mail: make mail_trusted an array

2020-05-18 19:10:32 +02:00 · 2020-05-18 19:10:32 +02:00 · fb215fdd82
parent 9d6ed20d9f
commit fb215fdd82
6 changed files with 15 additions and 12 deletions
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@ -46,7 +46,10 @@ mail_domains:
 - makerspace-regensburg.de
 mail_server: mail.binary-kitchen.de
 mailman_domain: lists.binary-kitchen.de
-mail_trusted: 213.166.246.0/28 213.166.246.250/32 [2a02:958:0:f6::]/124
+mail_trusted:
+- 213.166.246.0/28
+- 213.166.246.250/32
+- 2a02:958:0:f6::/124
 mail_aliases:
 - "epvpn@binary-kitchen.de	noby@binary-kitchen.de"
 - "info@binary-kitchen.de	vorstand@binary-kitchen.de"
--- a/roles/mail/templates/mailman/mm_cfg.py.j2
+++ b/roles/mail/templates/mailman/mm_cfg.py.j2
@ -73,7 +73,7 @@ add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)

 #-------------------------------------------------------------
 # The default language for this server.
-DEFAULT_SERVER_LANGUAGE = 'de'
+DEFAULT_SERVER_LANGUAGE = 'en'

 #-------------------------------------------------------------
 # Iirc this was used in pre 2.1, leave it for now
--- a/roles/mail/templates/postfix/main.cf.j2
+++ b/roles/mail/templates/postfix/main.cf.j2
@ -27,12 +27,12 @@ mydomain = {{ mail_domain }}
 myhostname = {{ ansible_fqdn }}
 myorigin = $myhostname
 mydestination = localhost.$mydomain, localhost, {{ mail_srs_domain }}
-mynetworks = 
-	127.0.0.0/8
-	[::ffff:127.0.0.0]/104
-	[::1]/128
-{% for cidr in mail_trusted.split(' ') %}
-	{{ cidr }}
+mynetworks =
+    127.0.0.0/8
+    [::ffff:127.0.0.0]/104
+    [::1]/128
+{% for cidr in mail_trusted %}
+    {{ cidr | ipwrap }}
 {% endfor %}

 # Alias configuration
@ -107,7 +107,7 @@ milter_protocol = 6
 # mailbox / forward definitions
 virtual_mailbox_domains = {{ mail_domain }}
 {% for domain in mail_domains %}
- {{ domain }}
+    {{ domain }}
 {% endfor %}
 virtual_alias_maps = hash:/etc/postfix/virtual-alias
 virtual_transport = lmtp:unix:private/dovecot-lmtpd
--- a/roles/mail/templates/rspamd/local.d/arc.conf.j2
+++ b/roles/mail/templates/rspamd/local.d/arc.conf.j2
@ -1,5 +1,5 @@
 allow_username_mismatch = true;
-sign_networks = [127.0.0.1, ::1, {{ mail_trusted }}];
+sign_networks = [127.0.0.1, ::1, {{ mail_trusted | join(", ") }}];
 check_pubkey = true;
 try_fallback = false;
 path = "/var/lib/rspamd/dkim/$domain.$selector.key";
--- a/roles/mail/templates/rspamd/local.d/dkim_signing.conf.j2
+++ b/roles/mail/templates/rspamd/local.d/dkim_signing.conf.j2
@ -1,5 +1,5 @@
 allow_username_mismatch = true;
-sign_networks = [127.0.0.1, ::1, {{ mail_trusted }}];
+sign_networks = [127.0.0.1, ::1, {{ mail_trusted | join(", ") }}];
 check_pubkey = true;
 try_fallback = false;
 path = "/var/lib/rspamd/dkim/$domain.$selector.key";
--- a/roles/mail/templates/rspamd/local.d/options.inc.j2
+++ b/roles/mail/templates/rspamd/local.d/options.inc.j2
@ -1 +1 @@
-local_addrs = [127.0.0.1, ::1, {{ mail_trusted }}];
+local_addrs = [127.0.0.1, ::1, {{ mail_trusted | join(", ") }}];