Lauffähig für postfix

diff --git a/postfix/satellite.sls b/postfix/satellite.sls
index d3663ea4894f396f4e65f003e9b1725f5f124475..bfe0eb79b3f8464564a93e4547ac293bd4d0a2bb 100644 (file)
--- a/postfix/satellite.sls
+++ b/postfix/satellite.sls
@@ -1,59 +1,101 @@
 {% set postfix = salt['grains.filter_by']({
   'Debian': {
     'aliases_file': '/etc/aliases',
+    'os_banner': '(Debian/GNU)'
   },
   'Gentoo': {
     'aliases_file': '/etc/mail/aliases',
+    'os_banner': '(Gentoo)'
   },
   'RedHat': {
     'aliases_file': '/etc/aliases',
-  },
-  'Arch' : {
-    'aliases_file': '/etc/aliases',
+    'os_banner': '(RedHat)'
   },
 })
 %}
 
+{% if salt['grains.get']('fqdn') == 'ns3.uhu-banane.de' %}
+    {% set has_public_ipv6 = True %}
+{% else %}
+    {% set has_public_ipv6 = False %}
+{% endif %}
+
+
+{% set my_hostname = salt['grains.get']('host') %}
+{% set my_domain = salt['grains.get']('domain') %}
+{% set my_fqdn = salt['grains.get']('fqdn') %}
+
+{% macro all_not_local_addresses() -%}
+  {%- for addr in salt['grains.get']('ipv4') -%}
+    {%- if addr != '127.0.0.1' %} {{ addr }}/32{% endif -%}
+  {%- endfor %}
+  {%- for addr in salt['grains.get']('ipv6') -%}
+    {%- if addr != '::1' %} {{ addr }}/128{% endif -%}
+  {%- endfor %}
+{%- endmacro %}
+
 postfix:
   manage_master_config: False
 
+  is_satellite: True
+
   sasl_passwd:
     - mail.brehm-online.com: vmail:uhu
     - helga-six.brehm-online.com: vmail:uhu
 
+  smtpd_banner: '$myhostname ESMTP Frank Brehms Mail Service $mail_name ($mail_version) {{ postfix.os_banner }}'
+
   config:
-    smtpd_banner: $myhostname ESMTP $mail_name (Debian/GNU)
-    biff: 'no'
-    smtp_tls_CApath: '/etc/ssl/certs'
-    append_dot_mydomain: 'yes'
-    readme_directory: 'no'
-    mydestination: localhost, localhost.localdomain
-    relayhost: 
-    mynetworks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+
+    # Common stuff
+    #config_directory: '/etc/postfix'
+{% if has_public_ipv6 %}
+    inet_protocols: 'all'
+{% else %}
+    inet_protocols: 'ipv4'
+{% endif %}
     mailbox_size_limit: 0
+    mydestination:
+      - '{{ my_fqdn }}'
+      - '{{ my_hostname }}.brehm-online.com'
+      - 'localhost.{{ my_domain }}'
+      - 'localhost'
+      - 'localhost.localdomain'
+    mynetworks:
+      - '127.0.0.0/8'
+      - '[::ffff:127.0.0.0]/104'
+      - '[::1]/128'
+{% for addr in all_not_local_addresses().split() %}
+      - {{ addr }}
+{% endfor %}
+    myorigin: '/etc/mailname'
+    readme_directory: 'no'
     recipient_delimiter: +
-    inet_interfaces: all
+    relayhost: '[mail.brehm-online.com]'
+    # smtpd_banner: '$myhostname ESMTP $mail_name (Debian/GNU)'
 
     # Alias
-    alias_maps: hash:/etc/aliases
-    alias_database: hash:/etc/aliases
+    alias_maps: hash:{{ postfix.aliases_file }}
+    alias_database: hash:{{ postfix.aliases_file }}
 
     # SMTP server
     smtpd_tls_session_cache_database: btree:${data_directory}/smtpd_scache
     smtpd_use_tls: 'yes'
 
     # SMTP server certificate and key (from pillar data)
-    smtpd_tls_cert_file: /etc/postfix/ssl/server-cert.crt
-    smtpd_tls_key_file: /etc/postfix/ssl/server-cert.key
+    smtpd_tls_cert_file: /etc/postfix/postfix.pem
+    smtpd_tls_key_file: /etc/postfix/postfix.pem
 
     # SMTP client
     smtp_sasl_auth_enable: 'yes'
-    smtp_sasl_password_maps: 'hash:/etc/postfix/smtp_auth'
     smtp_sasl_security_options: 'noanonymous'
+    smtp_tls_CApath: ''
     smtp_tls_cert_file: '/etc/postfix/postfix.pem'
     smtp_tls_enforce_peername: 'no'
     smtp_tls_key_file: '/etc/postfix/postfix.pem'
     smtp_tls_session_cache_database: 'btree:${data_directory}/smtp_scache'
     smtp_use_tls: 'yes'
 
+    smtpd_sasl_auth_enable: 'yes'
+
 # vim: ts=2 sw=2 et