diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2016-07-10 04:58:41 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2016-07-10 04:58:41 +0200 |
| commit | c52344acb365be570a638f9f256cc33730ffa616 (patch) | |
| tree | 19205d1fc5fc4e0f678edabd6785b691e09150a4 | |
| parent | 1b744e0e6320dabaa62bc369addf7f0b89cdc107 (diff) | |
Postfix: avoid hardcoding the instance names.
| -rw-r--r-- | roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 | 4 | ||||
| -rw-r--r-- | roles/common/templates/etc/rsyslog.d/postfix.conf.j2 | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 index aea7f87..b7aead3 100644 --- a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 +++ b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 @@ -39,41 +39,41 @@ service imap-login { # Number of processes to always keep waiting for more connections. process_min_avail = 4 # If you set service_count=0, you probably need to grow this. #vsz_limit = $default_vsz_limit } service pop3-login { inet_listener pop3 { #port = 110 } inet_listener pop3s { #port = 995 #ssl = yes } } service lmtp { user = vmail - unix_listener /var/spool/postfix-mda/private/dovecot-lmtpd { + unix_listener /var/spool/postfix-{{ postfix_instance.IMAP.name }}/private/dovecot-lmtpd { group = postfix user = postfix mode = 0600 } # Create inet listener only if you can't use the above UNIX socket #inet_listener lmtp { # Avoid making LMTP visible for the entire internet #address = #port = #} # Number of processes to always keep waiting for more connections. process_min_avail = 4 } service imap { # Most of the memory goes to mmap()ing files. You may need to increase this # limit if you have huge mailboxes. #vsz_limit = $default_vsz_limit @@ -91,41 +91,41 @@ service auth { # auth_socket_path points to this userdb socket by default. It's typically # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have # full permissions to this socket are able to get a list of all usernames and # get the results of everyone's userdb lookups. # # The default 0666 mode allows anyone to connect to the socket, but the # userdb lookups will succeed only if the userdb returns an "uid" field that # matches the caller process's UID. Also if caller's uid or gid matches the # socket's uid or gid the lookup succeeds. Anything else causes a failure. # # To give the caller full permissions to lookup all users, set the mode to # something else than 0666 and Dovecot lets the kernel enforce the # permissions (e.g. 0777 allows everyone full permissions). unix_listener auth-userdb { mode = 0600 user = vmail group = root } # Postfix smtp-auth - unix_listener /var/spool/postfix-msa/private/dovecot-auth { + unix_listener /var/spool/postfix-{{ postfix_instance.MSA.name }}/private/dovecot-auth { group = postfix user = postfix mode = 0600 } # Auth process is run as this user. #user = $default_internal_user } service auth-worker { # Auth worker process is run as root by default, so that it can access # /etc/shadow. If this isn't necessary, the user should be changed to # $default_internal_user. user = $default_internal_user } service dict { # If dict proxy is used, mail processes should have access to its socket. # For example: mode=0660, group=vmail and global mail_access_groups=vmail unix_listener dict { diff --git a/roles/common/templates/etc/rsyslog.d/postfix.conf.j2 b/roles/common/templates/etc/rsyslog.d/postfix.conf.j2 index 5acb56d..52f9ea3 100644 --- a/roles/common/templates/etc/rsyslog.d/postfix.conf.j2 +++ b/roles/common/templates/etc/rsyslog.d/postfix.conf.j2 @@ -1,17 +1,17 @@ # Create an additional socket in postfix's chroot in order not to break # mail logging when rsyslog is restarted. If the directory is missing, # rsyslog will silently skip creating the socket. $AddUnixListenSocket /var/spool/postfix/dev/log {% for g in postfix_instance.keys() | sort %} {% if g in group_names %} $AddUnixListenSocket /var/spool/postfix-{{ postfix_instance[g].name }}/dev/log {% endif %} {% endfor %} {% if 'MSA' in group_names %} # User of our Authenticated SMTP server can choose the envelope from and From: # header of their choice. As the SASL username is not logged in the mail # header, we keep a mapping Postfix's message ID -> SASL username in a separate # log file that is only rotated monthly. -if $programname == 'postfix-msa' and $syslogfacility-text == 'mail' and $msg contains 'sasl_username=' then /var/log/mail.sasl +if $programname == 'postfix-{{ postfix_instance.MSA.name }}' and $syslogfacility-text == 'mail' and $msg contains 'sasl_username=' then /var/log/mail.sasl {% endif %} |