@ -0,0 +1,12 @@ | |||
--- | |||
admin_ssh_keys: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZXK3ufonx+zNQ1x6cSWuUWckB/xf9sKZ+mRgY5SPXzqrxSkqNSmr9JQ6xzvhxKEVcFWsi50op1WWtRo3HG3p3+EHKXeCyzt5QnczDlVOoQbB8kgI0byKcvXux1inL4/Q4DbVLUbDFnynD/C5aAyYMYePahMxR+AQr60DD+7Ty6pcEVih1wwHIlxWziY1EF6sEzQwz/PiTxWIZkKHl/WPGagS9Pp/5nQfdZy0AS/JqbzNyMEg51+XedADuqseV4GXDzrzDYLJXJFv1PFVJxRWLrjChKrUMqyszUySkZMr5YSPXlsV0bi+0xivYEsXvIkLORV96JTZosYbV+0aFKDPv root@debian | |||
default_packages_debian: htop | |||
description: machine test | |||
ntp_server1: 0.pool.ntp.org | |||
ntp_server2: 1.pool.ntp.org | |||
disable_ipv6: true | |||
domain: test.net | |||
mariadb_version: 10.0 | |||
mysql_root_password: changeme | |||
mysql_host: localhost | |||
# vim: set textwidth=0 ft=yaml: |
@ -0,0 +1,12 @@ | |||
--- | |||
- name: Deployer et configurer un serveur mail complet | |||
hosts: all | |||
user: root | |||
gather_facts: yes | |||
roles: | |||
- mariadb | |||
# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab: |
@ -0,0 +1 @@ | |||
# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab: |
@ -0,0 +1,27 @@ | |||
use strict; | |||
# You can modify this file to re-enable SPAM checking through spamassassin | |||
# and to re-enable antivirus checking. | |||
# | |||
# Default antivirus checking mode | |||
# Please note, that anti-virus checking is DISABLED by | |||
# default. | |||
# If You wish to enable it, please uncomment the following lines: | |||
@bypass_virus_checks_maps = ( | |||
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); | |||
# | |||
# Default SPAM checking mode | |||
# Please note, that anti-spam checking is DISABLED by | |||
# default. | |||
# If You wish to enable it, please uncomment the following lines: | |||
@bypass_spam_checks_maps = ( | |||
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); | |||
1; # ensure a defined return |
@ -0,0 +1,20 @@ | |||
use strict; | |||
# | |||
# Place your configuration directives here. They will override those in | |||
# earlier files. | |||
# | |||
# See /usr/share/doc/amavisd-new/ for documentation and examples of | |||
# the directives you can use in this file | |||
# | |||
$QUARANTINEDIR = '/var/spool/virusmails'; # Quarantine Directory | |||
$spam_quarantine_method = 'local:spam-%b-%i-%n'; # Filename in $QUARANTINEDIR | |||
$spam_quarantine_to = 'spam-quarantine'; # Put Spam in Quarantine Directory | |||
# $spam_quarantine_to = "admin\@$mydomain"; # Send Spam to Adminstrator | |||
# $spam_quarantine_to = undef; # Do nothing with Spam | |||
$final_spam_destiny = D_DISCARD; | |||
$spam_admin = "admin\@$mydomain"; # Where to send Notification | |||
#------------ Do not modify anything below this line ------------- | |||
1; # ensure a defined return |
@ -0,0 +1,98 @@ | |||
# By default, the Debian version of automysqlbackup will use: | |||
# mysqldump --defaults-file=/etc/mysql/debian.cnf | |||
# but you might want to overwrite with a specific user & pass. | |||
# To do this, simply edit bellow. | |||
# Username to access the MySQL server e.g. dbuser | |||
#USERNAME=`grep user /etc/mysql/debian.cnf | tail -n 1 | cut -d"=" -f2 | awk '{print $1}'` | |||
# Username to access the MySQL server e.g. password | |||
#PASSWORD=`grep password /etc/mysql/debian.cnf | tail -n 1 | cut -d"=" -f2 | awk '{print $1}'` | |||
# Host name (or IP address) of MySQL server e.g localhost | |||
DBHOST=localhost | |||
# List of DBNAMES for Daily/Weekly Backup e.g. "DB1 DB2 DB3" | |||
# Note that it's absolutely normal that the db named "mysql" is not in this | |||
# list, as it's added later by the script. See the MDBNAMES directives below | |||
# in this file (advanced options). | |||
# This is ONLY a convenient default, if you don't like it, don't complain | |||
# and write your own. | |||
# The following is a quick hack that will find the names of the databases by | |||
# reading the mysql folder content. Feel free to replace by something else. | |||
# DBNAMES=`find /var/lib/mysql -mindepth 1 -maxdepth 1 -type d | cut -d'/' -f5 | grep -v ^mysql\$ | tr \\\r\\\n ,\ ` | |||
# This one does a list of dbs using a MySQL statement. | |||
DBNAMES=`mysql --defaults-file=/etc/mysql/debian.cnf --execute="SHOW DATABASES" | awk '{print $1}' | grep -v ^Database$ | grep -v ^mysql$ | grep -v ^performance_schema$ | grep -v ^information_schema$ | tr \\\r\\\n ,\ ` | |||
# Backup directory location e.g /backups | |||
# Folders inside this one will be created (daily, weekly, etc.), and the | |||
# subfolders will be database names. Note that backups will be owned by | |||
# root, with Unix rights 0600. | |||
BACKUPDIR="/backups/" | |||
# Mail setup | |||
# What would you like to be mailed to you? | |||
# - log : send only log file | |||
# - files : send log file and sql files as attachments (see docs) | |||
# - stdout : will simply output the log to the screen if run manually. | |||
# - quiet : Only send logs if an error occurs to the MAILADDR. | |||
MAILCONTENT="quiet" | |||
# Set the maximum allowed email size in k. (4000 = approx 5MB email [see | |||
# docs]) | |||
MAXATTSIZE="4000" | |||
# Email Address to send mail to? (user@domain.com) | |||
MAILADDR="root" | |||
# ============================================================ | |||
# === ADVANCED OPTIONS ( Read the doc's below for details )=== | |||
#============================================================= | |||
# List of DBBNAMES for Monthly Backups. | |||
MDBNAMES="mysql $DBNAMES" | |||
# List of DBNAMES to EXLUCDE if DBNAMES are set to all (must be in " quotes) | |||
DBEXCLUDE="mysql information_schema performance_schema phpmyadmin" | |||
# Include CREATE DATABASE in backup? | |||
CREATE_DATABASE=yes | |||
# Separate backup directory and file for each DB? (yes or no) | |||
SEPDIR=yes | |||
# Which day do you want weekly backups? (1 to 7 where 1 is Monday) | |||
DOWEEKLY=6 | |||
# Set rotation of daily backups. VALUE*24hours | |||
# If you want to keep only today's backups, you could choose 1, i.e. everything older than 24hours will be removed. | |||
CONFIG_rotation_daily=6 | |||
# Choose Compression type. (gzip or bzip2) | |||
COMP=gzip | |||
# Compress communications between backup server and MySQL server? | |||
COMMCOMP=no | |||
# Additionally keep a copy of the most recent backup in a seperate | |||
# directory. | |||
LATEST=no | |||
# The maximum size of the buffer for client/server communication. e.g. 16MB | |||
# (maximum is 1GB) | |||
MAX_ALLOWED_PACKET= | |||
# For connections to localhost. Sometimes the Unix socket file must be | |||
# specified. | |||
SOCKET= | |||
# Command to run before backups (uncomment to use) | |||
#PREBACKUP="/etc/mysql-backup-pre" | |||
# Command run after backups (uncomment to use) | |||
#POSTBACKUP="/etc/mysql-backup-post" | |||
# Backup of stored procedures and routines (comment to remove) | |||
ROUTINES=yes | |||
@ -0,0 +1,7 @@ | |||
START=yes | |||
DESC="SASL Authentication Daemon" | |||
NAME="saslauthd" | |||
MECHANISMS="rimap" | |||
MECH_OPTIONS="localhost" | |||
THREADS=5 | |||
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r" |
@ -0,0 +1,31 @@ | |||
# Duncan Findlay | |||
# WARNING: please read README.spamd before using. | |||
# There may be security risks. | |||
# Change to one to enable spamd | |||
ENABLED=1 | |||
# Options | |||
# See man spamd for possible options. The -d option is automatically added. | |||
# SpamAssassin uses a preforking model, so be careful! You need to | |||
# make sure --max-children is not set to anything higher than 5, | |||
# unless you know what you're doing. | |||
OPTIONS="--create-prefs --max-children 5 --helper-home-dir" | |||
# Pid file | |||
# Where should spamd write its PID to file? If you use the -u or | |||
# --username option above, this needs to be writable by that user. | |||
# Otherwise, the init script will not be able to shut spamd down. | |||
PIDFILE="/var/run/spamd.pid" | |||
# Set nice level of spamd | |||
#NICE="--nicelevel 15" | |||
# Cronjob | |||
# Set to anything but 0 to enable the cron job to automatically update | |||
# spamassassin's rules on a nightly basis | |||
CRON=1 | |||
@ -0,0 +1,9 @@ | |||
# Postfix dynamic maps configuration file. | |||
# | |||
# The first match found is the one that is used. Wildcards are not supported | |||
# as of postfix 2.0.2 | |||
# | |||
#type location of .so file open function (mkmap func) | |||
#==== ================================ ============= ============ | |||
tcp /usr/lib/postfix/dict_tcp.so dict_tcp_open | |||
mysql /usr/lib/postfix/dict_mysql.so dict_mysql_open |
@ -0,0 +1,3 @@ | |||
pwcheck_method: saslauthd | |||
mech_list: PLAIN LOGIN | |||
auxprop_plugin: rimap |
@ -0,0 +1,19 @@ | |||
