kosmos/chef
8
3
Fork 0
Code Issues 34 Pull Requests 2 Projects 2 Activity

Vendor the external cookbooks

Browse Source 
Knife-Zero doesn't include Berkshelf support, so vendoring everything in
the repo is convenient again
This commit is contained in:
Greg Karékinian
2019-10-13 19:17:42 +02:00
parent f4bfe31ac1
commit a32f34b408
1245 changed files with 100630 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

219
cookbooks/postfix/CHANGELOG.md Normal file
View File

@@ -0,0 +1,219 @@
# postfix Cookbook CHANGELOG
This file is used to list changes made in each version of the postfix cookbook.
## 5.0.2 (2017-05-17)
- Fix use_relay_restrictions_maps attribute misspelling in attributes file
## 5.0.1 (2017-03-03)
- Fix documentation error on inet-interfaces
- Test with Local Delivery instead of Rake
- Fix master.cf attributes types on README
## 5.0.0 (2017-01-17)
- Manage any hash: tables for postfix with hash_maps recipe
- Fully customizable master.cf file
- Support for any kind of postfix lookup tables
- Remove old minitest files
- Update chef requirement in the readme
- Update tests for new config comment blocks
- fixing /etc/aliases syntax for full-mailaddresses
## 4.0.0 (2016-09-07)
- Update supported platforms in metadata
- Remove node name from config file
- Testing updates
- Use node.normal vs. node.set to avoid deprecation warnings
- Require Chef 12+
## v3.8.0 (2016-04-01)
- Updated attributes to use node.default_unless instead of node.default to be more wrapper friendly
- Added integration and unit testing in Travis CI
- Added rubocop config and resolved rubocop warnings
- Added Gemfile with all necessary test deps
- Added standard gitignore and chefignore files
- Added updated contributing and testing docs
- Removed the Kitchen Digital Ocean files and dependencies
- Added additional platforms to the Test Kitchen config
- Added a Rakefile for simplified testing
- Fixed a typo in the use_relay_restrictions_maps attribute that prevented the default from being set
- Added fedora and oracle as supported platforms in the metadata
- Removed the attributes from the metadata.
- Added long_description to the metadata
- Added Chef 11 compatibility checks to issues_url and source_url in metadata.rb
- Added maintainers.md and maintainers.toml files
## v3.7.0 (2015-04-30)
- Adding support for relay restrictions
- Update chefspec and serverspec tests
## v3.6.2 (2014-10-31)
- Fix FreeBSDisms
## v3.6.1 (2014-10-28)
- Fix documentation around node['postfix']['main']['relayhost'] attribute
- Fix logic around include_recipe 'postfix::virtual_aliases_domains'
## v3.6.0 (2014-08-25)
- restart postfix after updating virtual alias templates #86
- fixing typo for alias_db location in omnios
- moving conditional attributes to a recipe so they can be modified
- via other cookbook attributes
## v3.5.0 (2014-08-25)
Adding virtual_domains functionality
## v3.4.1 (2014-08-20)
Removing unused parameters from main.cf
## v3.4.0 (2014-07-25)
Refactoring to fix some logic issues
## v3.3.1 (2014-06-11)
Reverting #37 - [COOK-3418] Virtual Domain Support PR - duplicate of #55
## v3.3.0 (2014-06-11)
- 37 - [COOK-3418] - Virtual Domain Support
- 44 - Fix minor formatting issue in attributes
- 55 - Add support for virtual aliases
- 57 - Fixing attributes bug in README
- 64 - add smtp_generic maps configuration option
- 66 - [COOK-3652] Add support for transport mappings
- 67 - [COOK-4662] Added support for access control
- 68 - Properly handle binding to loopback on mixed IPV4/IPV6 systems
## v3.2.0 (2014-05-09)
- [COOK-4619] - no way to unset recipient_delimiter
## v3.1.8 (2014-03-27)
- [COOK-4410] - Fix sender_canonical configuration by adding template
- and postmap execution
## v3.1.6 (2014-03-19)
- [COOK-4423] - use platform_family, find cert.pem on rhel
## v3.1.4 (2014-02-27)
[COOK-4329] Migrate minitest PITs to latest test-kitchen + serverspec
## v3.1.2 (2014-02-19)
### Bug
- **[COOK-4357](https://tickets.chef.io/browse/COOK-4357)** - postfix::sasl_auth recipe fails to converge
## v3.1.0 (2014-02-19)
### Bug
- **[COOK-4322](https://tickets.chef.io/browse/COOK-4322)** - Postfix cookbook has incorrect default path for sasl_passwd
### New Feature
- **[COOK-4086](https://tickets.chef.io/browse/COOK-4086)** - use conf_dir attribute for sasl recipe, and add omnios support
- **[COOK-2551](https://tickets.chef.io/browse/COOK-2551)** - Support creating the sender_canonical map file
## v3.0.4
### Bug
- **[COOK-3824](https://tickets.chef.io/browse/COOK-3824)** - main.cf.erb mishandles lists
### Improvement
- **[COOK-3822](https://tickets.chef.io/browse/COOK-3822)** - postfix cookbook readme has an incorrect example
- Got rubocop errors down to 32
### New Feature
- **[COOK-2551](https://tickets.chef.io/browse/COOK-2551)** - Support creating the sender_canonical map file
## v3.0.2
### Bug
- **[COOK-3617](https://tickets.chef.io/browse/COOK-3617)** - Fix error when no there is no FQDN
- **[COOK-3530](https://tickets.chef.io/browse/COOK-3530)** - Update `client.rb` after 3.0.0 refactor
- **[COOK-2499](https://tickets.chef.io/browse/COOK-2499)** - Do not use resource cloning
### Improvement
- **[COOK-3116](https://tickets.chef.io/browse/COOK-3116)** - Add SmartOS support
## v3.0.0
### Improvement
- **[COOK-3328](https://tickets.chef.io/browse/COOK-3328)** - Postfix main/master and attributes refactor
**Breaking changes**:
- Attributes are namespaced as `node['postfix']`, `node['postfix']['main']`, and `node['postfix']['master']`.
## v2.1.6
### Bug
- [COOK-2501]: Reference to `['postfix']['domain']` should be `['postfix']['mydomain']`
- [COOK-2715]: master.cf uses old name for `smtp_fallback_relay` (`fallback_relay`) parameter in master.cf
## v2.1.4
- [COOK-2281] - postfix aliases uses require_recipe statement
## v2.1.2
- [COOK-2010] - postfix sasl_auth does not include the sasl plain package
## v2.1.0
- [COOK-1233] - optional configuration for canonical maps
- [COOK-1660] - allow comma separated arrays in aliases
- [COOK-1662] - allow inet_interfaces configuration via attribute
## v2.0.0
This version uses platform_family attribute, making the cookbook incompatible with older versions of Chef/Ohai, hence the major version bump.
- [COOK-1535] - `smtpd_cache` should be in `data_directory`, not `queue_directory`
- [COOK-1790] - /etc/aliases template is only in ubuntu directory
- [COOK-1792] - add minitest-chef tests to postfix cookbook
## v1.2.2
- [COOK-1442] - Missing ['postfix']['domain'] Attribute causes initial installation failure
- [COOK-1520] - Add support for procmail delivery
- [COOK-1528] - Make aliasses template less specific
- [COOK-1538] - Add iptables_rule template
- [COOK-1540] - Add smtpd_milters and non_smtpd_milters parameters to main.cf
## v1.2.0
- [COOK-880] - add client/server roles for search-based discovery of relayhost
## v1.0.0
- [COOK-668] - RHEL/CentOS/Scientific/Amazon platform support
- [COOK-733] - postfix::aliases recipe to manage /etc/aliases
- [COOK-821] - add README.md :)
## v0.8.4
- Current public release.

1
cookbooks/postfix/CONTRIBUTING.md Normal file
View File

@@ -0,0 +1 @@
Please refer to <https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD>

15
cookbooks/postfix/MAINTAINERS.md Normal file
View File

@@ -0,0 +1,15 @@
<!-- This is a generated file. Please do not edit directly -->
# Maintainers
This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead.
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead.
# Project Maintainer
* [Tim Smith](https://github.com/tas50)
# Maintainers
* [Jennifer Davis](https://github.com/sigje)
* [Tim Smith](https://github.com/tas50)
* [Thom May](https://github.com/thommay)

446
cookbooks/postfix/README.md Normal file
View File

@@ -0,0 +1,446 @@
# postfix Cookbook
[![Build Status](https://travis-ci.org/chef-cookbooks/postfix.svg?branch=master)](https://travis-ci.org/chef-cookbooks/postfix) [![Cookbook Version](https://img.shields.io/cookbook/v/postfix.svg)](https://supermarket.chef.io/cookbooks/postfix)
Installs and configures postfix for client or outbound relayhost, or to do SASL authentication.
