10 files changed, 20 insertions, 0 deletions

diff --git a/roles/IMAP/templates/etc/postfix/main.cf.j2 b/roles/IMAP/templates/etc/postfix/main.cf.j2
index 40c8d32..1f1f990 100644
--- a/roles/IMAP/templates/etc/postfix/main.cf.j2
+++ b/roles/IMAP/templates/etc/postfix/main.cf.j2
@@ -86,20 +86,22 @@ smtpd_client_restrictions =
     defer
 
 smtpd_helo_required     = yes
 smtpd_helo_restrictions =
     reject_invalid_helo_hostname
 
 smtpd_sender_restrictions =
     reject_non_fqdn_sender
     reject_unknown_sender_domain
 
 smtpd_recipient_restrictions =
     # RFC requirements
     reject_non_fqdn_recipient
     reject_unknown_recipient_domain
     permit_mynetworks
     permit_tls_clientcerts
     reject
 
 smtpd_data_restrictions =
     reject_unauth_pipelining
+
+# vim: set filetype=pfmain :
diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2
index 036a887..36ec8d2 100644
--- a/roles/MSA/templates/etc/postfix/main.cf.j2
+++ b/roles/MSA/templates/etc/postfix/main.cf.j2
@@ -105,20 +105,22 @@ smtpd_client_restrictions =
     reject
 
 smtpd_helo_required     = yes
 smtpd_helo_restrictions =
     reject_invalid_helo_hostname
 
 smtpd_sender_restrictions =
     reject_non_fqdn_sender
     reject_unknown_sender_domain
 
 smtpd_recipient_restrictions =
     # RFC requirements
     reject_non_fqdn_recipient
     reject_unknown_recipient_domain
     permit_mynetworks
     permit_sasl_authenticated
     reject_unauth_destination
 
 smtpd_data_restrictions =
     reject_unauth_pipelining
+
+# vim: set filetype=pfmain :
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2
index 4d8e53e..8785c5a 100644
--- a/roles/MX/templates/etc/postfix/main.cf.j2
+++ b/roles/MX/templates/etc/postfix/main.cf.j2
@@ -133,20 +133,22 @@ smtpd_client_restrictions =
 smtpd_helo_required     = yes
 smtpd_helo_restrictions =
     permit_mynetworks
     reject_non_fqdn_helo_hostname
     reject_invalid_helo_hostname
 
 smtpd_sender_restrictions =
     reject_non_fqdn_sender
     reject_unknown_sender_domain
 
 smtpd_recipient_restrictions =
     # RFC requirements
     reject_non_fqdn_recipient
     reject_unknown_recipient_domain
     permit_mynetworks
     reject_unauth_destination
     check_policy_service unix:private/postgrey
 
 smtpd_data_restrictions =
     reject_unauth_pipelining
+
+# vim: set filetype=pfmain :
diff --git a/roles/amavis/templates/etc/amavis/conf.d/50-user.j2 b/roles/amavis/templates/etc/amavis/conf.d/50-user.j2
index 84814ca..f5a8c61 100644
--- a/roles/amavis/templates/etc/amavis/conf.d/50-user.j2
+++ b/roles/amavis/templates/etc/amavis/conf.d/50-user.j2
@@ -1,21 +1,23 @@
 use strict;
+# {{ ansible_managed }}
+# Do NOT edit this file directly!
 
 #
 # Place your configuration directives here.  They will override those in
 # earlier files.
 #
 # See /usr/share/doc/amavisd-new/ for documentation and examples of
 # the directives you can use in this file
 #
 
 # $max_servers: num of pre-forked children (2..30 is common). It *must*
 # match the number set in /etc/postfix/master.cf "maxproc" column for
 # the amavisfeed service.
 $max_servers = 5;
 $recipient_delimiter = '+';
 
 $mydomain = 'fripost.org';
 $X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
 undef $undecipherable_subject_tag;
 
 @mynetworks_maps = ();
@@ -163,20 +165,21 @@ $policy_bank{'INCOMING'} = {
   message_size_limit_maps  => [],
 
   # Per-recipient Bayes Database
   sa_username_maps => [ new_RE ( [ qr'^(.+@.+)$'i => '$1' ] )
                       , 'amavis' # catch-all
                       ],
 
   # Never quarantine
   # (Remember to disallow setting amavisSpamQuarantineCutoffLevel and
   # amavisVirusQuarantine*To in the LDAP schema.)
   quarantine_method_by_ccat => { CC_CATCHALL, undef },
   admin_maps_by_ccat        => { CC_CATCHALL, undef },
 
   # Always deliver messages
   final_destiny_by_ccat => { CC_CATCHALL, D_PASS },
   lovers_maps_by_ccat   => { CC_CATCHALL, 1      },
 };
 
 #------------ Do not modify anything below this line -------------
 1;  # ensure a defined return
+# vim: set filetype=perl :
diff --git a/roles/common/templates/etc/apt/sources.list.j2 b/roles/common/templates/etc/apt/sources.list.j2
index 2a948d2..b6d0a64 100644
--- a/roles/common/templates/etc/apt/sources.list.j2
+++ b/roles/common/templates/etc/apt/sources.list.j2
@@ -1,12 +1,13 @@
 # {{ ansible_managed }}
 # Do NOT edit this file directly!
+# vim: set filetype=debsources :
 
 deb http://ftp.se.debian.org/debian/ {{ ansible_lsb.codename }}         main{% if 'non-free' in group_names or ansible_processor[0] | search("^Intel.*") %} contrib non-free{% endif %}
 
 deb http://security.debian.org/      {{ ansible_lsb.codename }}/updates main{% if 'non-free' in group_names or ansible_processor[0] | search("^Intel.*") %} contrib non-free{% endif %}
 
 deb http://ftp.se.debian.org/debian/ {{ ansible_lsb.codename }}-updates main
 
 {% if 'backports' in group_names -%}
 deb http://ftp.debian.org/debian/    {{ ansible_lsb.codename }}-backports main
 {% endif %}
diff --git a/roles/common/templates/etc/fail2ban/jail.local.j2 b/roles/common/templates/etc/fail2ban/jail.local.j2
index b76ffbc..c4ae284 100644
--- a/roles/common/templates/etc/fail2ban/jail.local.j2
+++ b/roles/common/templates/etc/fail2ban/jail.local.j2
@@ -77,20 +77,22 @@ logpath = /var/log/mail.log
 
