postfix-formula/postfix/config.sls
Gilles Dartiguelongue 159c9e81ac Switch to SSL management method used in nginx.ng formula
Also change path to certificates since previous ones are distribution
specific. They look like Debian path, Gentoo uses different ones.

New path uses same logic as nginx's formula, use known to exist folder
which server most likely has permission to read too since it is its
configuration folder.
2015-09-03 11:01:51 +02:00

57 lines
1.2 KiB
Plaintext

include:
- postfix
/etc/postfix:
file.directory:
- user: root
- group: root
- dir_mode: 755
- file_mode: 644
- makedirs: True
/etc/postfix/main.cf:
file.managed:
- source: salt://postfix/files/main.cf
- user: root
- group: root
- mode: 644
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja
{% if salt['pillar.get']('postfix:manage_master_config', True) %}
/etc/postfix/master.cf:
file.managed:
- source: salt://postfix/files/master.cf
- user: root
- group: root
- mode: 644
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja
{% endif %}
{%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %}
postfix_{{ domain }}_ssl_certificate:
file.managed:
- name: /etc/postfix/ssl/{{ domain }}.crt
- makedirs: True
- contents_pillar: postfix:certificates:{{ domain }}:public_cert
- watch_in:
- service: postfix
postfix_{{ domain }}_ssl_key:
file.managed:
- name: /etc/postfix/ssl/{{ domain }}.key
- mode: 600
- makedirs: True
- contents_pillar: postfix:certificates:{{ domain }}:private_key
- watch_in:
- service: postfix
{% endfor %}