On RHEL-family systems, sendmail will be replaced with postfix.
## Requirements
### Platforms
- Ubuntu 12.04+
- Debian 7.0+
- RHEL/CentOS/Scientific 5.7+, 6.2+
- Amazon Linux (as of AMIs created after 4/9/2012)
May work on other platforms with or without modification.
### Chef
- Chef 12.1+
### Cookbooks
- none
## Attributes
See `attributes/default.rb` for default values.
### Generic cookbook attributes
- `node['postfix']['mail_type']` - Sets the kind of mail configuration. `master` will set up a server (relayhost).
- `node['postfix']['relayhost_role']` - name of a role used for search in the client recipe.
- `node['postfix']['multi_environment_relay']` - set to true if nodes should not constrain search for the relayhost in their own environment.
- `node['postfix']['use_procmail']` - set to true if nodes should use procmail as the delivery agent.
- `node['postfix']['use_alias_maps']` - set to true if you want the cookbook to use/configure alias maps
- `node['postfix']['use_transport_maps']` - set to true if you want the cookbook to use/configure transport maps
- `node['postfix']['use_access_maps']` - set to true if you want the cookbook to use/configure access maps
- `node['postfix']['use_virtual_aliases']` - set to true if you want the cookbook to use/configure virtual alias maps
- `node['postfix']['use_relay_restrictions_maps']` - set to true if you want the cookbook to use/configure a list of domains to which postfix will allow relay
- `node['postfix']['aliases']` - hash of aliases to create with `recipe[postfix::aliases]`, see below under **Recipes** for more information.
- `node['postfix']['transports']` - hash of transports to create with `recipe[postfix::transports]`, see below under **Recipes** for more information.
- `node['postfix']['access']` - hash of access to create with `recipe[postfix::access]`, see below under **Recipes** for more information.
- `node['postfix']['virtual_aliases']` - hash of virtual_aliases to create with `recipe[postfix::virtual_aliases]`, see below under __Recipes__ for more information.
- `node['postfix']['main_template_source']` - Cookbook source for main.cf template. Default 'postfix'
- `node['postfix']['master_template_source']` - Cookbook source for master.cf template. Default 'postfix'
### main.cf and sasl_passwd template attributes
The main.cf template has been simplified to include any attributes in the `node['postfix']['main']` data structure. The following attributes are still included with this cookbook to maintain some semblance of backwards compatibility.
This change in namespace to `node['postfix']['main']` should allow for greater flexibility, given the large number of configuration variables for the postfix daemon. All of these cookbook attributes correspond to the option of the same name in `/etc/postfix/main.cf`.
- `node['postfix']['main']['biff']` - (yes/no); default no
- `node['postfix']['main']['append_dot_mydomain']` - (yes/no); default no
- `node['postfix']['main']['myhostname']` - defaults to fqdn from Ohai
- `node['postfix']['main']['mydomain']` - defaults to domain from Ohai
- `node['postfix']['main']['myorigin']` - defaults to $myhostname
- `node['postfix']['main']['mynetworks']` - default is nil, which forces Postfix to default to loopback addresses.
- `node['postfix']['main']['inet_interfaces']` - set to `loopback-only`, or `all` for server recipe
- `node['postfix']['main']['alias_maps']` - set to `hash:/etc/aliases`
- `node['postfix']['main']['mailbox_size_limit']` - set to `0` (disabled)
- `node['postfix']['main']['mydestination']` - default fqdn, hostname, localhost.localdomain, localhost
- `node['postfix']['main']['smtpd_use_tls']` - (yes/no); default yes. See conditional cert/key attributes.
- `node['postfix']['main']['smtpd_tls_cert_file']` - conditional attribute, set to full path of server's x509 certificate.
- `node['postfix']['main']['smtpd_tls_key_file']` - conditional attribute, set to full path of server's private key
- `node['postfix']['main']['smtpd_tls_CAfile']` - set to platform specific CA bundle
- `node['postfix']['main']['smtpd_tls_session_cache_database']` - set to `btree:${data_directory}/smtpd_scache`
- `node['postfix']['main']['smtp_use_tls']` - (yes/no); default yes. See following conditional attributes.
- `node['postfix']['main']['smtp_tls_CAfile']` - set to platform specific CA bundle
- `node['postfix']['main']['smtp_tls_session_cache_database']` - set to `btree:${data_directory}/smtpd_scache`
- `node['postfix']['main']['smtp_sasl_auth_enable']` - (yes/no); default no. If enabled, see following conditional attributes.
- `node['postfix']['main']['smtp_sasl_password_maps']` - Set to `hash:/etc/postfix/sasl_passwd` template file
- `node['postfix']['main']['smtp_sasl_security_options']` - Set to noanonymous
- `node['postfix']['main']['relayhost']` - Set to empty string
- `node['postfix']['sasl']['smtp_sasl_user_name']` - SASL user to authenticate as. Default empty
- `node['postfix']['sasl']['smtp_sasl_passwd']` - SASL password to use. Default empty.
- `node['postfix']['sender_canonical_map_entries']` - (hash with key value pairs); default not configured. Setup generic canonical maps. See `man 5 canonical`. If has at least one value, then will be enabled in config.
- `node['postfix']['smtp_generic_map_entries']` - (hash with key value pairs); default not configured. Setup generic postfix maps. See `man 5 generic`. If has at least one value, then will be enabled in config.
Example of json role config, for setup *_map_entries:
`postfix : {`
`...`
`"smtp_generic_map_entries" : { "root@youinternaldomain.local" : "admin@example.com", "admin@youinternaldomain.local" : "admin@example.com" }`
`}`
### master.cf template attributes
The master.cf template has been changed to allow full customization of the file content. For purpose of backwards compatibility default attributes generate the same master.cf. But via `node['postfix']['master']` data structure in your role for instance it can be completelly rewritten.
Examples of json role config, for customize master.cf:
`postfix : {`
`...`
turn some services off or on:
```json
"master" : {
"smtps": {
"active": true
},
"old-cyrus": {
"active": false
},
"cyrus": {
"active": false
},
"uucp": {
"active": false
},
"ifmail": {
"active": false
},
```
`...` define you own service:
```json
"spamfilter": {
"comment": "My own spamfilter",
"active": true,
"order": 590,
"type": "unix",
"unpriv": false,
"chroot": false,
"command": "pipe",
"args": ["flags=Rq user=spamd argv=/usr/bin/spamfilter.sh -oi -f ${sender} ${recipient}"]
}
```
`...`
`}` `}`
The possible service hash fields and their meanings: hash key - have to be unique, unless you wish to override default definition.
Field | Mandatory | Description
------- | --------- | --------------------------------------------------------------------
active | Yes | Boolean. Defines whether or not the service needs to be in master.cf
comment | No | String. If you would like to add a comment line before service line
order | Yes | Integer. Number to define the order of lines in the file
type | Yes | String. Type of the service (inet, unix, fifo)
private | No | Boolean. If present replaced by `y` or `n`, otherwise by `-`
unpriv | No | Boolean. If present replaced by `y` or `n`, otherwise by `-`
chroot | No | Boolean. If present replaced by `y` or `n`, otherwise by `-`
wakeup | No | String. If present value placed in file, otherwise replaced by `-`
maxproc | No | String. If present value placed in file, otherwise replaced by `-`
command | Yes | String. The command to be executed.
args | Yes | Array of Strings. Arguments passed to command.
For more information about meaning of the fields consult `master (5)` manual: <http://www.postfix.org/master.5.html>
## Recipes
### default
Installs the postfix package and manages the service and the main configuration files (`/etc/postfix/main.cf` and `/etc/postfix/master.cf`). See **Usage** and **Examples** to see how to affect behavior of this recipe through configuration. Depending on the `node['postfix']['use_alias_maps']`, `node['postfix']['use_transport_maps']`, `node['postfix']['use_access_maps']` and `node['postfix']['use_virtual_aliases']` attributes the default recipe can call additional recipes to manage additional postfix configuration files
For a more dynamic approach to discovery for the relayhost, see the `client` and `server` recipes below.
### client
Use this recipe to have nodes automatically search for the mail relay based which node has the `node['postfix']['relayhost_role']` role. Sets the `node['postfix']['main']['relayhost']` attribute to the first result from the search.
