diff --git a/roles/mail_forwarder/handlers/main.yml b/roles/mail_forwarder/handlers/main.yml index 32356d6aedaa46976368141fbfe2cf77c26c95a4..051af789d205f97be5b425d26ad604b25aad1e3f 100644 --- a/roles/mail_forwarder/handlers/main.yml +++ b/roles/mail_forwarder/handlers/main.yml @@ -2,6 +2,12 @@ - name: Rebuild mail aliases command: /usr/bin/newaliases + tags: + # [ANSIBLE0012] Commands should not change things if nothing needs doing + # This task is invoked only if user is very specific about requiring to + # run the handlers manually as a way to bring the system to consistency + # after interrupted runs. + - skip_ansible_lint - name: Restart Postfix - service: name="postfix" state="restarted" \ No newline at end of file + service: name="postfix" state="restarted" diff --git a/roles/mail_forwarder/molecule.yml b/roles/mail_forwarder/molecule.yml new file mode 100644 index 0000000000000000000000000000000000000000..f95379690441e0f942ce69a4fea940e459a69959 --- /dev/null +++ b/roles/mail_forwarder/molecule.yml @@ -0,0 +1,53 @@ +--- + +dependency: {} + +driver: + name: vagrant + +vagrant: + platforms: + - name: debian-jessie64 + box: debian/contrib-jessie64 + - name: debian-stretch64 + box: debian/stretch64 + + providers: + - name: virtualbox + type: virtualbox + options: + memory: 768 + cpus: 1 + + instances: + + - name: mail-server + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.10 + auto_config: yes + + - name: client1 + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.20 + auto_config: yes + + - name: parameters-mandatory + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.30 + auto_config: yes + + - name: parameters-optional + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.31 + auto_config: yes + +verifier: + name: testinfra diff --git a/roles/mail_forwarder/playbook.yml b/roles/mail_forwarder/playbook.yml new file mode 100644 index 0000000000000000000000000000000000000000..d9fdb2851794485c5b704c5efcf8fa32eb32b3dd --- /dev/null +++ b/roles/mail_forwarder/playbook.yml @@ -0,0 +1,130 @@ +--- + +- hosts: all + tasks: + + - name: Update all caches to avoid errors due to missing remote archives + apt: + update_cache: yes + +- hosts: all + tasks: + + - name: Set-up /etc/hosts entries + lineinfile: + dest: /etc/hosts + line: "{{ item.key }} {{ item.value }}" + with_dict: + 10.31.127.10: "mail-server domain1" + 10.31.127.20: "client1" + 10.31.127.30: "parameters-mandatory" + 10.31.127.31: "parameters-optional" + +- hosts: client1 + tasks: + + - name: Install SWAKS for testing SMTP capability + apt: + name: swaks + state: installed + + - name: Install tool for testing TCP connectivity + apt: + name: hping3 + state: installed + + - name: Deploy CA certificate + copy: + src: tests/data/x509/ca.cert.pem + dest: /usr/local/share/ca-certificates/testca.crt + owner: root + group: root + mode: 0644 + notify: + - Update CA certificate cache + + handlers: + + - name: Update CA certificate cache + command: /usr/sbin/update-ca-certificates --fresh + +- hosts: mail-server + tasks: + + - name: Deploy CA certificate + copy: + src: tests/data/x509/ca.cert.pem + dest: /usr/local/share/ca-certificates/testca.crt + owner: root + group: root + mode: 0644 + notify: + - Update CA certificate cache + + - name: Deploy SMTP private key and certificate + copy: + src: "tests/data/x509/{{ item }}" + dest: "/etc/ssl/{{ item }}" + owner: root + group: root + mode: 0600 + with_items: + - mail-server_smtp.cert.pem + - mail-server_smtp.key.pem + + - name: Install Postfix + apt: name="postfix" state=installed + + - name: Purge Exim configuration + apt: name="exim4*" state=absent purge=yes + + - name: Deploy Postfix