majic-ansible-roles Files · roles/mail_forwarder/templates/ferm

Files @ 770551dc8c6f

Branch filter:

Location: majic-ansible-roles/roles/mail_forwarder/templates/ferm_mail.conf.j2

770551dc8c6f 717 B text/plain Show Annotation Show as Raw Download as Raw

branko

MAR-148: Improve the SSH connectivity tests in backup_server role to be more reliable:

- Introduce a session-level fixture for setting permissions for client
SSH private keys (fixes errors related to SSH requesting tighter
permissions).
- Add assertions for the tests that verify the backup clients cannot
connect to the regular SSH server in case the SSH private keys do
not have correct permissions (just in case).

{% if smtp_relay_host and smtp_from_relay_allowed %}
domain ip {
    # Accept incoming connections on port 25 from SMTP relay host.
    table filter {
        chain INPUT {
            # SMTP for server communication.
            proto tcp dport 25 {
                saddr {{ smtp_relay_host }} ACCEPT;
            }
        }
    }
}

{% if lookup('dig', smtp_relay_host + '/AAAA') not in ['NXDOMAIN', ''] %}
domain ip6 {
    # Accept incoming connections on port 25 from SMTP relay host.
    table filter {
        chain INPUT {
            # SMTP for server communication.
            proto tcp dport 25 {
                saddr {{ smtp_relay_host }} ACCEPT;
            }
        }
    }
}
{% endif %}
{% endif %}