- name: restart saslauthd | |||
service: name=saslauthd state=restarted | |||
- name: restart mysql | |||
service: name=mysql state=restarted | |||
- name: restart dovecot | |||
service: name=dovecot state=restarted | |||
- name: restart postfix | |||
service: name=postfix state=restarted | |||
- name: restart spamassassin | |||
service: name=spamassassin state=restarted | |||
- name: restart postgrey | |||
service: name=postgrey state=restarted | |||
# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab: |
@ -0,0 +1,125 @@ | |||
- name: Check vars | |||
fail: msg="Missing domain name for first Vdomain creation" | |||
when: domain is not defined | |||
- name: Install packages | |||
apt: pkg={{item}} state=installed update_cache=yes | |||
with_items: "{{ firstpkg }}" | |||
ignore_errors: no | |||
- name: Randomly generate a postfix database password | |||
shell: pwgen -y -B -s 80 1 | |||
register: dbpassword | |||
- name: Install packages | |||
apt: pkg={{item}} state=installed update_cache=yes | |||
with_items: "{{ packages }}" | |||
ignore_errors: no | |||
- name: Downloading postfixadmin | |||
get_url: url=http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-2.91/postfixadmin-2.91.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fpostfixadmin%2Ffiles%2F&ts=1412684802&use_mirror=softlayer-ams validate_certs=no dest=/tmp/postfixadmin-2.91.tar.gz | |||
- name: Creation of the right folder | |||
file: path=/etc/postfixadmin/ state=directory mode=0755 recurse=yes | |||
- name: Untar the beast | |||
unarchive: src=/tmp/postfixadmin-2.91.tar.gz dest=/etc/postfixadmin/ | |||
- name: enable SASLAuthd on boot | |||
copy: src=etc-default-saslauthd dest=/etc/default/saslauthd | |||
notify: restart saslauthd | |||
- name: Adding facteur group and user | |||
shell: groupadd -g 3000 facteur | |||
ignore_errors: yes | |||
- name: Adding facteur group and user | |||
shell: useradd -d /home/facteur -m -u 3000 -g 3000 facteur | |||
ignore_errors: yes | |||
- name: Copy dynmap file | |||
copy: src=etc-postfix-dynmap.cf dest=/etc/postfix/dynmap.cf | |||
- name: creation of /sasl in postfixdir | |||
file: path=/etc/postfix/sasl state=directory | |||
- name: Copying file to directory previously created | |||
copy: src=etc-postfix-sasl-smtpd.conf dest=/etc/postfix/sasl/smtpd.conf | |||
notify: restart postfix | |||
- name: adduser postfix sasl | |||
shell: adduser postfix sasl | |||
notify: restart dovecot | |||
- name: Copy dovecot config files | |||
template: src=dovecot.conf dest=/etc/dovecot/ owner=root mode=655 | |||
- name: Copy dovecot config files | |||
template: src=dovecot-mysql.conf dest=/etc/dovecot/ owner=root mode=655 | |||
- name: Copy postfixadmin config files | |||
template: src=config.inc.php dest=/etc/postfixadmin/ owner=root mode=655 | |||
- name: Copy postfixadmin config files | |||
template: src=dbconfig.inc.php dest=/etc/postfixadmin/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=dynamicmaps.cf dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=main.cf dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=master.cf dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=mysql_relay_domains.cf dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=mysql_virtual_alias_maps.cf dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=mysql_virtual_mailbox_domains.cf dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=mysql_virtual_mailbox_maps.cf dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=postfix-files dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=postfix-script dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=post-install dest=/etc/postfix/ owner=root mode=655 | |||
- name: Copy postfix config files | |||
template: src=root-postfix.sql dest=/etc/postfix/ owner=root mode=655 | |||
- name: Create database for postfix | |||
shell: mysql < /etc/postfix/root-postfix.sql | |||
- name: Config amavis | |||
copy: src=etc-amavis-conf.d-15-content_filter_mode dest=/etc/amavis/conf.d/15-content_filter_mode | |||
- name: Config amavis | |||
copy: src=etc-amavis-conf.d-50-user dest=/etc/amavis/conf.d/50-user | |||
- name: Virus repository | |||
shell: mkdir /var/spool/virusmails | |||
- name: chown | |||
shell: chown amavis:amavis /var/spool/virusmails | |||
- name: update SA | |||
shell: sa-update -D | |||
- name: Config SA | |||
copy: src=etc-default-spamassassin dest=/etc/default/spamassassin | |||
notify: restart spamassassin | |||
- name: Config Postgrey | |||
template: src=etc-default-postgrey dest=/etc/default/postgrey | |||
notify: restart postgrey | |||
# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab: |
@ -0,0 +1,452 @@ | |||
<?php | |||
/** | |||
* Postfix Admin | |||
* | |||
* LICENSE | |||
* This source file is subject to the GPL license that is bundled with | |||
* this package in the file LICENSE.TXT. | |||
* | |||
* Further details on the project are available at : | |||
* http://www.postfixadmin.com or http://postfixadmin.sf.net | |||
* | |||
* @version $Id: config.inc.php 935 2011-01-02 21:33:13Z christian_boltz $ | |||
* @license GNU GPL v2 or later. | |||
* | |||
* File: config.inc.php | |||
* Contains configuration options. | |||
*/ | |||
// This loads the automatic generated DB credentials from /etc/postfixadmin/dbconfig.inc.php | |||
require_once('dbconfig.inc.php'); | |||
if (!isset($dbserver) || empty($dbserver)) | |||
$dbserver='localhost'; | |||
/***************************************************************** | |||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | |||
* You have to set $CONF['configured'] = true; before the | |||
* application will run! | |||
* Doing this implies you have changed this file as required. | |||
* i.e. configuring database etc; specifying setup.php password etc. | |||
*/ | |||
$CONF['configured'] = true; | |||
// In order to setup Postfixadmin, you MUST specify a hashed password here. | |||
// To create the hash, visit setup.php in a browser and type a password into the field, | |||
// on submission it will be echoed out to you as a hashed value. | |||
$CONF['setup_password'] = '{{ dbpassword }}'; | |||
} | |||
} | |||
// Postfix Admin Path | |||
// Set the location of your Postfix Admin installation here. | |||
// YOU MUST ENTER THE COMPLETE URL e.g. http://domain.tld/postfixadmin | |||
$CONF['postfix_admin_url'] = '/postfixadmin'; | |||
// shouldn't need changing. | |||
$CONF['postfix_admin_path'] = dirname(__FILE__); | |||
// Language config | |||
// Language files are located in './languages', change as required.. | |||
$CONF['default_language'] = 'en'; | |||
// Database Config | |||
// mysql = MySQL 3.23 and 4.0, 4.1 or 5 | |||
// mysqli = MySQL 4.1+ | |||
// pgsql = PostgreSQL | |||
$CONF['database_type'] = $dbtype; | |||
$CONF['database_host'] = $dbserver; | |||
$CONF['database_user'] = $dbuser; | |||
$CONF['database_password'] = $dbpass; | |||
$CONF['database_name'] = $dbname; | |||
// If you need to specify a different port for a MYSQL database connection, use e.g. | |||
// $CONF['database_host'] = '172.30.33.66:3308'; | |||
// If you need to specify a different port for POSTGRESQL database connection | |||
// uncomment and change the following | |||
// $CONF['database_port'] = '5432'; | |||
// Here, if you need, you can customize table names. | |||
$CONF['database_prefix'] = ''; | |||
$CONF['database_tables'] = array ( | |||
'admin' => 'admin', | |||
'alias' => 'alias', | |||
'alias_domain' => 'alias_domain', | |||
'config' => 'config', | |||
'domain' => 'domain', | |||
'domain_admins' => 'domain_admins', | |||
'fetchmail' => 'fetchmail', | |||
'log' => 'log', | |||
'mailbox' => 'mailbox', | |||
'vacation' => 'vacation', | |||
'vacation_notification' => 'vacation_notification', | |||
'quota' => 'quota', | |||
'quota2' => 'quota2', | |||
); | |||
// Site Admin | |||
// Define the Site Admins email address below. | |||
// This will be used to send emails from to create mailboxes. | |||
$CONF['admin_email'] = 'postmaster@{{ domain }}'; | |||
// Mail Server | |||
// Hostname (FQDN) of your mail server. | |||
// This is used to send email to Postfix in order to create mailboxes. | |||
$CONF['smtp_server'] = 'localhost'; | |||
$CONF['smtp_port'] = '25'; | |||
// Encrypt | |||
// In what way do you want the passwords to be crypted? | |||
// md5crypt = internal postfix admin md5 | |||
// md5 = md5 sum of the password | |||
// system = whatever you have set as your PHP system default | |||
// cleartext = clear text passwords (ouch!) | |||
// mysql_encrypt = useful for PAM integration | |||
// authlib = support for courier-authlib style passwords | |||
// dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5 | |||
