Skip to content
Snippets Groups Projects
Commit 5bb64c97 authored by František Dvořák's avatar František Dvořák
Browse files

Email settings - permit TLSv1.2 only, mail utility

parent 52fb6d08
No related branches found
No related tags found
No related merge requests found
......@@ -47,19 +47,38 @@
dest: /etc/cron-apt/action.d/9-upgrade
content: -q -q dist-upgrade
mode: 0644
- name: Site setup postfix
- name: Mails settings
vars:
main:
myhostname: "{{ lookup('dig', groups['fip'][0] + '/PTR') | regex_replace('\\.$', '') }}"
relayhost: relay.muni.cz
inet_protocols: ipv4
lineinfile:
regexp: '^{{ item.key }}\s*=\s*.*'
line: "{{ item.key }} = {{ item.value }}"
path: /etc/postfix/main.cf
loop: "{{ main | dict2items }}"
notify: Reload postfix
when: site_name == "cesnet" or site_name == "cesnet-mcc"
main_global:
# disable everything except TLSv1.2
smtpd_tls_mandatory_protocols: "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
smtpd_tls_protocols: "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
smtp_tls_mandatory_protocols: "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
smtp_tls_protocols: "!SSLv2, !SSLv3, !TLSv1, !TLSv1.1"
fromdomain: "{{ lookup('dig', groups['fip'][0] + '/PTR') | regex_replace('\\.$', '') }}"
block:
- name: Site-specific postfix settings
set_fact:
main_cesnet:
myhostname: "{{ fromdomain }}"
relayhost: relay.muni.cz
inet_protocols: ipv4
when: site_name == "cesnet" or site_name == "cesnet-mcc"
- name: Setup postfix
vars:
main: "{{ main_global | combine(main_cesnet | default({})) }}"
lineinfile:
regexp: '^{{ item.key }}\s*=\s*.*'
line: "{{ item.key }} = {{ item.value }}"
path: /etc/postfix/main.cf
loop: "{{ main | dict2items }}"
notify: Reload postfix
- name: Setup mailutils
template:
src: templates/etc/mailutils.conf
dest: /etc/mailutils.conf
mode: 0644
when: site_name == "cesnet" or site_name == "cesnet-mcc"
- name: Site touch
file:
path: "/EOSC-{{ site_name | upper }}"
......
address {
email-domain {{ fromdomain }};
};
../../../../cesnet-central/playbooks/templates/etc/mailutils.conf
\ No newline at end of file
../../../../cesnet-central/playbooks/templates/etc/mailutils.conf
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment