Merge pull request #105 from Perceptyx/add-tls-poliy-map
feat(maps): adds tls_policy map for smtp delivery
This commit is contained in:
commit
e61eb5a685
@ -156,6 +156,7 @@ postfix:
|
|||||||
smtp_use_tls: 'yes'
|
smtp_use_tls: 'yes'
|
||||||
smtp_tls_cert_file: /etc/postfix/ssl/example.com-relay-client-cert.crt
|
smtp_tls_cert_file: /etc/postfix/ssl/example.com-relay-client-cert.crt
|
||||||
smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key
|
smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key
|
||||||
|
smtp_tls_policy_maps: hash:/etc/postfix/tls_policy
|
||||||
|
|
||||||
smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
|
smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
|
||||||
sender_canonical_maps: hash:/etc/postfix/sender_canonical
|
sender_canonical_maps: hash:/etc/postfix/sender_canonical
|
||||||
@ -165,6 +166,10 @@ postfix:
|
|||||||
transport:
|
transport:
|
||||||
DOMAIN_NAME: ':[IP_ADDRESS]'
|
DOMAIN_NAME: ':[IP_ADDRESS]'
|
||||||
|
|
||||||
|
tls_policy:
|
||||||
|
example.com: encrypt
|
||||||
|
.example.com: encrypt
|
||||||
|
|
||||||
vmail:
|
vmail:
|
||||||
user: postfix_user
|
user: postfix_user
|
||||||
password: DB_PASSWD
|
password: DB_PASSWD
|
||||||
|
@ -101,6 +101,27 @@ run-postmap:
|
|||||||
- file: {{ postfix.config_path }}/transport
|
- file: {{ postfix.config_path }}/transport
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if 'tls_policy' in pillar.get('postfix', '') %}
|
||||||
|
{{ postfix.config_path }}/tls_policy:
|
||||||
|
file.managed:
|
||||||
|
- source: salt://postfix/files/tls_policy
|
||||||
|
- user: root
|
||||||
|
- group: {{ postfix.root_grp }}
|
||||||
|
- mode: 644
|
||||||
|
- require:
|
||||||
|
- pkg: postfix
|
||||||
|
- watch_in:
|
||||||
|
- service: postfix
|
||||||
|
- template: jinja
|
||||||
|
|
||||||
|
run-postmap-tls-policy:
|
||||||
|
cmd.wait:
|
||||||
|
- name: {{ postfix.xbin_prefix }}/sbin/postmap {{ postfix.config_path }}/tls_policy
|
||||||
|
- cwd: /
|
||||||
|
- watch:
|
||||||
|
- file: {{ postfix.config_path }}/tls_policy
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %}
|
{%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %}
|
||||||
|
|
||||||
postfix_{{ domain }}_ssl_certificate:
|
postfix_{{ domain }}_ssl_certificate:
|
||||||
|
17
postfix/files/tls_policy
Normal file
17
postfix/files/tls_policy
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
#
|
||||||
|
# This file is managed by salt
|
||||||
|
#
|
||||||
|
|
||||||
|
{% set config = salt['pillar.get']('postfix:tls_policy', {}) -%}
|
||||||
|
{% macro set_parameter(parameter, default=None) -%}
|
||||||
|
{% set value = config.get(parameter, default) -%}
|
||||||
|
{% if value is not none -%}
|
||||||
|
{{ parameter }} {{ value }}
|
||||||
|
{% endif -%}
|
||||||
|
{% endmacro -%}
|
||||||
|
|
||||||
|
{# Accept arbitrary parameters -#}
|
||||||
|
{% for parameter in config -%}
|
||||||
|
{{ set_parameter(parameter) }}
|
||||||
|
{% endfor -%}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user