$CONF['encrypt'] = 'md5crypt'; | |||
// In what flavor should courier-authlib style passwords be enrypted? | |||
// md5 = {md5} + base64 encoded md5 hash | |||
// md5raw = {md5raw} + plain encoded md5 hash | |||
// SHA = {SHA} + base64-encoded sha1 hash | |||
// crypt = {crypt} + Standard UNIX DES-enrypted with 2-character salt | |||
$CONF['authlib_default_flavor'] = 'md5raw'; | |||
// If you use the dovecot encryption method: where is the dovecotpw binary located? | |||
$CONF['dovecotpw'] = "/usr/sbin/dovecotpw"; | |||
// Minimum length required for passwords. Postfixadmin will not | |||
// allow users to set passwords which are shorter than this value. | |||
$CONF['min_password_length'] = 5; | |||
// Generate Password | |||
// Generate a random password for a mailbox or admin and display it. | |||
// If you want to automagically generate paswords set this to 'YES'. | |||
$CONF['generate_password'] = 'NO'; | |||
// Show Password | |||
// Always show password after adding a mailbox or admin. | |||
// If you want to always see what password was set set this to 'YES'. | |||
$CONF['show_password'] = 'NO'; | |||
// Page Size | |||
// Set the number of entries that you would like to see | |||
// in one page. | |||
$CONF['page_size'] = '10'; | |||
// Default Aliases | |||
// The default aliases that need to be created for all domains. | |||
$CONF['default_aliases'] = array ( | |||
'abuse' => 'abuse@{{ domain }}', | |||
'hostmaster' => 'hostmaster@{{ domain }}', | |||
'postmaster' => 'postmaster@{{ domain }}', | |||
'webmaster' => 'webmaster@{{ domain }}' | |||
); | |||
// Mailboxes | |||
// If you want to store the mailboxes per domain set this to 'YES'. | |||
// Examples: | |||
// YES: /usr/local/virtual/domain.tld/username@domain.tld | |||
// NO: /usr/local/virtual/username@domain.tld | |||
$CONF['domain_path'] = 'NO'; | |||
// If you don't want to have the domain in your mailbox set this to 'NO'. | |||
// Examples: | |||
// YES: /usr/local/virtual/domain.tld/username@domain.tld | |||
// NO: /usr/local/virtual/domain.tld/username | |||
// Note: If $CONF['domain_path'] is set to NO, this setting will be forced to YES. | |||
$CONF['domain_in_mailbox'] = 'YES'; | |||
// If you want to define your own function to generate a maildir path set this to the name of the function. | |||
// Notes: | |||
// - this configuration directive will override both domain_path and domain_in_mailbox | |||
// - the maildir_name_hook() function example is present below, commented out | |||
// - if the function does not exist the program will default to the above domain_path and domain_in_mailbox settings | |||
$CONF['maildir_name_hook'] = 'NO'; | |||
/* | |||
maildir_name_hook example function | |||
Called by create-mailbox.php if $CONF['maildir_name_hook'] == '<name_of_the_function>' | |||
- allows for customized maildir paths determined by a custom function | |||
- the example below will prepend a single-character directory to the | |||
beginning of the maildir, splitting domains more or less evenly over | |||
36 directories for improved filesystem performance with large numbers | |||
of domains. | |||
Returns: maildir path | |||
ie. I/example.com/user/ | |||
*/ | |||
/* | |||
function maildir_name_hook($domain, $user) { | |||
$chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; | |||
$dir_index = hexdec(substr(md5($domain), 28)) % strlen($chars); | |||
$dir = substr($chars, $dir_index, 1); | |||
return sprintf("%s/%s/%s/", $dir, $domain, $user); | |||
} | |||
*/ | |||
// Default Domain Values | |||
// Specify your default values below. Quota in MB. | |||
$CONF['aliases'] = '10'; | |||
$CONF['mailboxes'] = '10'; | |||
$CONF['maxquota'] = '10'; | |||
// Quota | |||
// When you want to enforce quota for your mailbox users set this to 'YES'. | |||
$CONF['quota'] = 'NO'; | |||
// You can either use '1024000' or '1048576' | |||
$CONF['quota_multiplier'] = '1024000'; | |||
// Transport | |||
// If you want to define additional transport options for a domain set this to 'YES'. | |||
// Read the transport file of the Postfix documentation. | |||
$CONF['transport'] = 'NO'; | |||
// Transport options | |||
// If you want to define additional transport options put them in array below. | |||
$CONF['transport_options'] = array ( | |||
'virtual', // for virtual accounts | |||
'local', // for system accounts | |||
'relay' // for backup mx | |||
); | |||
// Transport default | |||
// You should define default transport. It must be in array above. | |||
$CONF['transport_default'] = 'virtual'; | |||
// Virtual Vacation | |||
// If you want to use virtual vacation for you mailbox users set this to 'YES'. | |||
// NOTE: Make sure that you install the vacation module. (See VIRTUAL-VACATION/) | |||
$CONF['vacation'] = 'NO'; | |||
// This is the autoreply domain that you will need to set in your Postfix | |||
// transport maps to handle virtual vacations. It does not need to be a | |||
// real domain (i.e. you don't need to setup DNS for it). | |||
$CONF['vacation_domain'] = 'autoreply.{{ domain }}'; | |||
// Vacation Control | |||
// If you want users to take control of vacation set this to 'YES'. | |||
$CONF['vacation_control'] ='YES'; | |||
// Vacation Control for admins | |||
// Set to 'YES' if your domain admins should be able to edit user vacation. | |||
$CONF['vacation_control_admin'] = 'YES'; | |||
// Alias Control | |||
// Postfix Admin inserts an alias in the alias table for every mailbox it creates. | |||
// The reason for this is that when you want catch-all and normal mailboxes | |||
// to work you need to have the mailbox replicated in the alias table. | |||
// If you want to take control of these aliases as well set this to 'YES'. | |||
// Alias control for superadmins | |||
$CONF['alias_control'] = 'NO'; | |||
// Alias Control for domain admins | |||
$CONF['alias_control_admin'] = 'NO'; | |||
// Special Alias Control | |||
// Set to 'NO' if your domain admins shouldn't be able to edit the default aliases | |||
// as defined in $CONF['default_aliases'] | |||
$CONF['special_alias_control'] = 'NO'; | |||
// Alias Goto Field Limit | |||
// Set the max number of entries that you would like to see | |||
// in one 'goto' field in overview, the rest will be hidden and "[and X more...]" will be added. | |||
// '0' means no limits. | |||
$CONF['alias_goto_limit'] = '0'; | |||
// Alias Domains | |||
// Alias domains allow to "mirror" aliases and mailboxes to another domain. This makes | |||
// configuration easier if you need the same set of aliases on multiple domains, but | |||
// also requires postfix to do more database queries. | |||
// Note: If you update from 2.2.x or earlier, you will have to update your postfix configuration. | |||
// Set to 'NO' to disable alias domains. | |||
$CONF['alias_domain'] = 'YES'; | |||
// Backup | |||
// If you don't want backup tab set this to 'NO'; | |||
$CONF['backup'] = 'YES'; | |||
// Send Mail | |||
// If you don't want sendmail tab set this to 'NO'; | |||
$CONF['sendmail'] = 'YES'; | |||
// Logging | |||
// If you don't want logging set this to 'NO'; | |||
$CONF['logging'] = 'YES'; | |||
// Fetchmail | |||
// If you don't want fetchmail tab set this to 'NO'; | |||
$CONF['fetchmail'] = 'YES'; | |||
// fetchmail_extra_options allows users to specify any fetchmail options and any MDA | |||
// (it will even accept 'rm -rf /' as MDA!) | |||
// This should be set to NO, except if you *really* trust *all* your users. | |||
$CONF['fetchmail_extra_options'] = 'NO'; | |||
// Header | |||
$CONF['show_header_text'] = 'NO'; | |||
$CONF['header_text'] = ':: Postfix Admin ::'; | |||
// link to display under 'Main' menu when logged in as a user. | |||
$CONF['user_footer_link'] = "http://{{ domain }}/main"; | |||
// Footer | |||
// Below information will be on all pages. | |||
// If you don't want the footer information to appear set this to 'NO'. | |||
$CONF['show_footer_text'] = 'YES'; | |||
$CONF['footer_text'] = 'Return to {{ domain }}'; | |||
$CONF['footer_link'] = 'http://{{ domain }}'; | |||
// Welcome Message | |||
// This message is send to every newly created mailbox. | |||
// Change the text between EOM. | |||
$CONF['welcome_text'] = <<<EOM | |||
Hi, | |||
Welcome to your new account. | |||
EOM; | |||
// When creating mailboxes or aliases, check that the domain-part of the | |||
// address is legal by performing a name server look-up. | |||
$CONF['emailcheck_resolve_domain']='YES'; | |||
// Optional: | |||
// Analyze alias gotos and display a colored block in the first column | |||
// indicating if an alias or mailbox appears to deliver to a non-existent | |||
