From: Nicolas Iooss Date: Mon, 12 Sep 2016 20:56:57 +0000 (+0200) Subject: Add Postfix client_access and helo_access X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;h=feb90dd0c82bfd5af0e01071ea6d7fbd32c6befc;p=vagrant-mail.git Add Postfix client_access and helo_access While at it, introduce for loops --- diff --git a/test-vagrant-salt/salt/testvm/postfix/client_access b/test-vagrant-salt/salt/testvm/postfix/client_access new file mode 100644 index 0000000..a3471c5 --- /dev/null +++ b/test-vagrant-salt/salt/testvm/postfix/client_access @@ -0,0 +1,5 @@ +# Accept messages from other MX to the non-filtered smtpd +{% for mx_name, mx_addr in pillar['postfix']['all_mx'].iteritems() %} +# {{ mx_name }} +{{ mx_addr }} FILTER smtp:[127.0.0.1]:10026 +{% endfor %} diff --git a/test-vagrant-salt/salt/testvm/postfix/helo_access b/test-vagrant-salt/salt/testvm/postfix/helo_access new file mode 100644 index 0000000..6a88d7e --- /dev/null +++ b/test-vagrant-salt/salt/testvm/postfix/helo_access @@ -0,0 +1,5 @@ +# Reject messages from other MX (they go to the non-filtered smtpd) +{% for mx_name, mx_addr in pillar['postfix']['all_mx'].iteritems() %} +# {{ mx_name }} +{{ mx_addr }} REJECT +{% endfor %} diff --git a/test-vagrant-salt/salt/testvm/postfix/init.sls b/test-vagrant-salt/salt/testvm/postfix/init.sls index f2211ce..ed00c75 100644 --- a/test-vagrant-salt/salt/testvm/postfix/init.sls +++ b/test-vagrant-salt/salt/testvm/postfix/init.sls @@ -31,10 +31,6 @@ postfix-daemon: file.managed: - source: salt://testvm/postfix/aliases - template: jinja - - file_mode: 640 - - dir_mode: 755 - - user: root - - group: root - watch_in: - service: postfix-daemon cmd.run: @@ -43,6 +39,21 @@ postfix-daemon: - pkg: postfix-pkg - file: /etc/postfix/aliases +# Compile files with postmap +{% for file in 'client_access', 'helo_access' %} +/etc/postfix/{{ file }}: + file.managed: + - source: salt://testvm/postfix/{{ file }} + - template: jinja + - watch_in: + - service: postfix-daemon + cmd.run: + - name: postmap /etc/postfix/{{ file }} + - require: + - pkg: postfix-pkg + - file: /etc/postfix/{{ file }} +{% endfor %} + /etc/postfix/main.cf: file.managed: - source: salt://testvm/postfix/main.cf @@ -57,28 +68,12 @@ postfix-daemon: - watch_in: - service: postfix-daemon -/var/spool/postfix-nosrs: - file.directory: - - user: postfix - - group: root - - mode: 700 - - makedirs: True - -/var/spool/postfix-nosrs/active: - file.directory: - - user: postfix - - group: root - - mode: 700 - -/var/spool/postfix-nosrs/deferred: - file.directory: - - user: postfix - - group: root - - mode: 700 - -/var/spool/postfix-nosrs/incoming: +# Populate /var/spool +{% for name in 'active', 'deferred', 'incoming' %} +/var/spool/postfix-nosrs/{{ name }}: file.directory: - user: postfix - group: root - mode: 700 - makedirs: True +{% endfor %} diff --git a/test-vagrant-salt/saltpillar/postfix.sls b/test-vagrant-salt/saltpillar/postfix.sls index 16f19cd..c428975 100644 --- a/test-vagrant-salt/saltpillar/postfix.sls +++ b/test-vagrant-salt/saltpillar/postfix.sls @@ -11,6 +11,13 @@ postfix: bogo.polytechnique.org localhost.polytechnique.org mx_name: mx1.polytechnique.org + + # All MX servers which can communicate between themselves without filtering + all_mx: + mx1: 192.168.33.10 + mx2: 192.168.33.20 + mx3: 192.168.33.30 + # Disable for now has_imap: False has_mailman: False