Includes the default recipe to install, configure and start postfix.
Does not work with `chef-solo`.
### sasl_auth
Sets up the system to authenticate with a remote mail relay using SASL authentication.
### server
To use Chef Server search to automatically detect a node that is the relayhost, use this recipe in a role that will be relayhost. By default, the role should be "relayhost" but you can change the attribute `node['postfix']['relayhost_role']` to modify this.
**Note** This recipe will set the `node['postfix']['mail_type']` to "master" with an override attribute.
### maps
General recipe to manage any number of any type postfix lookup tables. You can replace with it recipes like `transport` or `virtual_aliases`, but what is more important - you can create any kinds of maps, which has no own recipe, including database lookup maps configuration. `maps` is a hash keys of which is a lookup table type and value is another hash with filenames as the keys and hash with file content as the value. File content is an any number of key/value pairs which meaning depends on lookup table type. Examlle:
```json
"override_attributes": {
"postfix": {
"maps": {
"hash": {
"/etc/postfix/vmailbox": {
"john@example.com": "ok",
"john@example.net": "ok",
},
"/etc/postfix/virtual": {
"postmaster@example.com": "john@example.com",
"postmaster@example.net": "john@example.net",
"root@mail.example.net": "john@example.net"
},
"/etc/postfix/envelope_senders": {
"@example.com": "john@example.com",
"@example.net": "john@example.net"
},
"/etc/postfix/relay_recipients": {
"john@example.net": "ok",
"john@example.com": "ok",
"admin@example.com": "ok",
}
},
"pgsql": {
"/etc/postfix/pgtest": {
"hosts": "db.local:2345",
"user": "postfix",
"password": "test",
"dbname": "postdb",
"query": "SELECT replacement FROM aliases WHERE mailbox = '%s'"
}
}
}
}
```
To use these files in your configuration reference them in `node['postfix']['main']`, for instance:
```json
"postfix": {
"main": {
"smtpd_sender_login_maps": "hash:/etc/postfix/envelope_senders",
"relay_recipient_maps": "hash:/etc/postfix/relay_recipients",
"virtual_mailbox_maps": "hash:/etc/postfix/vmailbox",
"virtual_alias_maps": "hash:/etc/postfix/virtual",
}
}
```
### aliases
Manage `/etc/aliases` with this recipe. Currently only Ubuntu 10.04 platform has a template for the aliases file. Add your aliases template to the `templates/default` or to the appropriate platform+version directory per the File Specificity rules for templates. Then specify a hash of aliases for the `node['postfix']['aliases']` attribute.
Arrays are supported as alias values, since postfix supports comma separated values per alias, simply specify your alias as an array to use this handy feature.
### aliases
Manage `/etc/aliases` with this recipe.
### transports
Manage `/etc/postfix/transport` with this recipe.
### access
Manage `/etc/postfix/access` with this recipe.
### virtual_aliases
Manage `/etc/postfix/virtual` with this recipe.
### relay_restrictions
Manage `/etc/postfix/relay_restriction` with this recipe The postfix option smtpd_relay_restrictions in main.cf will point to this hash map db.
<http://wiki.chef.io/display/chef/Templates#Templates-TemplateLocationSpecificity>
## Usage
On systems that should simply send mail directly to a relay, or out to the internet, use `recipe[postfix]` and modify the `node['postfix']['main']['relayhost']` attribute via a role.
On systems that should be the MX for a domain, set the attributes accordingly and make sure the `node['postfix']['mail_type']` attribute is `master`. See **Examples** for information on how to use `recipe[postfix::server]` to do this automatically.
If you need to use SASL authentication to send mail through your ISP (such as on a home network), use `postfix::sasl_auth` and set the appropriate attributes.
For each of these implementations, see **Examples** for role usage.
### Examples
The example roles below only have the relevant postfix usage. You may have other contents depending on what you're configuring on your systems.
The `base` role is applied to all nodes in the environment.
```ruby
name "base"
run_list("recipe[postfix]")
override_attributes(
"postfix" => {
"mail_type" => "client",
"main" => {
"mydomain" => "example.com",
"myorigin" => "example.com",
"relayhost" => "[smtp.example.com]",
"smtp_use_tls" => "no"
}
}
)
```
The `relayhost` role is applied to the nodes that are relayhosts. Often this is 2 systems using a CNAME of `smtp.example.com`.
```ruby
name "relayhost"
run_list("recipe[postfix::server]")
override_attributes(
"postfix" => {
"mail_type" => "master",
"main" => {
"mynetworks" => [ "10.3.3.0/24", "127.0.0.0/8" ],
"inet_interfaces" => "all",
"mydomain" => "example.com",
"myorigin" => "example.com"
}
)
```
The `sasl_relayhost` role is applied to the nodes that are relayhosts and require authenticating with SASL. For example this might be on a household network with an ISP that otherwise blocks direct internet access to SMTP.
```ruby
name "sasl_relayhost"
run_list("recipe[postfix], recipe[postfix::sasl_auth]")
override_attributes(
"postfix" => {
"mail_type" => "master",
"main" => {
"mynetworks" => "10.3.3.0/24",
"mydomain" => "example.com",
"myorigin" => "example.com",
"relayhost" => "[smtp.comcast.net]:587",
"smtp_sasl_auth_enable" => "yes"
},
"sasl" => {
"smtp_sasl_passwd" => "your_password",
"smtp_sasl_user_name" => "your_username"
}
}
)
```
For an example of using encrypted data bags to encrypt the SASL password, see the following blog post:
- <http://jtimberman.github.com/blog/2011/08/06/encrypted-data-bag-for-postfix-sasl-authentication/>
#### Examples using the client & server recipes
If you'd like to use the more dynamic search based approach for discovery, use the server and client recipes. First, create a relayhost role.
```ruby
name "relayhost"
run_list("recipe[postfix::server]")
override_attributes(
"postfix" => {
"main" => {
"mynetworks" => "10.3.3.0/24",
"mydomain" => "example.com",
"myorigin" => "example.com"
}
}
)
```
Then, add the `postfix::client` recipe to the run list of your `base` role or equivalent role for postfix clients.
```ruby
name "base"
run_list("recipe[postfix::client]")
override_attributes(
"postfix" => {
"mail_type" => "client",
"main" => {
"mydomain" => "example.com",
"myorigin" => "example.com"
}
}
)
```
If you wish to use a different role name for the relayhost, then also set the attribute in the `base` role. For example, `postfix_master` as the role name:
```ruby
name "postfix_master"
description "a role for postfix master that isn't relayhost"
run_list("recipe[postfix::server]")
override_attributes(
"postfix" => {
"main" => {
"mynetworks" => "10.3.3.0/24",
"mydomain" => "example.com",
"myorigin" => "example.com"
}
}
)
```
The base role would look something like this:
```ruby
name "base"
run_list("recipe[postfix::client]")
override_attributes(
"postfix" => {
"relayhost_role" => "postfix_master",
"mail_type" => "client",
"main" => {
"mydomain" => "example.com",
"myorigin" => "example.com"
}
}
)
```
To use relay restrictions override the relay restrictions attribute in this format:
```ruby
override_attributes(
"postfix" => {
"use_relay_restrictions_maps" => true,
"relay_restrictions" => {
"chef.io" => "OK",
".chef.io" => "OK",
"example.com" => "OK"
}
}
)
