tls_cert_file: /etc/postfix/ssl/example.com-relay-client-cert.crt
    smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key

+    smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
+
+    sender_canonical_maps: hash:/etc/postfix/sender_canonical
+
+    relay_recipient_maps: hash:/etc/postfix/relay_domains
+
+    virtual_alias_maps: hash:/etc/postfix/virtual
+
  certificates:
    server-cert:
      public_cert: |
@ -88,3 +80,20 @@ postfix:
        -----BEGIN RSA PRIVATE KEY-----
        (Your Private key)
        -----END RSA PRIVATE KEY-----
+
+  mapping:
+    smtp_sasl_password_maps:
+      - smtp.example.com: myaccount:somepassword
+
+    sender_canonical_maps:
+      - root: servers@example.com
+      - nagios: alerts@example.com
+
+    relay_recipient_maps:
+      - example.com: OK
+
+    virtual_alias_maps:
+      - groupaliasexample:
+        - someuser_1@example.com
+        - someuser_2@example.com
+      - singlealiasexample: someuser_3@example.com
--- a/postfix/files/mapping.j2
+++ b/postfix/files/mapping.j2
@ -0,0 +1,19 @@
+# Managed by config management
+
+{% if data is mapping -%}
+  {% for key, value in data.iteritems() -%}
+    {# Some settings, like virtual_alias_maps can take multiple values. Handle this case. -#}
+    {% if value is iterable and value is not string -%}
+      {% for item in value -%}
+{{ key }}	{{ item }}
+      {% endfor -%}
+    {% else -%}
+{{ key }}	{{ value }}
+    {% endif -%}
+  {% endfor -%}
+{% else -%}
+  {# Some settings need order, handle OrderedDict -#}
+  {% for item in data -%}
+{{ item.keys()[0] }}	{{ item.values()[0] }}
+{% endfor -%}
+{% endif -%}
--- a/postfix/init.sls
+++ b/postfix/init.sls
@ -12,25 +12,6 @@ postfix:
    - watch:
      - pkg: postfix

-{%- macro postmap_file(filename, mode=644) %}
-{%- set file_path = '/etc/postfix/' ~ filename %}
-postmap_{{ filename }}:
-  file.managed:
-    - name: {{ file_path }}
-    - source: salt://postfix/{{ filename }}
-    - user: root
-    - group: root
-    - mode: {{ mode }}
-    - template: jinja
-    - require:
-      - pkg: postfix
-  cmd.wait:
-    - name: /usr/sbin/postmap {{ file_path }}
-    - cwd: /
-    - watch:
-      - file: {{ file_path }}
-{%- endmacro %}
-
 # manage /etc/aliases if data found in pillar
 {% if 'aliases' in pillar.get('postfix', '') %}
 {{ postfix.aliases_file }}:
@ -51,22 +32,37 @@ run-newaliases:
      - file: {{ postfix.aliases_file }}
 {% endif %}

-# manage /etc/postfix/virtual if data found in pillar
-{% if 'virtual' in pillar.get('postfix', '') %}
-{{ postmap_file('virtual') }}
-{% endif %}
-
-# manage /etc/postfix/relay_domains if data found in pillar
-{% if 'relay_domains' in pillar.get('postfix', '') %}
-{{ postmap_file('relay_domains') }}
-{% endif %}
-
-# manage /etc/postfix/sasl_passwd if data found in pillar
-{% if 'sasl_passwd' in pillar.get('postfix', '') %}
-{{ postmap_file('sasl_passwd', 600) }}
-{% endif %}
-
-# manage /etc/postfix/sender_canonical if data found in pillar
-{% if 'sender_canonical' in pillar.get('postfix', '') %}
-{{ postmap_file('sender_canonical') }}
-{% endif %}
+# manage various mappings
+{% for mapping, data in salt['pillar.get']('postfix:mapping', {}).items() %}
+  {%- set need_postmap = False %}
+  {%- set file_path = salt['pillar.get']('postfix:config:' ~ mapping) %}
+  {%- if ':' in file_path %}
+    {%- set file_path = file_path.split(':')[1] %}
+    {%- set need_postmap = True %}
+  {%- endif %}
+postfix_{{ mapping }}:
+  file.managed:
+    - name: {{ file_path }}
+    - source: salt://postfix/files/mapping.j2
+    - user: root
+    - group: root
+    {%- if mapping == 'smtp_sasl_password_maps' %}
+    - mode: 600
+    {%- else %}
+    - mode: 644
+    {%- endif %}
+    - template: jinja
+    - context:
+        data: {{ data|json() }}
+    - require:
+      - pkg: postfix
+  {%- if need_postmap %}
+  cmd.wait:
+    - name: /usr/sbin/postmap {{ file_path }}
+    - cwd: /
+    - watch:
+      - file: {{ file_path }}
+    - watch_in:
+      - service: postfix
+  {%- endif %}
+{% endfor %}
--- a/postfix/relay_domains
+++ b/postfix/relay_domains
@ -1,7 +0,0 @@
-# Managed by config management
-{% set canonical = salt['pillar.get']('postfix:relay_domains',{}) -%}
-{% if canonical is iterable -%}
-{% for key,value in salt['pillar.get']('postfix:relay_domains',{}).iteritems() -%}
-{{ key }}  {{ value }}
-{% endfor %}
-{% endif %}
--- a/postfix/sasl_passwd
+++ b/postfix/sasl_passwd
@ -1,7 +0,0 @@
-# Managed by config management
-{% set canonical = salt['pillar.get']('postfix:sasl_passwd',{}) -%}
-{% if canonical is iterable -%}
-{% for key,value in salt['pillar.get']('postfix:sasl_passwd',{}).iteritems() -%}
-{{ key }}  {{ value }}
-{% endfor %}
-{% endif %}
--- a/postfix/sender_canonical
+++ b/postfix/sender_canonical
@ -1,7 +0,0 @@
-# Managed by config management
-{% set canonical = salt['pillar.get']('postfix:sender_canonical',{}) -%}
-{% if canonical is iterable -%}
-  {% for key,value in salt['pillar.get']('postfix:sender_canonical',{}).iteritems() -%}
-    {{ key }}  {{ value }}
-  {% endfor %}
-{% endif %}
--- a/postfix/virtual
+++ b/postfix/virtual
@ -1,17 +0,0 @@
-# Managed by config management
-{% set virtual = salt['pillar.get']('postfix:virtual',{}) -%}
-{# to have virtual file emptied, just set an empty key 'virtual' -#}
-{% if virtual is iterable -%}
-  {% for key, value in virtual.iteritems() -%}
-    {# Mutiple values available for single key in virtual alias maps - ie for dist groups -#}
-    {# We test if list was provided as value, and iterate if so -#}
-    {% if value is iterable and value is not string -%}
-      {% for item in value -%}
-{{key }}    {{ item }}
-      {% endfor -%}
-    {% else -%}
-      {# ..otherwise expect it to be just a string for the value -#}
-{{ key }}   {{ value }}
-    {% endif -%}
-  {% endfor -%}
-{% endif -%}