// account. Also, display indications, for POP/IMAP mailboxes and | |||
// for custom destinations (such as mailboxes that forward to a UNIX shell | |||
// account or mail that is sent to a MS exchange server, or any other | |||
// domain or subdomain you use) | |||
// See http://www.w3schools.com/html/html_colornames.asp for a list of | |||
// color names available on most browsers | |||
//set to YES to enable this feature | |||
$CONF['show_status']='NO'; | |||
//display a guide to what these colors mean | |||
$CONF['show_status_key']='NO'; | |||
// 'show_status_text' will be displayed with the background colors | |||
// associated with each status, you can customize it here | |||
$CONF['show_status_text']=' '; | |||
// show_undeliverable is useful if most accounts are delivered to this | |||
// postfix system. If many aliases and mailboxes are forwarded | |||
// elsewhere, you will probably want to disable this. | |||
$CONF['show_undeliverable']='NO'; | |||
$CONF['show_undeliverable_color']='tomato'; | |||
// mails to these domains will never be flagged as undeliverable | |||
$CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext","gmail.com"); | |||
$CONF['show_popimap']='NO'; | |||
$CONF['show_popimap_color']='darkgrey'; | |||
// you can assign special colors to some domains. To do this, | |||
// - add the domain to show_custom_domains | |||
// - add the corresponding color to show_custom_colors | |||
$CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext"); | |||
$CONF['show_custom_colors']=array("lightgreen","lightblue"); | |||
// If you use a recipient_delimiter in your postfix config, you can also honor it when aliases are checked. | |||
// Example: $CONF['recipient_delimiter'] = "+"; | |||
// Set to "" to disable this check. | |||
$CONF['recipient_delimiter'] = ""; | |||
// Optional: | |||
// Script to run after creation of mailboxes. | |||
// Note that this may fail if PHP is run in "safe mode", or if | |||
// operating system features (such as SELinux) or limitations | |||
// prevent the web-server from executing external scripts. | |||
// Parameters: (1) username (2) domain (3) maildir (4) quota | |||
// $CONF['mailbox_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postcreation.sh'; | |||
// Optional: | |||
// Script to run after alteration of mailboxes. | |||
// Note that this may fail if PHP is run in "safe mode", or if | |||
// operating system features (such as SELinux) or limitations | |||
// prevent the web-server from executing external scripts. | |||
// Parameters: (1) username (2) domain (3) maildir (4) quota | |||
// $CONF['mailbox_postedit_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postedit.sh'; | |||
// Optional: | |||
// Script to run after deletion of mailboxes. | |||
// Note that this may fail if PHP is run in "safe mode", or if | |||
// operating system features (such as SELinux) or limitations | |||
// prevent the web-server from executing external scripts. | |||
// Parameters: (1) username (2) domain | |||
// $CONF['mailbox_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postdeletion.sh'; | |||
// Optional: | |||
// Script to run after creation of domains. | |||
// Note that this may fail if PHP is run in "safe mode", or if | |||
// operating system features (such as SELinux) or limitations | |||
// prevent the web-server from executing external scripts. | |||
// Parameters: (1) domain | |||
//$CONF['domain_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postcreation.sh'; | |||
// Optional: | |||
// Script to run after deletion of domains. | |||
// Note that this may fail if PHP is run in "safe mode", or if | |||
// operating system features (such as SELinux) or limitations | |||
// prevent the web-server from executing external scripts. | |||
// Parameters: (1) domain | |||
// $CONF['domain_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postdeletion.sh'; | |||
// Optional: | |||
// Sub-folders which should automatically be created for new users. | |||
// The sub-folders will also be subscribed to automatically. | |||
// Will only work with IMAP server which implement sub-folders. | |||
// Will not work with POP3. | |||
// If you define create_mailbox_subdirs, then the | |||
// create_mailbox_subdirs_host must also be defined. | |||
// | |||
// $CONF['create_mailbox_subdirs']=array('Spam'); | |||
// $CONF['create_mailbox_subdirs_host']='localhost'; | |||
// | |||
// Specify '' for Dovecot and 'INBOX.' for Courier. | |||
$CONF['create_mailbox_subdirs_prefix']='INBOX.'; | |||
// Optional: | |||
// Show used quotas from Dovecot dictionary backend in virtual | |||
// mailbox listing. | |||
// See: DOCUMENTATION/DOVECOT.txt | |||
// http://wiki.dovecot.org/Quota/Dict | |||
// | |||
$CONF['used_quotas'] = 'NO'; | |||
// if you use dovecot >= 1.2, set this to yes. | |||
// Note about dovecot config: table "quota" is for 1.0 & 1.1, table "quota2" is for dovecot 1.2 and newer | |||
$CONF['new_quota_table'] = 'NO'; | |||
// | |||
// Normally, the TCP port number does not have to be specified. | |||
// $CONF['create_mailbox_subdirs_hostport']=143; | |||
// | |||
// If you have trouble connecting to the IMAP-server, then specify | |||
// a value for $CONF['create_mailbox_subdirs_hostoptions']. These | |||
// are some examples to experiment with: | |||
// $CONF['create_mailbox_subdirs_hostoptions']=array('notls'); | |||
// $CONF['create_mailbox_subdirs_hostoptions']=array('novalidate-cert','norsh'); | |||
// See also the "Optional flags for names" table at | |||
// http://www.php.net/manual/en/function.imap-open.php | |||
// Theme Config | |||
// Specify your own logo and CSS file | |||
$CONF['theme_logo'] = 'images/logo-default.png'; | |||
$CONF['theme_css'] = 'css/default.css'; | |||
// XMLRPC Interface. | |||
// This should be only of use if you wish to use e.g the | |||
// Postfixadmin-Squirrelmail package | |||
// change to boolean true to enable xmlrpc | |||
$CONF['xmlrpc_enabled'] = false; | |||
// If you want to keep most settings at default values and/or want to ensure | |||
// that future updates work without problems, you can use a separate config | |||
// file (config.local.php) instead of editing this file and override some | |||
// settings there. | |||
if (file_exists(dirname(__FILE__) . '/config.local.php')) { | |||
include(dirname(__FILE__) . '/config.local.php'); | |||
} | |||
// | |||
// END OF CONFIG FILE | |||
// | |||
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ |
@ -0,0 +1,21 @@ | |||
<?php | |||
## | |||
## database access settings in php format | |||
## automatically generated from /etc/dbconfig-common/postfixadmin.conf | |||
## by /usr/sbin/dbconfig-generate-include | |||
## Sun, 02 Feb 2014 10:34:12 +0100 | |||
## | |||
## by default this file is managed via ucf, so you shouldn't have to | |||
## worry about manual changes being silently discarded. *however*, | |||
## you'll probably also want to edit the configuration file mentioned | |||
## above too. | |||
## | |||
$dbuser='postfix'; | |||
$dbpass='{{ dbpassword }}'; | |||
} | |||
} | |||
$basepath=''; | |||
$dbname='postfix'; | |||
$dbserver=''; | |||
$dbport=''; | |||
$dbtype='mysql'; |
@ -0,0 +1,5 @@ | |||
driver = mysql | |||
connect = host=127.0.0.1 dbname=postfix user=postfix password={{ dbpassword }} | |||
default_pass_scheme = MD5-CRYPT | |||
user_query = SELECT '/home/facteur/%d/%n' as home, 3000 AS uid, 3000 AS gid FROM mailbox WHERE username = '%u' | |||
password_query = SELECT password FROM mailbox WHERE username = '%u' |
@ -0,0 +1,51 @@ | |||
## Dovecot configuration file | |||
protocols = imap imaps pop3 pop3s managesieve | |||
log_timestamp = "%Y-%m-%d %H:%M:%S " | |||
mail_privileged_group = mail | |||
disable_plaintext_auth = no | |||
mail_location = maildir:/home/facteur/%d/%n:INDEX=/home/facteur/%d/%n/indexes | |||
protocol imap { | |||
} | |||
protocol pop3 { | |||
} | |||
protocol managesieve { | |||
listen = *:4190 | |||
login_executable = /usr/lib/dovecot/managesieve-login | |||
mail_executable = /usr/lib/dovecot/managesieve | |||
} | |||
protocol lda { | |||
postmaster_address = admin@{{ domain }} | |||
mail_plugin_dir = /usr/lib/dovecot/modules/lda | |||
auth_socket_path = /var/run/dovecot/auth-master | |||
mail_plugins = sieve quota | |||
} | |||
auth default { | |||
userdb sql { | |||
args = /etc/dovecot/dovecot-mysql.conf | |||
} | |||
passdb sql { | |||
args = /etc/dovecot/dovecot-mysql.conf | |||
} | |||
socket listen { | |||
master { | |||
path = /var/run/dovecot/auth-master | |||
mode = 0600 | |||
user = facteur | |||
} | |||
client { | |||
path = /var/spool/postfix/private/auth | |||
mode = 0660 | |||
user = postfix | |||
group = postfix | |||
} | |||
} | |||
} | |||