```
## License & Authors
**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))
**Copyright:** 2009-2016, Chef Software, Inc.
```
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```

400
cookbooks/postfix/attributes/default.rb Normal file
View File

@@ -0,0 +1,400 @@
# Author:: Joshua Timberman <joshua@chef.io>
# Copyright:: 2009-2017, Chef Software, Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Generic cookbook attributes
default['postfix']['mail_type'] = 'client'
default['postfix']['relayhost_role'] = 'relayhost'
default['postfix']['multi_environment_relay'] = false
default['postfix']['use_procmail'] = false
default['postfix']['use_alias_maps'] = (node['platform'] == 'freebsd')
default['postfix']['use_transport_maps'] = false
default['postfix']['use_access_maps'] = false
default['postfix']['use_virtual_aliases'] = false
default['postfix']['use_virtual_aliases_domains'] = false
default['postfix']['use_relay_restrictions_maps'] = false
default['postfix']['transports'] = {}
default['postfix']['access'] = {}
default['postfix']['virtual_aliases'] = {}
default['postfix']['virtual_aliases_domains'] = {}
default['postfix']['main_template_source'] = 'postfix'
default['postfix']['master_template_source'] = 'postfix'
default['postfix']['sender_canonical_map_entries'] = {}
default['postfix']['smtp_generic_map_entries'] = {}
default['postfix']['access_db_type'] = 'hash'
default['postfix']['aliases_db_type'] = 'hash'
default['postfix']['transport_db_type'] = 'hash'
default['postfix']['virtual_alias_db_type'] = 'hash'
default['postfix']['virtual_alias_domains_db_type'] = 'hash'
case node['platform']
when 'smartos'
default['postfix']['conf_dir'] = '/opt/local/etc/postfix'
default['postfix']['aliases_db'] = '/opt/local/etc/postfix/aliases'
default['postfix']['transport_db'] = '/opt/local/etc/postfix/transport'
default['postfix']['access_db'] = '/opt/local/etc/postfix/access'
default['postfix']['virtual_alias_db'] = '/opt/local/etc/postfix/virtual'
default['postfix']['virtual_alias_domains_db'] = '/opt/local/etc/postfix/virtual_domains'
default['postfix']['relay_restrictions_db'] = '/opt/local/etc/postfix/relay_restrictions'
when 'freebsd'
default['postfix']['conf_dir'] = '/usr/local/etc/postfix'
default['postfix']['aliases_db'] = '/etc/aliases'
default['postfix']['transport_db'] = '/usr/local/etc/postfix/transport'
default['postfix']['access_db'] = '/usr/local/etc/postfix/access'
default['postfix']['virtual_alias_db'] = '/usr/local/etc/postfix/virtual'
default['postfix']['virtual_alias_domains_db'] = '/usr/local/etc/postfix/virtual_domains'
default['postfix']['relay_restrictions_db'] = '/etc/postfix/relay_restrictions'
when 'omnios'
default['postfix']['conf_dir'] = '/opt/omni/etc/postfix'
default['postfix']['aliases_db'] = '/opt/omni/etc/postfix/aliases'
default['postfix']['transport_db'] = '/opt/omni/etc/postfix/transport'
default['postfix']['access_db'] = '/opt/omni/etc/postfix/access'
default['postfix']['virtual_alias_db'] = '/etc/omni/etc/postfix/virtual'
default['postfix']['virtual_alias_domains_db'] = '/etc/omni/etc/postfix/virtual_domains'
default['postfix']['relay_restrictions_db'] = '/opt/omni/etc/postfix/relay_restrictions'
default['postfix']['uid'] = 11
else
default['postfix']['conf_dir'] = '/etc/postfix'
default['postfix']['aliases_db'] = '/etc/aliases'
default['postfix']['transport_db'] = '/etc/postfix/transport'
default['postfix']['access_db'] = '/etc/postfix/access'
default['postfix']['virtual_alias_db'] = '/etc/postfix/virtual'
default['postfix']['virtual_alias_domains_db'] = '/etc/postfix/virtual_domains'
default['postfix']['relay_restrictions_db'] = '/etc/postfix/relay_restrictions'
end
# Non-default main.cf attributes
default['postfix']['main']['biff'] = 'no'
default['postfix']['main']['append_dot_mydomain'] = 'no'
default['postfix']['main']['myhostname'] = (node['fqdn'] || node['hostname']).to_s.chomp('.')
default['postfix']['main']['mydomain'] = (node['domain'] || node['hostname']).to_s.chomp('.')
default['postfix']['main']['myorigin'] = '$myhostname'
default['postfix']['main']['mydestination'] = [node['postfix']['main']['myhostname'], node['hostname'], 'localhost.localdomain', 'localhost'].compact
default['postfix']['main']['smtpd_use_tls'] = 'yes'
default['postfix']['main']['smtp_use_tls'] = 'yes'
default['postfix']['main']['smtp_sasl_auth_enable'] = 'no'
default['postfix']['main']['mailbox_size_limit'] = 0
default['postfix']['main']['mynetworks'] = nil
default['postfix']['main']['inet_interfaces'] = 'loopback-only'
# Conditional attributes, also reference _attributes recipe
case node['platform_family']
when 'debian'
default['postfix']['cafile'] = '/etc/ssl/certs/ca-certificates.crt'
when 'smartos'
default['postfix']['main']['smtpd_use_tls'] = 'no'
default['postfix']['main']['smtp_use_tls'] = 'no'
default['postfix']['cafile'] = '/opt/local/etc/postfix/cacert.pem'
when 'rhel'
default['postfix']['cafile'] = '/etc/pki/tls/cert.pem'
else
default['postfix']['cafile'] = "#{node['postfix']['conf_dir']}/cacert.pem"
end
# # Default main.cf attributes according to `postconf -d`
# default['postfix']['main']['relayhost'] = ''
# default['postfix']['main']['milter_default_action'] = 'tempfail'
# default['postfix']['main']['milter_protocol'] = '6'
# default['postfix']['main']['smtpd_milters'] = ''
# default['postfix']['main']['non_smtpd_milters'] = ''
# default['postfix']['main']['sender_canonical_classes'] = nil
# default['postfix']['main']['recipient_canonical_classes'] = nil
# default['postfix']['main']['canonical_classes'] = nil
# default['postfix']['main']['sender_canonical_maps'] = nil
# default['postfix']['main']['recipient_canonical_maps'] = nil
# default['postfix']['main']['canonical_maps'] = nil
# Master.cf attributes
default['postfix']['master']['smtp']['active'] = true
default['postfix']['master']['smtp']['order'] = 10
default['postfix']['master']['smtp']['type'] = 'inet'
default['postfix']['master']['smtp']['private'] = false
default['postfix']['master']['smtp']['chroot'] = false
default['postfix']['master']['smtp']['command'] = 'smtpd'
default['postfix']['master']['smtp']['args'] = []
default['postfix']['master']['submission']['active'] = false
default['postfix']['master']['submission']['order'] = 20
default['postfix']['master']['submission']['type'] = 'inet'
default['postfix']['master']['submission']['private'] = false
default['postfix']['master']['submission']['chroot'] = false
default['postfix']['master']['submission']['command'] = 'smtpd'
default['postfix']['master']['submission']['args'] = ['-o smtpd_enforce_tls=yes', ' -o smtpd_sasl_auth_enable=yes', '-o smtpd_client_restrictions=permit_sasl_authenticated,reject']
default['postfix']['master']['smtps']['active'] = false
default['postfix']['master']['smtps']['order'] = 30
default['postfix']['master']['smtps']['type'] = 'inet'
default['postfix']['master']['smtps']['private'] = false
default['postfix']['master']['smtps']['chroot'] = false
default['postfix']['master']['smtps']['command'] = 'smtpd'
default['postfix']['master']['smtps']['args'] = ['-o smtpd_tls_wrappermode=yes', '-o smtpd_sasl_auth_enable=yes', '-o smtpd_client_restrictions=permit_sasl_authenticated,reject']
default['postfix']['master']['628']['active'] = false
default['postfix']['master']['628']['order'] = 40
default['postfix']['master']['628']['type'] = 'inet'
default['postfix']['master']['628']['private'] = false
default['postfix']['master']['628']['chroot'] = false
default['postfix']['master']['628']['command'] = 'qmqpdd'
default['postfix']['master']['628']['args'] = []
default['postfix']['master']['pickup']['active'] = true
default['postfix']['master']['pickup']['order'] = 50
default['postfix']['master']['pickup']['type'] = 'fifo'
default['postfix']['master']['pickup']['private'] = false
default['postfix']['master']['pickup']['chroot'] = false
default['postfix']['master']['pickup']['wakeup'] = '60'
default['postfix']['master']['pickup']['maxproc'] = '1'
default['postfix']['master']['pickup']['command'] = 'pickup'
default['postfix']['master']['pickup']['args'] = []
default['postfix']['master']['cleanup']['active'] = true
default['postfix']['master']['cleanup']['order'] = 60
default['postfix']['master']['cleanup']['type'] = 'unix'
default['postfix']['master']['cleanup']['private'] = false
default['postfix']['master']['cleanup']['chroot'] = false
default['postfix']['master']['cleanup']['maxproc'] = '0'
default['postfix']['master']['cleanup']['command'] = 'cleanup'
default['postfix']['master']['cleanup']['args'] = []
default['postfix']['master']['qmgr']['active'] = true
default['postfix']['master']['qmgr']['order'] = 70
default['postfix']['master']['qmgr']['type'] = 'fifo'
default['postfix']['master']['qmgr']['private'] = false
default['postfix']['master']['qmgr']['chroot'] = false
default['postfix']['master']['qmgr']['wakeup'] = '300'
default['postfix']['master']['qmgr']['maxproc'] = '1'
default['postfix']['master']['qmgr']['command'] = 'qmgr'
default['postfix']['master']['qmgr']['args'] = []
default['postfix']['master']['tlsmgr']['active'] = true
default['postfix']['master']['tlsmgr']['order'] = 80
default['postfix']['master']['tlsmgr']['type'] = 'unix'
default['postfix']['master']['tlsmgr']['chroot'] = false
default['postfix']['master']['tlsmgr']['wakeup'] = '1000?'
