Rename variable to make it's purpose clearer

2023-03-24 12:45:45 +01:00 · 2023-03-24 12:45:45 +01:00 · 5ef68a7f78
parent 73de99bbda
commit 5ef68a7f78
3 changed files with 18 additions and 16 deletions
--- a/tasks/postfix.yml
+++ b/tasks/postfix.yml
@ -47,6 +47,7 @@
    - sender_checks
    - transport_global_exceptions
    - transport_relay
+    - virtual_domains
  notify: reload postfix

 - name: "Postfix | Run postmap"
@ -63,6 +64,7 @@
    - file: relay_checks
    - file: sender_checks
    - file: transport_relay
+    - file: virtual_domains

 - name: "Postfix | Create dhparam file"
  community.crypto.openssl_dhparam:
--- a/templates/postfix/main.cf.j2
+++ b/templates/postfix/main.cf.j2
@ -128,7 +128,7 @@ smtp_sasl_security_options = noanonymous
 #### Postscreen
 postscreen_access_list =
    permit_mynetworks
-    cidr:/etc/postfix/conf.d/postscreen_access.cidr
+    cidr:{{ postfix_conf_dir }}/postscreen_access.cidr
 postscreen_blacklist_action = drop

 # Pregreeting
@ -157,7 +157,7 @@ smtpd_restriction_classes = permit_login_mismatch
 smtpd_client_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
-    check_client_access cdb:/etc/postfix/conf.d/client_checks,
+    check_client_access cdb:{{ postfix_conf_dir }}/client_checks,
    reject_unknown_client_hostname,
    permit

@ -168,28 +168,28 @@ smtpd_helo_required = yes
 smtpd_helo_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
-    check_helo_access pcre:/etc/postfix/conf.d/helo_checks,
+    check_helo_access pcre:{{ postfix_conf_dir }}/helo_checks,
    reject_non_fqdn_helo_hostname,
    reject_invalid_helo_hostname,
    permit

 smtpd_sender_restrictions =
    permit_mynetworks,
-    check_sender_access cdb:/etc/postfix/conf.d/sender_checks,
+    check_sender_access cdb:{{ postfix_conf_dir }}/sender_checks,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
-    check_sender_mx_access cidr:/etc/postfix/conf.d/bogus_mx,
+    check_sender_mx_access cidr:{{ postfix_conf_dir }}/bogus_mx,
    #Uncomment the next two lines to block mails from other servers with our domain as MAIL FROM
    #permit_sasl_authenticated,
-    #check_sender_access hash:/etc/postfix/conf.d/sender_checks_domain,
+    #check_sender_access hash:{{ postfix_conf_dir }}/sender_checks_domain,
    permit

 {% if postfix_submission is defined and postfix_submission %}
 # Restrictions for submission port
 mua_sender_restrictions =
-    check_sasl_access cdb:/etc/postfix/conf.d/permit_sasl_login_mismatch,
+    check_sasl_access cdb:{{ postfix_conf_dir }}/permit_sasl_login_mismatch,
    permit_mynetworks,
-    check_sender_access cdb:/etc/postfix/conf.d/sender_checks,
+    check_sender_access cdb:{{ postfix_conf_dir }}/sender_checks,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    reject_sender_login_mismatch,
@ -204,13 +204,13 @@ permit_login_mismatch =

 {% if postfix_submission is defined and postfix_submission %}
 submission_bad_smtp_user_check =
-    check_sasl_access cdb:/etc/postfix/conf.d/bad_smtp_auth_users
+    check_sasl_access cdb:{{ postfix_conf_dir }}/bad_smtp_auth_users
 {% endif %}

 smtpd_relay_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
-    check_client_access cdb:/etc/postfix/conf.d/relay_checks,
+    check_client_access cdb:{{ postfix_conf_dir }}/relay_checks,
    reject_unauth_destination

 smtpd_recipient_restrictions =
@ -227,7 +227,7 @@ unverified_recipient_reject_code = 550

 smtpd_data_restrictions =
    reject_multi_recipient_bounce,
-    check_recipient_access pcre:/etc/postfix/conf.d/header_add,
+    check_recipient_access pcre:{{ postfix_conf_dir }}/header_add,

 ### Connection limits
 smtpd_client_connection_rate_limit = 100
@ -240,7 +240,7 @@ default_destination_rate_delay = 60s
 default_destination_recipient_limit = 1
 default_destination_concurrency_failed_cohort_limit = 10

-header_checks = pcre:/etc/postfix/conf.d/header_checks
+header_checks = pcre:{{ postfix_conf_dir }}/header_checks

 ### Spam and DKIM
 {% if postfix_smtpd_milters is defined %}
--- a/templates/postfix/master.cf
+++ b/templates/postfix/master.cf
@ -38,8 +38,8 @@ submission inet  n       -       y       -       -      smtpd
 {% endif %}
    -o smtpd_sender_restrictions=$mua_sender_restrictions
    -o cleanup_service_name=subclean
-{% if postfix_submission_alternative_port is defined %}
-{{ postfix_submission_alternative_port }}        inet  n       -       y       -       -       smtpd
+{% if postfix_submission_non_tls_port is defined %}
+{{ postfix_submission_non_tls_port }}        inet  n       -       y       -       -       smtpd
    -o syslog_name=postfix/submission-local
    -o smtpd_tls_security_level=none
    -o smtpd_client_restrictions=permit_mynetworks,reject
@ -82,9 +82,9 @@ postlog   unix-dgram n  -       n       -       1       postlogd

 # Outbound: Remove sensible headers
 subclean   unix  n       -       y       -       0       cleanup
-    -o header_checks=regexp:/etc/postfix/conf.d/header_treatment
+    -o header_checks=regexp:{{ postfix_conf_dir }}/header_treatment

 # Inbound: Remove some headers
 smtpd-in  unix  n       -       y       -       0       cleanup
  -o syslog_name=postfix/smtpd-in
-  -o header_checks=pcre:/etc/postfix/conf.d/header_checks_inbound
+  -o header_checks=pcre:{{ postfix_conf_dir }}/header_checks_inbound