dict { | |||
} | |||
plugin { | |||
sieve_dir = /home/facteur/%d/%n/sieve | |||
sieve = /home/facteur/%d/%n/.dovecot.sieve | |||
} |
@ -0,0 +1,6 @@ | |||
# Postfix dynamic maps configuration file. | |||
# | |||
#type location of .so file open function (mkmap func) | |||
#==== ================================ ============= ============ | |||
tcp /usr/lib/postfix/dict_tcp.so dict_tcp_open | |||
sqlite /usr/lib/postfix/dict_sqlite.so dict_sqlite_open |
@ -0,0 +1,13 @@ | |||
# postgrey startup options, created for Debian | |||
# you may want to set | |||
# --delay=N how long to greylist, seconds (default: 300) | |||
# --max-age=N delete old entries after N days (default: 35) | |||
# see also the postgrey(8) manpage | |||
#POSTGREY_OPTS="--inet=10023" | |||
POSTGREY_OPTS="--inet=10023 --delay=300 --hostname=mail.{{ domain }} --auto-whitelist-clients" | |||
# the --greylist-text commandline argument can not be easily passed through | |||
# POSTGREY_OPTS when it contains spaces. So, insert your text here: | |||
#POSTGREY_TEXT="Your customized rejection message here" |
@ -0,0 +1,96 @@ | |||
# See /usr/share/postfix/main.cf.dist for a commented, more complete version | |||
# Debian specific: Specifying a file name will cause the first | |||
# line of that file to be used as the name. The Debian default | |||
# is /etc/mailname. | |||
#myorigin = /etc/mailname | |||
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) | |||
biff = no | |||
# appending .domain is the MUA's job. | |||
append_dot_mydomain = no | |||
# Uncomment the next line to generate "delayed mail" warnings | |||
delay_warning_time = 4h | |||
readme_directory = no | |||
# TLS parameters | |||
#http://workaround.org/comment/2536 | |||
# | |||
#smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem | |||
#smtpd_tls_key_file = /etc/ssl/private/postfix.pem | |||
# old | |||
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem | |||
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key | |||
# | |||
#smtpd_tls_cert_file=/home/doo/temp/crt/postfix.crt | |||
#smtpd_tls_key_file=/home/doo/temp/crt/myca.key | |||
# smtpd_tls_key_file = /etc/ssl/private/smtpd.key | |||
# smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt | |||
# smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem | |||
smtpd_tls_key_file = /etc/ssl/mail.key | |||
smtpd_tls_cert_file = /etc/ssl/mail.crt | |||
smtpd_tls_CAfile = /etc/ssl/ca-bundle.crt | |||
smtp_tls_CAfile = $smtpd_tls_CAfile | |||
smtpd_use_tls=yes | |||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | |||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |||
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | |||
# information on enabling SSL in the smtp client. | |||
myhostname = {{ domain }} | |||
alias_maps = hash:/etc/aliases | |||
alias_database = hash:/etc/aliases | |||
myorigin = /etc/mailname | |||
mydestination = localhost.net, localhost | |||
relayhost = | |||
mynetworks = 127.0.0.0/8 192.168.10.0/24 | |||
mailbox_size_limit = 0 | |||
recipient_delimiter = + | |||
inet_interfaces = all | |||
inet_protocols = ipv4 | |||
virtual_uid_maps = static:3000 | |||
virtual_gid_maps = static:3000 | |||
virtual_mailbox_base = /home/facteur | |||
virtual_transport = dovecot | |||
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf | |||
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf | |||
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf | |||
relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf | |||
smtpd_recipient_restrictions = | |||
permit_mynetworks, | |||
permit_sasl_authenticated, | |||
reject_non_fqdn_hostname, | |||
reject_non_fqdn_sender, | |||
reject_non_fqdn_recipient, | |||
reject_unauth_destination, | |||
reject_unauth_pipelining, | |||
reject_rbl_client bl.spamcop.net, | |||
reject_rbl_client allinone.bl.blocklist.de, | |||
reject_rbl_client zen.spamhaus.org, | |||
reject_rbl_client cbl.abuseat.org, | |||
reject_invalid_hostname | |||
smtpd_sasl_auth_enable = yes | |||
smtpd_sasl_security_options = noanonymous | |||
broken_sasl_auth_clients = yes | |||
# Indiquer à Postfix de livrer à un destinataire à la fois | |||
# la réception d'un mail en provenance d'un expéditeur unique avec plusieurs destinataire ne fonctionnerais pas sans cette option | |||
dovecot_destination_recipient_limit = 1 | |||
content_filter = amavis:[127.0.0.1]:10024 | |||
receive_override_options = no_address_mappings | |||
## ajout suite à la lecture de la doc postfix | |||
#notify_classes = ressource, software, protocol |
@ -0,0 +1,113 @@ | |||
# | |||
# Postfix master process configuration file. For details on the format | |||
# of the file, see the master(5) manual page (command: "man 5 master"). | |||
# | |||
# Do not forget to execute "postfix reload" after editing this file. | |||
# | |||
# ========================================================================== | |||
# service type private unpriv chroot wakeup maxproc command + args | |||
# (yes) (yes) (yes) (never) (100) | |||
# ========================================================================== | |||
smtp inet n - - - - smtpd | |||
#smtp inet n - - - 1 postscreen | |||
#smtpd pass - - - - - smtpd | |||
#dnsblog unix - - - - 0 dnsblog | |||
#tlsproxy unix - - - - 0 tlsproxy | |||
#submission inet n - - - - smtpd | |||
# -o syslog_name=postfix/submission | |||
# -o smtpd_tls_security_level=encrypt | |||
# -o smtpd_sasl_auth_enable=yes | |||
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject | |||
# -o milter_macro_daemon_name=ORIGINATING | |||
#smtps inet n - - - - smtpd | |||
# -o syslog_name=postfix/smtps | |||
# -o smtpd_tls_wrappermode=yes | |||
# -o smtpd_sasl_auth_enable=yes | |||
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject | |||
# -o milter_macro_daemon_name=ORIGINATING | |||
#628 inet n - - - - qmqpd | |||
pickup fifo n - - 60 1 pickup | |||
cleanup unix n - - - 0 cleanup | |||
qmgr fifo n - n 300 1 qmgr | |||
#qmgr fifo n - n 300 1 oqmgr | |||
tlsmgr unix - - - 1000? 1 tlsmgr | |||
rewrite unix - - - - - trivial-rewrite | |||
bounce unix - - - - 0 bounce | |||
defer unix - - - - 0 bounce | |||
trace unix - - - - 0 bounce | |||
verify unix - - - - 1 verify | |||
flush unix n - - 1000? 0 flush | |||
proxymap unix - - n - - proxymap | |||
proxywrite unix - - n - 1 proxymap | |||
smtp unix - - - - - smtp | |||
relay unix - - - - - smtp | |||
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 | |||
showq unix n - - - - showq | |||
error unix - - - - - error | |||
retry unix - - - - - error | |||
discard unix - - - - - discard | |||
local unix - n n - - local | |||
virtual unix - n n - - virtual | |||
lmtp unix - - - - - lmtp | |||
anvil unix - - - - 1 anvil | |||
scache unix - - - - 1 scache | |||
# | |||
# ==================================================================== | |||
# Interfaces to non-Postfix software. Be sure to examine the manual | |||
# pages of the non-Postfix software to find out what options it wants. | |||
# | |||
# Many of the following services use the Postfix pipe(8) delivery | |||
# agent. See the pipe(8) man page for information about ${recipient} | |||
# and other message envelope options. | |||
# ==================================================================== | |||
# | |||
# maildrop. See the Postfix MAILDROP_README file for details. | |||
# Also specify in main.cf: maildrop_destination_recipient_limit=1 | |||
# | |||
maildrop unix - n n - - pipe | |||
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} | |||
# | |||
# ==================================================================== | |||
# | |||
# Recent Cyrus versions can use the existing "lmtp" master.cf entry. | |||
# | |||
# Specify in cyrus.conf: | |||
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 | |||
# | |||
# Specify in main.cf one or more of the following: | |||
# mailbox_transport = lmtp:inet:localhost | |||
# virtual_transport = lmtp:inet:localhost | |||
# | |||
# ==================================================================== | |||
# | |||
# Cyrus 2.1.5 (Amos Gouaux) | |||
# Also specify in main.cf: cyrus_destination_recipient_limit=1 | |||
# | |||
#cyrus unix - n n - - pipe | |||
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} | |||
# | |||
# ==================================================================== | |||
# Old example of delivery via Cyrus. | |||
# | |||
#old-cyrus unix - n n - - pipe | |||
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} | |||
# | |||
# ==================================================================== | |||
# | |||
# See the Postfix UUCP_README file for configuration details. | |||
# | |||
uucp unix - n n - - pipe | |||
