Fixing templates
This commit is contained in:
Mauro Torrez
@@ -1,5 +1,27 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
#postconf -M smtpd/pass
|
||||
#postconf -Fh smtp/inet/private smtp/inet/unprivileged smtp/inet/chroot smtp/inet/wakeup smtp/inet/process_limit smtp/inet/command
|
||||
#postconf -M smtp/inet
|
||||
#postconf -M tlsproxy/unix
|
||||
#postconf -M dnsblog/unix
|
||||
#postconf -h postscreen_access_list
|
||||
#postconf -h postscreen_dnsbl_sites
|
||||
#postconf -h postscreen_dnsbl_reply_map
|
||||
#postconf -h postscreen_dnsbl_action
|
||||
#postconf -h postscreen_blacklist_action
|
||||
#postconf -h postscreen_dnsbl_whitelist_threshold
|
||||
#postconf -h postscreen_greet_action
|
||||
#postconf -h postscreen_greet_wait
|
||||
|
||||
# NOT SUPPORTED:
|
||||
#postconf -h postscreen_bare_newline_enable
|
||||
#postconf -h postscreen_non_smtp_command_enable
|
||||
#postconf -h postscreen_pipelining_enable
|
||||
#postconf -h postscreen_bare_newline_action
|
||||
#postconf -h postscreen_dnsbl_threshold
|
||||
#postconf -h postscreen_non_smtp_command_action
|
||||
#postconf -h postscreen_pipelining_action
|
||||
|
||||
{{ if eq (getenv "POSTSCREEN_ENABLE") "yes" -}}
|
||||
postconf -M smtpd/pass="smtpd pass - - n - - smtpd"
|
||||
@@ -41,30 +63,15 @@ touch /etc/postfix/rules/postscreen_access_list.cidr
|
||||
touch /etc/postfix/rules/postscreen_dnsbl_mask.pcre
|
||||
|
||||
# main.cf options
|
||||
{{- if getenv "POSTSCREEN_ACCESS_LIST" }}
|
||||
postconf -e postscreen_access_list='{{ getenv "POSTSCREEN_ACCESS_LIST" }}'
|
||||
{{- end }}
|
||||
{{- if getenv "POSTSCREEN_BLACKLIST_ACTION" }}
|
||||
postconf -e postscreen_blacklist_action='{{ getenv "POSTSCREEN_BLACKLIST_ACTION" }}'
|
||||
{{- end }}
|
||||
{{- if getenv "POSTSCREEN_DNSBL_ACTION" }}
|
||||
postconf -e postscreen_dnsbl_action='{{ getenv "POSTSCREEN_DNSBL_ACTION" }}'
|
||||
{{- end }}
|
||||
{{- if getenv "POSTSCREEN_DNSBL_REPLY_MAP" }}
|
||||
postconf -e postscreen_dnsbl_reply_map='{{ getenv "POSTSCREEN_DNSBL_REPLY_MAP" }}'
|
||||
{{- end }}
|
||||
{{- if getenv "POSTSCREEN_DNSBL_SITES" }}
|
||||
postconf -e postscreen_dnsbl_sites='{{ getenv "POSTSCREEN_DNSBL_SITES" }}'
|
||||
{{- end }}
|
||||
{{- if getenv "POSTSCREEN_DNSBL_THRESHOLD" }}
|
||||
postconf -e postscreen_dnsbl_threshold='{{ getenv "POSTSCREEN_DNSBL_THRESHOLD" }}'
|
||||
{{- end }}
|
||||
{{- if getenv "POSTSCREEN_DNSBL_WHITELIST_THRESHOLD" }}
|
||||
postconf -e postscreen_dnsbl_whitelist_threshold='{{ getenv "POSTSCREEN_DNSBL_WHITELIST_THRESHOLD" }}'
|
||||
{{- end }}
|
||||
{{- if getenv "POSTSCREEN_GREET_ACTION" }}
|
||||
postconf -e postscreen_greet_action='{{ getenv "POSTSCREEN_GREET_ACTION" }}'
|
||||
{{- end }}
|
||||
# FIXME: allow un-setting options by blanking variable values
|
||||
{{ with getenv "POSTSCREEN_ACCESS_LIST" }}postconf -e postscreen_access_list='{{.}}'{{ end }}
|
||||
{{ with getenv "POSTSCREEN_BLACKLIST_ACTION" }}postconf -e postscreen_blacklist_action='{{.}}'{{ end }}
|
||||
{{ with getenv "POSTSCREEN_DNSBL_ACTION" }}postconf -e postscreen_dnsbl_action='{{.}}'{{ end }}
|
||||
{{ with getenv "POSTSCREEN_DNSBL_REPLY_MAP" }}postconf -e postscreen_dnsbl_reply_map='{{.}}'{{ end }}
|
||||
{{ with getenv "POSTSCREEN_DNSBL_SITES" }}postconf -e postscreen_dnsbl_sites='{{.}}'{{ end }}
|
||||
{{ with getenv "POSTSCREEN_DNSBL_THRESHOLD" }}postconf -e postscreen_dnsbl_threshold='{{.}}'{{ end }}
|
||||
{{ with getenv "POSTSCREEN_DNSBL_WHITELIST_THRESHOLD" }}postconf -e postscreen_dnsbl_whitelist_threshold='{{.}}'{{ end }}
|
||||
{{ with getenv "POSTSCREEN_GREET_ACTION" }}postconf -e postscreen_greet_action='{{.}}'{{ end }}
|
||||
|
||||
{{ else -}}
|
||||
|
||||
@@ -86,3 +93,25 @@ postconf -X -P smtp/inet/content_filter
|
||||
postconf -M# dnsblog/unix
|
||||
|
||||
{{ end -}}
|
||||
|
||||
# TODO: access list:
|
||||
# # Ansible-generated postscreen CIDR access table. You can change this
|
||||
# # file by setting the host variable `postfix_postscreen_access_list`
|
||||
# {% for entry in postfix_postscreen_access_list -%}
|
||||
# { { entry.address } } { { entry.action } }
|
||||
# {% endfor %}
|
||||
|
||||
# TODO: reply map:
|
||||
# # postscreen reply map, matching entries will be replaced
|
||||
# # with the resulting text when telling the source of DNS
|
||||
# # blacklisting to the remote client.
|
||||
# # used to mask passwords contained in dnsbl names
|
||||
# # edit this file by setting the "mask" option for items
|
||||
# # in the host variable postfix_postscreen_dnsbl_sites
|
||||
# {% for entry in postfix_postscreen_dnsbl_sites -%}
|
||||
# {% if entry is mapping -%}{% if entry.mask is defined -%}
|
||||
# {% if entry.mask is string and entry.mask != "" -%}
|
||||
# /^{ { entry.site } }$/ { { entry.mask } }
|
||||
# {% else %}
|
||||
# /^{ { entry.site } }$/ dnsbl blacklist
|
||||
# {% endif %}{% endif %}{% endif %}{% endfor %}
|
||||
|
||||
Reference in New Issue
Block a user