# frozen_string_literal: true control 'Postfix config' do title 'config is generated correctly' describe postfix_conf do its('biff') { should cmp 'no' } its('compatibility_level') { should cmp '2' } its('append_dot_mydomain') { should cmp 'no' } its('readme_directory') { should cmp 'no' } its('smtpd_sasl_auth_enable') { should cmp 'yes' } its('smtpd_sasl_path') { should cmp '/var/run/dovecot/auth-client' } its('smtpd_sasl_type') { should cmp 'dovecot' } its('smtpd_sasl_security_options') { should cmp 'noanonymous' } its('smtpd_sasl_tls_security_options') { should cmp '$smtpd_sasl_security_options' } its('smtpd_tls_auth_only') { should cmp 'yes' } its('smtpd_use_tls') { should cmp 'yes' } its('smtpd_tls_loglevel') { should cmp '1' } its('smtpd_tls_security_level') { should cmp 'may' } its('smtp_tls_CApath') { should cmp '/etc/ssl/certs' } its('smtpd_tls_cert_file') { should cmp '/etc/postfix/ssl/server-cert.crt' } its('smtpd_tls_key_file') { should cmp '/etc/postfix/ssl/server-cert.key' } its('smtpd_tls_session_cache_database') do should cmp 'btree:${data_directory}/smtpd_scache' end its('smtpd_tls_mandatory_ciphers') { should cmp 'high' } its('tls_preempt_cipherlist') { should cmp 'yes' } its('smtp_tls_loglevel') { should cmp '1' } its('smtp_tls_security_level') { should cmp 'may' } its('smtp_tls_session_cache_database') do should cmp 'btree:${data_directory}/smtp_scache' end its('myhostname') { should cmp 'localhost' } its('alias_maps') { should cmp 'hash:/etc/aliases' } its('alias_database') { should cmp 'hash:/etc/aliases' } its('mydestination') { should cmp 'localhost, localhost.localdomain' } its('relayhost') { should cmp '' } its('mynetworks') { should cmp '127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128' } its('mailbox_size_limit') { should cmp '0' } its('recipient_delimiter') { should cmp '+' } its('inet_interfaces') { should cmp '127.0.0.1' } its('inet_protocols') { should cmp 'all' } its('message_size_limit') { should cmp '41943040' } its('smtpd_recipient_restrictions') do should cmp 'permit_mynetworks,'\ ' permit_sasl_authenticated,'\ ' reject_unauth_destination' end its('transport_maps') { should cmp 'hash:/etc/postfix/transport' } its('smtp_tls_policy_maps') { should cmp 'hash:/etc/postfix/tls_policy' } its('smtp_sasl_password_maps') { should cmp 'hash:/etc/postfix/sasl_passwd' } its('sender_canonical_maps') { should cmp 'hash:/etc/postfix/sender_canonical' } its('relay_recipient_maps') { should cmp 'hash:/etc/postfix/relay_domains' } its('virtual_alias_maps') { should cmp 'hash:/etc/postfix/virtual' } its('local_transport') { should cmp 'virtual' } its('local_recipient_maps') { should cmp '$virtual_mailbox_maps' } its('smtpd_relay_restrictions') do should cmp 'permit_mynetworks, '\ 'permit_sasl_authenticated, '\ 'reject_unauth_destination' end its('smtpd_sasl_local_domain') { should cmp '$mydomain' } its('smtpd_tls_session_cache_timeout') { should cmp '3600s' } its('relay_domains') { should cmp '$mydestination' } its('smtp_use_tls') { should cmp 'yes' } its('smtp_tls_cert_file') do should cmp '/etc/postfix/ssl/example.com-relay-client-cert.crt' end its('smtp_tls_key_file') do should cmp '/etc/postfix/ssl/example.com-relay-client-cert.key' end end end