default['postfix']['master']['tlsmgr']['maxproc'] = '1'
default['postfix']['master']['tlsmgr']['command'] = 'tlsmgr'
default['postfix']['master']['tlsmgr']['args'] = []
default['postfix']['master']['rewrite']['active'] = true
default['postfix']['master']['rewrite']['order'] = 90
default['postfix']['master']['rewrite']['type'] = 'unix'
default['postfix']['master']['rewrite']['chroot'] = false
default['postfix']['master']['rewrite']['command'] = 'trivial-rewrite'
default['postfix']['master']['rewrite']['args'] = []
default['postfix']['master']['bounce']['active'] = true
default['postfix']['master']['bounce']['order'] = 100
default['postfix']['master']['bounce']['type'] = 'unix'
default['postfix']['master']['bounce']['chroot'] = false
default['postfix']['master']['bounce']['maxproc'] = '0'
default['postfix']['master']['bounce']['command'] = 'bounce'
default['postfix']['master']['bounce']['args'] = []
default['postfix']['master']['defer']['active'] = true
default['postfix']['master']['defer']['order'] = 110
default['postfix']['master']['defer']['type'] = 'unix'
default['postfix']['master']['defer']['chroot'] = false
default['postfix']['master']['defer']['maxproc'] = '0'
default['postfix']['master']['defer']['command'] = 'bounce'
default['postfix']['master']['defer']['args'] = []
default['postfix']['master']['trace']['active'] = true
default['postfix']['master']['trace']['order'] = 120
default['postfix']['master']['trace']['type'] = 'unix'
default['postfix']['master']['trace']['chroot'] = false
default['postfix']['master']['trace']['maxproc'] = '0'
default['postfix']['master']['trace']['command'] = 'bounce'
default['postfix']['master']['trace']['args'] = []
default['postfix']['master']['verify']['active'] = true
default['postfix']['master']['verify']['order'] = 130
default['postfix']['master']['verify']['type'] = 'unix'
default['postfix']['master']['verify']['chroot'] = false
default['postfix']['master']['verify']['maxproc'] = '1'
default['postfix']['master']['verify']['command'] = 'verify'
default['postfix']['master']['verify']['args'] = []
default['postfix']['master']['flush']['active'] = true
default['postfix']['master']['flush']['order'] = 140
default['postfix']['master']['flush']['type'] = 'unix'
default['postfix']['master']['flush']['private'] = false
default['postfix']['master']['flush']['chroot'] = false
default['postfix']['master']['flush']['wakeup'] = '1000?'
default['postfix']['master']['flush']['maxproc'] = '0'
default['postfix']['master']['flush']['command'] = 'flush'
default['postfix']['master']['flush']['args'] = []
default['postfix']['master']['proxymap']['active'] = true
default['postfix']['master']['proxymap']['order'] = 150
default['postfix']['master']['proxymap']['type'] = 'unix'
default['postfix']['master']['proxymap']['chroot'] = false
default['postfix']['master']['proxymap']['command'] = 'proxymap'
default['postfix']['master']['proxymap']['args'] = []
default['postfix']['master']['smtpunix']['service'] = 'smtp'
default['postfix']['master']['smtpunix']['active'] = true
default['postfix']['master']['smtpunix']['order'] = 160
default['postfix']['master']['smtpunix']['type'] = 'unix'
default['postfix']['master']['smtpunix']['chroot'] = false
default['postfix']['master']['smtpunix']['maxproc'] = '500'
default['postfix']['master']['smtpunix']['command'] = 'smtp'
default['postfix']['master']['smtpunix']['args'] = []
default['postfix']['master']['relay']['active'] = true
default['postfix']['master']['relay']['comment'] = 'When relaying mail as backup MX, disable fallback_relay to avoid MX loops'
default['postfix']['master']['relay']['order'] = 170
default['postfix']['master']['relay']['type'] = 'unix'
default['postfix']['master']['relay']['chroot'] = false
default['postfix']['master']['relay']['command'] = 'smtp'
default['postfix']['master']['relay']['args'] = ['-o smtp_fallback_relay=']
default['postfix']['master']['showq']['active'] = true
default['postfix']['master']['showq']['order'] = 180
default['postfix']['master']['showq']['type'] = 'unix'
default['postfix']['master']['showq']['private'] = false
default['postfix']['master']['showq']['chroot'] = false
default['postfix']['master']['showq']['command'] = 'showq'
default['postfix']['master']['showq']['args'] = []
default['postfix']['master']['error']['active'] = true
default['postfix']['master']['error']['order'] = 190
default['postfix']['master']['error']['type'] = 'unix'
default['postfix']['master']['error']['chroot'] = false
default['postfix']['master']['error']['command'] = 'error'
default['postfix']['master']['error']['args'] = []
default['postfix']['master']['discard']['active'] = true
default['postfix']['master']['discard']['order'] = 200
default['postfix']['master']['discard']['type'] = 'unix'
default['postfix']['master']['discard']['chroot'] = false
default['postfix']['master']['discard']['command'] = 'discard'
default['postfix']['master']['discard']['args'] = []
default['postfix']['master']['local']['active'] = true
default['postfix']['master']['local']['order'] = 210
default['postfix']['master']['local']['type'] = 'unix'
default['postfix']['master']['local']['unpriv'] = false
default['postfix']['master']['local']['chroot'] = false
default['postfix']['master']['local']['command'] = 'local'
default['postfix']['master']['local']['args'] = []
default['postfix']['master']['virtual']['active'] = true
default['postfix']['master']['virtual']['order'] = 220
default['postfix']['master']['virtual']['type'] = 'unix'
default['postfix']['master']['virtual']['unpriv'] = false
default['postfix']['master']['virtual']['chroot'] = false
default['postfix']['master']['virtual']['command'] = 'virtual'
default['postfix']['master']['virtual']['args'] = []
default['postfix']['master']['lmtp']['active'] = true
default['postfix']['master']['lmtp']['order'] = 230
default['postfix']['master']['lmtp']['type'] = 'unix'
default['postfix']['master']['lmtp']['chroot'] = false
default['postfix']['master']['lmtp']['command'] = 'lmtp'
default['postfix']['master']['lmtp']['args'] = []
default['postfix']['master']['anvil']['active'] = true
default['postfix']['master']['anvil']['order'] = 240
default['postfix']['master']['anvil']['type'] = 'unix'
default['postfix']['master']['anvil']['chroot'] = false
default['postfix']['master']['anvil']['maxproc'] = '1'
default['postfix']['master']['anvil']['command'] = 'anvil'
default['postfix']['master']['anvil']['args'] = []
default['postfix']['master']['scache']['active'] = true
default['postfix']['master']['scache']['order'] = 250
default['postfix']['master']['scache']['type'] = 'unix'
default['postfix']['master']['scache']['chroot'] = false
default['postfix']['master']['scache']['maxproc'] = '1'
default['postfix']['master']['scache']['command'] = 'scache'
default['postfix']['master']['scache']['args'] = []
default['postfix']['master']['maildrop']['active'] = true
default['postfix']['master']['maildrop']['comment'] = 'See the Postfix MAILDROP_README file for details. To main.cf will be added: maildrop_destination_recipient_limit=1'
default['postfix']['master']['maildrop']['order'] = 510
default['postfix']['master']['maildrop']['type'] = 'unix'
default['postfix']['master']['maildrop']['unpriv'] = false
default['postfix']['master']['maildrop']['chroot'] = false
default['postfix']['master']['maildrop']['command'] = 'pipe'
default['postfix']['master']['maildrop']['args'] = ['flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}']
default['postfix']['master']['old-cyrus']['active'] = false
default['postfix']['master']['old-cyrus']['comment'] = 'The Cyrus deliver program has changed incompatibly, multiple times.'
