blob: 5ff7d261f83f752430fcaa25a2099daf4d3c3e03 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# {{ ansible_managed }}
# /!\ WARNING: smtp_tls_fingerprint_digest MUST be sha256!
{% if 'out' not in group_names %}
[outgoing.fripost.org]:{{ postfix_instance.out.port }} fingerprint ciphers=high protocols=TLSv1.2
{% for h in groups.out | sort %}
match={{ lookup('pipe', 'openssl x509 -in certs/postfix/'+h+'.pem -noout -fingerprint -sha256 | cut -d= -f2') }}
{% endfor %}
{% endif %}
{% if 'MX' in group_names %}
{% if 'IMAP' not in group_names %}
[mda.fripost.org]:{{ postfix_instance.IMAP.port }} fingerprint ciphers=high protocols=TLSv1.2
{% for h in groups.IMAP | sort %}
match={{ lookup('pipe', 'openssl x509 -in certs/postfix/'+h+'.pem -noout -fingerprint -sha256 | cut -d= -f2') }}
{% endfor %}
{% endif %}
{% if 'lists' not in group_names %}
[lists.fripost.org]:{{ postfix_instance.lists.port }} fingerprint ciphers=high protocols=TLSv1.2
{% for h in groups.lists | sort %}
match={{ lookup('pipe', 'openssl x509 -in certs/postfix/'+h+'.pem -noout -fingerprint -sha256 | cut -d= -f2') }}
{% endfor %}
{% endif %}
{% endif %}
|