fripost-ansible/roles/common-LDAP/files, branch master Fripost ansible scripts slapcat-all.sh: Use ldapsearch(1) to generate the LDIF. 2020-05-26T19:26:45+00:00 Guilhem Moulin guilhem@fripost.org 2020-05-26T19:09:33+00:00 e54d34a84d2ee4526c301fee4e905891cb2d819a Unlike slapcat(1) it doesn't require write access to ~openldap, so we don't have to weaken bacula-fd.service. 
Unlike slapcat(1) it doesn't require write access to ~openldap, so we
don't have to weaken bacula-fd.service.
slapd monitoring. 2015-06-10T16:52:21+00:00 Guilhem Moulin guilhem@fripost.org 2015-06-10T16:16:13+00:00 f24f936c69ee97cca6095923549430cb6d510320 We don't use the provided 'slapd_' Munin plugin because it doesn't support SASL binds. 
We don't use the provided 'slapd_' Munin plugin because it doesn't
support SASL binds.
Change slapd dump filenames. 2015-06-07T00:54:30+00:00 Guilhem Moulin guilhem@fripost.org 2015-06-05T16:30:39+00:00 47bc2f8d305f6d14b7f61334bf328447b4f7319d E.g., ‘0.ldif’ → ‘slapd-0.ldif’. 
E.g., ‘0.ldif’ → ‘slapd-0.ldif’.
Configure Bacula File Daemon / Storage Daemon / Director. 2015-06-07T00:54:20+00:00 Guilhem Moulin guilhem@fripost.org 2015-06-03T19:13:10+00:00 00d6d904dc26592553ba93710c205603757e3faf Using client-side data signing/encryption and wrapping inter-host communication into stunnel. 
Using client-side data signing/encryption and wrapping inter-host
communication into stunnel.
Upgrade the LDAP config to Jessie. 2015-06-07T00:53:26+00:00 Guilhem Moulin guilhem@fripost.org 2015-05-14T19:53:14+00:00 334b7604727810c02ecb8942f3753dee15466691 






Add a keyring and alternative contact to the LDAP DIT.
2015-06-07T00:53:17+00:00

Guilhem Moulin
guilhem@fripost.org

2014-09-12T18:58:47+00:00

6ea8ec0514fdf4d237651914b5189d5cfedafc42












Add an LDAP attribute to check if the user wants to use the content filter.
2015-06-07T00:52:45+00:00

Guilhem Moulin
guilhem@fripost.org

2014-07-07T23:34:37+00:00

4a322932eb63901fa53a46c10f268eb870de70a3

This decision is left to the MX (as for 'fripostIsStatusActive'), which
will set the envelope recipient accordingly.





This decision is left to the MX (as for 'fripostIsStatusActive'), which
will set the envelope recipient accordingly.







Remove o=mailHosting from the LDAP directory suffix.
2015-06-07T00:52:39+00:00

Guilhem Moulin
guilhem@fripost.org

2014-07-07T16:37:30+00:00

2dfe29dfcd35fae7160178e329fb0647cc896e3b

So our suffix is now a mere 'dc=fripost,dc=org'.  We're also using the
default '/var/lib/ldap' as olcDbDirectory (hence we don't clear it
before hand).





So our suffix is now a mere 'dc=fripost,dc=org'.  We're also using the
default '/var/lib/ldap' as olcDbDirectory (hence we don't clear it
before hand).







Fix the catch-all resolution again.
2015-06-07T00:51:38+00:00

Guilhem Moulin
guilhem@fripost.org

2014-01-15T06:32:20+00:00

9304813d505baaa50294ed0d37a11d9e3f0f6c79

We introduce a limitation on the domain-aliases: they can't have
children (e.g., lists or users) any longer.

The whole alias resolution, including catch-alls and domain aliases, is
now done in 'virtual_alias_maps'. We stop the resolution by returning a
dummy alias A -> A for mailboxes, before trying the catch-all maps.

We're still using transport_maps for lists. If it turns out to be a
bottleneck due to the high-latency coming from LDAP maps, (and the fact
that there is a single qmgr(8) daemon), we could rewrite lists to a
dummy subdomain and use a static transport_maps instead:

  virtual_alias_maps:
    mylist@example.org -> mylist#example.org@mlmmj.localhost.localdomain

  transport_maps:
    mlmmj.localhost.localdomain mlmmj:





We introduce a limitation on the domain-aliases: they can't have
children (e.g., lists or users) any longer.

The whole alias resolution, including catch-alls and domain aliases, is
now done in 'virtual_alias_maps'. We stop the resolution by returning a
dummy alias A -> A for mailboxes, before trying the catch-all maps.

We're still using transport_maps for lists. If it turns out to be a
bottleneck due to the high-latency coming from LDAP maps, (and the fact
that there is a single qmgr(8) daemon), we could rewrite lists to a
dummy subdomain and use a static transport_maps instead:

  virtual_alias_maps:
    mylist@example.org -> mylist#example.org@mlmmj.localhost.localdomain

  transport_maps:
    mlmmj.localhost.localdomain mlmmj:







Remove list commands.
2015-06-07T00:51:37+00:00

Guilhem Moulin
guilhem@fripost.org

2014-01-14T06:12:07+00:00

97352d1452917fdcd81da0e209aed6e735c00961

They were only a dirty hack for list commands à la Mailman such as
mylist-request. If we are to use another list manager such as mlmmj,
which uses a VERP delimiter instead, the problem disappears.





They were only a dirty hack for list commands à la Mailman such as
mylist-request. If we are to use another list manager such as mlmmj,
which uses a VERP delimiter instead, the problem disappears.