Replace postmap_macro by generic handling of map files
Merge existing handling of postfix lookup table/map files into a single template. Mappings are read from pillar in `postfix:mapping`. Configuration is written to the file pointed to by the relevant directive in `postfix:config`. A single target file is supported at the moment. The file is postmap'ed if needed. The pillar accepts a dict or an OrderedDict.
This commit is contained in:
parent
1442318df1
commit
62ab827c34
@ -5,22 +5,6 @@ postfix:
|
||||
|
||||
enable_service: True
|
||||
|
||||
virtual:
|
||||
groupaliasexample:
|
||||
- someuser_1@example.com
|
||||
- someuser_2@example.com
|
||||
singlealiasexample: 'someuser_3@example.com'
|
||||
|
||||
relay_domains:
|
||||
example.com: 'OK'
|
||||
|
||||
sasl_passwd:
|
||||
smtp.example.com: 'somepassword'
|
||||
|
||||
sender_canonical:
|
||||
root: 'servers@example.com'
|
||||
nagios: 'alerts@example.com'
|
||||
|
||||
postgrey:
|
||||
enabled: True
|
||||
enable_service: True
|
||||
@ -62,6 +46,14 @@ postfix:
|
||||
smtp_tls_cert_file: /etc/postfix/ssl/example.com-relay-client-cert.crt
|
||||
smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key
|
||||
|
||||
smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
|
||||
|
||||
sender_canonical_maps: hash:/etc/postfix/sender_canonical
|
||||
|
||||
relay_recipient_maps: hash:/etc/postfix/relay_domains
|
||||
|
||||
virtual_alias_maps: hash:/etc/postfix/virtual
|
||||
|
||||
certificates:
|
||||
server-cert:
|
||||
public_cert: |
|
||||
@ -88,3 +80,20 @@ postfix:
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
(Your Private key)
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
||||
mapping:
|
||||
smtp_sasl_password_maps:
|
||||
- smtp.example.com: myaccount:somepassword
|
||||
|
||||
sender_canonical_maps:
|
||||
- root: servers@example.com
|
||||
- nagios: alerts@example.com
|
||||
|
||||
relay_recipient_maps:
|
||||
- example.com: OK
|
||||
|
||||
virtual_alias_maps:
|
||||
- groupaliasexample:
|
||||
- someuser_1@example.com
|
||||
- someuser_2@example.com
|
||||
- singlealiasexample: someuser_3@example.com
|
||||
|
19
postfix/files/mapping.j2
Normal file
19
postfix/files/mapping.j2
Normal file
@ -0,0 +1,19 @@
|
||||
# Managed by config management
|
||||
|
||||
{% if data is mapping -%}
|
||||
{% for key, value in data.iteritems() -%}
|
||||
{# Some settings, like virtual_alias_maps can take multiple values. Handle this case. -#}
|
||||
{% if value is iterable and value is not string -%}
|
||||
{% for item in value -%}
|
||||
{{ key }} {{ item }}
|
||||
{% endfor -%}
|
||||
{% else -%}
|
||||
{{ key }} {{ value }}
|
||||
{% endif -%}
|
||||
{% endfor -%}
|
||||
{% else -%}
|
||||
{# Some settings need order, handle OrderedDict -#}
|
||||
{% for item in data -%}
|
||||
{{ item.keys()[0] }} {{ item.values()[0] }}
|
||||
{% endfor -%}
|
||||
{% endif -%}
|
@ -12,25 +12,6 @@ postfix:
|
||||
- watch:
|
||||
- pkg: postfix
|
||||
|
||||
{%- macro postmap_file(filename, mode=644) %}
|
||||
{%- set file_path = '/etc/postfix/' ~ filename %}
|
||||
postmap_{{ filename }}:
|
||||
file.managed:
|
||||
- name: {{ file_path }}
|
||||
- source: salt://postfix/{{ filename }}
|
||||
- user: root
|
||||
- group: root
|
||||
- mode: {{ mode }}
|
||||
- template: jinja
|
||||
- require:
|
||||
- pkg: postfix
|
||||
cmd.wait:
|
||||
- name: /usr/sbin/postmap {{ file_path }}
|
||||
- cwd: /
|
||||
- watch:
|
||||
- file: {{ file_path }}
|
||||
{%- endmacro %}
|
||||
|
||||
# manage /etc/aliases if data found in pillar
|
||||
{% if 'aliases' in pillar.get('postfix', '') %}
|
||||
{{ postfix.aliases_file }}:
|
||||
@ -51,22 +32,37 @@ run-newaliases:
|
||||
- file: {{ postfix.aliases_file }}