default['postfix']['master']['old-cyrus']['order'] = 520
default['postfix']['master']['old-cyrus']['type'] = 'unix'
default['postfix']['master']['old-cyrus']['unpriv'] = false
default['postfix']['master']['old-cyrus']['chroot'] = false
default['postfix']['master']['old-cyrus']['command'] = 'pipe'
default['postfix']['master']['old-cyrus']['args'] = ['flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}']
default['postfix']['master']['cyrus']['active'] = true
default['postfix']['master']['cyrus']['comment'] = 'Cyrus 2.1.5 (Amos Gouaux). To main.cf will be added: cyrus_destination_recipient_limit=1'
default['postfix']['master']['cyrus']['order'] = 530
default['postfix']['master']['cyrus']['type'] = 'unix'
default['postfix']['master']['cyrus']['unpriv'] = false
default['postfix']['master']['cyrus']['chroot'] = false
default['postfix']['master']['cyrus']['command'] = 'pipe'
default['postfix']['master']['cyrus']['args'] = ['user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}']
default['postfix']['master']['uucp']['active'] = true
default['postfix']['master']['uucp']['comment'] = 'See the Postfix UUCP_README file for configuration details.'
default['postfix']['master']['uucp']['order'] = 540
default['postfix']['master']['uucp']['type'] = 'unix'
default['postfix']['master']['uucp']['unpriv'] = false
default['postfix']['master']['uucp']['chroot'] = false
default['postfix']['master']['uucp']['command'] = 'pipe'
default['postfix']['master']['uucp']['args'] = ['flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)']
default['postfix']['master']['ifmail']['active'] = false
default['postfix']['master']['ifmail']['order'] = 550
default['postfix']['master']['ifmail']['type'] = 'unix'
default['postfix']['master']['ifmail']['unpriv'] = false
default['postfix']['master']['ifmail']['chroot'] = false
default['postfix']['master']['ifmail']['command'] = 'pipe'
default['postfix']['master']['ifmail']['args'] = ['flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)']
default['postfix']['master']['bsmtp']['active'] = true
default['postfix']['master']['bsmtp']['order'] = 560
default['postfix']['master']['bsmtp']['type'] = 'unix'
default['postfix']['master']['bsmtp']['unpriv'] = false
default['postfix']['master']['bsmtp']['chroot'] = false
default['postfix']['master']['bsmtp']['command'] = 'pipe'
default['postfix']['master']['bsmtp']['args'] = ['flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient']
# OS Aliases
default['postfix']['aliases'] = case node['platform']
when 'freebsd'
{
'MAILER-DAEMON' => 'postmaster',
'bin' => 'root',
'daemon' => 'root',
'named' => 'root',
'nobody' => 'root',
'uucp' => 'root',
'www' => 'root',
'ftp-bugs' => 'root',
'postfix' => 'root',
'manager' => 'root',
'dumper' => 'root',
'operator' => 'root',
'abuse' => 'postmaster',
}
else
{}
end
if node['postfix']['use_relay_restrictions_maps']
default['postfix']['main']['smtpd_relay_restrictions'] = "hash:#{node['postfix']['relay_restrictions_db']}, reject"
end

1
cookbooks/postfix/metadata.json Normal file
View File

File diff suppressed because one or more lines are too long

71
cookbooks/postfix/recipes/_attributes.rb Normal file
View File

@@ -0,0 +1,71 @@
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
if node['postfix']['use_procmail']
node.default_unless['postfix']['main']['mailbox_command'] = '/usr/bin/procmail -a "$EXTENSION"'
end
if node['postfix']['main']['smtpd_use_tls'] == 'yes'
node.default_unless['postfix']['main']['smtpd_tls_cert_file'] = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
node.default_unless['postfix']['main']['smtpd_tls_key_file'] = '/etc/ssl/private/ssl-cert-snakeoil.key'
node.default_unless['postfix']['main']['smtpd_tls_CAfile'] = node['postfix']['cafile']
node.default_unless['postfix']['main']['smtpd_tls_session_cache_database'] = 'btree:${data_directory}/smtpd_scache'
end
if node['postfix']['main']['smtp_use_tls'] == 'yes'
node.default_unless['postfix']['main']['smtp_tls_CAfile'] = node['postfix']['cafile']
node.default_unless['postfix']['main']['smtp_tls_session_cache_database'] = 'btree:${data_directory}/smtp_scache'
end
if node['postfix']['main']['smtp_sasl_auth_enable'] == 'yes'
node.default_unless['postfix']['sasl_password_file'] = "#{node['postfix']['conf_dir']}/sasl_passwd"
node.default_unless['postfix']['main']['smtp_sasl_password_maps'] = "hash:#{node['postfix']['sasl_password_file']}"
node.default_unless['postfix']['main']['smtp_sasl_security_options'] = 'noanonymous'
node.default_unless['postfix']['sasl']['smtp_sasl_user_name'] = ''
node.default_unless['postfix']['sasl']['smtp_sasl_passwd'] = ''
node.default_unless['postfix']['main']['relayhost'] = ''
end
if node['postfix']['use_alias_maps']
node.default_unless['postfix']['main']['alias_maps'] = ["hash:#{node['postfix']['aliases_db']}"]
end
if node['postfix']['use_transport_maps']
node.default_unless['postfix']['main']['transport_maps'] = ["hash:#{node['postfix']['transport_db']}"]
end
if node['postfix']['use_access_maps']
node.default_unless['postfix']['main']['access_maps'] = ["hash:#{node['postfix']['access_db']}"]
end
if node['postfix']['use_virtual_aliases']
node.default_unless['postfix']['main']['virtual_alias_maps'] = ["#{node['postfix']['virtual_alias_db_type']}:#{node['postfix']['virtual_alias_db']}"]
end
if node['postfix']['use_virtual_aliases_domains']
node.default_unless['postfix']['main']['virtual_alias_domains'] = ["#{node['postfix']['virtual_alias_domains_db_type']}:#{node['postfix']['virtual_alias_domains_db']}"]
end
if node['postfix']['use_relay_restrictions_maps']
default['postfix']['main']['smtpd_relay_restrictions'] = "hash:#{node['postfix']['relay_restrictions_db']}, reject"
end
if node['postfix']['master']['maildrop']['active']
node.default_unless['postfix']['main']['maildrop_destination_recipient_limit'] = 1
end
if node['postfix']['master']['cyrus']['active']
node.default_unless['postfix']['main']['cyrus_destination_recipient_limit'] = 1
end

127
cookbooks/postfix/recipes/_common.rb Normal file
View File

@@ -0,0 +1,127 @@
# Author:: Joshua Timberman(<joshua@chef.io>)
# Cookbook:: common
# Recipe:: default
#
# Copyright:: 2009-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_attributes'
package 'postfix'
package 'procmail' if node['postfix']['use_procmail']
case node['platform_family']
when 'rhel', 'fedora'
service 'sendmail' do
action :nothing
end
execute 'switch_mailer_to_postfix' do
command '/usr/sbin/alternatives --set mta /usr/sbin/sendmail.postfix'
notifies :stop, 'service[sendmail]'
notifies :start, 'service[postfix]'
not_if '/usr/bin/test /etc/alternatives/mta -ef /usr/sbin/sendmail.postfix'
end
when 'omnios'
manifest_path = ::File.join(Chef::Config[:file_cache_path], 'manifest-postfix.xml')
# we need to manage the postfix group and user
# and then subscribe to the package install because it creates a
# postdrop group and adds postfix user to it.
group 'postfix' do
append true
end
user 'postfix' do
uid node['postfix']['uid']
gid 'postfix'
home '/var/spool/postfix'
subscribes :manage, 'package[postfix]'
notifies :run, 'execute[/opt/omni/sbin/postfix set-permissions]', :immediately
end
# we don't guard this because if the user creation was successful (or happened out of band), then this won't get executed when the action is :nothing.
execute '/opt/omni/sbin/postfix set-permissions'
template manifest_path do
source 'manifest-postfix.xml.erb'
owner 'root'
group node['root_group']
mode '0644'
notifies :run, 'execute[load postfix manifest]', :immediately
end
execute 'load postfix manifest' do
action :nothing
command "svccfg import #{manifest_path}"
notifies :restart, 'service[postfix]'
end
end
execute 'update-postfix-sender_canonical' do
command "postmap #{node['postfix']['conf_dir']}/sender_canonical"
action :nothing
end
unless node['postfix']['sender_canonical_map_entries'].empty?
template "#{node['postfix']['conf_dir']}/sender_canonical" do
owner 'root'
group node['root_group']
mode '0644'
notifies :run, 'execute[update-postfix-sender_canonical]'
notifies :reload, 'service[postfix]'
end
unless node['postfix']['main'].key?('sender_canonical_maps')
node.normal['postfix']['main']['sender_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/sender_canonical"
end
end
execute 'update-postfix-smtp_generic' do
command "postmap #{node['postfix']['conf_dir']}/smtp_generic"
action :nothing
end
unless node['postfix']['smtp_generic_map_entries'].empty?