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) | |||
# | |||
# Other external delivery methods. | |||
# | |||
ifmail unix - n n - - pipe | |||
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) | |||
bsmtp unix - n n - - pipe | |||
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient | |||
scalemail-backend unix - n n - 2 pipe | |||
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} | |||
mailman unix - n n - - pipe | |||
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py | |||
${nexthop} ${user} | |||
@ -0,0 +1,5 @@ | |||
hosts = 127.0.0.1 | |||
user = postfix | |||
password = {{ dbpassword }} | |||
dbname = postfix | |||
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = 1 |
@ -0,0 +1,5 @@ | |||
hosts = 127.0.0.1 | |||
user = postfix | |||
password = {{ dbpassword }} | |||
dbname = postfix | |||
query = SELECT goto FROM alias WHERE address='%s' AND active = 1 |
@ -0,0 +1,5 @@ | |||
hosts = 127.0.0.1 | |||
user = postfix | |||
password = {{ dbpassword }} | |||
dbname = postfix | |||
query = SELECT domain FROM domain WHERE domain='%s' and backupmx = 0 and active = 1 |
@ -0,0 +1,5 @@ | |||
hosts = 127.0.0.1 | |||
user = postfix | |||
password = {{ dbpassword }} | |||
dbname = postfix | |||
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = 1 |
@ -0,0 +1,833 @@ | |||
#!/bin/sh | |||
# To view the formatted manual page of this file, type: | |||
# POSTFIXSOURCE/mantools/srctoman - post-install | nroff -man | |||
#++ | |||
# NAME | |||
# post-install | |||
# SUMMARY | |||
# Postfix post-installation script | |||
# SYNOPSIS | |||
# postfix post-install [name=value] command ... | |||
# DESCRIPTION | |||
# The post-install script performs the finishing touch of a Postfix | |||
# installation, after the executable programs and configuration | |||
# files are installed. Usage is one of the following: | |||
# .IP o | |||
# While installing Postfix from source code on the local machine, the | |||
# script is run by the postfix-install script to update selected file | |||
# or directory permissions and to update Postfix configuration files. | |||
# .IP o | |||
# While installing Postfix from a pre-built package, the script is run | |||
# by the package management procedure to set all file or directory | |||
# permissions and to update Postfix configuration files. | |||
# .IP o | |||
# The script can be used to change installation parameter settings such | |||
# as mail_owner or setgid_group after Postfix is already installed. | |||
# .IP o | |||
# The script can be used to upgrade configuration files and to upgrade | |||
# file/directory permissions of a secondary Postfix instance. | |||
# .IP o | |||
# At Postfix start-up time, the script is run from "postfix check" to | |||
# create missing queue directories. | |||
# .PP | |||
# The post-install script is controlled by installation parameters. | |||
# Specific parameters are described at the end of this document. | |||
# All installation parameters must be specified ahead of time via | |||
# one of the methods described below. | |||
# | |||
# Arguments | |||
# .IP create-missing | |||
# Create missing queue directories with ownerships and permissions | |||
# according to the contents of $daemon_directory/postfix-files, using | |||
# the mail_owner and setgid_group parameter settings from the command | |||
# line, process environment or from the installed main.cf file. | |||
# | |||
# This is required at Postfix start-up time. | |||
# .IP set-permissions | |||
# Set all file/directory ownerships and permissions according to the | |||
# contents of $daemon_directory/postfix-files, using the mail_owner | |||
# and setgid_group parameter settings from the command line, process | |||
# environment or from the installed main.cf file. Implies create-missing. | |||
# | |||
# This is required when installing Postfix from a pre-built package, | |||
# or when changing the mail_owner or setgid_group installation parameter | |||
# settings after Postfix is already installed. | |||
# .IP upgrade-permissions | |||
# Update ownership and permission of existing files/directories as | |||
# specified in $daemon_directory/postfix-files, using the mail_owner | |||
# and setgid_group parameter settings from the command line, process | |||
# environment or from the installed main.cf file. Implies create-missing. | |||
# | |||
# This is required when upgrading an existing Postfix instance. | |||
# .IP upgrade-configuration | |||
# Edit the installed main.cf and master.cf files, in order to account | |||
# for missing services and to fix deprecated parameter settings. | |||
# | |||
# This is required when upgrading an existing Postfix instance. | |||
# .IP upgrade-source | |||
# Short-hand for: upgrade-permissions upgrade-configuration. | |||
# | |||
# This is recommended when upgrading Postfix from source code. | |||
# .IP upgrade-package | |||
# Short-hand for: set-permissions upgrade-configuration. | |||
# | |||
# This is recommended when upgrading Postfix from a pre-built package. | |||
# .IP first-install-reminder | |||
# Remind the user that they still need to configure main.cf and the | |||
# aliases file, and that newaliases still needs to be run. | |||
# | |||
# This is recommended when Postfix is installed for the first time. | |||
# MULTIPLE POSTFIX INSTANCES | |||
# .ad | |||
# .fi | |||
# Multiple Postfix instances on the same machine can share command and | |||
# daemon program files but must have separate configuration and queue | |||
# directories. | |||
# | |||
# To create a secondary Postfix installation on the same machine, | |||
# copy the configuration files from the primary Postfix instance to | |||
# a secondary configuration directory and execute: | |||
# | |||
# postfix post-install config_directory=secondary-config-directory \e | |||
# .in +4 | |||
# queue_directory=secondary-queue-directory \e | |||
# .br | |||
# create-missing | |||
# .PP | |||
# This creates secondary Postfix queue directories, sets their access | |||
# permissions, and saves the specified installation parameters to the | |||
# secondary main.cf file. | |||
# | |||
# Be sure to list the secondary configuration directory in the | |||
# alternate_config_directories parameter in the primary main.cf file. | |||
# | |||
# To upgrade a secondary Postfix installation on the same machine, | |||
# execute: | |||
# | |||
# postfix post-install config_directory=secondary-config-directory \e | |||
# .in +4 | |||
# upgrade-permissions upgrade-configuration | |||
# INSTALLATION PARAMETER INPUT METHODS | |||
# .ad | |||
# .fi | |||
# Parameter settings can be specified through a variety of | |||
# mechanisms. In order of decreasing precedence these are: | |||
# .IP "command line" | |||
# Parameter settings can be given as name=value arguments on | |||
# the post-install command line. These have the highest precedence. | |||
# Settings that override the installed main.cf file are saved. | |||
# .IP "process environment" | |||
# Parameter settings can be given as name=value environment | |||
# variables. | |||
# Settings that override the installed main.cf file are saved. | |||
# .IP "installed configuration files" | |||
# If a parameter is not specified via the command line or via the | |||
# process environment, post-install will attempt to extract its | |||
# value from the already installed Postfix main.cf configuration file. | |||
# These settings have the lowest precedence. | |||
# INSTALLATION PARAMETER DESCRIPTION | |||
# .ad | |||
# .fi | |||
# The description of installation parameters is as follows: | |||
# .IP config_directory | |||
# The directory for Postfix configuration files. | |||
# .IP daemon_directory | |||
# The directory for Postfix daemon programs. This directory | |||
# should not be in the command search path of any users. | |||
# .IP command_directory | |||
# The directory for Postfix administrative commands. This | |||
# directory should be in the command search path of adminstrative users. | |||
# .IP queue_directory | |||
# The directory for Postfix queues. | |||
# .IP data_directory | |||
# The directory for Postfix writable data files (caches, etc.). | |||
# .IP sendmail_path | |||
# The full pathname for the Postfix sendmail command. | |||
# This is the Sendmail-compatible mail posting interface. | |||
# .IP newaliases_path | |||
# The full pathname for the Postfix newaliases command. | |||
# This is the Sendmail-compatible command to build alias databases | |||
# for the Postfix local delivery agent. | |||
# .IP mailq_path | |||
# The full pathname for the Postfix mailq command. | |||
# This is the Sendmail-compatible command to list the mail queue. | |||
