From e4abfb1b756c89d57467540357ce82e7d34bd8ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A2u=20Cao?= Date: Fri, 1 Dec 2023 10:01:34 +0100 Subject: [PATCH] Use more reasonable priority for attributes in recipe --- .../kosmos-postfix/recipes/default.rb | 42 ++++++------------- 1 file changed, 12 insertions(+), 30 deletions(-) diff --git a/site-cookbooks/kosmos-postfix/recipes/default.rb b/site-cookbooks/kosmos-postfix/recipes/default.rb index 8fa2c14..53e0837 100644 --- a/site-cookbooks/kosmos-postfix/recipes/default.rb +++ b/site-cookbooks/kosmos-postfix/recipes/default.rb @@ -2,39 +2,21 @@ # Cookbook Name:: kosmos-postfix # Recipe:: default # -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. + +node.default['postfix']['main']['smtp_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' +node.default['postfix']['main']['smtpd_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' + +return if node.run_list.roles.include?("email_server") smtp_credentials = Chef::EncryptedDataBagItem.load('credentials', 'smtp') -node.override['postfix']['sasl']['smtp_sasl_user_name'] = smtp_credentials['user_name'] -node.override['postfix']['sasl']['smtp_sasl_passwd'] = smtp_credentials['password'] -node.override['postfix']['sasl_password_file'] = "#{node['postfix']['conf_dir']}/sasl_passwd" +node.default['postfix']['sasl']['smtp_sasl_user_name'] = smtp_credentials['user_name'] +node.default['postfix']['sasl']['smtp_sasl_passwd'] = smtp_credentials['password'] +node.default['postfix']['sasl_password_file'] = "#{node['postfix']['conf_dir']}/sasl_passwd" # Postfix doesn't support smtps relayhost, use STARTSSL instead -node.override['postfix']['main']['relayhost'] = smtp_credentials['relayhost'] -node.override['postfix']['main']['smtp_sasl_auth_enable'] = 'yes' -node.override['postfix']['main']['smtp_sasl_password_maps'] = "hash:#{node['postfix']['sasl_password_file']}" -node.override['postfix']['main']['smtp_sasl_security_options'] = 'noanonymous' -node.override['postfix']['main']['smtp_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' -node.override['postfix']['main']['smtpd_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' +node.default['postfix']['main']['relayhost'] = smtp_credentials['relayhost'] +node.default['postfix']['main']['smtp_sasl_auth_enable'] = 'yes' +node.default['postfix']['main']['smtp_sasl_password_maps'] = "hash:#{node['postfix']['sasl_password_file']}" +node.default['postfix']['main']['smtp_sasl_security_options'] = 'noanonymous' include_recipe 'postfix::default'