Ensure Postfix's LDAP searchBase exists when doing a lookup.

Postfix interprets Error Code 32 (No Such Object) as lookup failures, but that's ugly... Also, make Postfix simple bind against cn=postfix,ou=services,dc=fripost,dc=org.
author: Guilhem Moulin <guilhem@fripost.org> 2014-07-09 01:08:02 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:52:48 +0200
commit: 368540caee8fff8aa90b1542897188e9f98ac585 (patch)
tree: b85f6ae068ffccb0c8647fe7f15c662e5eb40432 /roles/MX
parent: e0b6b5f49111883bbebf14e9648830027eeec6df (diff)
6 files changed, 30 insertions, 18 deletions
diff --git a/roles/MX/templates/etc/postfix/virtual/alias.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias.cf.j2
index 2e80d45..31a23ce 100644
--- a/roles/MX/templates/etc/postfix/virtual/alias.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/alias.cf.j2
@@ -1,8 +1,10 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
-search_base      = fvl=%u,fvd=%d,ou=virtual,dc=fripost,dc=org
+search_base      = fvd=%d,ou=virtual,dc=fripost,dc=org
 domain           = static:all
-scope            = base
-bind             = none
+scope            = one
+bind             = yes
+bind_dn          = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw          = FIXME
 query_filter     = (&(objectClass=FripostVirtualAlias)(fvl=%u))
 result_attribute = fripostMaildrop
diff --git a/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2
index bdfa802..b338c8c 100644
--- a/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2
@@ -1,9 +1,11 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
-search_base      = fvd=%d,ou=virtual,dc=fripost,dc=org
+search_base      = ou=virtual,dc=fripost,dc=org
 domain           = static:all
-scope            = base
-bind             = none
+scope            = one
+bind             = yes
+bind_dn          = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw          = FIXME
 query_filter     = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d))
 result_attribute = fripostMaildrop
 result_format    = %U@%s
diff --git a/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 b/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2
index 398e530..3d86ecf 100644
--- a/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2
@@ -1,8 +1,10 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
-search_base      = fvd=%d,ou=virtual,dc=fripost,dc=org
+search_base      = ou=virtual,dc=fripost,dc=org
 domain           = static:all
-scope            = base
-bind             = none
+scope            = one
+bind             = yes
+bind_dn          = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw          = FIXME
 query_filter     = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*))
 result_attribute = fripostOptionalMaildrop
diff --git a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/list.cf.j2
index 4020b42..a39343b 100644
--- a/roles/MX/templates/etc/postfix/virtual/list.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/list.cf.j2
@@ -1,9 +1,11 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
-search_base      = fvl=%u,fvd=%d,ou=virtual,dc=fripost,dc=org
+search_base      = fvd=%d,ou=virtual,dc=fripost,dc=org
 domain           = static:all
-scope            = base
-bind             = none
+scope            = one
+bind             = yes
+bind_dn          = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw          = FIXME
 query_filter     = (&(objectClass=FripostVirtualList)(fvl=%u))
 result_attribute = fvl
 # Use a dedicated "virtual" domain to decongestion potential bottlenecks
diff --git a/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2
index 118e17a..083b638 100644
--- a/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2
@@ -1,9 +1,11 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
-search_base      = fvl=%u,fvd=%d,ou=virtual,dc=fripost,dc=org
+search_base      = fvd=%d,ou=virtual,dc=fripost,dc=org
 domain           = static:all
-scope            = base
-bind             = none
+scope            = one
+bind             = yes
+bind_dn          = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw          = FIXME
 query_filter     = (&(objectClass=FripostVirtualUser)(fvl=%u))
 result_attribute = fvl
 # Use a dedicated "virtual" domain to decongestion potential bottlenecks
diff --git a/roles/MX/templates/etc/postfix/virtual/mailbox_domains.cf.j2 b/roles/MX/templates/etc/postfix/virtual/mailbox_domains.cf.j2
index 43b7f3a..fde355e 100644
--- a/roles/MX/templates/etc/postfix/virtual/mailbox_domains.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/mailbox_domains.cf.j2
@@ -1,8 +1,10 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
-search_base      = fvd=%s,ou=virtual,dc=fripost,dc=org
-scope            = base
-bind             = none
+search_base      = ou=virtual,dc=fripost,dc=org
+scope            = one
+bind             = yes
+bind_dn          = cn=postfix,ou=services,dc=fripost,dc=org
+bind_pw          = FIXME
 query_filter     = (&(objectClass=FripostVirtualDomain)(fvd=%s))
 result_attribute = fvd
 result_format    = OK
author	Guilhem Moulin <guilhem@fripost.org>	2014-07-09 01:08:02 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:52:48 +0200
commit	368540caee8fff8aa90b1542897188e9f98ac585 (patch)
tree	b85f6ae068ffccb0c8647fe7f15c662e5eb40432 /roles/MX
parent	e0b6b5f49111883bbebf14e9648830027eeec6df (diff)