Commit Graph

67 Commits

Author SHA1 Message Date
Felipe Zipitria
d87da4adc4 feat(maps): adds tls_policy map for smtp delivery
Signed-off-by: Felipe Zipitria <fzipitria@perceptyx.com>
2020-05-12 15:41:02 -03:00
Imran Iqbal
34a112faab
fix: make necessary modifications to get working on salt-ssh
* Similar situation to https://github.com/saltstack-formulas/logrotate-formula/pull/53
  - https://freenode.logbot.info/saltstack-formulas/20200507#c3819526-c3819581
  - https://freenode.logbot.info/saltstack-formulas/20200508#c3826763-c3826995
* Send template values by `context`
2020-05-08 09:40:10 +01:00
Alexander Weidinger
fbaa2dcabb main.cf: ignore only actually used keys of 'postfix:mapping'; fixes #89 2019-04-24 12:38:55 +02:00
Alexander Weidinger
c432ae23dc mapping.j2: fixed handling of OrderedDict in Python 3 2019-04-09 20:06:16 +02:00
Dimitrij Hilt
dada652f3e Add no_args parameter on defined own services to allow create also
internal services without 'user= argv='.
2019-01-08 09:26:27 +01:00
Niels Abspoel
1da803467f
Merge pull request #80 from bawuenet/proxy_map_support
Fix table type for proxy tables
2018-10-21 00:34:45 +02:00
Andreas Thienemann
fb69881dde Improve services definitions
The services definitions for master.cf were previously defined in
the services.jinja file.

This commit instead moves them into the services.yaml file, as we
should not require any jinja parsing inside the services definitions.

Drive-By: Add a .gitignore file
Drive-By: Set manage_master_config: True for kitchen. We do want to
          verify that the master.cf file generation is actually working.
Drive-By: Add fedora-latest as a kitchen testing target, this helps
          with verifying the os_family map testing that was added in
          PR #79
Drive-By: Link to the kitchen-salt getting started guide in the README
2018-10-08 12:28:01 +02:00
Andreas Thienemann
9281c79aec Fix table type for proxy tables
http://www.postfix.org/DATABASE_README.html#types specifies the lookup
table types postfix understands.

Most are defined as type:/path/to/table which is currently supported
by the postfix formula.

This does break though as soon as the proxy table type is used which is
a prefix to a normal table definition to indicate caching is requested.

This PR changes the code to discard the proxy prefix to ensure that the
usual logic applies again.
2018-10-07 13:48:13 +02:00
Andreas Thienemann
e4b507b0b5 Further improvements on extra services configured in master.cf
As promised in PR #75, here's a further (and hopefully final)
iteration of the master.cf service handling:

- Bring dovecot and policyd-spf configuration in line with the
  extras_services item added in PR #75
- Remove policyd-spf configuration again from services.jinja,
  handle this in master.cf instead, where it was before
- Allow for completely custom services to be added via a pillar
  definition in postfix:master_config:services
- Fix legacy dovecot argv example in pillar.example: The example
  showed the extra_args being defined as part of the argv
  parameter, something that would clash with the actual code and
  result in a duplicate '-d ${recipient}' definition in the config.
2018-10-04 05:02:57 +02:00
Niels Abspoel
ca6b26e3ed
Merge pull request #75 from bawuenet/more_services
More pillar managed services
2018-10-01 22:49:54 +02:00
Andreas Thienemann
36f0a70813 Improve handling of multiple values in main.cf
In case a list of items (iterable) is passed to the set_parameter
function in main.cf, the list of items are joined by a comma.

This makes parameters with many items a bit hard to read as it
results in long lines.

Postfix also supports an alternative declaration where subsequent
parameter values are written in a new line that starts with whitespace
and thus forms a continuation of the previous line.
This makes parsing multiple entry lines easier for humans.

Old style:
smtpd_milters = { unix:/run/spamass-milter/postfix/sock, connect_timeout=10s, default_action=accept } { inet:localhost:10003, connect_timeout=10s, default_action=accept } { inet:localhost:10004, connect_timeout=10s, default_action=accept } { inet:localhost:10006, connect_timeout=10s, default_action=accept } { inet:localhost:10007, connect_timeout=10s, default_action=accept }

New style:
smtpd_milters = { unix:/run/spamass-milter/postfix/sock, connect_timeout=10s, default_action=accept }
                { inet:localhost:10003, connect_timeout=10s, default_action=accept }
                { inet:localhost:10004, connect_timeout=10s, default_action=accept }
                { inet:localhost:10006, connect_timeout=10s, default_action=accept }
                { inet:localhost:10007, connect_timeout=10s, default_action=accept }
2018-09-29 03:55:38 +02:00
Andreas Thienemann
1b9ac1eb4e More pillar managed services
Most of the services in master.cf were already configurable through
the formula but specific ones such as cyrus or uucp were not managed
yet.

This commit adds functionality to manage these services as well
through pillar variables, e.g.:

postfix:
  master_config:
    services:
      uucp:
	enable: True
2018-09-26 21:52:02 -07:00
Andre Sencioles
e40c589cd5 Fix duplicated mapping parameters on main.cf
Fixes the creation of duplicated parameters on main.cf by using the
"set_parameter" macro to append the mapping parameter to the
"processed_parameters" list.
2018-08-29 15:34:31 +12:00
Benjamin DUPUIS
fe261fc635 add inet_protocols 2018-07-09 11:32:16 +02:00
Alexander Weidinger
0c489c03df master.cf: submission: CSV must not use blank
Would produce: "fatal: unexpected command-line argument: nameofsetting,"
2018-04-04 11:34:34 +02:00
Javier Bértoli
47ffa7d173 Fix xbin_prefix parameter, add managed by Salt headers 2018-03-18 14:08:45 -03:00
Andreas Thienemann
b6b7ab4cca Allow for full managed master.cf services
Currently master.cf only allows for _very_ limited configuration
options mainly focussed on SMTP submission settings.