|
||||
{% endif %}
|
||||
|
||||
# manage /etc/postfix/virtual if data found in pillar
|
||||
{% if 'virtual' in pillar.get('postfix', '') %}
|
||||
{{ postmap_file('virtual') }}
|
||||
{% endif %}
|
||||
|
||||
# manage /etc/postfix/relay_domains if data found in pillar
|
||||
{% if 'relay_domains' in pillar.get('postfix', '') %}
|
||||
{{ postmap_file('relay_domains') }}
|
||||
{% endif %}
|
||||
|
||||
# manage /etc/postfix/sasl_passwd if data found in pillar
|
||||
{% if 'sasl_passwd' in pillar.get('postfix', '') %}
|
||||
{{ postmap_file('sasl_passwd', 600) }}
|
||||
{% endif %}
|
||||
|
||||
# manage /etc/postfix/sender_canonical if data found in pillar
|
||||
{% if 'sender_canonical' in pillar.get('postfix', '') %}
|
||||
{{ postmap_file('sender_canonical') }}
|
||||
{% endif %}
|
||||
# manage various mappings
|
||||
{% for mapping, data in salt['pillar.get']('postfix:mapping', {}).items() %}
|
||||
{%- set need_postmap = False %}
|
||||
{%- set file_path = salt['pillar.get']('postfix:config:' ~ mapping) %}
|
||||
{%- if ':' in file_path %}
|
||||
{%- set file_path = file_path.split(':')[1] %}
|
||||
{%- set need_postmap = True %}
|
||||
{%- endif %}
|
||||
postfix_{{ mapping }}:
|
||||
file.managed:
|
||||
- name: {{ file_path }}
|
||||
- source: salt://postfix/files/mapping.j2
|
||||
- user: root
|
||||
- group: root
|
||||
{%- if mapping == 'smtp_sasl_password_maps' %}
|
||||
- mode: 600
|
||||
{%- else %}
|
||||
- mode: 644
|
||||
{%- endif %}
|
||||
- template: jinja
|
||||
- context:
|
||||
data: {{ data|json() }}
|
||||
- require:
|
||||
- pkg: postfix
|
||||
{%- if need_postmap %}
|
||||
cmd.wait:
|
||||
- name: /usr/sbin/postmap {{ file_path }}
|
||||
- cwd: /
|
||||
- watch:
|
||||
- file: {{ file_path }}
|
||||
- watch_in:
|
||||
- service: postfix
|
||||
{%- endif %}
|
||||
{% endfor %}
|
||||
|
@ -1,7 +0,0 @@
|
||||
# Managed by config management
|
||||
{% set canonical = salt['pillar.get']('postfix:relay_domains',{}) -%}
|
||||
{% if canonical is iterable -%}
|
||||
{% for key,value in salt['pillar.get']('postfix:relay_domains',{}).iteritems() -%}
|
||||
{{ key }} {{ value }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
@ -1,7 +0,0 @@
|
||||
# Managed by config management
|
||||
{% set canonical = salt['pillar.get']('postfix:sasl_passwd',{}) -%}
|
||||
{% if canonical is iterable -%}
|
||||
{% for key,value in salt['pillar.get']('postfix:sasl_passwd',{}).iteritems() -%}
|
||||
{{ key }} {{ value }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
@ -1,7 +0,0 @@
|
||||
# Managed by config management
|
||||
{% set canonical = salt['pillar.get']('postfix:sender_canonical',{}) -%}
|
||||
{% if canonical is iterable -%}
|
||||
{% for key,value in salt['pillar.get']('postfix:sender_canonical',{}).iteritems() -%}
|
||||
{{ key }} {{ value }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
@ -1,17 +0,0 @@
|
||||
# Managed by config management
|
||||
{% set virtual = salt['pillar.get']('postfix:virtual',{}) -%}
|
||||
{# to have virtual file emptied, just set an empty key 'virtual' -#}
|
||||
{% if virtual is iterable -%}
|
||||
{% for key, value in virtual.iteritems() -%}
|
||||
{# Mutiple values available for single key in virtual alias maps - ie for dist groups -#}
|
||||
{# We test if list was provided as value, and iterate if so -#}
|
||||
{% if value is iterable and value is not string -%}
|
||||
{% for item in value -%}
|
||||
{{key }} {{ item }}
|
||||
{% endfor -%}
|
||||
{% else -%}
|
||||
{# ..otherwise expect it to be just a string for the value -#}
|
||||
{{ key }} {{ value }}
|
||||
{% endif -%}
|
||||
{% endfor -%}
|
||||
{% endif -%}
|
Loading…
Reference in New Issue
Block a user