 
 {% if 'MSA' in group_names %}
 [sasl]
 
 enabled  = true
 port     = submission
 filter   = sasl
 logpath  = /var/log/mail.warn
 {% endif %}
 
 
 {% if 'webmail' in group_names %}
 [roundcube]
 
 enabled  = true
 port     = http,https
 filter   = roundcube
 logpath  = /var/log/roundcube/errors
 {% endif %}
+
+# vim: set filetype=dosini :
diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2
index 1abce71..1b0bc4a 100644
--- a/roles/common/templates/etc/postfix/main.cf.j2
+++ b/roles/common/templates/etc/postfix/main.cf.j2
@@ -49,20 +49,22 @@ smtp_tls_policy_maps            = cdb:$config_directory/tls_policy
 smtp_tls_fingerprint_digest     = sha256
 {% endif %}
 smtpd_tls_security_level        = none
 
 # Turn off all TCP/IP listener ports except that dedicated to
 # samhain(8), which sadly cannot use pickup through the sendmail binary.
 master_service_disable = !127.0.0.1:16132.inet inet
 
 {% set multi_instance = False %}
 {%- for g in postfix_instance.keys() | sort -%}
   {%- if g in group_names -%}
     {%- if not multi_instance -%}
       {%- set multi_instance = True -%}
 ## Other postfix instances
 multi_instance_wrapper     = $command_directory/postmulti -p --
 multi_instance_enable      = yes
 multi_instance_directories =
     {%- endif %} /etc/postfix-{{ postfix_instance[g].name }}
   {%- endif %}
 {% endfor %}
+
+# vim: set filetype=pfmain :
diff --git a/roles/lists/templates/etc/postfix/main.cf.j2 b/roles/lists/templates/etc/postfix/main.cf.j2
index b7a82fe..9859ac1 100644
--- a/roles/lists/templates/etc/postfix/main.cf.j2
+++ b/roles/lists/templates/etc/postfix/main.cf.j2
@@ -70,20 +70,22 @@ smtpd_timeout                = 1200s
 # Forward everything to our internal outgoing proxy
 {% if 'out' in group_names %}
 relayhost     = [127.0.0.1]:{{ postfix_instance.out.port }}
 {% else %}
 relayhost     = [outgoing.fripost.org]:{{ postfix_instance.out.port }}
 {% endif %}
 relay_domains =
 
 {% if 'out' in group_names %}
 smtp_tls_security_level         = none
 smtp_bind_address               = 127.0.0.1
 {% else %}
 smtp_tls_security_level         = encrypt
 smtp_tls_cert_file              = $config_directory/ssl/{{ ansible_fqdn }}.pem
 smtp_tls_key_file               = $config_directory/ssl/{{ ansible_fqdn }}.key
 smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
 smtp_tls_policy_maps            = cdb:$config_directory/tls_policy
 smtp_tls_fingerprint_digest     = sha256
 {% endif %}
 smtpd_tls_security_level        = none
+
+# vim: set filetype=pfmain :
diff --git a/roles/out/templates/etc/postfix/main.cf.j2 b/roles/out/templates/etc/postfix/main.cf.j2
index 9bf5882..294e92e 100644
--- a/roles/out/templates/etc/postfix/main.cf.j2
+++ b/roles/out/templates/etc/postfix/main.cf.j2
@@ -76,20 +76,22 @@ smtpd_client_restrictions =
 smtpd_helo_required     = yes
 smtpd_helo_restrictions =
     reject_invalid_helo_hostname
 
 smtpd_sender_restrictions =
     reject_non_fqdn_sender
     reject_unknown_sender_domain
 
 smtpd_recipient_restrictions =
     # RFC requirements
     reject_non_fqdn_recipient
     reject_unknown_recipient_domain
     permit_mynetworks
     permit_tls_clientcerts
     reject
 
 smtpd_data_restrictions =
     reject_unauth_pipelining
 
 content_filter = amavisfeed:[127.0.0.1]:10040
+
+# vim: set filetype=pfmain :
diff --git a/roles/webmail/templates/etc/postfix/main.cf.j2 b/roles/webmail/templates/etc/postfix/main.cf.j2
index 595f618..048302a 100644
--- a/roles/webmail/templates/etc/postfix/main.cf.j2
+++ b/roles/webmail/templates/etc/postfix/main.cf.j2
@@ -83,20 +83,22 @@ smtpd_client_restrictions =
 
 smtpd_helo_required     = yes
 smtpd_helo_restrictions =
     permit_mynetworks
     reject_non_fqdn_helo_hostname
     reject_invalid_helo_hostname
 
 smtpd_sender_restrictions =
     reject_non_fqdn_sender
     reject_unknown_sender_domain
 
 smtpd_recipient_restrictions =
     # RFC requirements
     reject_non_fqdn_recipient
     reject_unknown_recipient_domain
     permit_mynetworks
     reject
 
 smtpd_data_restrictions =
     reject_unauth_pipelining
+
+# vim: set filetype=pfmain :