X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/b820d6d92e4c558f45c2288d99428b7bbd915312..df93ad2b2188c394c421743afc7a7645a2486202:/host_vars/template.yml

diff --git a/host_vars/template.yml b/host_vars/template.yml
index abe746c..d5e5971 100644
--- a/host_vars/template.yml
+++ b/host_vars/template.yml
@@ -1,11 +1,15 @@
 postfix:
+  # postmaster email address
+  postmaster: postmaster@example.org
   # optional: Whether to put a postscreen on port 25
   postscreen: True
+  # optional: Open another SMTP daemon on port 26 that only accepts mail from local hosts
+  # (and whitelisted client certs, if applicable).  Useful when the source of the mail is in
+  # a network that blocks port 25 outgoing.
+  smtpd_26: True
   # optional: Whether to accept emails for arbitrary destination on the submission port,
   # authenticated by dovecot.  Requires a dovecot: section (see below).
   submission: True
-  # optional: Whether to install mailman and add it as a possible postfix transport.
-  mailman: True
   # optional: From which IPs to accept mail.
   mynetworks: '127.0.0.0/8 [::1]/128 203.0.113.0/24'
   # optional: List multiple outgoing transports using different IP addresses.
@@ -37,18 +41,27 @@ postfix:
       transport: mailman
     - domain: example.org
       transport: lmtp:unix:private/dovecot-lmtp
+  # optional: install and configure mailman
+  mailman:
+    default_host: lists.example.org
+    default_lang: en # if you change this, also run "dpkg-reconfigure mailman" to enable more languages
+    domains:
+    - lists.example.org
+    default_footer: "-- \n%(list_name)s@%(host_name)s - %(description)s\nConfiguration: %(web_page_url)slistinfo%(cgiext)s/%(list_name)s\nUnsubscribe: %(list_name)s-unsubscribe@%(host_name)s\n"
   # optional: Install and configure dovecot
   dovecot:
     mysql_password: $RANDOM
     vmail_uid: 200
     mail_gid: 8
-    postmaster: postmaster@example.org
     quota:
       general: 1G
       trash: +10M
-  # optional: File in /etc/postfix that configures client certificates that may use
-  # this server for relaying arbitrary mail.
-  relay_client_cert_whitelist: relay_clientcerts
+    # optional: Where to generate a CGI script that users can use to change their password
+    changepw_cgi: /srv/mail.example.org/cgi/changepw
+  # optional: Hostnames and SHA1 certificate hashes that are allowed to relay email via this host.
+  relay_client_cert_whitelist:
+    - hostname: other.example.org
+      cert: 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33
   # optional: Configure a host to relay all outgoing email to.
   # Incompatible with smtp_outgoing.
   relay_host: mx.example.org