ansible
/
xoxys.postfix_relay
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fix: fix paths and missing options for rh9
ci/woodpecker/push/notify Pipeline was successful Details
ci/woodpecker/push/lint Pipeline was successful Details
ci/woodpecker/push/test Pipeline was successful Details
ci/woodpecker/push/docs Pipeline was successful Details

This commit is contained in:
Robert Kaussow 2024-02-19 13:37:20 +01:00
parent 2fc35eb6a5
commit 6300c5bc31
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
3 changed files with 48 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
templates/etc/postfix/main.cf.j2
View File

@ -678,15 +678,59 @@ html_directory = no
# manpage_directory: The location of the Postfix on-line manual pages.
#
manpage_directory = /usr/share/man
{% if __postfix_doc_directory is defined %}
# sample_directory: The location of the Postfix sample configuration files.
# This parameter is obsolete as of Postfix 2.1.
#
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sample_directory = {{ __postfix_doc_directory }}/samples
# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
readme_directory = {{ __postfix_doc_directory }}/README_FILES
{% endif %}
{% if ansible_os_family | lower == "redhat" and ansible_distribution_major_version is version('7', '>') %}
# TLS CONFIGURATION
#
# Basic Postfix TLS configuration by default with self-signed certificate
# for inbound SMTP and also opportunistic TLS for outbound SMTP.
# The full pathname of a file with the Postfix SMTP server RSA certificate
# in PEM format. Intermediate certificates should be included in general,
# the server certificate first, then the issuing CA(s) (bottom-up order).
#
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
# The full pathname of a file with the Postfix SMTP server RSA private key
# in PEM format. The private key must be accessible without a pass-phrase,
# i.e. it must not be encrypted.
#
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
# Announce STARTTLS support to remote SMTP clients, but do not require that
# clients use TLS encryption (opportunistic TLS inbound).
#
smtpd_tls_security_level = may
# Directory with PEM format Certification Authority certificates that the
# Postfix SMTP client uses to verify a remote SMTP server certificate.
#
smtp_tls_CApath = /etc/pki/tls/certs
# The full pathname of a file containing CA certificates of root CAs
# trusted to sign either remote SMTP server certificates or intermediate CA
# certificates.
#
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
# Use TLS if this is supported by the remote SMTP server, otherwise use
# plaintext (opportunistic TLS outbound).
#
smtp_tls_security_level = may
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix
{% endif %}
# SASL AUTH
# Enable SASL authentication

1
vars/redhat-9.yml
View File

@ -6,3 +6,4 @@ __postfix_relay_packages:
__postfix_relay_daemon_directory: /usr/libexec/postfix
__postfix_relay_smtp_tls_cafile: /etc/ssl/certs/ca-bundle.crt
__postfix_doc_directory: /usr/share/doc/postfix

1
vars/redhat.yml
View File

@ -6,3 +6,4 @@ __postfix_relay_packages:
__postfix_relay_daemon_directory: /usr/libexec/postfix
__postfix_relay_smtp_tls_cafile: /etc/ssl/certs/ca-bundle.crt
__postfix_doc_directory: /usr/share/doc/postfix-2.10.1