summaryrefslogtreecommitdiffstats
path: root/roles/common-LDAP
Commit message (Collapse)AuthorAgeFiles
* Include amavisd-new's LDAP schema.Guilhem Moulin2015-06-071
| | | | | | It'd certainly be nicer if we didn't have to deploy amavis' schema everywhere, but we need the 'objectClass' in our replicates, hence they need to be aware of the 'amavisAccount' class.
* Configure the content filter.Guilhem Moulin2015-06-072
| | | | | | | | | | | Antispam & antivirus, using ClamAV and SpamAssassin through Amavisd-new. Each user has his/her amavis preferences, and own Bayes filter (to maximize privacy). One question remains, though: how to set spamassassin's trusted_networks / internal_networks / msa_networks? It seems not obivious to get it write with IPSec and dynamic IPs. (Cf. https://wiki.apache.org/spamassassin/AwlWrongWay)
* wibbleGuilhem Moulin2015-06-072
|
* oopsGuilhem Moulin2015-06-071
|
* Configure the LDAP provider.Guilhem Moulin2015-06-071
| | | | (Hence the SyncProv overlay.)
* LDAP Sync Replication.Guilhem Moulin2015-06-073
|
* Postfix is compiled without SASL support.Guilhem Moulin2015-06-071
| | | | As of 2.9.6 (2.10), at least. See bug #730848.
* Configure the MX:es.Guilhem Moulin2015-06-071
|
* Provision /etc/default/slapdGuilhem Moulin2015-06-072
| | | | | | | This is because the UNIX domain socket to connect to when performing LDAP lookups needs to be in the chroot. Also, don't open a INET socket unless we're a Sync Provider.
* Allow flexible ACLs for SASL's EXTERNAL mechanism.Guilhem Moulin2015-06-071
| | | | | | "username=postfix,cn=peercred,cn=external,cn=auth" is replaced by "gidNumber=106+uidNumber=102,cn=peercred,cn=external,cn=auth" where 102 is postfix's UID and 106 its primary GID (looked up from /etc/passwd).
* Reorganization.Guilhem Moulin2015-06-075