# .IP mail_owner | |||
# The owner of the Postfix queue. Its numerical user ID and group ID | |||
# must not be used by any other accounts on the system. | |||
# .IP setgid_group | |||
# The group for mail submission and for queue management commands. | |||
# Its numerical group ID must not be used by any other accounts on the | |||
# system, not even by the mail_owner account. | |||
# .IP html_directory | |||
# The directory for the Postfix HTML files. | |||
# .IP manpage_directory | |||
# The directory for the Postfix on-line manual pages. | |||
# .IP sample_directory | |||
# The directory for the Postfix sample configuration files. | |||
# This feature is obsolete as of Postfix 2.1. | |||
# .IP readme_directory | |||
# The directory for the Postfix README files. | |||
# SEE ALSO | |||
# postfix-install(1) Postfix primary installation script. | |||
# FILES | |||
# $config_directory/main.cf, Postfix installation parameters. | |||
# $daemon_directory/postfix-files, installation control file. | |||
# $config_directory/install.cf, obsolete configuration file. | |||
# LICENSE | |||
# .ad | |||
# .fi | |||
# The Secure Mailer license must be distributed with this software. | |||
# AUTHOR(S) | |||
# Wietse Venema | |||
# IBM T.J. Watson Research | |||
# P.O. Box 704 | |||
# Yorktown Heights, NY 10598, USA | |||
#-- | |||
umask 022 | |||
PATH=/bin:/usr/bin:/usr/sbin:/usr/etc:/sbin:/etc:/usr/contrib/bin:/usr/gnu/bin:/usr/ucb:/usr/bsd | |||
SHELL=/bin/sh | |||
IFS=" | |||
" | |||
BACKUP_IFS="$IFS" | |||
debug=: | |||
#debug=echo | |||
MOST_PARAMETERS="command_directory daemon_directory data_directory | |||
html_directory mail_owner mailq_path manpage_directory | |||
newaliases_path queue_directory readme_directory sample_directory | |||
sendmail_path setgid_group" | |||
NON_SHARED="config_directory queue_directory data_directory" | |||
USAGE="Usage: $0 [name=value] command | |||
create-missing Create missing queue directories. | |||
upgrade-source When installing or upgrading from source code. | |||
upgrade-package When installing or upgrading from pre-built package. | |||
first-install-reminder Remind of mandatory first-time configuration steps. | |||
name=value Specify an installation parameter". | |||
# Process command-line options and parameter settings. Work around | |||
# brain damaged shells. "IFS=value command" should not make the | |||
# IFS=value setting permanent. But some broken standard allows it. | |||
create=; set_perms=; upgrade_perms=; upgrade_conf=; first_install_reminder= | |||
obsolete=; keep_list=; | |||
for arg | |||
do | |||
case $arg in | |||
*=*) IFS= eval $arg; IFS="$BACKUP_IFS";; | |||
create-missing) create=1;; | |||
set-perm*) create=1; set_perms=1;; | |||
upgrade-perm*) create=1; upgrade_perms=1;; | |||
upgrade-conf*) upgrade_conf=1;; | |||
upgrade-source) create=1; upgrade_conf=1; upgrade_perms=1;; | |||
upgrade-package) create=1; upgrade_conf=1; set_perms=1;; | |||
first-install*) first_install_reminder=1;; | |||
*) echo "$0: Error: $USAGE" 1>&2; exit 1;; | |||
esac | |||
shift | |||
done | |||
# Sanity checks. | |||
test -n "$create$upgrade_conf$first_install_reminder" || { | |||
echo "$0: Error: $USAGE" 1>&2 | |||
exit 1 | |||
} | |||
# Bootstrapping problem. | |||
if [ -n "$command_directory" ] | |||
then | |||
POSTCONF="$command_directory/postconf" | |||
else | |||
POSTCONF="postconf" | |||
fi | |||
$POSTCONF -d mail_version >/dev/null 2>/dev/null || { | |||
echo $0: Error: no $POSTCONF command found. 1>&2 | |||
echo Re-run this command as $0 command_directory=/some/where. 1>&2 | |||
exit 1 | |||
} | |||
# Also used to require license etc. files only in the default instance. | |||
def_config_directory=`$POSTCONF -d -h config_directory` || exit 1 | |||
test -n "$config_directory" || | |||
config_directory="$def_config_directory" | |||
test -d "$config_directory" || { | |||
echo $0: Error: $config_directory is not a directory. 1>&2 | |||
exit 1 | |||
} | |||
# If this is a secondary instance, don't touch shared files. | |||
# XXX Solaris does not have "test -e". | |||
instances=`test ! -f $def_config_directory/main.cf || | |||
$POSTCONF -c $def_config_directory -h multi_instance_directories | | |||
sed 's/,/ /'` || exit 1 | |||
update_shared_files=1 | |||
for name in $instances | |||
do | |||
case "$name" in | |||
"$def_config_directory") ;; | |||
"$config_directory") update_shared_files=; break;; | |||
esac | |||
done | |||
test -f $daemon_directory/postfix-files || { | |||
echo $0: Error: $daemon_directory/postfix-files is not a file. 1>&2 | |||
exit 1 | |||
} | |||
# SunOS5 fmt(1) truncates lines > 1000 characters. | |||
fake_fmt() { | |||
sed ' | |||
:top | |||
/^\( *\)\([^ ][^ ]*\) */{ | |||
s//\1\2\ | |||
\1/ | |||
P | |||
D | |||
b top | |||
} | |||
' | fmt | |||
} | |||
case `uname -s` in | |||
HP-UX*) FMT=cat;; | |||
SunOS*) FMT=fake_fmt;; | |||
*) FMT=fmt;; | |||
esac | |||
# If a parameter is not set via the command line or environment, | |||
# try to use settings from installed configuration files. | |||
# Extract parameter settings from the obsolete install.cf file, as | |||
# a transitional aid. | |||
grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || { | |||
test -f $config_directory/install.cf && { | |||
for name in sendmail_path newaliases_path mailq_path setgid manpages | |||
do | |||
eval junk=\$$name | |||
case "$junk" in | |||
"") eval unset $name;; | |||
esac | |||
eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \ | |||
|| exit 1 | |||
done | |||
: ${setgid_group=$setgid} | |||
: ${manpage_directory=$manpages} | |||
} | |||
} | |||
# Extract parameter settings from the installed main.cf file. | |||
test -f $config_directory/main.cf && { | |||
for name in $MOST_PARAMETERS | |||
do | |||
eval junk=\$$name | |||
case "$junk" in | |||
"") eval unset $name;; | |||
esac | |||
eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1 | |||
done | |||
} | |||
# Sanity checks | |||
case $manpage_directory in | |||
no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2 | |||
echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;; | |||
esac | |||
case $setgid_group in | |||
no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2 | |||
echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;; | |||
esac | |||
for path in "$daemon_directory" "$command_directory" "$queue_directory" \ | |||
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" | |||
do | |||
case "$path" in | |||
/*) ;; | |||
*) echo $0: Error: \"$path\" should be an absolute path name. 1>&2; exit 1;; | |||
esac | |||
done | |||
for path in "$html_directory" "$readme_directory" | |||
do | |||
case "$path" in | |||
/*) ;; | |||
no) ;; | |||
*) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;; | |||
esac | |||
done | |||
# Find out what parameters were not specified via command line, | |||
# via environment, or via installed configuration files. | |||
missing= | |||
for name in $MOST_PARAMETERS | |||
do | |||
eval test -n \"\$$name\" || missing="$missing $name" | |||
done | |||
# All parameters must be specified at this point. | |||
test -n "$non_interactive" -a -n "$missing" && { | |||
cat <<EOF | ${FMT} 1>&2 | |||
$0: Error: some required installation parameters are not defined. | |||
- Either the parameters need to be given in the $config_directory/main.cf | |||
file from a recent Postfix installation, | |||
- Or the parameters need to be specified through the process | |||
environment. | |||
- Or the parameters need to be specified as name=value arguments | |||
on the $0 command line, | |||
The following parameters were missing: | |||
$missing | |||
EOF | |||
exit 1 | |||
} | |||
POSTCONF="$command_directory/postconf" | |||
# Save settings, allowing command line/environment override. | |||
override= | |||
for name in $MOST_PARAMETERS | |||
do | |||
eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || { | |||
override=1 | |||
break | |||
} | |||
done | |||
test -n "$override" && { | |||
$POSTCONF -c $config_directory -e \ | |||
"daemon_directory = $daemon_directory" \ | |||
"command_directory = $command_directory" \ | |||
"queue_directory = $queue_directory" \ | |||
"data_directory = $data_directory" \ | |||
"mail_owner = $mail_owner" \ | |||
"setgid_group = $setgid_group" \ | |||
"sendmail_path = $sendmail_path" \ | |||
"mailq_path = $mailq_path" \ | |||
"newaliases_path = $newaliases_path" \ | |||
"html_directory = $html_directory" \ | |||
"manpage_directory = $manpage_directory" \ | |||
"sample_directory = $sample_directory" \ | |||
"readme_directory = $readme_directory" \ | |||
|| exit 1 | |||
} | |||
# Use file/directory status information in $daemon_directory/postfix-files. | |||
test -n "$create" && { | |||
