Merge pull request #59 from toebivankenoebi/master

New features: configurable default_database_type, recipient_canonical_maps, header_checks
Oefenweb · May 21, 2019 · 375ebff · 375ebff
2 parents 745724b + d591356
commit 375ebff
Show file tree

Hide file tree

Showing 5 changed files with 40 additions and 16 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -12,6 +12,7 @@ postfix_aliases: []
 postfix_virtual_aliases: []
 postfix_sender_canonical_maps: []
 postfix_recipient_canonical_maps: []
+postfix_header_checks: []
 postfix_generic: []
 postfix_relayhost: false
 postfix_relayhost_port: 587
@@ -35,6 +36,8 @@ postfix_mynetworks:
 postfix_smtpd_banner: '$myhostname ESMTP $mail_name (Ubuntu)'
 postfix_disable_vrfy_command: false
 postfix_message_size_limit: 10240000
+postifx_header_checks_database_type: regexp
+postfix_default_database_type: hash
 postfix_smtpd_tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
 postfix_smtpd_tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
 postfix_raw_options: []
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -4,24 +4,19 @@
   command: newaliases
 
 - name: new virtual aliases
-  command: >
-    postmap hash:{{ postfix_virtual_aliases_file }}
+  command: postmap {{ postfix_default_database_type }}:{{ postfix_virtual_aliases_file }}
 
 - name: postmap sasl_passwd
-  command: >
-    postmap hash:{{ postfix_sasl_passwd_file }}
+  command: postmap {{ postfix_default_database_type }}:{{ postfix_sasl_passwd_file }}
 
 - name: postmap sender_canonical_maps
-  command: >
-    postmap hash:{{ postfix_sender_canonical_maps_file }}
+  command: postmap {{ postfix_default_database_type }}:{{ postfix_sender_canonical_maps_file }}
 
 - name: postmap recipient_canonical_maps
-  command: >
-    postmap hash:{{ postfix_recipient_canonical_maps_file }}
+  command: postmap {{ postfix_default_database_type }}:{{ postfix_recipient_canonical_maps_file }}
 
 - name: postmap generic
-  command: >
-    postmap hash:{{ postfix_generic_file }}
+  command: postmap {{ postfix_default_database_type }}:{{ postfix_generic_file }}
 
 - name: restart postfix
   command: /bin/true

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -169,6 +169,20 @@
     - postfix
     - postfix-generic-table
 
+- name: configure header checks
+  template:
+    src: etc/postfix/header_checks.j2
+    dest: /etc/postfix/header_checks
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - restart postfix
+  tags:
+    - configuration
+    - postfix
+    - postfix-header-checks-table
+
 - name: start and enable service
   service:
     name: postfix

diff --git a/templates/etc/postfix/header_checks.j2 b/templates/etc/postfix/header_checks.j2
@@ -0,0 +1,5 @@
+# {{ ansible_managed }}
+{% for rule in postfix_header_checks | default([]) %}
+{{ rule.pattern }} {{ rule.action }} {% if rule.text is defined %}{{ rule.text }}{% endif %}
+
+{% endfor %}
diff --git a/templates/etc/postfix/main.cf.j2 b/templates/etc/postfix/main.cf.j2
@@ -29,19 +29,26 @@ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 # information on enabling SSL in the smtp client.
 
 myhostname = {{ postfix_hostname }}
-alias_maps = hash:/etc/aliases
-alias_database = hash:/etc/aliases
+default_database_type = {{ postfix_default_database_type }}
+alias_maps = {{ postfix_default_database_type }}:/etc/aliases
+alias_database = {{ postfix_default_database_type }}:/etc/aliases
 {% if postfix_virtual_aliases %}
-virtual_alias_maps = hash:/etc/postfix/virtual
+virtual_alias_maps = {{ postfix_default_database_type }}:/etc/postfix/virtual
 {% endif %}
 {% if postfix_sender_canonical_maps %}
-sender_canonical_maps = hash:/etc/postfix/sender_canonical_maps
+sender_canonical_maps = {{ postfix_default_database_type }}:/etc/postfix/sender_canonical_maps
+{% endif %}
+{% if postfix_recipient_canonical_maps %}
+recipient_canonical_maps = {{ postfix_default_database_type }}:/etc/postfix/recipient_canonical_maps
 {% endif %}
 {% if postfix_recipient_canonical_maps %}
 recipient_canonical_maps = hash:/etc/postfix/recipient_canonical_maps
 {% endif %}
 {% if postfix_generic %}
-smtp_generic_maps = hash:/etc/postfix/generic
+smtp_generic_maps = {{ postfix_default_database_type }}:/etc/postfix/generic
+{% endif %}
+{% if postfix_header_checks %}
+smtp_header_checks = {{ postifx_header_checks_database_type }}:/etc/postfix/header_checks
 {% endif %}
 mydestination = {{ postfix_mydestination | join(', ') }}
 mynetworks = {{ postfix_mynetworks | join(' ') }}
@@ -62,7 +69,7 @@ inet_protocols = {{ postfix_inet_protocols | join(', ') }}
 relayhost = [{{ postfix_relayhost }}]:{{ postfix_relayhost_port }}
 {% if postfix_sasl_auth_enable %}
 smtp_sasl_auth_enable = {{ postfix_sasl_auth_enable | bool | ternary('yes', 'no') }}
-smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_sasl_password_maps = {{ postfix_default_database_type }}:/etc/postfix/sasl_passwd
 smtp_sasl_security_options = {{ postfix_sasl_security_options }}
 smtp_sasl_mechanism_filter = {{ postfix_sasl_mechanism_filter }}
 {% endif %}