From 9ac2057bb6f1465b8392f18552ac1df17f6d81d6 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 13 Jul 2014 23:24:05 +0200 Subject: Split templates / files in lookup tables. --- roles/MX/files/etc/postfix/virtual/alias.cf | 10 ++++++++++ roles/MX/files/etc/postfix/virtual/alias_domains.cf | 12 ++++++++++++ roles/MX/files/etc/postfix/virtual/catchall.cf | 11 +++++++++++ roles/MX/files/etc/postfix/virtual/domains.cf | 12 ++++++++++++ roles/MX/files/etc/postfix/virtual/list.cf | 13 +++++++++++++ roles/MX/files/etc/postfix/virtual/mailbox.cf | 13 +++++++++++++ roles/MX/files/etc/postfix/virtual/reserved_alias.pcre | 5 +++++ roles/MX/tasks/main.yml | 17 +++++++++++------ roles/MX/templates/etc/postfix/virtual/alias.cf.j2 | 10 ---------- .../templates/etc/postfix/virtual/alias_domains.cf.j2 | 12 ------------ roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 | 11 ----------- roles/MX/templates/etc/postfix/virtual/domains.cf.j2 | 12 ------------ roles/MX/templates/etc/postfix/virtual/list.cf.j2 | 13 ------------- roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 | 13 ------------- .../etc/postfix/virtual/reserved_alias.pcre.j2 | 5 ----- 15 files changed, 87 insertions(+), 82 deletions(-) create mode 100644 roles/MX/files/etc/postfix/virtual/alias.cf create mode 100644 roles/MX/files/etc/postfix/virtual/alias_domains.cf create mode 100644 roles/MX/files/etc/postfix/virtual/catchall.cf create mode 100644 roles/MX/files/etc/postfix/virtual/domains.cf create mode 100644 roles/MX/files/etc/postfix/virtual/list.cf create mode 100644 roles/MX/files/etc/postfix/virtual/mailbox.cf create mode 100644 roles/MX/files/etc/postfix/virtual/reserved_alias.pcre delete mode 100644 roles/MX/templates/etc/postfix/virtual/alias.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/domains.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/list.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 (limited to 'roles/MX') diff --git a/roles/MX/files/etc/postfix/virtual/alias.cf b/roles/MX/files/etc/postfix/virtual/alias.cf new file mode 100644 index 0000000..1710376 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/alias.cf @@ -0,0 +1,10 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualAlias)(fvl=%u)(fripostIsStatusActive=TRUE)) +result_attribute = fripostMaildrop diff --git a/roles/MX/files/etc/postfix/virtual/alias_domains.cf b/roles/MX/files/etc/postfix/virtual/alias_domains.cf new file mode 100644 index 0000000..119b8b2 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/alias_domains.cf @@ -0,0 +1,12 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +# The domain has already been validated (it's active and not pending) +query_filter = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d)) +result_attribute = fripostMaildrop +result_format = %U@%s diff --git a/roles/MX/files/etc/postfix/virtual/catchall.cf b/roles/MX/files/etc/postfix/virtual/catchall.cf new file mode 100644 index 0000000..66053c8 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/catchall.cf @@ -0,0 +1,11 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +# The domain has already been validated (it's active and not pending) +query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*)) +result_attribute = fripostOptionalMaildrop diff --git a/roles/MX/files/etc/postfix/virtual/domains.cf b/roles/MX/files/etc/postfix/virtual/domains.cf new file mode 100644 index 0000000..4ec247d --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/domains.cf @@ -0,0 +1,12 @@ +# XXX: How come we use a socked relative to the chroot here? smtpd(8) is +# not (can't be) chrooted... +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = ou=virtual,dc=fripost,dc=org +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostPendingEntry))(fvd=%s)(fripostIsStatusActive=TRUE)) +result_attribute = fvd +result_format = OK diff --git a/roles/MX/files/etc/postfix/virtual/list.cf b/roles/MX/files/etc/postfix/virtual/list.cf new file mode 100644 index 0000000..3b364c0 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/list.cf @@ -0,0 +1,13 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualList)(!(objectClass=FripostPendingEntry))(fvl=%u)(fripostIsStatusActive=TRUE)) +result_attribute = fripostListManager +# Use a dedicated "virtual" domain to decongestion potential bottlenecks +# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. +result_format = %D/%U@%s.fripost.org diff --git a/roles/MX/files/etc/postfix/virtual/mailbox.cf b/roles/MX/files/etc/postfix/virtual/mailbox.cf new file mode 100644 index 0000000..4654607 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/mailbox.cf @@ -0,0 +1,13 @@ +server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,dc=fripost,dc=org +domain = static:all +scope = one +bind = yes +bind_dn = cn=postfix,ou=services,dc=fripost,dc=org +bind_pw = FIXME +query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)(fripostIsStatusActive=TRUE)) +result_attribute = fvl +# Use a dedicated "virtual" domain to decongestion potential bottlenecks +# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. +result_format = %D/%U@mda.fripost.org diff --git a/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre b/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre new file mode 100644 index 0000000..f1c79c7 --- /dev/null +++ b/roles/MX/files/etc/postfix/virtual/reserved_alias.pcre @@ -0,0 +1,5 @@ +/^(?:postmaster|abuse)(?:\+.*)?@fripost\.org$/ admin@fripost.org +# For other domains, RFC 822 section 6.3 and RFC 2142 section 4 +# mandatory aliases are forwarded to OUR admin team and to the domain +# owner or postmaster, if there are any. +/^(postmaster|abuse)(?:\+.*)?@(.