configuration + copy: + src: tests/data/main.cf + dest: /etc/postfix/main.cf + owner: root + group: root + mode: 0644 + notify: + - Restart Postfix + + handlers: + + - name: Update CA certificate cache + command: /usr/sbin/update-ca-certificates --fresh + + - name: Restart Postfix + service: + name: postfix + state: restarted + +- hosts: parameters-mandatory + roles: + - role: mail_forwarder + + # Global common parameters. + tls_certificate_dir: tests/data/x509/ + +- hosts: parameters-optional + roles: + - role: mail_forwarder + local_mail_aliases: + root: "root testuser" + smtp_relay_host: mail-server + smtp_relay_truststore: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" + + # common + ca_certificates: + testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" + +- hosts: parameters-optional + tasks: + + - name: Create additional group for testing local aliases + group: + name: testuser + + - name: Create additional user for testing local aliases + user: + name: testuser + group: testuser diff --git a/roles/mail_forwarder/tasks/main.yml b/roles/mail_forwarder/tasks/main.yml index 9c1e9f9fb2a68cbf0fefc65fd634137563aad401..d5384e75bb7ae7dd20be804f1bf36a29ac02ed54 100644 --- a/roles/mail_forwarder/tasks/main.yml +++ b/roles/mail_forwarder/tasks/main.yml @@ -8,7 +8,7 @@ - name: Deploy the SMTP relay TLS truststore copy: content="{{ smtp_relay_truststore }}" dest="/etc/ssl/certs/smtp_relay_truststore.pem" - owner=root group=root mode=644 + owner=root group=root mode=0644 - name: Configure visible mail name of the system copy: content="{{ inventory_hostname }}\n" dest="/etc/mailname" @@ -41,7 +41,7 @@ - name: Deploy firewall configuration for mail forwader template: src="ferm_mail.conf.j2" dest="/etc/ferm/conf.d/20-mail.conf" - owner=root group=root mode=640 + owner=root group=root mode=0640 notify: - Restart ferm diff --git a/roles/mail_forwarder/templates/main.cf.j2 b/roles/mail_forwarder/templates/main.cf.j2 index e075ae437fe6fefe0831c05cdf1ac32f74a0fe3c..f13509eb940a4ecf1f0f4f187c92909c812a174f 100644 --- a/roles/mail_forwarder/templates/main.cf.j2 +++ b/roles/mail_forwarder/templates/main.cf.j2 @@ -41,3 +41,7 @@ mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + + +# Fall-back to using native lookups (/etc/hosts etc) if DNS lookup fails. Useful +# for local overrides of mail servers. +smtp_host_lookup = dns, native diff --git a/roles/mail_forwarder/tests/data/main.cf b/roles/mail_forwarder/tests/data/main.cf new file mode 100644 index 0000000000000000000000000000000000000000..0bc62396cf5e7941d4eeba8b60c86377d0160b62 --- /dev/null +++ b/roles/mail_forwarder/tests/data/main.cf @@ -0,0 +1,40 @@ +# See /usr/share/postfix/main.cf.dist for a commented, more complete version + + +# Debian specific: Specifying a file name will cause the first +# line of that file to be used as the name. The Debian default +# is /etc/mailname. +#myorigin = /etc/mailname + +smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) +biff = no + +# appending .domain is the MUA's job. +append_dot_mydomain = no + +# Uncomment the next line to generate "delayed mail" warnings +#delay_warning_time = 4h + +readme_directory = no + +# TLS parameters +smtpd_tls_cert_file=/etc/ssl/mail-server_smtp.cert.pem +smtpd_tls_key_file=/etc/ssl/mail-server_smtp.key.pem +smtpd_use_tls=yes +smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache +smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache + +# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for +# information on enabling SSL in the smtp client. + +smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination +myhostname = mail-server +alias_maps = hash:/etc/aliases +alias_database = hash:/etc/aliases +mydestination = mail-server, localhost.localdomain, , localhost, domain1 +relayhost = +mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 +mailbox_command = procmail -a "$EXTENSION" +mailbox_size_limit = 0 +recipient_delimiter = + +inet_interfaces = all diff --git a/roles/mail_forwarder/tests/data/x509/ca.cert.pem b/roles/mail_forwarder/tests/data/x509/ca.cert.pem new file mode 100644 index 0000000000000000000000000000000000000000..a41785fdd72787232ac39d645f36d2a0b7b04c11 --- /dev/null +++ b/roles/mail_forwarder/tests/data/x509/ca.cert.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEWTCCAsGgAwIBAgIMWVEJAy6O6Abooz68MA0GCSqGSIb3DQEBCwUAMEgxIjAg +BgNVBAMTGUV4YW1wbGUgSW5jLiBUZXN0IFNpdGUgQ0ExFTATBgNVBAoTDEV4YW1w +bGUgSW5jLjELMAkGA1UEBhMCU0UwHhcNMTcwNjI2MTMxNTQ3WhcNMzcwNjIxMTMx +NTQ3WjBIMSIwIAYDVQQDExlFeGFtcGxlIEluYy4gVGVzdCBTaXRlIENBMRUwEwYD +VQQKEwxFeGFtcGxlIEluYy4xCzAJBgNVBAYTAlNFMIIBojANBgkqhkiG9w0BAQEF +AAOCAY8AMIIBigKCAYEAufYIYdFLn8Xo8a3c0cUj7s9WEUYKDE6ETmsNFdZee2hK +qP2Li9bSr+vPjgMfi2UfxX/+i9x6LGqsIUxXVgrKlOf7R8bFg/runUI+4X1mZMJw +dBc1POhjkdfRbtfOdu1LtztW4Pc2tnyrAtmhcNHUCXNGRfDNpFKtIFe4OTA/4/eP +1EAyInHNqO2F8UgL8EDUMg9AQd4InVCPYRNlsv9j9qBVMjZiX7hoBC8k1laNkd4T +IdV6zet3+M5Fp/W9lvxFI1yPXw/xWM7K9R3nepunKniuGmjBsac/ZHCUFqJaHz5K +pXyMpSH1GTXOnIKFOldK4NYOzjCOR9Z+k63oJPZ+c7R9cKAZ7DERhS8X6MiykQ2s +hDY68i7HSZd9Dy5oLlH63evbi/tWJSG9mE/UamYuzORKR4PNwixaKQbteiDU59wK +azH5yQNGIqMSGkNgSsj9QW2NPkyNskuzCP04f77V/wSpum5PIygyuLidge9A+Vux +eb5v7XBS8Zp3Wn78JYrlAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P +AQH/BAUDAwcGADAdBgNVHQ4EFgQUN2vbkxxpfpJMa99zhfiEllmBT2swDQYJKoZI +hvcNAQELBQADggGBADNZ9eJA3Jm5TJQoDct+FZOc16XZDlteGBxVJj+aQUlBFlJK +itvW/reR4SwZF/QRtCIzY7HN0rx0FVvfGR4sIcN2MALG+4Beee5nZR3KsNHhx895 +5ml7vqfNhnn/3/Gd7quqb2FskALfHAciuL+y0n/KcnnJ/3wZKR6xc5ON1VrwHSyI +ENxRC8/oeO9SBc9V5gG5CyELftUiGBE73IIGjV/wXiwBvgwPB+j8vrv5nQrKPsLk +b9ngSts/JSdiQH3cIbBpNoWz8Q8OIoQTt99GUKAScJX4UO7W5EHNmcCtCtOpgRg+ +Y49auOe/6A1n4rsLANZlDelhwCASQtZ04DdFl5QQpTuIOmd4l4KuNpqQ5Px+sxFu +oPenBiQkXuQn9rQaFTTSc9jVBoumRp61P0mvoGusRzjYYvdL8zYoH/246eliWgyy +60+/lgmDXpwf0a2d3fDTxuBmP1HlJYLUsS6ij+GKGgAOTCGmzygmyPOroDae+XOI +G2o8G6ziU8d8RICIng== +-----END CERTIFICATE----- diff --git a/roles/mail_forwarder/tests/data/x509/ca.key.pem b/roles/mail_forwarder/tests/data/x509/ca.key.pem new file mode 100644 index 0000000000000000000000000000000000000000..d2f3ab97e995f18f395d78cd62af20368aeb7b0f --- /dev/null +++ b/roles/mail_forwarder/tests/data/x509/ca.key.pem @@ -0,0 +1,182 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: High (3072 bits) + +modulus: + 00:b9:f6:08:61:d1:4b:9f:c5:e8:f1:ad:dc:d1:c5:23 + ee:cf:56:11:46:0a:0c:4e:84:4e:6b:0d:15:d6:5e:7b + 68:4a:a8:fd:8b:8b:d6:d2:af:eb:cf:8e:03:1f:8b:65 + 1f:c5:7f:fe:8b:dc:7a:2c:6a:ac:21:4c:57:56:0a:ca + 94:e7:fb:47:c6:c5:83:fa:ee:9d:42:3e:e1:7d:66:64 + c2:70:74:17:35:3c:e8:63:91:d7:d1:6e:d7:ce:76:ed + 4b:b7:3b:56:e0:f7:36:b6:7c:ab:02:d9:a1:70:d1:d4 + 09:73:46:45:f0:cd:a4:52:ad:20:57:b8:39:30:3f:e3 + f7:8f:d4:40:32:22:71:cd:a8:ed:85:f1:48:0b:f0:40 + d4:32:0f:40:41:de:08:9d:50:8f:61:13:65:b2:ff:63 + f6:a0:55:32:36:62:5f:b8:68:04:2f:24:d6:56:8d:91 + de:13:21:d5:7a:cd:eb:77:f8:ce:45:a7:f5:bd:96:fc + 45:23:5c:8f:5f:0f:f1:58:ce:ca:f5:1d:e7:7a:9b:a7 + 2a:78:ae:1a:68:c1:b1:a7:3f:64:70:94:16:a2:5a:1f + 3e:4a:a5:7c:8c:a5:21:f5:19:35:ce:9c:82:85:3a:57 + 4a:e0:d6:0e:ce:30:8e:47:d6:7e:93:ad:e8:24:f6:7e + 73:b4:7d:70:a0:19:ec:31:11:85:2f:17:e8:c8:b2:91 + 0d:ac:84:36:3a:f2:2e:c7:49:97:7d:0f:2e:68:2e:51 + fa:dd:eb:db:8b:fb:56:25:21:bd:98:4f:d4:6a:66:2e + cc:e4:4a:47:83:cd:c2:2c:5a:29:06:ed:7a:20:d4:e7 + dc:0a:6b:31:f9:c9:03:46:22:a3:12:1a:43:60:4a:c8 + fd:41:6d:8d:3e:4c:8d:b2:4b:b3:08:fd:38:7f:be:d5 + ff:04:a9:ba:6e:4f:23:28:32:b8:b8:9d:81:ef:40:f9 + 5b:b1:79:be:6f:ed:70:52:f1:9a:77:5a:7e:fc:25:8a + e5: + +public exponent: + 01:00:01: + +private exponent: + 00:ae:08:f9:f3:41:c2:fa:b6:67:b9:b7:33:50:06:a6 + 08:5b:76:7b:18:07:53:59:30:2d:8b:b6:65:57:88:79 + 0a:33:c5:4f:f4:87:5c:f7:34:b9:06:38:2b:e8:1b:b6 + fa:33:06:04:9d:b4:2b:8a:e2:12:51:df:76:65:0a:18 + 69:9f:69:e5:d4:bb:09:37:90:95:10:68:74:f3:bd:1e + 53:72:96:d3:19:79:f5:2b:2a:54:c6:a6:6b:c5:c8:3b + 70:7e:fd:43:e3:aa:b9:43:b4:0c:ff:cf:d9:6d:12:92 + d4:7d:53:a9:25:21:ef:c5:88:4d:1a:8b:48:ca:45:20 + fe:91:56:dc:f5:8e:92:df:1c:57:9e:e1:1e:c2:3d:89 + 0e:8e:03:03:ea:20:f8:02:f2:60:1d:43:e0:0b:d3:44 + 24:8e:0c:ed:bf:43:f5:bd:49:6b:91:0b:72:a4:f2:3d + 2f:8e:cc:3d:54:7e:de:fe:1a:96:41:4e:5d:87:9f:84 + 5b:3c:92:8c:a7:73:e4:00:6a:13:02:44:d7:ad:89:31 + 50:ee:d2:ec:af:6e:47:e4:9b:59:3d:93:58:d5:71:1e + 64:f7:ac:68:85:ca:86:f7:6a:25:b0:ff:56:77:af:f4 + 50:43:49:0b:22:31:6b:79:6f:f2:74:df:7c:1b:e1:4d + 12:e7:ba:1e:65:38:ad:27:38:3b:50:6d:d0:e6:36:0e + b9:25:27:d8:31:e4:2e:be:01:b4:d8:fe:70:d2:12:ff + bb:7b:3f:f4:dc:51:83:17:33:8e:26:68:d1:89:3e:e5 + 67:00:72:e0:0f:92:83:ba:62:55:db:ae:84:7d:5e:cc + 7f:72:d0:dc:f3:88:9e:22:07:78:9a:e1:4e:e3:34:30 + 14:56:fb:80:93:f2:be:c3:cd:70:1b:fe:b0:da:41:3c + 28:9f:a8:0e:1c:79:1b:52:9a:a8:a8:cf:0e:16:f9:c0 + db:99:e9:df:4a:c3:66:7c:4f:a1:27:eb:f0:06:5e:4d + 41: + +prime1: + 00:f7:41:ab:a5:a1:23:37:e6:be:fe:85:e9:96:30:1b + c4:33:50:c8:85:5e:44:46:51:1d:3d:28:8a:21:58:2d + 3b:82:11:dc:bc:0d:76:c5:20:45:a2:34:c9:cb:85:3b + de:76:06:bc:c1:9f:4d:39:c3:63:ad:5d:0d:fe:bc:ab + 3f:2c:76:67:29:d9:a5:3d:38:af:a3:09:ff:09:ec:e9 + 15:85:04:e6:70:87:2e:ee:a0:78:26:73:a0:74:60:18 + ad:f7:8c:1a:f3:4c:07:53:b9:b8:9d:a6:d1:3f:8b:a3 + 13:87:16:a0:40:11:36:9b:f4:1e:b1:ba:b9:00:34:15 + d2:29:0d:e8:90:f7:c5:dc:c1:93:d3:e5:6e:6c:13:24 + 0f:11:cb:0d:37:ea:f9:f9:89:8e:91:71:4f:1d:5b:17 + f8:aa:94:8d:43:bf:ac:dd:d6:ec:3c:bc:70:d1:51:13 + 76:77:ef:9a:91:6d:4d:59:32:e6:97:93:d8:bb:14:60 + fd: + +prime2: + 00:c0:89:79:a8:73:86:20:c7:e9:0d:35:56:a4:d0:a8 + 37:21:76:25:e9:2f:9f:c0:e6:45:f6:27:54:56:4a:dd + 0e:c5:43:e4:ec:c5:20:97:16:5b:fc:ef:86:57:b1:e6 + ce:8b:e9:58:d4:a4:c3:a0:6d:f6:57:6d:8a:09:eb:d1 + de:63:42:81:76:9f:4c:40:f7:48:d3:99:1b:23:7d:eb + 8e:52:7b:e8:94:94:f3:d5:49:49:6e:da:38:c2:f6:b6 + 0e:27:7a:f9:4d:2b:6c:aa:a0:de:c7:b1:78:06:ee:7c + 5f:7e:33:6d:05:44:9b:9a:ca:90:12:61:a4:96:46:9b + 66:d1:8b:4c:e9:f1:21:2f:6c:26:aa:4f:56:3d:d7:03 + 8c:bf:33:24:a5:01:f5:87:a3:b2:d9:2b:82:2b:42:c4 + 5a:5d:40:84:d2:d8:7d:29:6f:69:21:a2:0b:ca:7c:46 + 34:b7:8f:29:11:2f:62:3e:87:a0:62:50:34:21:89:4a + 09: + +coefficient: + 0b:7d:31:bf:b5:89:0a:c8:2c:28:4c:41:98:ee:6f:55 + e5:69:d3:b2:1c:66:c4:da:1d:79:2d:8b:03:28:30:a3 + c9:6f:7e:94:a2:72:76:ce:1a:32:27:c6:f9:78:ae:d7 + d0:d8:af:a1:76:54:ff:2b:97:a4:5d:b5:ea:f6:a5:b3 + 08:a1:9c:46:7c:7d:80:38:32:a9:e4:09:7d:b0:e4:1f + e2:e8:e0:ef:84:f4:07:8e:4c:bc:02:72:ad:43:e6:c7 + 5a:e7:77:d1:81:27:8e:a6:bb:23:dd:14:69:cb:08:02 + 68:97:b8:ff:7f:c0:4f:43:86:d1:d8:8e:7e:9a:ae:1d + c5:ee:ae:19:03:d9:cb:f1:31:b5:7b:72:6c:cb:f8:d1 + c1:07:9a:e5:09:8f:2a:7a:92:4b:e9:1e:a0:7d:aa:ae + bd:87:60:be:77:b7:ab:de:c9:54:13:e9:6a:3c:82:cb + 94:e2:4c:bc:35:36:12:d6:0f:e1:77:58:ff:08:4e:38 + + +exp1: + 00:cb:b2:2f:5d:91:45:b9:5d:00:86:20:fe:51:fb:aa + 34:55:ee:3c:74:1b:37:f6:12:07:1b:86:55:5d:a9:0e + 02:93:62:71:cd:fe:ed:94:f2:c4:4b:20:60:0a:a9:e5 + ab:9c:e2:6a:08:bd:5b:5a:b6:0c:5d:1b:67:57:30:49 + 88:0e:f2:30:85:3a:c7:b5:8b:08:af:31:a2:09:a4:42 + 55:b7:33:55:40:e9:2d:91:eb:63:70:92:1b:63:24:73 + d0:86:3a:c7:4d:1e:9a:7e:b0:67:56:81:c2:ab:2e:37 + 97:f3:d7:81:07:a6:e6:ad:4e:4d:27:30:64:0e:b5:da + 30:3c:20:38:33:8d:dc:54:c4:a9:2b:8d:3d:0e:0e:2a + cb:bb:65:e3:aa:e8:8b:2d:b7:d4:5b:1f:d5:04:a3:32 + 39:6b:16:5c:d6:ae:87:14:6f:66:49:97:18:fe:68:63 + b7:5a:91:6b:6e:59:74:ba:82:83:93:e6:7a:4b:8d:3b + 65: + +exp2: + 17:76:29:1e:ff:c4:ce:65:cd:de:50:2b:98:b5:dc:69 + ab:68:2c:42:78:0d:2d:82:61:f0:16:e6:ce:05:1d:5e + d9:66:e6:94:7b:88:f7:20:40:61:58:06:b4:d4:f6:dd + 20:6b:74:e9:a4:92:3a:10:6c:3e:47:18:d5:10:a9:68 + 42:0c:2e:9e:77:d6:e0:eb:c1:32:17:ac:18:ed:15:31 + 28:97:f4:c5:76:49:28:2a:60:0a:64:09:1a:a8:d9:92 + 6b:f9:2e:3b:db:18:c8:ca:05:9b:ab:e2:86:65:b5:3e + 25:b0:ba:8e:33:c8:0a:5a:b8:a7:a4:c2:5b:95:8b:06 + 42:6e:89:16:d0:cd:4c:6c:0f:62:1d:7c:d2:d8:4a:94 + 72:10:17:5d:0c:1a:11:47:3f:59:fb:55:47:54:41:7d + 09:73:fd:3b:7c:29:f4:4c:a1:30:fa:00:19:d2:7e:f3 + 99:92:96:5c:83:bb:a3:06:ff:e2:3b:07:bf:36:6d:91 + + + +Public Key PIN: + pin-sha256:PbmtyJHWZjCUw6fCLCaAjguYDFU4CDEaD02/yWpD5bI= +Public Key ID: + sha256:3db9adc891d6663094c3a7c22c26808e0b980c553808311a0f4dbfc96a43e5b2 + sha1:376bdb931c697e924c6bdf7385f8849659814f6b + +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEAufYIYdFLn8Xo8a3c0cUj7s9WEUYKDE6ETmsNFdZee2hKqP2L +i9bSr+vPjgMfi2UfxX/+i9x6LGqsIUxXVgrKlOf7R8bFg/runUI+4X1mZMJwdBc1 +POhjkdfRbtfOdu1LtztW4Pc2tnyrAtmhcNHUCXNGRfDNpFKtIFe4OTA/4/eP1EAy +InHNqO2F8UgL8EDUMg9AQd4InVCPYRNlsv9j9qBVMjZiX7hoBC8k1laNkd4TIdV6 +zet3+M5Fp/W9lvxFI1yPXw/xWM7K9R3nepunKniuGmjBsac/ZHCUFqJaHz5KpXyM +pSH1GTXOnIKFOldK4NYOzjCOR9Z+k63oJPZ+c7R9cKAZ7DERhS8X6MiykQ2shDY6 +8i7HSZd9Dy5oLlH63evbi/tWJSG9mE/UamYuzORKR4PNwixaKQbteiDU59wKazH5 +yQNGIqMSGkNgSsj9QW2NPkyNskuzCP04f77V/wSpum5PIygyuLidge9A+Vuxeb5v +7XBS8Zp3Wn78JYrlAgMBAAECggGBAK4I+fNBwvq2Z7m3M1AGpghbdnsYB1NZMC2L +tmVXiHkKM8VP9Idc9zS5Bjgr6Bu2+jMGBJ20K4riElHfdmUKGGmfaeXUuwk3kJUQ +aHTzvR5TcpbTGXn1KypUxqZrxcg7cH79Q+OquUO0DP/P2W0SktR9U6klIe/FiE0a +i0jKRSD+kVbc9Y6S3xxXnuEewj2JDo4DA+og+ALyYB1D4AvTRCSODO2/Q/W9SWuR +C3Kk8j0vjsw9VH7e/hqWQU5dh5+EWzySjKdz5ABqEwJE162JMVDu0uyvbkfkm1k9 +k1jVcR5k96xohcqG92olsP9Wd6/0UENJCyIxa3lv8nTffBvhTRLnuh5lOK0nODtQ +bdDmNg65JSfYMeQuvgG02P5w0hL/u3s/9NxRgxczjiZo0Yk+5WcAcuAPkoO6YlXb +roR9Xsx/ctDc84ieIgd4muFO4zQwFFb7gJPyvsPNcBv+sNpBPCifqA4ceRtSmqio +zw4W+cDbmenfSsNmfE+hJ+vwBl5NQQKBwQD3QauloSM35r7+hemWMBvEM1DIhV5E +RlEdPSiKIVgtO4IR3LwNdsUgRaI0ycuFO952BrzBn005w2OtXQ3+vKs/LHZnKdml +PTivown/CezpFYUE5nCHLu6geCZzoHRgGK33jBrzTAdTubidptE/i6MThxagQBE2 +m/Qesbq5ADQV0ikN6JD3xdzBk9PlbmwTJA8Ryw036vn5iY6RcU8dWxf4qpSNQ7+s +3dbsPLxw0VETdnfvmpFtTVky5peT2LsUYP0CgcEAwIl5qHOGIMfpDTVWpNCoNyF2 +Jekvn8DmRfYnVFZK3Q7FQ+TsxSCXFlv874ZXsebOi+lY1KTDoG32V22KCevR3mNC +gXafTED3SNOZGyN9645Se+iUlPPVSUlu2jjC9rYOJ3r5TStsqqDex7F4Bu58X34z +bQVEm5rKkBJhpJZGm2bRi0zp8SEvbCaqT1Y91wOMvzMkpQH1h6Oy2SuCK0LEWl1A +hNLYfSlvaSGiC8p8RjS3jykRL2I+h6BiUDQhiUoJAoHBAMuyL12RRbldAIYg/lH7 +qjRV7jx0Gzf2EgcbhlVdqQ4Ck2Jxzf7tlPLESyBgCqnlq5ziagi9W1q2DF0bZ1cw +SYgO8jCFOse1iwivMaIJpEJVtzNVQOktketjcJIbYyRz0IY6x00emn6wZ1aBwqsu +N5fz14EHpuatTk0nMGQOtdowPCA4M43cVMSpK409Dg4qy7tl46roiy231Fsf1QSj +MjlrFlzWrocUb2ZJlxj+aGO3WpFrbll0uoKDk+Z6S407ZQKBwBd2KR7/xM5lzd5Q +K5i13GmraCxCeA0tgmHwFubOBR1e2WbmlHuI9yBAYVgGtNT23SBrdOmkkjoQbD5H +GNUQqWhCDC6ed9bg68EyF6wY7RUxKJf0xXZJKCpgCmQJGqjZkmv5LjvbGMjKBZur +4oZltT4lsLqOM8gKWrinpMJblYsGQm6JFtDNTGwPYh180thKlHIQF10MGhFHP1n7 +VUdUQX0Jc/07fCn0TKEw+gAZ0n7zmZKWXIO7owb/4jsHvzZtkQKBwAt9Mb+1iQrI +LChMQZjub1XladOyHGbE2h15LYsDKDCjyW9+lKJyds4aMifG+Xiu19DYr6F2VP8r +l6Rdter2pbMIoZxGfH2AODKp5Al9sOQf4ujg74T0B45MvAJyrUPmx1rnd9GBJ46m +uyPdFGnLCAJol7j/f8BPQ4bR2I5+mq4dxe6uGQPZy/ExtXtybMv40cEHmuUJjyp6 +kkvpHqB9qq69h2C+d7er3slUE+lqPILLlOJMvDU2EtYP4XdY/whOOA== +-----END RSA PRIVATE KEY----- diff --git a/roles/mail_forwarder/tests/data/x509/mail-server_smtp.cert.pem b/roles/mail_forwarder/tests/data/x509/mail-server_smtp.cert.pem new file mode 100644 index 0000000000000000000000000000000000000000..9c0355fc550963fd9d7a7d3ab284eb08aceb1b1a --- /dev/null +++ b/roles/mail_forwarder/tests/data/x509/mail-server_smtp.cert.