saltstack-formulas/postfix-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added config files for virtual users

Browse Source
This commit is contained in:
Imran Haider 2015-06-20 19:18:55 -04:00
parent 0ebb0d5480
commit 65f86e621d
6 changed files with 166 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
pillar.example
View File

@ -32,9 +32,37 @@ postfix:
alias_maps: hash:/etc/aliases alias_maps: hash:/etc/aliases
alias_database: hash:/etc/aliases alias_database: hash:/etc/aliases
# Virtual users
virtual_alias_maps: proxy:mysql:/etc/postfix/virtual_alias_maps.cf
virtual_mailbox_domains: proxy:mysql:/etc/postfix/virtual_mailbox_domains.cf
virtual_mailbox_maps: proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf
virtual_mailbox_base: /home/vmail
virtual_mailbox_limit: 512000000
virtual_minimum_uid: 5000
virtual_transport: virtual
virtual_uid_maps: static:5000
virtual_gid_maps: static:5000
local_transport: virtual
local_recipient_maps: $virtual_mailbox_maps
transport_maps: hash:/etc/postfix/transport
# SMTP server # SMTP server
smtpd_tls_session_cache_database: btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_database: btree:${data_directory}/smtpd_scache
smtpd_use_tls: 'yes' smtpd_use_tls: 'yes'
smtpd_sasl_auth_enable: 'yes'
smtpd_sasl_type: dovecot
smtpd_sasl_path: /var/run/dovecot/auth-client
smtpd_recipient_restrictions: permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_relay_restrictions: permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options: noanonymous
smtpd_sasl_tls_security_options: $smtpd_sasl_security_options
smtpd_tls_auth_only: 'yes'
smtpd_sasl_local_domain: $mydomain
smtpd_tls_loglevel: 1
smtpd_tls_session_cache_timeout: 3600s
relay_domains: '$mydestination'
# SMTP server certificate and key (from pillar data) # SMTP server certificate and key (from pillar data)
smtpd_tls_cert_file: /etc/postfix/ssl/server-cert.crt smtpd_tls_cert_file: /etc/postfix/ssl/server-cert.crt
@ -47,13 +75,19 @@ postfix:
smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key
smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
sender_canonical_maps: hash:/etc/postfix/sender_canonical sender_canonical_maps: hash:/etc/postfix/sender_canonical
relay_recipient_maps: hash:/etc/postfix/relay_domains relay_recipient_maps: hash:/etc/postfix/relay_domains
virtual_alias_maps: hash:/etc/postfix/virtual virtual_alias_maps: hash:/etc/postfix/virtual
transport:
DOMAIN_NAME: ':[IP_ADDRESS]'
vmail:
user: postfix_user
password: DB_PASSWD
hosts: DB_HOST
dbname: postfix_db
certificates: certificates:
server-cert: server-cert:
public_cert: | public_cert: |

61
postfix/config.sls
View File

@ -20,6 +20,45 @@ include:
- watch_in: - watch_in:
- service: postfix - service: postfix
- template: jinja - template: jinja
{% if 'vmail' in pillar.get('postfix', '') %}
/etc/postfix/virtual_alias_maps.cf:
file.managed:
- source: salt://postfix/files/virtual_alias_maps.cf
- user: root
- group: postfix
- mode: 640
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja
/etc/postfix/virtual_mailbox_domains.cf:
file.managed:
- source: salt://postfix/files/virtual_mailbox_domains.cf
- user: root
- group: postfix
- mode: 640
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja
/etc/postfix/virtual_mailbox_maps.cf:
file.managed:
- source: salt://postfix/files/virtual_mailbox_maps.cf
- user: root
- group: postfix
- mode: 640
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja
{% endif %}
{% if salt['pillar.get']('postfix:manage_master_config', True) %} {% if salt['pillar.get']('postfix:manage_master_config', True) %}
/etc/postfix/master.cf: /etc/postfix/master.cf:
file.managed: file.managed:
@ -34,9 +73,31 @@ include:
- template: jinja - template: jinja
{% endif %} {% endif %}
{% if 'transport' in pillar.get('postfix', '') %}
/etc/postfix/transport:
file.managed:
- source: salt://postfix/files/transport
- user: root
- group: root
- mode: 644
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja
run-postmap:
cmd.wait:
- name: /usr/sbin/postmap /etc/postfix/transport
- cwd: /
- watch:
- file: /etc/postfix/transport
{% endif %}
{%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %} {%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %}
postfix_{{ domain }}_ssl_certificate: postfix_{{ domain }}_ssl_certificate:
file.managed: file.managed:
- name: /etc/postfix/ssl/{{ domain }}.crt - name: /etc/postfix/ssl/{{ domain }}.crt
- makedirs: True - makedirs: True

17
postfix/files/transport Normal file
View File

@ -0,0 +1,17 @@
#
# This file is managed by salt
#
{% set config = salt['pillar.get']('postfix:transport', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} {{ value }}
{% endif -%}
{% endmacro -%}
{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}

17
postfix/files/virtual_alias_maps.cf Normal file
View File

@ -0,0 +1,17 @@
{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} = {{ value }}
{% endif -%}
{% endmacro -%}
{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}
{{ set_parameter('table', 'alias') }}
{{ set_parameter('select_field', 'goto') }}
{{ set_parameter('where_field', 'address') }}

17
postfix/files/virtual_mailbox_domains.cf Normal file
View File

@ -0,0 +1,17 @@
{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} = {{ value }}
{% endif -%}
{% endmacro -%}
{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}
{{ set_parameter('table', 'domain') }}
{{ set_parameter('select_field', 'domain') }}
{{ set_parameter('where_field', 'domain') }}

17
postfix/files/virtual_mailbox_maps.cf Normal file
View File

@ -0,0 +1,17 @@
{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} = {{ value }}
{% endif -%}
{% endmacro -%}
{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}
{{ set_parameter('table', 'mailbox') }}
{{ set_parameter('select_field', 'maildir') }}
{{ set_parameter('where_field', 'username') }}