This is rather limited and does not scale very well for managing
the other services defined in master.cf.

This patch has moved all the service definitions into a jinja file
and generates the master.cf service definition on the fly based on
these defaults.

Defaults can be overridden in a pillar to customize the rendered
master.cf file accordingly to local needs.
Undefined values will be filled with the postfix defaults.

Care has been taken that the previous ways of managing the submission
configuration options are still supported for backwards compatibility
to prevent breakage for existing users of the formula.
2018-03-11 19:22:12 +01:00
N
5579ebcef6
Merge branch 'master' into add_mysql_query_to_virtual 2018-03-08 09:40:09 +00:00
Niels Abspoel
f30071afd2 replace iteritems with items 2018-03-07 21:17:57 +01:00
Alexander Weidinger
014c5227bc Let the user handle mappings manually 2017-12-08 14:53:58 +01:00
Alexander Weidinger
caee184158 master.cf: added dovecot 2017-12-08 14:04:35 +01:00
Alexander Weidinger
4c7c2a269d master.cf: made submission configurable 2017-12-08 13:20:01 +01:00
Florian Ermisch
9ed99927c2 explain what the colon in mapping.j2 is for 2017-08-25 14:54:20 +02:00
Florian Ermisch
f514881e5a explain the difference between alias_maps and alias_database 2017-08-24 13:35:24 +02:00
Florian Ermisch
c60c3bab6f adjust processed_parameters to match pillar.example 2017-08-24 13:25:38 +02:00
Florian Ermisch
8eed254773 one for-loop for all of the mappings 2017-08-24 13:10:54 +02:00
Florian Ermisch
d51f60647a add optional context variable "colon" to mapping.j2 for aliases file 2017-08-24 13:03:10 +02:00
Florian Ermisch
099d84ab73 Template paths and groups to make them work on FreeBSD, too. 2017-08-24 13:02:46 +02:00
Vitali Quiering
f8514b3629 Add a mysql query to virtual_mailbox_domains, virtual_alias_maps virtual_mailbox_maps if mysql is declared in main.cf within these options 2017-04-12 17:06:16 +02:00
Javier Bértoli
026dd44dde Minor formatting change 2017-03-29 08:19:33 -03:00
Javier Bértoli
b0aa531297 Use join() for iterable values in main.cf 2017-03-28 11:57:34 -03:00
Imran Haider
65f86e621d Added config files for virtual users 2016-11-20 11:01:34 -05:00
Gilles Dartiguelongue
e10ad0e745 Make prope use of jinja templating features
join is available in jinja-2.6, released in 2011.
2016-06-20 19:02:41 +02:00
Gilles Dartiguelongue
573211150f Actually print multiple value as described in man 5 virtual 2016-06-20 18:43:18 +02:00
Gilles Dartiguelongue
80645badee Handle mappings passed as dict or OrderedDict 2016-06-20 18:41:59 +02:00
Gilles Dartiguelongue
62ab827c34 Replace postmap_macro by generic handling of map files
Merge existing handling of postfix lookup table/map files into a single
template. Mappings are read from pillar in `postfix:mapping`.
Configuration is written to the file pointed to by the relevant
directive in `postfix:config`. A single target file is supported at the
moment. The file is postmap'ed if needed.

The pillar accepts a dict or an OrderedDict.
2016-06-20 18:41:43 +02:00
Niels Abspoel
b632899833 fix missing bracket 2016-01-02 20:20:54 +01:00
david
bcf0ec995f add config parameter smtp_tls_CApath to validate peers 2015-12-31 16:00:43 +01:00
Gilles Dartiguelongue
e20aeb5d89 Fix handling of smtpd_sasl_auth_enable
Defaults to yes but will not write yes unless a default is provided to
set_parameter.
2015-10-02 23:11:50 +02:00
Gilles Dartiguelongue
51d2e5936d Fix excessive whitespace stripping 2015-10-02 23:11:27 +02:00
Scott Reid
9326095571 enable creation of smtp_sasl_password_maps file from pillar 2015-09-02 11:59:57 -07:00
Richard Clark
83c0a448fe - Fix virtual handling - can't just dump json to virtual
- Add in handling for sender_canonical
- Add examples to pillar
2015-08-31 16:34:51 -04:00
Gilles Dartiguelongue
6bec84cc23 Remove extra whitespaces in generated file 2015-08-30 18:52:25 +02:00
Gilles Dartiguelongue
609737b0cc Enhance default TLS configuration
Increase default security settings according to upstream documentation
tough it is by no mean perfect.
2015-08-30 18:51:42 +02:00
Gilles Dartiguelongue
2e0e9cdd27 Add SASL handling
Still requires some manual actions like installing SASL provider and
configuring it but this is a first step.
2015-08-30 18:51:42 +02:00
Gilles Dartiguelongue
da1995119a Rework restrictions parameter building
It still included SASL configuration that is nowhere to be found in
current main.cf template.
2015-08-30 18:51:42 +02:00
Gilles Dartiguelongue
542be4f5bb Wrap TLS and relay options in conditional blocks
Basic setting enabling such feature enable the rest of the default statements.
2015-08-30 18:51:42 +02:00
Dominik Schleich
ae7ada3bb8 changed the default aliases variable name to match the one checked in init.sls / one overseen use 2015-08-27 16:16:54 +02:00
Dominik Schleich
04f365170d changed the default aliases variable name to match the one checked in init.sls this times also in the template 2015-08-27 16:14:57 +02:00
Gilles Dartiguelongue
cbd9aeebe9 Restore policyd-spf support 2015-08-22 14:01:29 +02:00