majic-ansible-roles Files · roles/mail_forwarder/templates/ferm

Files @ 814be5def61d

Branch filter:

Location: majic-ansible-roles/roles/mail_forwarder/templates/ferm_mail.conf.j2

814be5def61d 717 B text/plain Show Annotation Show as Raw Download as Raw

branko

MAR-189: Added support for Debian 11 Bullseye to xmpp_server role:

- Roll-out LDAP client configuration since Bullseye does not come with
a stock one at /etc/ldap/ldap.conf that sets the trust anchor
correctly for validating LDAP server certificates.
- Drop the backports pinning in case of Bullseye (for now let's try to
keep the Buster and Bullseye at same versions for simplicity).
- Drop installation of Python apt bindings (no longer used).
- Tests for Buster and Bullseye need to be split-up a bit due to some
differences around backports etc.

{% if smtp_relay_host and smtp_from_relay_allowed %}
domain ip {
    # Accept incoming connections on port 25 from SMTP relay host.
    table filter {
        chain INPUT {
            # SMTP for server communication.
            proto tcp dport 25 {
                saddr {{ smtp_relay_host }} ACCEPT;
            }
        }
    }
}

{% if lookup('dig', smtp_relay_host + '/AAAA') not in ['NXDOMAIN', ''] %}
domain ip6 {
    # Accept incoming connections on port 25 from SMTP relay host.
    table filter {
        chain INPUT {
            # SMTP for server communication.
            proto tcp dport 25 {
                saddr {{ smtp_relay_host }} ACCEPT;
            }
        }
    }
}
{% endif %}
{% endif %}