template "#{node['postfix']['conf_dir']}/smtp_generic" do
owner 'root'
group node['root_group']
mode '0644'
notifies :run, 'execute[update-postfix-smtp_generic]'
notifies :reload, 'service[postfix]'
end
unless node['postfix']['main'].key?('smtp_generic_maps')
node.normal['postfix']['main']['smtp_generic_maps'] = "hash:#{node['postfix']['conf_dir']}/smtp_generic"
end
end
%w( main master ).each do |cfg|
template "#{node['postfix']['conf_dir']}/#{cfg}.cf" do
source "#{cfg}.cf.erb"
owner 'root'
group node['root_group']
mode '0644'
notifies :restart, 'service[postfix]'
variables(settings: node['postfix'][cfg])
cookbook node['postfix']["#{cfg}_template_source"]
end
end
service 'postfix' do
supports status: true, restart: true, reload: true
action :enable
end

27
cookbooks/postfix/recipes/access.rb Normal file
View File

@@ -0,0 +1,27 @@
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
execute 'update-postfix-access' do
command "postmap #{node['postfix']['access_db']}"
environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
action :nothing
end
template node['postfix']['access_db'] do
source 'access.erb'
notifies :run, 'execute[update-postfix-access]'
end

29
cookbooks/postfix/recipes/aliases.rb Normal file
View File

@@ -0,0 +1,29 @@
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
execute 'update-postfix-aliases' do
command 'newaliases'
environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
# On FreeBSD, /usr/sbin/newaliases is the sendmail command, and it's in the path before postfix's /usr/local/bin/newaliases
environment('PATH' => "/usr/local/bin:#{ENV['PATH']}") if platform_family?('freebsd')
action :nothing
end
template node['postfix']['aliases_db'] do
source 'aliases.erb'
notifies :run, 'execute[update-postfix-aliases]'
end

41
cookbooks/postfix/recipes/client.rb Normal file
View File

@@ -0,0 +1,41 @@
# Author:: Joshua Timberman(<joshua@chef.io>)
# Cookbook:: postfix
# Recipe:: client
#
# Copyright:: 2009-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
if Chef::Config[:solo]
Chef::Log.info("#{cookbook_name}::#{recipe_name} is intended for use with Chef Server, use #{cookbook_name}::default with Chef Solo.")
return
end
query = "role:#{node['postfix']['relayhost_role']}"
relayhost = ''
# results = []
if node.run_list.roles.include?(node['postfix']['relayhost_role'])
relayhost << node['ipaddress']
elsif node['postfix']['multi_environment_relay']
results = search(:node, query)
relayhost = results.map { |n| n['ipaddress'] }.first
else
results = search(:node, "#{query} AND chef_environment:#{node.chef_environment}")
relayhost = results.map { |n| n['ipaddress'] }.first
end
node.normal['postfix']['main']['relayhost'] = "[#{relayhost}]"
include_recipe 'postfix'

36
cookbooks/postfix/recipes/default.rb Normal file
View File

@@ -0,0 +1,36 @@
# Author:: Joshua Timberman(<joshua@chef.io>)
# Cookbook:: postfix
# Recipe:: default
#
# Copyright:: 2009-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
include_recipe 'postfix::sasl_auth' if node['postfix']['main']['smtp_sasl_auth_enable'] == 'yes'
include_recipe 'postfix::aliases' if node['postfix']['use_alias_maps']
include_recipe 'postfix::transports' if node['postfix']['use_transport_maps']
include_recipe 'postfix::access' if node['postfix']['use_access_maps']
include_recipe 'postfix::virtual_aliases' if node['postfix']['use_virtual_aliases']
include_recipe 'postfix::virtual_aliases_domains' if node['postfix']['use_virtual_aliases_domains']
include_recipe 'postfix::relay_restrictions' if node['postfix']['use_relay_restrictions_maps']
include_recipe 'postfix::maps' if node['postfix']['maps']

47
cookbooks/postfix/recipes/maps.rb Normal file
View File

@@ -0,0 +1,47 @@
# encoding: utf-8
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
node['postfix']['maps'].each do |type, maps|
if node['platform_family'] == 'debian'
package "postfix-#{type}" if %w(pgsql mysql ldap cdb).include?(type)
end
separator = if %w(pgsql mysql ldap memcache sqlite).include?(type)
' = '
else
' '
end
maps.each do |file, content|
execute "update-postmap-#{file}" do
command "postmap #{file}"
environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
action :nothing
end if %w(btree cdb dbm hash sdbm).include?(type)
template "#{file}-#{type}" do
path file
source 'maps.erb'
only_if "postconf -m | grep -q #{type}"
variables(
map: content,
separator: separator
)
if %w(btree cdb dbm hash sdbm).include?(type)
notifies :run, "execute[update-postmap-#{file}]"
end
notifies :restart, 'service[postfix]'
end
end
end

27
cookbooks/postfix/recipes/relay_restrictions.rb Normal file
View File

@@ -0,0 +1,27 @@
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
execute 'update-postfix-relay-restrictions' do
command "postmap #{node['postfix']['relay_restrictions_db']}"
environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
action :nothing
end
template node['postfix']['relay_restrictions_db'] do
source 'relay_restrictions.erb'
notifies :run, 'execute[update-postfix-relay-restrictions]'
end

59
cookbooks/postfix/recipes/sasl_auth.rb Normal file
View File

@@ -0,0 +1,59 @@
#
# Author:: Joshua Timberman(<joshua@chef.io>)
# Cookbook:: postfix
# Recipe:: sasl_auth
#
# Copyright:: 2009-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
sasl_pkgs = []
# We use case instead of value_for_platform_family because we need
# version specifics for RHEL.
case node['platform_family']
when 'debian'
sasl_pkgs = %w(libsasl2-2 libsasl2-modules ca-certificates)
when 'rhel'
sasl_pkgs = if node['platform_version'].to_i < 6
%w(cyrus-sasl cyrus-sasl-plain openssl)
else
%w(cyrus-sasl cyrus-sasl-plain ca-certificates)
end
when 'fedora'
sasl_pkgs = %w(cyrus-sasl cyrus-sasl-plain ca-certificates)
end
sasl_pkgs.each do |pkg|
package pkg
end
execute 'postmap-sasl_passwd' do
command "postmap #{node['postfix']['sasl_password_file']}"
environment 'PATH' => "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
action :nothing
end
template node['postfix']['sasl_password_file'] do
sensitive true
source 'sasl_passwd.erb'
owner 'root'
group node['root_group']
mode '400'
notifies :run, 'execute[postmap-sasl_passwd]', :immediately
notifies :restart, 'service[postfix]'
variables(settings: node['postfix']['sasl'])
end

24
cookbooks/postfix/recipes/server.rb Normal file
View File

@@ -0,0 +1,24 @@
#
# Author:: Joshua Timberman(<joshua@chef.io>)
# Cookbook:: postfix
# Recipe:: server
#
# Copyright:: 2009-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
node.override['postfix']['mail_type'] = 'master'
node.override['postfix']['main']['inet_interfaces'] = 'all'
include_recipe 'postfix'

27
cookbooks/postfix/recipes/transports.rb Normal file
View File

@@ -0,0 +1,27 @@
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
execute 'update-postfix-transport' do
command "postmap #{node['postfix']['transport_db']}"
environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
action :nothing
end
template node['postfix']['transport_db'] do
source 'transport.erb'
notifies :run, 'execute[update-postfix-transport]'
end

28
cookbooks/postfix/recipes/virtual_aliases.rb Normal file
View File

@@ -0,0 +1,28 @@
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
execute 'update-postfix-virtual-alias' do
command "postmap #{node['postfix']['virtual_alias_db']}"
environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
action :nothing
end
template node['postfix']['virtual_alias_db'] do
source 'virtual_aliases.erb'
notifies :run, 'execute[update-postfix-virtual-alias]'
notifies :restart, 'service[postfix]'
end

28
cookbooks/postfix/recipes/virtual_aliases_domains.rb Normal file
View File

@@ -0,0 +1,28 @@
# Copyright:: 2012-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'postfix::_common'
execute 'update-postfix-virtual-alias-domains' do
command "postmap #{node['postfix']['virtual_alias_domains_db']}"
environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios')
action :nothing
end
template node['postfix']['virtual_alias_domains_db'] do
source 'virtual_aliases_domains.erb'
notifies :run, 'execute[update-postfix-virtual-alias-domains]'
notifies :restart, 'service[postfix]'
end

9
cookbooks/postfix/templates/default/access.erb Normal file
View File

