Mercurial > code > home > repos > infra
annotate mail.py @ 218:44b0da2e6d1f
opendkim
| author | drewp@bigasterisk.com |
|---|---|
| date | Sun, 20 Aug 2023 15:08:18 -0700 |
| parents | 087b84e68765 |
| children | 67fb7b27bfea |
| rev | line source |
|---|---|
| 16 | 1 from pyinfra import host |
| 2 from pyinfra.operations import apt, files, server, systemd | |
| 3 | |
| 4 if host.name == 'prime': | |
| 218 | 5 apt.packages(packages=['postfix', 'isync', 'opendkim', 'opendkim-tools']) |
| 6 | |
| 7 files.template(src='templates/mail/opendkim-KeyTable.j2', dest='/etc/opendkim/KeyTable') | |
| 8 files.template(src='templates/mail/opendkim-SigningTable.j2', dest='/etc/opendkim/SigningTable') | |
| 9 files.template(src='templates/mail/opendkim-TrustedHosts.j2', dest='/etc/opendkim/TrustedHosts') | |
| 10 files.template(src='templates/mail/opendkim.conf.j2', dest='/etc/opendkim.conf') | |
| 11 files.put(src='secrets/mail/bigasterisk.com-default.private', | |
| 12 dest='/etc/opendkim/keys/bigasterisk.com/default.private', | |
| 13 mode='0600', user='opendkim') | |
| 14 | |
| 15 files.template(src='templates/mail/opendkim.service.j2', dest='/usr/lib/systemd/system/opendkim.service') | |
| 16 systemd.service(service='opendkim.service', enabled=True, running=True, restarted=True) | |
| 17 | |
| 16 | 18 files.template(src='templates/mail/main.cf.j2', dest='/etc/postfix/main.cf') |
| 19 files.template(src='templates/mail/mydestination.j2', dest='/etc/postfix/mydestination') | |
| 183 | 20 files.put(src='secrets/mail/aliases', dest='/etc/postfix/aliases') |
| 16 | 21 files.put(src='secrets/mail/sender_access', dest='/etc/postfix/sender_access') |
| 22 files.put(src='secrets/mail/virtual', dest='/etc/postfix/virtual') | |
| 23 | |
|
18
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
24 server.shell(commands=[ |
|
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
25 'postmap /etc/postfix/sender_access', |
|
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
26 'postmap /etc/postfix/virtual', |
| 218 | 27 'postmap /etc/postfix/aliases', # broken |
|
18
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
28 'postfix reload', |
|
fb226978c4d7
fix prime postfix setup. forwards to gmail were piling up
drewp@bigasterisk.com
parents:
16
diff
changeset
|
29 ]) |
|
184
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
30 systemd.service(service='postfix@-.service', enabled=True, running=True) |
| 16 | 31 |
| 32 # something to run ~drewp/mbsync/go at startup | |
| 33 | |
| 41 | 34 server.shell(commands=[ |
| 35 "cd /home/drewp/mbsync; /usr/bin/mbsync-get-cert 10.5.0.1 > servercert", | |
| 36 ]) | |
| 16 | 37 |
| 38 # other machines, route mail to bang or prime for delivery | |
| 41 | 39 |
| 40 if host.name == 'bang': | |
|
184
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
41 apt.packages(packages=['postfix']) |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
42 files.template(src='templates/mail/main.cf.j2', dest='/etc/postfix/main.cf') |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
43 files.template(src='templates/mail/mydestination.j2', dest='/etc/postfix/mydestination') |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
44 files.put(src='secrets/mail/aliases', dest='/etc/postfix/aliases') |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
45 files.put(src='secrets/mail/sender_access', dest='/etc/postfix/sender_access') |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
46 files.put(src='secrets/mail/virtual', dest='/etc/postfix/virtual') |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
47 |
| 41 | 48 server.shell(commands=[ |
|
184
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
49 'postmap /etc/postfix/sender_access', |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
50 'postmap /etc/postfix/virtual', |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
51 'postmap /etc/postfix/aliases', |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
52 'postfix reload', |
| 41 | 53 ]) |
|
184
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
54 systemd.service(service='postfix@-.service', enabled=True, running=True) |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
55 |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
56 # server.shell(commands=[ |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
57 # # not working |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
58 # "cd /my/serv/dovecot; runuser -u drewp -- invoke certs", |
|
53b6457f75f3
also config postfix on bang (others, soon)
drewp@bigasterisk.com
parents:
183
diff
changeset
|
59 # ]) |