From: Ralf Jung Date: Mon, 21 May 2018 08:38:23 +0000 (+0200) Subject: generate virtual transport_map from mailman and dovecot domain lists X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/a232041d9ff4b71aaee76fd739d92c0a64aadd24?ds=inline generate virtual transport_map from mailman and dovecot domain lists --- diff --git a/host_vars/template.yml b/host_vars/template.yml index d5e5971..199180e 100644 --- a/host_vars/template.yml +++ b/host_vars/template.yml @@ -12,6 +12,16 @@ postfix: submission: True # optional: From which IPs to accept mail. mynetworks: '127.0.0.0/8 [::1]/128 203.0.113.0/24' + # optional: Hostnames and SHA1 certificate hashes that are allowed to relay email via this host. + relay_client_cert_whitelist: + - hostname: other.example.org + cert: 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33 + # optional: Configure a host to relay all outgoing email to. + # Incompatible with smtp_outgoing. + relay_host: mx.example.org + # optional: Files in /etc/postfix ($FILE.crt, $FILE.key) to use as client certificates when + # relaying to the relay_host. + relay_client_cert: client_cert # optional: List multiple outgoing transports using different IP addresses. # Requires default_smtp_outgoing to be set to one of them. The file # /etc/postfix/sender_transport_map on the server can be used to configure @@ -34,22 +44,17 @@ postfix: signing_table: example.org: example.org lists.example.org: example.org - # optional: List of domains and transports to use. The file /etc/postfix/virtual_alias_map - # can be used to configure aliases for these domains. - virtual_mailbox_domains: - - domain: lists.example.org - transport: mailman - - domain: example.org - transport: lmtp:unix:private/dovecot-lmtp # optional: install and configure mailman mailman: default_host: lists.example.org default_lang: en # if you change this, also run "dpkg-reconfigure mailman" to enable more languages - domains: + domains: # the file /etc/postfix/virtual_alias_map can be used to configure aliases - lists.example.org default_footer: "-- \n%(list_name)s@%(host_name)s - %(description)s\nConfiguration: %(web_page_url)slistinfo%(cgiext)s/%(list_name)s\nUnsubscribe: %(list_name)s-unsubscribe@%(host_name)s\n" # optional: Install and configure dovecot dovecot: + domains: # the file /etc/postfix/virtual_alias_map can be used to configure aliases + - example.org mysql_password: $RANDOM vmail_uid: 200 mail_gid: 8 @@ -58,16 +63,6 @@ postfix: trash: +10M # optional: Where to generate a CGI script that users can use to change their password changepw_cgi: /srv/mail.example.org/cgi/changepw - # optional: Hostnames and SHA1 certificate hashes that are allowed to relay email via this host. - relay_client_cert_whitelist: - - hostname: other.example.org - cert: 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33 - # optional: Configure a host to relay all outgoing email to. - # Incompatible with smtp_outgoing. - relay_host: mx.example.org - # optional: Files in /etc/postfix ($FILE.crt, $FILE.key) to use as client certificates when - # relaying to the relay_host. - relay_client_cert: client_cert apache: default_host: www.example.org diff --git a/roles/email/tasks/postfix.yml b/roles/email/tasks/postfix.yml index 67e459d..adb054c 100644 --- a/roles/email/tasks/postfix.yml +++ b/roles/email/tasks/postfix.yml @@ -36,7 +36,6 @@ notify: postfix # maps - name: create empty virtual_alias_map - when: postfix.virtual_mailbox_domains is defined register: virtual_alias_map copy: dest: /etc/postfix/virtual_alias_map @@ -68,7 +67,6 @@ command: postmap /etc/postfix/relay_clientcerts notify: postfix - name: create transport_map - when: postfix.virtual_mailbox_domains is defined register: transport_map template: dest: /etc/postfix/transport_map diff --git a/roles/email/templates/main.cf b/roles/email/templates/main.cf index dc72a19..b674e42 100644 --- a/roles/email/templates/main.cf +++ b/roles/email/templates/main.cf @@ -79,9 +79,10 @@ smtpd_tls_fingerprint_digest = sha1 relay_clientcerts = hash:$config_directory/relay_clientcerts {% endif %} -{% if postfix.virtual_mailbox_domains is defined %} # setup virtual delivery domains, aliases and destinations -virtual_mailbox_domains ={% for item in postfix.virtual_mailbox_domains %} {{item.domain}}{% endfor %} +virtual_mailbox_domains = +{% if postfix.mailman is defined %} {% for item in postfix.mailman.domains %} {{item}}{% endfor %}{% endif %} +{% if postfix.dovecot is defined %} {% for item in postfix.dovecot.domains %} {{item}}{% endfor %}{% endif %} virtual_alias_maps = hash:$config_directory/virtual_alias_map {% if postfix.dovecot is defined %} @@ -108,6 +109,7 @@ proxy_read_maps = $virtual_alias_maps $virtual_mailbox_maps $smtpd_sender_login_ # setup mail routes for virtual mail: all mail ends up being forwarded somewhere virtual_transport = error transport_maps = hash:$config_directory/transport_map +{% if postfix.mailman | default(False) %} mailman_destination_recipient_limit = 1 {% endif %} diff --git a/roles/email/templates/transport_map b/roles/email/templates/transport_map index 1d025de..d06ef9b 100644 --- a/roles/email/templates/transport_map +++ b/roles/email/templates/transport_map @@ -1,3 +1,11 @@ -{% for item in postfix.virtual_mailbox_domains %} -{{item.domain}} {{item.transport}} +{% if postfix.mailman is defined %} +{% for item in postfix.mailman.domains %} +{{item}} mailman {% endfor %} +{% endif %} + +{% if postfix.dovecot is defined %} +{% for item in postfix.dovecot.domains %} +{{item}} lmtp:unix:private/dovecot-lmtp +{% endfor %} +{% endif %}