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEJDCCAoygAwIBAgIMWV5C8Bmj13Xo5sFOMA0GCSqGSIb3DQEBCwUAMEgxIjAg +BgNVBAMTGUV4YW1wbGUgSW5jLiBUZXN0IFNpdGUgQ0ExFTATBgNVBAoTDEV4YW1w +bGUgSW5jLjELMAkGA1UEBhMCU0UwHhcNMTcwNzA2MTQwMjI0WhcNMjcwNzA0MTQw +MjI0WjBGMSAwHgYDVQQDExdFeGFtcGUgSW5jLiBTTVRQIFNlcnZlcjEVMBMGA1UE +ChMMRXhhbXBsZSBJbmMuMQswCQYDVQQGEwJTRTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAOTjAOml2dj8fs/eDJy4m/OA2bBT3NOGiF8Fs7prgQejOc3L +hAFtV5QNQEo0P0YrpeMjXOL469PDAWwHTaJUBPsn8u+RUHwQtG3jEk5mumFR1RHw +EQszh+bhKLpfqYsINfrPMKZcf4Z8nswwCvUZ145mWQrx6kmztErwjXtG6ZKFJBN9 +xyss4QQt5wa3RUXmfmmmZZNQrNoicoqphcnS+GxkRSZ7tKzV0aclGRYg+On8pLDV +byTnSuf5TdMpLj374AARRpAAH4wBpt7gx8wrX/lb1tAc6mRcdg0YrbzroxjjVIac +w4f7n95XrTFKiMJW0v2fOQ9yizXmaYdpNqI0JOcCAwEAAaOBjzCBjDAMBgNVHRMB +Af8EAjAAMBYGA1UdEQQPMA2CC21haWwtc2VydmVyMBMGA1UdJQQMMAoGCCsGAQUF +BwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFHejCRnFUD9Lsy0s2EpKPg85 +gdU+MB8GA1UdIwQYMBaAFDdr25McaX6STGvfc4X4hJZZgU9rMA0GCSqGSIb3DQEB +CwUAA4IBgQAScGmwNW6/4ngX33PwdfDLDj/PoFqJK6h+YikaoHNEziDg39opICbU +6PvFBLxW6lFmzEoMLNH6MPbku4bnLXYirhoeSeVlK47syqlvb3GVZSPrjrcGDrHa +gJ65WaFqyAFsQYKp9xOKpM8TjJGeChViYWmyqaxgeg95g9rU2V99CqjZNDVNiowa +oQtYA5E0qa2uZN/WXmixKyGV5aKVqMSxWJ2OE7xV8qj19ttm5upSmMIdt80jZw7Q +5jwf39oCjkojpgex3mlWZaxMZFvLshCQ5smwZdI8h0xuHfUPbJDSTBf6syEk6026 +q/wxsq0pSmGgkk3FHRXEpOnkWfSp/1XteQYEIP+5XXvS/UfLUG+x92EwJckufd2J +GeDnw7j/AaSeedG5edH85wk2ydDfnnD+KKe0XukqSxjKd3nupl+IbZ5EN2z9spnO +wR8yviS+HMsquzZcDg2jVtglD5qmk2HaI3B2AeUraf4AjtskoOWXB+QdyOYyRlPk +0EfhOdgBc3o= +-----END CERTIFICATE----- diff --git a/roles/mail_forwarder/tests/data/x509/mail-server_smtp.key.pem b/roles/mail_forwarder/tests/data/x509/mail-server_smtp.key.pem new file mode 100644 index 0000000000000000000000000000000000000000..1bd1d16b18201f1a3575592fd2d1a49332ef17e7 --- /dev/null +++ b/roles/mail_forwarder/tests/data/x509/mail-server_smtp.key.pem @@ -0,0 +1,134 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: Medium (2048 bits) + +modulus: + 00:e4:e3:00:e9:a5:d9:d8:fc:7e:cf:de:0c:9c:b8:9b + f3:80:d9:b0:53:dc:d3:86:88:5f:05:b3:ba:6b:81:07 + a3:39:cd:cb:84:01:6d:57:94:0d:40:4a:34:3f:46:2b + a5:e3:23:5c:e2:f8:eb:d3:c3:01:6c:07:4d:a2:54:04 + fb:27:f2:ef:91:50:7c:10:b4:6d:e3:12:4e:66:ba:61 + 51:d5:11:f0:11:0b:33:87:e6:e1:28:ba:5f:a9:8b:08 + 35:fa:cf:30:a6:5c:7f:86:7c:9e:cc:30:0a:f5:19:d7 + 8e:66:59:0a:f1:ea:49:b3:b4:4a:f0:8d:7b:46:e9:92 + 85:24:13:7d:c7:2b:2c:e1:04:2d:e7:06:b7:45:45:e6 + 7e:69:a6:65:93:50:ac:da:22:72:8a:a9:85:c9:d2:f8 + 6c:64:45:26:7b:b4:ac:d5:d1:a7:25:19:16:20:f8:e9 + fc:a4:b0:d5:6f:24:e7:4a:e7:f9:4d:d3:29:2e:3d:fb + e0:00:11:46:90:00:1f:8c:01:a6:de:e0:c7:cc:2b:5f + f9:5b:d6:d0:1c:ea:64:5c:76:0d:18:ad:bc:eb:a3:18 + e3:54:86:9c:c3:87:fb:9f:de:57:ad:31:4a:88:c2:56 + d2:fd:9f:39:0f:72:8b:35:e6:69:87:69:36:a2:34:24 + e7: + +public exponent: + 01:00:01: + +private exponent: + 00:89:c9:f2:79:b5:c3:20:72:58:71:10:ae:ad:06:21 + b4:04:64:88:56:e4:00:5e:e3:e7:b8:4a:0b:36:be:95 + 77:78:cb:df:f1:96:de:59:33:a2:8a:8a:61:4b:9a:15 + 9a:a6:d3:5a:0e:b5:65:5a:b4:f1:3d:34:64:53:0d:9b + 76:0b:05:9f:9c:ee:43:d1:d6:9c:b4:6f:07:cd:a5:f4 + 02:4c:6f:a1:02:d1:a8:72:ee:d5:ab:2c:0f:7c:c4:5a + ec:0c:12:00:aa:95:d2:9b:86:98:1e:39:e9:ce:c5:80 + d3:93:df:94:cc:2f:8b:b0:e8:1f:99:12:c3:1c:dc:6d + bc:1f:9a:13:48:1b:5b:e5:a1:c9:05:bb:b7:26:b0:ea + a0:09:89:a2:78:73:35:12:97:ea:3b:4d:57:19:74:1e + 95:14:23:e6:c6:bb:2a:1c:38:4d:0c:b2:f9:09:8c:1e + 26:1c:e6:6f:76:86:70:25:48:ad:33:67:b0:1a:70:4e + de:9d:a9:9a:c3:a6:37:30:e2:05:7f:ce:ff:ff:c7:06 + d9:a3:92:33:4c:73:f6:8f:25:d6:6d:ae:ee:fa:f0:48 + ed:29:fd:6d:72:fe:93:0a:71:9f:ad:e0:79:65:90:6c + 17:42:34:0f:6d:a0:e3:ef:97:f0:d2:42:ac:1c:25:ac + e9: + +prime1: + 00:f1:cd:63:7e:aa:6c:4d:24:13:7d:67:a7:ec:92:a7 + ca:a2:20:ac:9d:99:3d:e9:ad:04:d7:f8:d8:c5:98:c6 + b3:87:48:7a:80:e4:ba:32:a7:de:e3:b4:0a:7f:67:76 + 10:f5:0b:53:c0:c6:ae:fc:d7:ae:ec:87:51:5c:50:85 + 35:0b:fc:f4:99:10:e7:39:76:de:26:f4:8d:ee:2c:6a + d7:d8:04:ba:f6:65:fa:d1:9c:31:98:20:23:28:02:3b + ae:78:c5:fe:b7:c1:34:40:29:e6:90:38:ab:bf:7f:39 + 33:8d:78:d2:d4:6d:b5:93:ab:57:54:6b:e9:38:a3:be + 6b: + +prime2: + 00:f2:53:7a:09:49:19:2e:6d:16:0c:7d:80:3f:70:68 + af:46:70:07:d6:19:59:f8:10:46:da:e3:ff:c6:70:af + b6:6b:35:0a:3b:21:06:8a:d3:ea:43:4d:60:51:96:48 + 4b:9f:29:5c:9c:7a:b0:2a:a7:e0:8f:af:58:2f:92:00 + ba:a3:c5:fc:44:28:31:2f:26:b4:b2:00:75:8b:a5:b1 + c7:b0:4b:a3:0c:5f:57:91:60:47:e1:4d:e5:7d:0f:ca + 34:5d:a5:82:d6:04:65:45:43:f3:ce:55:4d:b5:8e:9b + 9d:da:59:59:ec:66:3a:0b:31:7c:0a:c6:8c:4d:65:da + 75: + +coefficient: + 6a:3c:50:01:d1:4c:07:b8:f5:b9:59:ac:78:cd:32:24 + 49:da:fa:70:10:54:e9:63:68:da:38:22:f6:87:d8:d8 + 76:58:e3:7b:95:cd:90:40:df:f0:20:64:c8:f6:24:8d + e3:15:5c:b1:04:6d:74:65:ea:82:b6:fb:e1:f4:90:eb + cb:fe:16:7d:d3:c2:c0:5e:60:27:97:0c:c2:6a:d6:d6 + e4:e5:16:d4:41:82:bf:e2:06:58:cf:a8:b6:54:3a:03 + 94:cc:3c:2c:3f:09:3b:8f:ee:7f:49:58:77:a4:77:a4 + eb:c1:5c:22:0d:78:b2:71:9f:13:d3:3d:78:24:5f:55 + + +exp1: + 7e:82:d8:88:a0:40:13:c8:49:4e:36:9a:9c:63:4a:d8 + f1:24:a9:4b:b7:ae:b6:01:29:64:9a:35:48:85:1b:89 + 38:c1:ca:1e:80:0d:8f:8d:57:47:c9:9e:28:74:88:48 + 6c:fd:25:2f:da:84:19:93:fb:58:93:a0:14:ed:a8:14 + 4e:16:66:1f:63:c1:a6:c6:33:8b:2c:2e:ca:2b:81:27 + 37:45:9a:50:6a:a0:e5:64:94:6a:24:7e:60:63:72:b8 + 61:46:2e:74:13:e8:f3:9d:38:9d:c2:98:d1:93:8d:e9 + 14:1e:e0:27:f6:d2:a6:d5:61:d6:b0:b3:10:48:53:cb + + +exp2: + 3e:ef:99:49:62:17:cd:2b:fd:c6:fe:ad:59:4c:9b:93 + b2:2a:94:8e:71:85:21:5d:30:d9:d6:cf:6e:3d:84:15 + 4f:a0:b5:e8:87:7a:48:82:23:5c:99:73:03:9d:91:67 + 3a:8e:26:84:69:84:e9:7f:32:5e:7e:fe:db:54:03:26 + 76:34:8c:81:33:23:1b:08:e5:73:39:95:4d:d0:99:ec + b0:07:e4:ef:e8:af:38:8d:95:fd:99:1a:9a:31:88:a5 + b3:10:b2:7b:5d:26:e4:27:72:e1:ca:db:e4:e4:85:dc + 28:82:7e:4d:5c:7b:84:be:b4:65:a4:0d:7a:68:92:a5 + + + +Public Key PIN: + pin-sha256:iFXNIJ+xL2hiTmuRUthpdTyLokQR36lHJTAMhcOqack= +Public Key ID: + sha256:8855cd209fb12f68624e6b9152d869753c8ba24411dfa94725300c85c3aa69c9 + sha1:77a30919c5503f4bb32d2cd84a4a3e0f3981d53e + +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA5OMA6aXZ2Px+z94MnLib84DZsFPc04aIXwWzumuBB6M5zcuE +AW1XlA1ASjQ/Riul4yNc4vjr08MBbAdNolQE+yfy75FQfBC0beMSTma6YVHVEfAR +CzOH5uEoul+piwg1+s8wplx/hnyezDAK9RnXjmZZCvHqSbO0SvCNe0bpkoUkE33H +KyzhBC3nBrdFReZ+aaZlk1Cs2iJyiqmFydL4bGRFJnu0rNXRpyUZFiD46fyksNVv +JOdK5/lN0ykuPfvgABFGkAAfjAGm3uDHzCtf+VvW0BzqZFx2DRitvOujGONUhpzD +h/uf3letMUqIwlbS/Z85D3KLNeZph2k2ojQk5wIDAQABAoIBAQCJyfJ5tcMgclhx +EK6tBiG0BGSIVuQAXuPnuEoLNr6Vd3jL3/GW3lkzooqKYUuaFZqm01oOtWVatPE9 +NGRTDZt2CwWfnO5D0dactG8HzaX0AkxvoQLRqHLu1assD3zEWuwMEgCqldKbhpge +OenOxYDTk9+UzC+LsOgfmRLDHNxtvB+aE0gbW+WhyQW7tyaw6qAJiaJ4czUSl+o7 +TVcZdB6VFCPmxrsqHDhNDLL5CYweJhzmb3aGcCVIrTNnsBpwTt6dqZrDpjcw4gV/ +zv//xwbZo5IzTHP2jyXWba7u+vBI7Sn9bXL+kwpxn63geWWQbBdCNA9toOPvl/DS +QqwcJazpAoGBAPHNY36qbE0kE31np+ySp8qiIKydmT3prQTX+NjFmMazh0h6gOS6 +Mqfe47QKf2d2EPULU8DGrvzXruyHUVxQhTUL/PSZEOc5dt4m9I3uLGrX2AS69mX6 +0ZwxmCAjKAI7rnjF/rfBNEAp5pA4q79/OTONeNLUbbWTq1dUa+k4o75rAoGBAPJT +eglJGS5tFgx9gD9waK9GcAfWGVn4EEba4//GcK+2azUKOyEGitPqQ01gUZZIS58p +XJx6sCqn4I+vWC+SALqjxfxEKDEvJrSyAHWLpbHHsEujDF9XkWBH4U3lfQ/KNF2l +gtYEZUVD885VTbWOm53aWVnsZjoLMXwKxoxNZdp1AoGAfoLYiKBAE8hJTjaanGNK +2PEkqUu3rrYBKWSaNUiFG4k4wcoegA2PjVdHyZ4odIhIbP0lL9qEGZP7WJOgFO2o +FE4WZh9jwabGM4ssLsorgSc3RZpQaqDlZJRqJH5gY3K4YUYudBPo8504ncKY0ZON +6RQe4Cf20qbVYdawsxBIU8sCgYA+75lJYhfNK/3G/q1ZTJuTsiqUjnGFIV0w2dbP +bj2EFU+gteiHekiCI1yZcwOdkWc6jiaEaYTpfzJefv7bVAMmdjSMgTMjGwjlczmV +TdCZ7LAH5O/orziNlf2ZGpoxiKWzELJ7XSbkJ3Lhytvk5IXcKIJ+TVx7hL60ZaQN +emiSpQKBgGo8UAHRTAe49blZrHjNMiRJ2vpwEFTpY2jaOCL2h9jYdljje5XNkEDf +8CBkyPYkjeMVXLEEbXRl6oK2++H0kOvL/hZ908LAXmAnlwzCatbW5OUW1EGCv+IG +WM+otlQ6A5TMPCw/CTuP7n9JWHekd6TrwVwiDXiycZ8T0z14JF9V +-----END RSA PRIVATE KEY----- diff --git a/roles/mail_forwarder/tests/data/x509/truststore.pem b/roles/mail_forwarder/tests/data/x509/truststore.pem new file mode 100644 index 0000000000000000000000000000000000000000..a41785fdd72787232ac39d645f36d2a0b7b04c11 --- /dev/null +++ b/roles/mail_forwarder/tests/data/x509/truststore.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEWTCCAsGgAwIBAgIMWVEJAy6O6Abooz68MA0GCSqGSIb3DQEBCwUAMEgxIjAg +BgNVBAMTGUV4YW1wbGUgSW5jLiBUZXN0IFNpdGUgQ0ExFTATBgNVBAoTDEV4YW1w +bGUgSW5jLjELMAkGA1UEBhMCU0UwHhcNMTcwNjI2MTMxNTQ3WhcNMzcwNjIxMTMx +NTQ3WjBIMSIwIAYDVQQDExlFeGFtcGxlIEluYy4gVGVzdCBTaXRlIENBMRUwEwYD +VQQKEwxFeGFtcGxlIEluYy4xCzAJBgNVBAYTAlNFMIIBojANBgkqhkiG9w0BAQEF +AAOCAY8AMIIBigKCAYEAufYIYdFLn8Xo8a3c0cUj7s9WEUYKDE6ETmsNFdZee2hK +qP2Li9bSr+vPjgMfi2UfxX/+i9x6LGqsIUxXVgrKlOf7R8bFg/runUI+4X1mZMJw +dBc1POhjkdfRbtfOdu1LtztW4Pc2tnyrAtmhcNHUCXNGRfDNpFKtIFe4OTA/4/eP +1EAyInHNqO2F8UgL8EDUMg9AQd4InVCPYRNlsv9j9qBVMjZiX7hoBC8k1laNkd4T +IdV6zet3+M5Fp/W9lvxFI1yPXw/xWM7K9R3nepunKniuGmjBsac/ZHCUFqJaHz5K +pXyMpSH1GTXOnIKFOldK4NYOzjCOR9Z+k63oJPZ+c7R9cKAZ7DERhS8X6MiykQ2s +hDY68i7HSZd9Dy5oLlH63evbi/tWJSG9mE/UamYuzORKR4PNwixaKQbteiDU59wK +azH5yQNGIqMSGkNgSsj9QW2NPkyNskuzCP04f77V/wSpum5PIygyuLidge9A+Vux +eb5v7XBS8Zp3Wn78JYrlAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P +AQH/BAUDAwcGADAdBgNVHQ4EFgQUN2vbkxxpfpJMa99zhfiEllmBT2swDQYJKoZI +hvcNAQELBQADggGBADNZ9eJA3Jm5TJQoDct+FZOc16XZDlteGBxVJj+aQUlBFlJK +itvW/reR4SwZF/QRtCIzY7HN0rx0FVvfGR4sIcN2MALG+4Beee5nZR3KsNHhx895 +5ml7vqfNhnn/3/Gd7quqb2FskALfHAciuL+y0n/KcnnJ/3wZKR6xc5ON1VrwHSyI +ENxRC8/oeO9SBc9V5gG5CyELftUiGBE73IIGjV/wXiwBvgwPB+j8vrv5nQrKPsLk +b9ngSts/JSdiQH3cIbBpNoWz8Q8OIoQTt99GUKAScJX4UO7W5EHNmcCtCtOpgRg+ +Y49auOe/6A1n4rsLANZlDelhwCASQtZ04DdFl5QQpTuIOmd4l4KuNpqQ5Px+sxFu +oPenBiQkXuQn9rQaFTTSc9jVBoumRp61P0mvoGusRzjYYvdL8zYoH/246eliWgyy +60+/lgmDXpwf0a2d3fDTxuBmP1HlJYLUsS6ij+GKGgAOTCGmzygmyPOroDae+XOI +G2o8G6ziU8d8RICIng== +-----END CERTIFICATE----- diff --git a/roles/mail_forwarder/tests/test_default.py b/roles/mail_forwarder/tests/test_default.py new file mode 100644 index 0000000000000000000000000000000000000000..ef04a32b8c6dc6cc2738e21edb2cf11d1c0c55c9 --- /dev/null +++ b/roles/mail_forwarder/tests/test_default.py @@ -0,0 +1,12 @@ +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + '.molecule/ansible_inventory').get_hosts('all') + + +def test_hosts_file(File): + f = File('/etc/hosts') + + assert f.exists + assert f.user == 'root' + assert f.group == 'root' diff --git a/roles/mail_server/templates/main.cf.j2 b/roles/mail_server/templates/main.cf.j2 index fe0dc478be41f85cdb772d105ed29ed556ace633..ad273cd8dd2de92d92cce6ce81a19bf093391f71 100644 --- a/roles/mail_server/templates/main.cf.j2 +++ b/roles/mail_server/templates/main.cf.j2 @@ -71,3 +71,7 @@ non_smtpd_milters = unix:/var/run/clamav/clamav-milter.ctl # Deliver undeliverable bounces to domain's postmaster. Helps with application # misconfigurations. notify_classes = resource, software, 2bounce + +# Fall-back to using native lookups (/etc/hosts etc) if DNS lookup fails. Useful +# for local overrides of mail servers. +smtp_host_lookup = dns, native