summaryrefslogtreecommitdiffstats
path: root/roles/MX/files
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2015-05-30 13:23:19 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:53:53 +0200
commitfa82a617a0c50b7478cd2b7189aa5f7d14449954 (patch)
tree62488ddf805f34b3f06807a83d6f94a360ece723 /roles/MX/files
parent64e8603cf9790aa4419d0f2746671bd242e6344d (diff)
Upgrade the MX configuration from Wheezy to Jessie.
In particular, since Postfix is now able to perform LDAP lookups using SASL, previous hacks with simble binds on cn=postfix,ou=services,… can now be removed.
Diffstat (limited to 'roles/MX/files')
-rw-r--r--roles/MX/files/etc/postfix/virtual/alias.cf5
-rw-r--r--roles/MX/files/etc/postfix/virtual/alias_domains.cf5
-rw-r--r--roles/MX/files/etc/postfix/virtual/catchall.cf5
-rw-r--r--roles/MX/files/etc/postfix/virtual/domains.cf5
-rw-r--r--roles/MX/files/etc/postfix/virtual/list.cf5
-rw-r--r--roles/MX/files/etc/postfix/virtual/mailbox.cf5
-rwxr-xr-xroles/MX/files/usr/local/bin/reserved-alias.pl (renamed from roles/MX/files/usr/local/sbin/reserved-alias.pl)0
7 files changed, 12 insertions, 18 deletions
diff --git a/roles/MX/files/etc/postfix/virtual/alias.cf b/roles/MX/files/etc/postfix/virtual/alias.cf
index 1710376..1c104a9 100644
--- a/roles/MX/files/etc/postfix/virtual/alias.cf
+++ b/roles/MX/files/etc/postfix/virtual/alias.cf
@@ -3,8 +3,7 @@ version = 3
search_base = fvd=%d,ou=virtual,dc=fripost,dc=org
domain = static:all
scope = one
-bind = yes
-bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
-bind_pw = FIXME
+bind = sasl
+sasl_mechs = EXTERNAL
query_filter = (&(objectClass=FripostVirtualAlias)(fvl=%u)(fripostIsStatusActive=TRUE))
result_attribute = fripostMaildrop
diff --git a/roles/MX/files/etc/postfix/virtual/alias_domains.cf b/roles/MX/files/etc/postfix/virtual/alias_domains.cf
index 119b8b2..907166f 100644
--- a/roles/MX/files/etc/postfix/virtual/alias_domains.cf
+++ b/roles/MX/files/etc/postfix/virtual/alias_domains.cf
@@ -3,9 +3,8 @@ version = 3
search_base = ou=virtual,dc=fripost,dc=org
domain = static:all
scope = one
-bind = yes
-bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
-bind_pw = FIXME
+bind = sasl
+sasl_mechs = EXTERNAL
# The domain has already been validated (it's active and not pending)
query_filter = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d))
result_attribute = fripostMaildrop
diff --git a/roles/MX/files/etc/postfix/virtual/catchall.cf b/roles/MX/files/etc/postfix/virtual/catchall.cf
index 66053c8..e0e6350 100644
--- a/roles/MX/files/etc/postfix/virtual/catchall.cf
+++ b/roles/MX/files/etc/postfix/virtual/catchall.cf
@@ -3,9 +3,8 @@ version = 3
search_base = ou=virtual,dc=fripost,dc=org
domain = static:all
scope = one
-bind = yes
-bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
-bind_pw = FIXME
+bind = sasl
+sasl_mechs = EXTERNAL
# The domain has already been validated (it's active and not pending)
query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*))
result_attribute = fripostOptionalMaildrop
diff --git a/roles/MX/files/etc/postfix/virtual/domains.cf b/roles/MX/files/etc/postfix/virtual/domains.cf
index 4ec247d..f5a7f25 100644
--- a/roles/MX/files/etc/postfix/virtual/domains.cf
+++ b/roles/MX/files/etc/postfix/virtual/domains.cf
@@ -4,9 +4,8 @@ server_host = ldapi://%2Fprivate%2Fldapi/
version = 3
search_base = ou=virtual,dc=fripost,dc=org
scope = one
-bind = yes
-bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
-bind_pw = FIXME
+bind = sasl
+sasl_mechs = EXTERNAL
query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostPendingEntry))(fvd=%s)(fripostIsStatusActive=TRUE))
result_attribute = fvd
result_format = OK
diff --git a/roles/MX/files/etc/postfix/virtual/list.cf b/roles/MX/files/etc/postfix/virtual/list.cf
index 3b364c0..99e2147 100644
--- a/roles/MX/files/etc/postfix/virtual/list.cf
+++ b/roles/MX/files/etc/postfix/virtual/list.cf
@@ -3,9 +3,8 @@ version = 3
search_base = fvd=%d,ou=virtual,dc=fripost,dc=org
domain = static:all
scope = one
-bind = yes
-bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
-bind_pw = FIXME
+bind = sasl
+sasl_mechs = EXTERNAL
query_filter = (&(objectClass=FripostVirtualList)(!(objectClass=FripostPendingEntry))(fvl=%u)(fripostIsStatusActive=TRUE))
result_attribute = fripostListManager
# Use a dedicated "virtual" domain to decongestion potential bottlenecks
diff --git a/roles/MX/files/etc/postfix/virtual/mailbox.cf b/roles/MX/files/etc/postfix/virtual/mailbox.cf
index 4654607..7289670 100644
--- a/roles/MX/files/etc/postfix/virtual/mailbox.cf
+++ b/roles/MX/files/etc/postfix/virtual/mailbox.cf
@@ -3,9 +3,8 @@ version = 3
search_base = fvd=%d,ou=virtual,dc=fripost,dc=org
domain = static:all
scope = one
-bind = yes
-bind_dn = cn=postfix,ou=services,dc=fripost,dc=org
-bind_pw = FIXME
+bind = sasl
+sasl_mechs = EXTERNAL
query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)(fripostIsStatusActive=TRUE))
result_attribute = fvl
# Use a dedicated "virtual" domain to decongestion potential bottlenecks
diff --git a/roles/MX/files/usr/local/sbin/reserved-alias.pl b/roles/MX/files/usr/local/bin/reserved-alias.pl
index e19492e..e19492e 100755
--- a/roles/MX/files/usr/local/sbin/reserved-alias.pl
+++ b/roles/MX/files/usr/local/bin/reserved-alias.pl