majic-ansible-roles Changeset

Changeset - 9727c5e3ac7c

Parent rev.

Child rev.

[Not reviewed]

0 5 0

Branko Majic (branko) - 5 years ago 2021-01-13 23:54:35
branko@majic.rs

MAR-151: Added support for Debian 10 Buster to mail_forwarder role:

- Updated role reference documentaiton.
- Updated role meta information.
- Updated tests.
- Set the smtpd_relay_restrictions configuration option for Postfix
SMTP server in mail_forwarder role (required for version found in
Debian 10 Buster).

5 files changed with 45 insertions and 1 deletions:

docs/rolereference.rst

roles/mail_forwarder/meta/main.yml

roles/mail_forwarder/molecule/default/molecule.yml

roles/mail_forwarder/molecule/default/prepare.yml

roles/mail_forwarder/templates/main.cf.j2

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -1357,24 +1357,25 @@ Parameters @@
 **smtp_relay_truststore** (string, mandatory)
   X.509 certificate chain used for issuing certificate for the SMTP relay
   service. The file will be stored in location
   ``/etc/ssl/certs/smtp_relay_truststore.pem``
 Distribution compatibility
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Role is compatible with the following distributions:
 - Debian 9 (Stretch)
 - Debian 10 (Buster)
 Examples
 ~~~~~~~~
 Here is an example configuration for setting-up the mail forwarder:
 .. code-block:: yaml
   ---
   # All mails sent to local user root will be forwarded to external account as

roles/mail_forwarder/meta/main.yml

➞

Show inline comments

@@ @@ -2,14 +2,14 @@ @@
 dependencies:
   - common
 galaxy_info:
   author: Branko Majic
   description: Sets-up local SMTP server for sending out mails and receiving mails for local users
   license: BSD
   min_ansible_version: 2.9
   platforms:
     - name: Debian
       versions:
         - 8
         - 9
         - 10

roles/mail_forwarder/molecule/default/molecule.yml

➞

Show inline comments

@@ @@ -67,24 +67,60 @@ platforms: @@
   - name: parameters-no-incoming-stretch64
     groups:
       - parameters-no-incoming
     box: debian/contrib-stretch64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.32
         network_name: private_network
         type: static
   - name: parameters-mandatory-buster64
     groups:
       - parameters-mandatory
     box: debian/contrib-buster64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.20
         network_name: private_network
         type: static
   - name: parameters-optional-buster64
     groups:
       - parameters-optional
     box: debian/contrib-buster64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.21
         network_name: private_network
         type: static
   - name: parameters-no-incoming-buster64
     groups:
       - parameters-no-incoming
     box: debian/contrib-buster64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.22
         network_name: private_network
         type: static
 provisioner:
   name: ansible
   playbooks:
     cleanup: cleanup.yml
   config_options:
     defaults:
       force_valid_group_names: "ignore"
       interpreter_python: "/usr/bin/python3"
     ssh_connection:
       pipelining: "True"
   lint:
     name: ansible-lint

roles/mail_forwarder/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -60,24 +60,27 @@ @@
         regexp: "^{{ item.key }}"
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
         state: present
       with_dict:
 .31.127.10: "mail-server domain1"
 .31.127.11: "client1"
 .31.127.30: "parameters-mandatory-stretch64"
 .31.127.31: "parameters-optional-stretch64"
 .31.127.32: "parameters-no-incoming-stretch64"
 .31.127.20: "parameters-mandatory-buster64"
 .31.127.21: "parameters-optional-buster64"
 .31.127.22: "parameters-no-incoming-buster64"
     - name: Install tools for testing
       apt:
         name: gnutls-bin
         state: present
 - hosts: clients
   become: true
   tasks:
     - name: Install SWAKS for testing SMTP capability
       apt:

roles/mail_forwarder/templates/main.cf.j2

➞

Show inline comments

@@ @@ -43,12 +43,16 @@ mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 @@
 mailbox_command = procmail -a "$EXTENSION"
 mailbox_size_limit = 0
 recipient_delimiter = +
 inet_interfaces = all
 inet_protocols = all
 # Fall-back to using native lookups (/etc/hosts etc) if DNS lookup fails. Useful
 # for local overrides of mail servers.
 smtp_host_lookup = dns, native
 # Explicitly set maximum allowed mail size that should be accepted.
 message_size_limit = {{ mail_message_size_limit }}
 # Allow relaying only from trusted networks. Do not relay mails for
 # domains for which the mail server is not responsible.
 smtpd_relay_restrictions = permit_mynetworks reject_unauth_destination

0 comments (0 inline, 0 general)