Merge pull request #105 from Perceptyx/add-tls-poliy-map
feat(maps): adds tls_policy map for smtp delivery
This commit is contained in:
commit
e61eb5a685
@ -156,6 +156,7 @@ postfix:
|
||||
smtp_use_tls: 'yes'
|
||||
smtp_tls_cert_file: /etc/postfix/ssl/example.com-relay-client-cert.crt
|
||||
smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key
|
||||
smtp_tls_policy_maps: hash:/etc/postfix/tls_policy
|
||||
|
||||
smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
|
||||
sender_canonical_maps: hash:/etc/postfix/sender_canonical
|
||||
@ -165,6 +166,10 @@ postfix:
|
||||
transport:
|
||||
DOMAIN_NAME: ':[IP_ADDRESS]'
|
||||
|
||||
tls_policy:
|
||||
example.com: encrypt
|
||||
.example.com: encrypt
|
||||
|
||||
vmail:
|
||||
user: postfix_user
|
||||
password: DB_PASSWD
|
||||
|
@ -101,6 +101,27 @@ run-postmap:
|
||||
- file: {{ postfix.config_path }}/transport
|
||||
{% endif %}
|
||||
|
||||
{% if 'tls_policy' in pillar.get('postfix', '') %}
|
||||
{{ postfix.config_path }}/tls_policy:
|
||||
file.managed:
|
||||
- source: salt://postfix/files/tls_policy
|
||||
- user: root
|
||||
- group: {{ postfix.root_grp }}
|
||||
- mode: 644
|
||||
- require:
|
||||
- pkg: postfix
|
||||
- watch_in:
|
||||
- service: postfix
|
||||
- template: jinja
|
||||
|
||||
run-postmap-tls-policy:
|
||||
cmd.wait:
|
||||
- name: {{ postfix.xbin_prefix }}/sbin/postmap {{ postfix.config_path }}/tls_policy
|
||||
- cwd: /
|
||||
- watch:
|
||||
- file: {{ postfix.config_path }}/tls_policy
|
||||
{% endif %}
|
||||
|
||||
{%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %}
|
||||
|
||||
postfix_{{ domain }}_ssl_certificate:
|
||||
|
17
postfix/files/tls_policy
Normal file
17
postfix/files/tls_policy
Normal file
@ -0,0 +1,17 @@
|
||||
#
|
||||
# This file is managed by salt
|
||||
#
|
||||
|
||||
{% set config = salt['pillar.get']('postfix:tls_policy', {}) -%}
|
||||
{% macro set_parameter(parameter, default=None) -%}
|
||||
{% set value = config.get(parameter, default) -%}
|
||||
{% if value is not none -%}
|
||||
{{ parameter }} {{ value }}
|
||||
{% endif -%}
|
||||
{% endmacro -%}
|
||||
|
||||
{# Accept arbitrary parameters -#}
|
||||
{% for parameter in config -%}
|
||||
{{ set_parameter(parameter) }}
|
||||
{% endfor -%}
|
||||
|
Loading…
Reference in New Issue
Block a user