senselab/ansible-role-postfix
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fixes

Browse source
This commit is contained in:
phil 2023-04-17 23:17:22 +02:00
parent 4e098544be
commit f32891c328
5 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
tasks/main.yml
View file

@ -29,7 +29,7 @@
tags: tls-helper
- name: MTA-STS
ansible.builtin.import_tasks: mta-sts.yml
ansible.builtin.include_tasks: mta-sts.yml
tags: mta-sts
loop: "{{ postfix_domains }}"

8
tasks/mta-sts.yml
View file

@ -9,16 +9,16 @@
ansible.builtin.lineinfile:
path: /etc/dehydrated/domains.txt
line: "mta-sts.{{ item.name }}"
when: "'dehydrated' in ansible_facts.packages and item.mta-sts is defined and item.mta-sts"
when: "'dehydrated' in ansible_facts.packages and item.mta_sts is defined and item.mta_sts"
loop: "{{ postfix_domains }}"
notify: Get certificate
- name: "MTA-STS | Copy Nginx configuration"
ansible.builtin.template:
src: nginx/nginx-mta-sts.j2
src: nginx/mta-sts.j2
dest: "/etc/nginx/sites-available/mta-sts.{{ item.name }}"
mode: "0644"
when: item.mta-sts is defined and item.mta-sts
when: item.mta_sts is defined and item.mta_sts
loop: "{{ postfix_domains }}"
- name: "MTA-STS | Enable Nginx configuration"
@ -26,6 +26,6 @@
src: "/etc/nginx/sites-available/mta-sts.{{ item.name }}"
dest: "/etc/nginx/sites-enabled/mta-sts.{{ item.name }}"
state: link
when: item.mta-sts is defined and item.mta-sts
when: item.mta_sts is defined and item.mta_sts
loop: "{{ postfix_domains }}"
notify: reload nginx

1
tasks/tls-helper.yml
View file

@ -37,6 +37,7 @@
ansible.builtin.command:
cmd: "postmap {{ postfix_default_db_type }}:{{ tls_helper_domains_file }}"
chdir: "{{ tls_helper_postfix_dir }}"
creates: "{{ tls_helper_postfix_dir }}/{{ tls_helper_domains_file }}.{{ postfix_default_db_type }}"
- name: "TLS-helper | Link files"
ansible.builtin.file:

2
templates/postfix/conf.d/transport_relay.j2
View file

@ -6,7 +6,9 @@
{% if domain.comment is defined %}
# {{ domain.comment }}
{% endif %}
{% if domain.relay_host is defined %}
{{ "%-50s %s" | format(domain.name, domain.relay_host) }}
{% endif %}
{% endif %}
{% endfor %}
{% endif %}

4
templates/postfix/main.cf.j2
View file

@ -135,7 +135,7 @@ smtp_sasl_security_options = noanonymous
#### Postscreen
postscreen_access_list =
permit_mynetworks
cidr:{{ postfix_conf_dir }}/postscreen_access.cidr
cidr:{{ postfix_conf_dir }}/postscreen_access
postscreen_blacklist_action = drop
# Pregreeting
@ -240,7 +240,9 @@ smtpd_data_restrictions =
### Connection limits
smtpd_client_connection_rate_limit = 100
{% if postfix_smtpd_client_event_limit_exceptions is defined %}
smtpd_client_event_limit_exceptions = {{ postfix_smtpd_client_event_limit_exceptions | join(', ') }}
{% endif %}
smtpd_client_message_rate_limit = 25
smtpd_client_new_tls_session_rate_limit = 100
smtpd_client_auth_rate_limit = 100