@@ -0,0 +1,9 @@
#
# Auto-generated by Chef. Do not hand edit!
# Local modifications will be overwritten.
#
# See man 5 access for format
<% node['postfix']['access'].each do |name, value| %>
<%= name %> <%= value %>
<% end unless node['postfix']['access'].nil? %>

10
cookbooks/postfix/templates/default/aliases.erb Normal file
View File

@@ -0,0 +1,10 @@
#
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
# See man 5 aliases for format
postmaster: root
<% node['postfix']['aliases'].each do |name, value| %>
<%= name %>: <%= [value].flatten.map{|x| if (x.include?("@")) then x else %Q("#{x}") end}.join(', ') %>
<% end unless node['postfix']['aliases'].nil? %>

14
cookbooks/postfix/templates/default/main.cf.erb Normal file
View File

@@ -0,0 +1,14 @@
###
# Auto-generated by Chef.
# Local modifications will be overwritten.
# Configured as <%= node['postfix']['mail_type'] %>
###
<% @settings.sort.map do |key, value| -%>
<% next if value.nil? -%>
<% if value.kind_of? Array -%>
<%= "#{key} = #{value.join(', ')}"%>
<% else -%>
<%= "#{key} = #{value}"%>
<% end -%>
<% end -%>

84
cookbooks/postfix/templates/default/manifest-postfix.xml.erb Normal file
View File

@@ -0,0 +1,84 @@
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
-->
<service_bundle type="manifest" name="SFEpostfix:postfix">
<service name="network/smtp/postfix" type="service" version="1">
<create_default_instance enabled="false" />
<single_instance />
<dependency name="network" grouping="require_all" restart_on="error" type="service">
<service_fmri value="svc:/milestone/network:default" />
</dependency>
<dependency name="filesystem-local" grouping="require_all" restart_on="error" type="service">
<service_fmri value="svc:/system/filesystem/local" />
</dependency>
<dependency name="name-services" grouping="require_all" restart_on="refresh" type="service">
<service_fmri value="svc:/milestone/name-services" />
</dependency>
<dependency name="system-log" grouping="optional_all" restart_on="error" type="service">
<service_fmri value="svc:/system/system-log" />
</dependency>
<!--
If autofs is enabled, wait for it to get users" home
directories.
-->
<dependency name="autofs" grouping="optional_all" restart_on="error" type="service">
<service_fmri value="svc:/system/filesystem/autofs" />
</dependency>
<dependent name="postfix_multi-user" grouping="optional_all" restart_on="none">
<service_fmri value="svc:/milestone/multi-user" />
</dependent>
<exec_method type="method" name="start"
exec="/opt/omni/sbin/postfix start"
timeout_seconds="180" />
<exec_method type="method" name="stop"
exec="/opt/omni/sbin/postfix stop"
timeout_seconds="60" />
<exec_method type="method" name="restart"
exec="/opt/omni/sbin/postfix reload"
timeout_seconds="60" />
<stability value="Unstable" />
<template>
<common_name>
<loctext xml:lang="C">
Postfix Mailserver
</loctext>
</common_name>
<documentation>
<manpage title="postfix" section="1" manpath="/usr/local/man" />
</documentation>
</template>
</service>
</service_bundle>

8
cookbooks/postfix/templates/default/maps.erb Normal file
View File

@@ -0,0 +1,8 @@
#
# This file is generated by Chef.
# Local changes will be overwritten
#
<% @map.each do |key, value| -%>
<%= key %><%= @separator %><%= value %>
<% end unless @map.nil? -%>

67
cookbooks/postfix/templates/default/master.cf.erb Normal file
View File

@@ -0,0 +1,67 @@
# This file is generated by Chef.
# Local changes will be overwritten
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
<% @settings.sort_by{|k,v| v['order']}.map do |service, properties| -%>
<% next if !properties['active'] -%>
<% if properties.has_key?('comment') -%>
#
#<%= properties['comment'] %>
<% end -%>
<% if properties.has_key?('service') -%>
<%= properties['service'].ljust(10) -%>
<% else -%>
<%= service.ljust(10) -%>
<% end -%>
<%= properties['type'].ljust(6) -%>
<% if properties.has_key?('private') -%>
<% if properties['private'] -%>
<% priv='y' -%>
<% else -%>
<% priv='n' -%>
<% end -%>
<% else -%>
<% priv='-' -%>
<% end -%>
<%= priv.ljust(8) -%>
<% if properties.has_key?('unpriv') -%>
<% if properties['unpriv'] -%>
<% unpriv='y' -%>
<% else -%>
<% unpriv='n' -%>
<% end -%>
<% else -%>
<% unpriv='-' -%>
<% end -%>
<%= unpriv.ljust(8) -%>
<% if properties.has_key?('chroot') -%>
<% if properties['chroot'] -%>
<% chroot='y' -%>
<% else -%>
<% chroot='n' -%>
<% end -%>
<% else -%>
<% chroot='-' -%>
<% end -%>
<%= chroot.ljust(7) -%>
<% if properties.has_key?('wakeup') -%>
<%= properties['wakeup'].ljust(7) -%>
<% else -%>
<%= '-'.ljust(7) -%>
<% end -%>
<% if properties.has_key?('maxproc') -%>
<%= properties['maxproc'].ljust(7) -%>
<% else -%>
<%= '-'.ljust(7) -%>
<% end -%>
<%= properties['command'] %>
<% properties['args'].each do |arg| -%>
<%= arg %>
<% end -%>
<% end -%>

2
cookbooks/postfix/templates/default/port_smtp.erb Normal file
View File

@@ -0,0 +1,2 @@
# SMTP
-A FWR -p tcp -m tcp --dport 25 -j ACCEPT

10
cookbooks/postfix/templates/default/relay_restrictions.erb Normal file
View File

@@ -0,0 +1,10 @@
#
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
# Attribute name is the domain name, Attribute value is either OK or REJECT
<% node['postfix']['relay_restrictions'].each do |name, value| %>
<%= name %> <%= value %>
<% end unless node['postfix']['relay_restrictions'].nil? %>
* REJECT

4
cookbooks/postfix/templates/default/sasl_passwd.erb Normal file
View File

@@ -0,0 +1,4 @@
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
<%= node['postfix']['main']['relayhost'] %> <%= @settings['smtp_sasl_user_name'] %>:<%= @settings['smtp_sasl_passwd'] %>

9
cookbooks/postfix/templates/default/sender_canonical.erb Normal file
View File

@@ -0,0 +1,9 @@
#
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
# See man 5 canonical for format
<% node['postfix']['sender_canonical_map_entries'].each do |name, value| %>
<%= name %> <%= value %>
<% end unless node['postfix']['sender_canonical_map_entries'].nil? %>

9
cookbooks/postfix/templates/default/smtp_generic.erb Normal file
View File

@@ -0,0 +1,9 @@
#
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
# See man 5 generic for format
<% node['postfix']['smtp_generic_map_entries'].each do |name, value| %>
<%= name %> <%= value %>
<% end unless node['postfix']['smtp_generic_map_entries'].nil? %>

9
cookbooks/postfix/templates/default/transport.erb Normal file
View File

@@ -0,0 +1,9 @@
#
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
# See man 5 transport for format
<% node['postfix']['transports'].each do |name, value| %>
<%= name %> <%= value %>
<% end unless node['postfix']['transports'].nil? %>

9
cookbooks/postfix/templates/default/virtual_aliases.erb Normal file
View File

@@ -0,0 +1,9 @@
#
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
# See man 5 virtual for format
<% node['postfix']['virtual_aliases'].each do |key, value| %>
<%= key %> <%= value %>
<% end unless node['postfix']['virtual_aliases'].nil? %>

9
cookbooks/postfix/templates/default/virtual_aliases_domains.erb Normal file
View File

@@ -0,0 +1,9 @@
#
# Auto-generated by Chef.
# Local modifications will be overwritten.
#
# See man 5 virtual for format
<% node['postfix']['virtual_aliases_domains'].each do |key, value| %>
<%= key %> <%= value %>
<% end unless node['postfix']['virtual_aliases_domains'].nil? %>