From 166804e99e33c8ec5760e88ba1f52d4fc301334c Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 14 May 2015 22:00:36 +0200 Subject: Configure the list manager (Sympa). --- roles/common/templates/etc/iptables/services.j2 | 5 ++++- roles/common/templates/etc/postfix/tls_policy.j2 | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'roles/common/templates') diff --git a/roles/common/templates/etc/iptables/services.j2 b/roles/common/templates/etc/iptables/services.j2 index 7709066..c628d50 100644 --- a/roles/common/templates/etc/iptables/services.j2 +++ b/roles/common/templates/etc/iptables/services.j2 @@ -45,10 +45,13 @@ in tcp 4190 # ManageSieve {% if 'MDA' in group_names and 'MX' not in group_names %} in tcp {{ postfix_instance.IMAP.port }} {% endif %} +{% if 'lists' in group_names and 'MX' not in group_names %} +in tcp {{ postfix_instance.lists.port }} +{% endif %} {% if 'MSA' in group_names %} in tcp 587 # SMTP-AUTH {% endif %} -{% if 'webmail' in group_names %} +{% if 'webmail' in group_names or 'lists' in group_names %} in tcp 80,443 # HTTP/HTTPS {% if 'IMAP' not in group_names %} out tcp 993 # IMAP diff --git a/roles/common/templates/etc/postfix/tls_policy.j2 b/roles/common/templates/etc/postfix/tls_policy.j2 index d53b0a0..5ff7d26 100644 --- a/roles/common/templates/etc/postfix/tls_policy.j2 +++ b/roles/common/templates/etc/postfix/tls_policy.j2 @@ -17,7 +17,7 @@ {% endif %} {% if 'lists' not in group_names %} -[antilop.fripost.org]:{{ postfix_instance.lists.port }} fingerprint ciphers=high +[lists.fripost.org]:{{ postfix_instance.lists.port }} fingerprint ciphers=high protocols=TLSv1.2 {% for h in groups.lists | sort %} match={{ lookup('pipe', 'openssl x509 -in certs/postfix/'+h+'.pem -noout -fingerprint -sha256 | cut -d= -f2') }} {% endfor %} -- cgit v1.2.3