diff options
author | Matthieu Saulnier <fantom@fedoraproject.org> | 2017-06-18 03:07:47 +0200 |
---|---|---|
committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2017-06-18 03:07:47 +0200 |
commit | a76a6425d5f053343b942f40e6825324f442429c (patch) | |
tree | 287737e5cbffd8f6bc465a4dd918c8754eb6b758 | |
parent | 7d355cfc405a58940b1a67d782f0cda359246ac9 (diff) | |
download | playbooks-ansible-a76a6425d5f053343b942f40e6825324f442429c.tar.gz playbooks-ansible-a76a6425d5f053343b942f40e6825324f442429c.tar.xz playbooks-ansible-a76a6425d5f053343b942f40e6825324f442429c.zip |
add credentials for slave MTA servers
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | roles/mtaserver/handlers/main.yml | 3 | ||||
-rw-r--r-- | roles/mtaserver/tasks/config.yml | 7 | ||||
-rw-r--r-- | roles/mtaserver/templates/main.cf.j2 | 4 |
4 files changed, 15 insertions, 1 deletions
@@ -1,4 +1,4 @@ roles/dnsserver/templates/keys.j2 roles/torrelay/templates/keys.j2 roles/mtaserver/files/virtual -roles/mtaserver/files/virtual +roles/mtaserver/files/credentials diff --git a/roles/mtaserver/handlers/main.yml b/roles/mtaserver/handlers/main.yml index 57c5b50..87a6070 100644 --- a/roles/mtaserver/handlers/main.yml +++ b/roles/mtaserver/handlers/main.yml @@ -16,3 +16,6 @@ command: /usr/sbin/postmap /etc/postfix/virtual notify: reload postfix +- name: credentialmap + command: /usr/sbin/postmap /etc/postfix/credentials + notify: reload postfix diff --git a/roles/mtaserver/tasks/config.yml b/roles/mtaserver/tasks/config.yml index 7ef7f3f..97240a6 100644 --- a/roles/mtaserver/tasks/config.yml +++ b/roles/mtaserver/tasks/config.yml @@ -32,6 +32,13 @@ when: is_mtamaster is defined notify: virtualmap +- name: Installation de la table credentials + copy: src=credentials dest=/etc/postfix/credentials + owner=root + group=root + mode=400 + notify: credentialmap + - name: Configuration de l'alias root lineinfile: path: /etc/aliases diff --git a/roles/mtaserver/templates/main.cf.j2 b/roles/mtaserver/templates/main.cf.j2 index 89098b9..d42c022 100644 --- a/roles/mtaserver/templates/main.cf.j2 +++ b/roles/mtaserver/templates/main.cf.j2 @@ -351,6 +351,10 @@ mynetworks = hash:/etc/postfix/network_table relayhost = [smtp.free.fr] {% else %} relayhost = [mail.casperlefantom.net]:587 +smtp_sasl_auth_enable = yes +smtp_sasl_password_maps = hash:/etc/postfix/credentials +smtp_sasl_security_options = noanonymous +smtpd_tls_auth_only = yes {% endif %} smtp_tls_security_level = may smtp_tls_ciphers = high |