*)/ $2/$1@reserved.fripost.org diff --git a/roles/MX/tasks/main.yml b/roles/MX/tasks/main.yml index 8cd5106..cae498e 100644 --- a/roles/MX/tasks/main.yml +++ b/roles/MX/tasks/main.yml @@ -23,11 +23,11 @@ owner=root group=root mode=0755 -- name: Copy lookup tables - template: src=etc/postfix/virtual/{{ item }}.j2 - dest=/etc/postfix-{{ postfix_instance[inst].name }}/virtual/{{ item }} - owner=root group=root - mode=0644 +- name: Copy lookup tables (1) + file: src=etc/postfix/virtual/{{ item }} + dest=/etc/postfix-{{ postfix_instance[inst].name }}/virtual/{{ item }} + owner=root group=root + mode=0644 with_items: - domains.cf # no need to reload upon change, as cleanup(8) is short-running @@ -37,7 +37,12 @@ - list.cf - alias_domains.cf - catchall.cf - - transport + +- name: Copy lookup tables (2) + template: src=etc/postfix/virtual/transport.j2 + dest=/etc/postfix-{{ postfix_instance[inst].name }}/virtual/transport + owner=root group=root + mode=0644 - name: Compile the Postfix transport maps # trivial-rewrite(8) is a long-running process, so it's safer to reload diff --git a/roles/MX/templates/etc/postfix/virtual/alias.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias.cf.j2 deleted file mode 100644 index 1710376..0000000 --- a/roles/MX/templates/etc/postfix/virtual/alias.cf.j2 +++ /dev/null @@ -1,10 +0,0 @@ -server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ -version = 3 -search_base = fvd=%d,ou=virtual,dc=fripost,dc=org -domain = static:all -scope = one -bind = yes -bind_dn = cn=postfix,ou=services,dc=fripost,dc=org -bind_pw = FIXME -query_filter = (&(objectClass=FripostVirtualAlias)(fvl=%u)(fripostIsStatusActive=TRUE)) -result_attribute = fripostMaildrop diff --git a/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 deleted file mode 100644 index 119b8b2..0000000 --- a/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 +++ /dev/null @@ -1,12 +0,0 @@ -server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ -version = 3 -search_base = ou=virtual,dc=fripost,dc=org -domain = static:all -scope = one -bind = yes -bind_dn = cn=postfix,ou=services,dc=fripost,dc=org -bind_pw = FIXME -# The domain has already been validated (it's active and not pending) -query_filter = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d)) -result_attribute = fripostMaildrop -result_format = %U@%s diff --git a/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 b/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 deleted file mode 100644 index 66053c8..0000000 --- a/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 +++ /dev/null @@ -1,11 +0,0 @@ -server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ -version = 3 -search_base = ou=virtual,dc=fripost,dc=org -domain = static:all -scope = one -bind = yes -bind_dn = cn=postfix,ou=services,dc=fripost,dc=org -bind_pw = FIXME -# The domain has already been validated (it's active and not pending) -query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*)) -result_attribute = fripostOptionalMaildrop diff --git a/roles/MX/templates/etc/postfix/virtual/domains.cf.j2 b/roles/MX/templates/etc/postfix/virtual/domains.cf.j2 deleted file mode 100644 index 4ec247d..0000000 --- a/roles/MX/templates/etc/postfix/virtual/domains.cf.j2 +++ /dev/null @@ -1,12 +0,0 @@ -# XXX: How come we use a socked relative to the chroot here? smtpd(8) is -# not (can't be) chrooted... -server_host = ldapi://%2Fprivate%2Fldapi/ -version = 3 -search_base = ou=virtual,dc=fripost,dc=org -scope = one -bind = yes -bind_dn = cn=postfix,ou=services,dc=fripost,dc=org -bind_pw = FIXME -query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostPendingEntry))(fvd=%s)(fripostIsStatusActive=TRUE)) -result_attribute = fvd -result_format = OK diff --git a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/list.cf.j2 deleted file mode 100644 index 3b364c0..0000000 --- a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 +++ /dev/null @@ -1,13 +0,0 @@ -server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ -version = 3 -search_base = fvd=%d,ou=virtual,dc=fripost,dc=org -domain = static:all -scope = one -bind = yes -bind_dn = cn=postfix,ou=services,dc=fripost,dc=org -bind_pw = FIXME -query_filter = (&(objectClass=FripostVirtualList)(!(objectClass=FripostPendingEntry))(fvl=%u)(fripostIsStatusActive=TRUE)) -result_attribute = fripostListManager -# Use a dedicated "virtual" domain to decongestion potential bottlenecks -# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. -result_format = %D/%U@%s.fripost.org diff --git a/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 deleted file mode 100644 index 4654607..0000000 --- a/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 +++ /dev/null @@ -1,13 +0,0 @@ -server_host = ldapi://%2Fvar%2Fspool%2Fpostfix-mx%2Fprivate%2Fldapi/ -version = 3 -search_base = fvd=%d,ou=virtual,dc=fripost,dc=org -domain = static:all -scope = one -bind = yes -bind_dn = cn=postfix,ou=services,dc=fripost,dc=org -bind_pw = FIXME -query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)(fripostIsStatusActive=TRUE)) -result_attribute = fvl -# Use a dedicated "virtual" domain to decongestion potential bottlenecks -# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. -result_format = %D/%U@mda.fripost.org diff --git a/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 b/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 deleted file mode 100644 index f1c79c7..0000000 --- a/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 +++ /dev/null @@ -1,5 +0,0 @@ -/^(?:postmaster|abuse)(?:\+.*)?@fripost\.org$/ admin@fripost.org -# For other domains, RFC 822 section 6.3 and RFC 2142 section 4 -# mandatory aliases are forwarded to OUR admin team and to the domain -# owner or postmaster, if there are any. -/^(postmaster|abuse)(?:\+.*)?@(.*)/ $2/$1@reserved.fripost.org -- cgit v1.2.3