From cf4dba2ac7ca61ae283b92524922f4d0a7d8d572 Mon Sep 17 00:00:00 2001 From: Johannes Löthberg Date: Tue, 10 Jan 2017 17:46:39 +0100 Subject: Move opensmtpd configs to own directory MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Johannes Löthberg --- opensmtpd/theos.sls | 147 ++++++++++++++++++++++++++++++++++++++++++++++++++++ theos/opensmtpd.sls | 147 ---------------------------------------------------- top.sls | 2 +- 3 files changed, 148 insertions(+), 148 deletions(-) create mode 100644 opensmtpd/theos.sls delete mode 100644 theos/opensmtpd.sls diff --git a/opensmtpd/theos.sls b/opensmtpd/theos.sls new file mode 100644 index 0000000..99bad72 --- /dev/null +++ b/opensmtpd/theos.sls @@ -0,0 +1,147 @@ +opensmtpd: + pki: + theos.kyriasis.com: + certificate: /etc/letsencrypt/live/theos.kyriasis.com/fullchain.pem + key: /etc/letsencrypt/live/theos.kyriasis.com/privkey.pem + + + tables: + users: + type: file + path: /etc/smtpd/users + contents: + - 'erik: sysbunny@lucifer.kyriasis.com' + - 'sysbunny: sysbunny@lucifer.kyriasis.com' + - 'dellsama: sysbunny@lucifer.kyriasis.com' + + - 'tomasz.kramkowski: kyriasis-redirect@the-tk.com' + - 'tk: kyriasis-redirect@the-tk.com' + + - 'grawity: grawity@theos.kyriasis.com' + + - 'halosghost: halosghost@theos.kyriasis.com' + + - 'kyrias: kyrias@theos.kyriasis.com' + - 'johannes: kyrias@theos.kyriasis.com' + + - 'xan: xanadu@theos.kyriasis.com' + - 'xanadu: xanadu@theos.kyriasis.com' + - 'maus: xanadu@theos.kyriasis.com' + + - '@kyriasis.com: kyrias@theos.kyriasis.com' + - '@lists.kyriasis.com: lists@theos.kyriasis.com' + + sendertable: + type: file + path: /etc/smtpd/senders + contents: + - 'sysbunny: @lucifer.kyriasis.com,sysbunny@kyriasis.com,erik@kyriasis.com' + - 'grawity: grawity@theos.kyriasis.com,grawity@kyriasis.com' + - 'halosghost: halosghost@theos.kyriasis.com,halosghost@kyriasis.com' + - 'kyrias: @theos.kyriasis.com,@kyriasis.com' + - 'xanadu: xan@kyriasis.com,xanadu@kyriasis.com' + + + listeners: + - interface: ens4 + port: 25 + tls: True + pki: theos.kyriasis.com + auth-optional: True + senders: masquerade + + - interface: ens4 + port: 587 + tls-require: True + pki: theos.kyriasis.com + auth: True + senders: masquerade + + - interface: ens4 + port: 465 + smtps: True + pki: theos.kyriasis.com + auth: True + senders: masquerade + + - interface: cjdns + port: 25 + tls: True + pki: theos.kyriasis.com + auth-optional: True + senders: masquerade + + - interface: cjdns + port: 587 + tls-require: True + pki: theos.kyriasis.com + auth: True + senders: masquerade + + - interface: lo + port: 10026 + tag: DKIM-IN + + - interface: lo + port: 10029 + tag: DKIM-OUT + + - interface: localhost + senders: masquerade + + + rules: + - backup for lucifer: + type: accept + from: any + for: domain "lucifer.kyriasis.com" + relay: backup theos.kyriasis.com + + - backup for the-tk.com: + type: accept + from: any + for: domain "the-tk.com" + relay: backup + + - incoming mailinglists: + type: accept + tagged: DKIM-IN + from: any + for: domain "lists.kyriasis.com" virtual { "@lists.kyriasis.com" = list } + deliver_to: mda "/usr/local/bin/mlmmj-receive -L /home/lists/spool/%{dest.user:strip}/" + + - incoming to local host: + type: accept + tagged: DKIM-IN + for: domain "theos.kyriasis.com" alias { root = kyrias } + deliver_to: lmtp "/var/run/dovecot/lmtp" + + - incoming to top-level domains: + type: accept + tagged: DKIM-IN + from: any + for: 'domain { kyriasis.com, the-tk.com } virtual ' + deliver_to: lmtp "/var/run/dovecot/lmtp" + + - local email: + type: accept + from: local + for: local + deliver_to: lmtp "/var/run/dovecot/lmtp" + + - relay incoming through dkimproxy: + type: accept + from: any + for: domain { kyriasis.com, theos.kyriasis.com, the-tk.com } + relay: via smtp://127.0.0.1:10025 + + - outgoing from dkimproxy: + type: accept + tagged: DKIM-OUT + for: any + relay: True + + - outgoing to dkimproxy: + type: accept + for: any + relay: via smtp://127.0.0.1:10028 diff --git a/theos/opensmtpd.sls b/theos/opensmtpd.sls deleted file mode 100644 index 99bad72..0000000 --- a/theos/opensmtpd.sls +++ /dev/null @@ -1,147 +0,0 @@ -opensmtpd: - pki: - theos.kyriasis.com: - certificate: /etc/letsencrypt/live/theos.kyriasis.com/fullchain.pem - key: /etc/letsencrypt/live/theos.kyriasis.com/privkey.pem - - - tables: - users: - type: file - path: /etc/smtpd/users - contents: - - 'erik: sysbunny@lucifer.kyriasis.com' - - 'sysbunny: sysbunny@lucifer.kyriasis.com' - - 'dellsama: sysbunny@lucifer.kyriasis.com' - - - 'tomasz.kramkowski: kyriasis-redirect@the-tk.com' - - 'tk: kyriasis-redirect@the-tk.com' - - - 'grawity: grawity@theos.kyriasis.com' - - - 'halosghost: halosghost@theos.kyriasis.com' - - - 'kyrias: kyrias@theos.kyriasis.com' - - 'johannes: kyrias@theos.kyriasis.com' - - - 'xan: xanadu@theos.kyriasis.com' - - 'xanadu: xanadu@theos.kyriasis.com' - - 'maus: xanadu@theos.kyriasis.com' - - - '@kyriasis.com: kyrias@theos.kyriasis.com' - - '@lists.kyriasis.com: lists@theos.kyriasis.com' - - sendertable: - type: file - path: /etc/smtpd/senders - contents: - - 'sysbunny: @lucifer.kyriasis.com,sysbunny@kyriasis.com,erik@kyriasis.com' - - 'grawity: grawity@theos.kyriasis.com,grawity@kyriasis.com' - - 'halosghost: halosghost@theos.kyriasis.com,halosghost@kyriasis.com' - - 'kyrias: @theos.kyriasis.com,@kyriasis.com' - - 'xanadu: xan@kyriasis.com,xanadu@kyriasis.com' - - - listeners: - - interface: ens4 - port: 25 - tls: True - pki: theos.kyriasis.com - auth-optional: True - senders: masquerade - - - interface: ens4 - port: 587 - tls-require: True - pki: theos.kyriasis.com - auth: True - senders: masquerade - - - interface: ens4 - port: 465 - smtps: True - pki: theos.kyriasis.com - auth: True - senders: masquerade - - - interface: cjdns - port: 25 - tls: True - pki: theos.kyriasis.com - auth-optional: True - senders: masquerade - - - interface: cjdns - port: 587 - tls-require: True - pki: theos.kyriasis.com - auth: True - senders: masquerade - - - interface: lo - port: 10026 - tag: DKIM-IN - - - interface: lo - port: 10029 - tag: DKIM-OUT - - - interface: localhost - senders: masquerade - - - rules: - - backup for lucifer: - type: accept - from: any - for: domain "lucifer.kyriasis.com" - relay: backup theos.kyriasis.com - - - backup for the-tk.com: - type: accept - from: any - for: domain "the-tk.com" - relay: backup - - - incoming mailinglists: - type: accept - tagged: DKIM-IN - from: any - for: domain "lists.kyriasis.com" virtual { "@lists.kyriasis.com" = list } - deliver_to: mda "/usr/local/bin/mlmmj-receive -L /home/lists/spool/%{dest.user:strip}/" - - - incoming to local host: - type: accept - tagged: DKIM-IN - for: domain "theos.kyriasis.com" alias { root = kyrias } - deliver_to: lmtp "/var/run/dovecot/lmtp" - - - incoming to top-level domains: - type: accept - tagged: DKIM-IN - from: any - for: 'domain { kyriasis.com, the-tk.com } virtual ' - deliver_to: lmtp "/var/run/dovecot/lmtp" - - - local email: - type: accept - from: local - for: local - deliver_to: lmtp "/var/run/dovecot/lmtp" - - - relay incoming through dkimproxy: - type: accept - from: any - for: domain { kyriasis.com, theos.kyriasis.com, the-tk.com } - relay: via smtp://127.0.0.1:10025 - - - outgoing from dkimproxy: - type: accept - tagged: DKIM-OUT - for: any - relay: True - - - outgoing to dkimproxy: - type: accept - for: any - relay: via smtp://127.0.0.1:10028 diff --git a/top.sls b/top.sls index 1042108..a39d158 100644 --- a/top.sls +++ b/top.sls @@ -7,6 +7,6 @@ base: - nginx.matrix_kyriasis_com - nginx.riot_kyriasis_com - - theos.opensmtpd + - opensmtpd.theos # vim: set ft=yaml et: -- cgit v1.2.3-54-g00ecf