propellor spin

This commit is contained in:
Joey Hess 2015-02-01 14:48:13 -04:00
parent f276466cf2
commit bcdc5754fc
Failed to extract signature
2 changed files with 33 additions and 3 deletions

View File

@ -4,8 +4,9 @@ module Propellor.Property.Postfix where
import Propellor
import qualified Propellor.Property.Apt as Apt
import Propellor.Property.File
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Service as Service
import qualified Propellor.Property.User as User
import qualified Data.Map as M
import Data.List
@ -103,7 +104,7 @@ mainCfIsSet name = do
-- Note that multiline configurations that continue onto the next line
-- are not currently supported.
dedupMainCf :: Property NoInfo
dedupMainCf = fileProperty "postfix main.cf dedupped" dedupCf mainCfFile
dedupMainCf = File.fileProperty "postfix main.cf dedupped" dedupCf mainCfFile
dedupCf :: [String] -> [String]
dedupCf ls =
@ -125,3 +126,30 @@ dedupCf ls =
dedup c kc ((Right (k, v)):rest) = case M.lookup k kc of
Just n | n > 1 -> dedup c (M.insert k (n - 1) kc) rest
_ -> dedup (fmt k v:c) kc rest
-- | Installs saslauthd and configures it for postfix.
--
-- Does not configure postfix to use it; eg smtpd_sasl_auth_enable = yes
-- needs to be set to enable use. See
-- https://wiki.debian.org/PostfixAndSASL
saslAuthdInstalled :: Property NoInfo
saslAuthdInstalled = setupdaemon
`requires` Service.running "saslauthd"
`requires` postfixgroup
`requires` dirperm
`requires` Apt.installed ["sasl2-bin"]
`requires` smtpdconf
where
setupdaemon = "/etc/default/saslauthd" `File.containsLines`
[ "START=yes"
, "OPTIONS=\"-c -m /var/spool/postfix/var/run/saslauthd\""
]
`onChange` Service.restarted "saslauthd"
smtpdconf = "/etc/postfix/sasl/smtpd.conf" `File.containsLines`
[ "pwcheck_method: saslauthd"
, "mech_list: PLAIN LOGIN"
]
dirperm = cmdProperty "dpkg-statoverride"
[ "--add", "root", "sasl", "710", "/var/spool/postfix/var/run/saslauthd"]
postfixgroup = "postfix" `User.hasGroup` "sasl"
`onChange` restarted

View File

@ -450,6 +450,8 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
& dkimInstalled
& Postfix.saslAuthdInstalled
& Apt.installed ["maildrop"]
& "/etc/maildroprc" `File.hasContent`
[ "# Global maildrop filter file (deployed with propellor)"
@ -514,7 +516,7 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
, "# Filter out client relay lines from headers."
, "header_checks = pcre:$config_directory/obscure_client_relay.pcre"
, "# Password auth for relaying"
, "# Password auth for relaying (used by errol)"
, "smtpd_sasl_auth_enable = yes"
, "smtpd_sasl_type = dovecot"
, "smtpd_sasl_path = private/auth"