Skip to content

Commit

Permalink
Added config files for virtual users
Browse files Browse the repository at this point in the history
  • Loading branch information
imran1008 committed Nov 20, 2016
1 parent 0ebb0d5 commit 65f86e6
Show file tree
Hide file tree
Showing 6 changed files with 166 additions and 3 deletions.
40 changes: 37 additions & 3 deletions pillar.example
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,37 @@ postfix:
alias_maps: hash:/etc/aliases
alias_database: hash:/etc/aliases

# Virtual users
virtual_alias_maps: proxy:mysql:/etc/postfix/virtual_alias_maps.cf
virtual_mailbox_domains: proxy:mysql:/etc/postfix/virtual_mailbox_domains.cf
virtual_mailbox_maps: proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf
virtual_mailbox_base: /home/vmail
virtual_mailbox_limit: 512000000
virtual_minimum_uid: 5000
virtual_transport: virtual
virtual_uid_maps: static:5000
virtual_gid_maps: static:5000

local_transport: virtual
local_recipient_maps: $virtual_mailbox_maps
transport_maps: hash:/etc/postfix/transport

# SMTP server
smtpd_tls_session_cache_database: btree:${data_directory}/smtpd_scache
smtpd_use_tls: 'yes'
smtpd_sasl_auth_enable: 'yes'
smtpd_sasl_type: dovecot
smtpd_sasl_path: /var/run/dovecot/auth-client
smtpd_recipient_restrictions: permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_relay_restrictions: permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options: noanonymous
smtpd_sasl_tls_security_options: $smtpd_sasl_security_options
smtpd_tls_auth_only: 'yes'
smtpd_sasl_local_domain: $mydomain
smtpd_tls_loglevel: 1
smtpd_tls_session_cache_timeout: 3600s

relay_domains: '$mydestination'

# SMTP server certificate and key (from pillar data)
smtpd_tls_cert_file: /etc/postfix/ssl/server-cert.crt
Expand All @@ -47,13 +75,19 @@ postfix:
smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key

smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd

sender_canonical_maps: hash:/etc/postfix/sender_canonical

relay_recipient_maps: hash:/etc/postfix/relay_domains

virtual_alias_maps: hash:/etc/postfix/virtual

transport:
DOMAIN_NAME: ':[IP_ADDRESS]'

vmail:
user: postfix_user
password: DB_PASSWD
hosts: DB_HOST
dbname: postfix_db

certificates:
server-cert:
public_cert: |
Expand Down
61 changes: 61 additions & 0 deletions postfix/config.sls
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,45 @@ include:
- watch_in:
- service: postfix
- template: jinja

{% if 'vmail' in pillar.get('postfix', '') %}
/etc/postfix/virtual_alias_maps.cf:
file.managed:
- source: salt://postfix/files/virtual_alias_maps.cf
- user: root
- group: postfix
- mode: 640
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja

/etc/postfix/virtual_mailbox_domains.cf:
file.managed:
- source: salt://postfix/files/virtual_mailbox_domains.cf
- user: root
- group: postfix
- mode: 640
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja

/etc/postfix/virtual_mailbox_maps.cf:
file.managed:
- source: salt://postfix/files/virtual_mailbox_maps.cf
- user: root
- group: postfix
- mode: 640
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja
{% endif %}

{% if salt['pillar.get']('postfix:manage_master_config', True) %}
/etc/postfix/master.cf:
file.managed:
Expand All @@ -34,9 +73,31 @@ include:
- template: jinja
{% endif %}

{% if 'transport' in pillar.get('postfix', '') %}
/etc/postfix/transport:
file.managed:
- source: salt://postfix/files/transport
- user: root
- group: root
- mode: 644
- require:
- pkg: postfix
- watch_in:
- service: postfix
- template: jinja

run-postmap:
cmd.wait:
- name: /usr/sbin/postmap /etc/postfix/transport
- cwd: /
- watch:
- file: /etc/postfix/transport
{% endif %}

{%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %}

postfix_{{ domain }}_ssl_certificate:

file.managed:
- name: /etc/postfix/ssl/{{ domain }}.crt
- makedirs: True
Expand Down
17 changes: 17 additions & 0 deletions postfix/files/transport
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#
# This file is managed by salt
#

{% set config = salt['pillar.get']('postfix:transport', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} {{ value }}
{% endif -%}
{% endmacro -%}

{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}

17 changes: 17 additions & 0 deletions postfix/files/virtual_alias_maps.cf
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} = {{ value }}
{% endif -%}
{% endmacro -%}

{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}

{{ set_parameter('table', 'alias') }}
{{ set_parameter('select_field', 'goto') }}
{{ set_parameter('where_field', 'address') }}

17 changes: 17 additions & 0 deletions postfix/files/virtual_mailbox_domains.cf
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} = {{ value }}
{% endif -%}
{% endmacro -%}

{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}

{{ set_parameter('table', 'domain') }}
{{ set_parameter('select_field', 'domain') }}
{{ set_parameter('where_field', 'domain') }}

17 changes: 17 additions & 0 deletions postfix/files/virtual_mailbox_maps.cf
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
{% macro set_parameter(parameter, default=None) -%}
{% set value = config.get(parameter, default) -%}
{% if value is not none -%}
{{ parameter }} = {{ value }}
{% endif -%}
{% endmacro -%}

{# Accept arbitrary parameters -#}
{% for parameter in config -%}
{{ set_parameter(parameter) }}
{% endfor -%}

{{ set_parameter('table', 'mailbox') }}
{{ set_parameter('select_field', 'maildir') }}
{{ set_parameter('where_field', 'username') }}

0 comments on commit 65f86e6

Please sign in to comment.