Mercurial > code > home > repos > infra

view mail.py @ 290:828d3f4da54b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
rpi iscsi volumes
author drewp@bigasterisk.com
date Sun, 21 Apr 2024 17:09:10 -0700
parents 67fb7b27bfea
children c44677a25baf
line wrap: on
line source

from pyinfra import host
from pyinfra.operations import apt, files, server, systemd

if host.name == 'prime':
    apt.packages(packages=['postfix', 'isync', 'opendkim', 'opendkim-tools'])

    files.template(src='templates/mail/opendkim-KeyTable.j2', dest='/etc/opendkim/KeyTable')
    files.template(src='templates/mail/opendkim-SigningTable.j2', dest='/etc/opendkim/SigningTable')
    files.template(src='templates/mail/opendkim-TrustedHosts.j2', dest='/etc/opendkim/TrustedHosts')
    files.template(src='templates/mail/opendkim.conf.j2', dest='/etc/opendkim.conf')
    files.put(src='secrets/mail/bigasterisk.com-default.private',
              dest='/etc/opendkim/keys/bigasterisk.com/default.private',
              mode='0600', user='opendkim')

    files.template(src='templates/mail/opendkim.service.j2', dest='/usr/lib/systemd/system/opendkim.service')
    systemd.service(service='opendkim.service', enabled=True, running=True, restarted=True)

    files.template(src='templates/mail/main.cf.j2', dest='/etc/postfix/main.cf')
    files.template(src='templates/mail/mydestination.j2', dest='/etc/postfix/mydestination')
    files.put(src='secrets/mail/aliases', dest='/etc/postfix/aliases')
    files.put(src='secrets/mail/sender_access', dest='/etc/postfix/sender_access')
    files.put(src='secrets/mail/virtual', dest='/etc/postfix/virtual')

    server.shell(commands=[
        'postmap /etc/postfix/sender_access',
        'postmap /etc/postfix/virtual',
        'postmap /etc/postfix/aliases',  # broken
        'postfix reload',
    ])
    systemd.service(service='postfix@-.service', enabled=True, running=True)

    # something to run ~drewp/mbsync/go at startup

    server.shell(commands=[
        "cd /home/drewp/mbsync; /usr/bin/mbsync-get-cert 10.5.0.1 > servercert",
    ])

    files.put(src='templates/file-count/file_count.py', dest='/opt/file_count.py')
    files.template(src='templates/file-count/file-count.service.j2', dest='/etc/systemd/system/maildir-count.service')
    systemd.service(service='maildir-count.service', enabled=True, running=True, daemon_reload=True)


# other machines, route mail to bang or prime for delivery

if host.name == 'bang':
    apt.packages(packages=['postfix'])
    files.template(src='templates/mail/main.cf.j2', dest='/etc/postfix/main.cf')
    files.template(src='templates/mail/mydestination.j2', dest='/etc/postfix/mydestination')
    files.put(src='secrets/mail/aliases', dest='/etc/postfix/aliases')
    files.put(src='secrets/mail/sender_access', dest='/etc/postfix/sender_access')
    files.put(src='secrets/mail/virtual', dest='/etc/postfix/virtual')

    server.shell(commands=[
        'postmap /etc/postfix/sender_access',
        'postmap /etc/postfix/virtual',
        'postmap /etc/postfix/aliases',
        'postfix reload',
    ])
    systemd.service(service='postfix@-.service', enabled=True, running=True)

    # server.shell(commands=[
    #     # not working
    #     "cd /my/serv/dovecot; runuser -u drewp -- invoke certs",
    # ])