Mercurial > code > home > repos > infra

changeset 184:53b6457f75f3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
also config postfix on bang (others, soon)
author drewp@bigasterisk.com
date Mon, 27 Mar 2023 17:14:58 -0700
parents 4cab03eb492e
children 781919a97c90
files mail.py templates/mail/main.cf.j2
diffstat 2 files changed, 21 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/mail.py	Mon Mar 27 17:13:37 2023 -0700
+++ b/mail.py	Mon Mar 27 17:14:58 2023 -0700
@@ -15,7 +15,7 @@
         'postmap /etc/postfix/aliases',
         'postfix reload',
     ])
-    systemd.service(service='postfix.service', enabled=True, running=True)
+    systemd.service(service='postfix@-.service', enabled=True, running=True)
     # maybe needs 'postfix@-.service', unclear
 
     # something to run ~drewp/mbsync/go at startup
@@ -27,6 +27,22 @@
 # other machines, route mail to bang or prime for delivery
 
 if host.name == 'bang':
+    apt.packages(packages=['postfix'])
+    files.template(src='templates/mail/main.cf.j2', dest='/etc/postfix/main.cf')
+    files.template(src='templates/mail/mydestination.j2', dest='/etc/postfix/mydestination')
+    files.put(src='secrets/mail/aliases', dest='/etc/postfix/aliases')
+    files.put(src='secrets/mail/sender_access', dest='/etc/postfix/sender_access')
+    files.put(src='secrets/mail/virtual', dest='/etc/postfix/virtual')
+
     server.shell(commands=[
-        "cd /my/serv/dovecot; invoke certs",
+        'postmap /etc/postfix/sender_access',
+        'postmap /etc/postfix/virtual',
+        'postmap /etc/postfix/aliases',
+        'postfix reload',
     ])
+    systemd.service(service='postfix@-.service', enabled=True, running=True)
+
+    # server.shell(commands=[
+    #     # not working
+    #     "cd /my/serv/dovecot; runuser -u drewp -- invoke certs",
+    # ])
--- a/templates/mail/main.cf.j2	Mon Mar 27 17:13:37 2023 -0700
+++ b/templates/mail/main.cf.j2	Mon Mar 27 17:14:58 2023 -0700
@@ -22,12 +22,13 @@
 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
 # information on enabling SSL in the smtp client.
 
-myhostname = bigasterisk.com
+relayhost = {{ 'prime.bigasterisk.com' if host.name == 'bang' else '' }}
+
+myhostname = {{ 'bang.' if host.name == 'bang' else '' }}bigasterisk.com
 alias_maps = hash:/etc/postfix/aliases
 alias_database = hash:/etc/postfix/aliases
 mydestination = /etc/postfix/mydestination
 relay_domains = $mydestination
-relayhost = 
 mynetworks_style = subnet
 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.1.0.0/16 10.3.0.0/16 10.5.0.0/24 192.168.0.3/32 [fc7b:54e8:69a9:e165:86c8:9d42:6cc5:b2a1]/128 [fcc8:29d:5660:ec63:754f:37af:de4a:a9df]/128