exec <$daemon_directory/postfix-files || exit 1 | |||
while IFS=: read path type owner group mode flags junk | |||
do | |||
IFS="$BACKUP_IFS" | |||
set_permission= | |||
# Skip comments. Skip shared files, if updating a secondary instance. | |||
case $path in | |||
[$]*) case "$update_shared_files" in | |||
1) $debug keep non-shared or shared $path;; | |||
*) non_shared= | |||
for name in $NON_SHARED | |||
do | |||
case $path in | |||
"\$$name"*) non_shared=1; break;; | |||
esac | |||
done | |||
case "$non_shared" in | |||
1) $debug keep non-shared $path;; | |||
*) $debug skip shared $path; continue;; | |||
esac;; | |||
esac;; | |||
*) continue;; | |||
esac | |||
# Skip hard links and symbolic links. | |||
case $type in | |||
[hl]) continue;; | |||
[df]) ;; | |||
*) echo unknown type $type for $path in $daemon_directory/postfix-files1>&2; exit 1;; | |||
esac | |||
# Expand $name, and canonicalize null fields. | |||
for name in path owner group flags | |||
do | |||
eval junk=\${$name} | |||
case $junk in | |||
[$]*) eval $name=$junk;; | |||
-) eval $name=;; | |||
*) ;; | |||
esac | |||
done | |||
# Skip uninstalled files. | |||
case $path in | |||
no|no/*) continue;; | |||
esac | |||
# Pick up the flags. | |||
case $flags in *u*) upgrade_flag=1;; *) upgrade_flag=;; esac | |||
case $flags in *c*) create_flag=1;; *) create_flag=;; esac | |||
case $flags in *r*) recursive="-R";; *) recursive=;; esac | |||
case $flags in *o*) obsolete_flag=1;; *) obsolete_flag=;; esac | |||
case $flags in *[1i]*) test ! -r "$path" -a "$config_directory" != \ | |||
"$def_config_directory" && continue;; esac | |||
# Flag obsolete objects. XXX Solaris 2..9 does not have "test -e". | |||
if [ -n "$obsolete_flag" ] | |||
then | |||
test -r $path -a "$type" != "d" && obsolete="$obsolete $path" | |||
continue; | |||
else | |||
keep_list="$keep_list $path" | |||
fi | |||
# Create missing directories with proper owner/group/mode settings. | |||
if [ -n "$create" -a "$type" = "d" -a -n "$create_flag" -a ! -d "$path" ] | |||
then | |||
mkdir $path || exit 1 | |||
set_permission=1 | |||
# Update all owner/group/mode settings. | |||
elif [ -n "$set_perms" ] | |||
then | |||
set_permission=1 | |||
# Update obsolete owner/group/mode settings. | |||
elif [ -n "$upgrade_perms" -a -n "$upgrade_flag" ] | |||
then | |||
set_permission=1 | |||
fi | |||
test -n "$set_permission" && { | |||
chown $recursive $owner $path || exit 1 | |||
test -z "$group" || chgrp $recursive $group $path || exit 1 | |||
# Don't "chmod -R"; queue file status is encoded in mode bits. | |||
if [ "$type" = "d" -a -n "$recursive" ] | |||
then | |||
find $path -type d -exec chmod $mode "{}" ";" | |||
else | |||
chmod $mode $path | |||
fi || exit 1 | |||
} | |||
done | |||
IFS="$BACKUP_IFS" | |||
} | |||
# Upgrade existing Postfix configuration files if necessary. | |||
test -n "$upgrade_conf" && { | |||
# Postfix 2.0. | |||
# Add missing relay service to master.cf. | |||
grep '^relay' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for relay service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
relay unix - - n - - smtp | |||
EOF | |||
} | |||
# Postfix 1.1. | |||
# Add missing flush service to master.cf. | |||
grep '^flush.*flush' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for flush service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
flush unix - - n 1000? 0 flush | |||
EOF | |||
} | |||
# Postfix 2.1. | |||
# Add missing trace service to master.cf. | |||
grep 'trace.*bounce' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for trace service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
trace unix - - n - 0 bounce | |||
EOF | |||
} | |||
# Postfix 2.1. | |||
# Add missing verify service to master.cf. | |||
grep '^verify.*verify' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for verify service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
verify unix - - n - 1 verify | |||
EOF | |||
} | |||
# Postfix 2.1. | |||
# Fix verify service process limit. | |||
grep '^verify.*[ ]0[ ]*verify' \ | |||
$config_directory/master.cf >/dev/null && { | |||
echo Editing $config_directory/master.cf, setting verify process limit to 1 | |||
ed $config_directory/master.cf <<EOF || exit 1 | |||
/^verify.*[ ]0[ ]*verify/ | |||
s/\([ ]\)0\([ ]\)/\11\2/ | |||
p | |||
w | |||
q | |||
EOF | |||
} | |||
# Postfix 1.1. | |||
# Change privileged pickup service into unprivileged. | |||
grep "^pickup[ ]*fifo[ ]*n[ ]*n" \ | |||
$config_directory/master.cf >/dev/null && { | |||
echo Editing $config_directory/master.cf, making the pickup service unprivileged | |||
ed $config_directory/master.cf <<EOF || exit 1 | |||
/^pickup[ ]*fifo[ ]*n[ ]*n/ | |||
s/\(n[ ]*\)n/\1-/ | |||
p | |||
w | |||
q | |||
EOF | |||
} | |||
# Postfix 1.1. | |||
# Change private cleanup and flush services into public. | |||
for name in cleanup flush | |||
do | |||
grep "^$name[ ]*unix[ ]*[-y]" \ | |||
$config_directory/master.cf >/dev/null && { | |||
echo Editing $config_directory/master.cf, making the $name service public | |||
ed $config_directory/master.cf <<EOF || exit 1 | |||
/^$name[ ]*unix[ ]*[-y]/ | |||
s/[-y]/n/ | |||
p | |||
w | |||
q | |||
EOF | |||
} | |||
done | |||
# Postfix 2.2. | |||
# File systems have improved since Postfix came out, and all we | |||
# require now is that defer and deferred are hashed because those | |||
# can contain lots of files. | |||
found=`$POSTCONF -c $config_directory -h hash_queue_names` | |||
missing= | |||
(echo "$found" | grep defer >/dev/null) || missing="$missing defer" | |||
(echo "$found" | grep deferred>/dev/null)|| missing="$missing deferred" | |||
test -n "$missing" && { | |||
echo fixing main.cf hash_queue_names for missing $missing | |||
$POSTCONF -c $config_directory -e hash_queue_names="$found$missing" || | |||
exit 1 | |||
} | |||
# Turn on safety nets for new features that could bounce mail that | |||
# would be accepted by a previous Postfix version. | |||
# [The "unknown_local_recipient_reject_code = 450" safety net, | |||
# introduced with Postfix 2.0 and deleted after Postfix 2.3.] | |||
# Postfix 2.0. | |||
# Add missing proxymap service to master.cf. | |||
grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for proxymap service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
proxymap unix - - n - - proxymap | |||
EOF | |||
} | |||
# Postfix 2.1. | |||
# Add missing anvil service to master.cf. | |||
grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for anvil service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
anvil unix - - n - 1 anvil | |||
EOF | |||
} | |||
# Postfix 2.2. | |||
# Add missing scache service to master.cf. | |||
grep '^scache.*scache' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for scache service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
scache unix - - n - 1 scache | |||
EOF | |||
} | |||
# Postfix 2.2. | |||
# Add missing discard service to master.cf. | |||
grep '^discard.*discard' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for discard service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
discard unix - - n - - discard | |||
EOF | |||
} | |||
# Postfix 2.2. | |||
# Update the tlsmgr fifo->unix service. | |||
grep "^tlsmgr[ ]*fifo[ ]" \ | |||
$config_directory/master.cf >/dev/null && { | |||
echo Editing $config_directory/master.cf, updating the tlsmgr from fifo to unix service | |||
ed $config_directory/master.cf <<EOF || exit 1 | |||
/^tlsmgr[ ]*fifo[ ]/ | |||
s/fifo/unix/ | |||
s/[0-9][0-9]*/&?/ | |||
p | |||
w | |||
q | |||
EOF | |||
} | |||
# Postfix 2.2. | |||
# Add missing tlsmgr service to master.cf. | |||
grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for tlsmgr service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
tlsmgr unix - - n 1000? 1 tlsmgr | |||
EOF | |||
} | |||
# Postfix 2.2. | |||
# Add missing retry service to master.cf. | |||
grep '^retry.*error' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for retry service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
retry unix - - n - - error | |||
EOF | |||
} | |||
# Postfix 2.5. | |||
# Add missing proxywrite service to master.cf. | |||
grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for proxywrite service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
proxywrite unix - - n - 1 proxymap | |||
EOF | |||
} | |||
# Postfix 2.5. | |||
# Fix a typo in the default master.cf proxywrite entry. | |||
grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && { | |||
echo Editing $config_directory/master.cf, setting proxywrite process limit to 1 | |||
ed $config_directory/master.cf <<EOF || exit 1 | |||
/^proxywrite.*-[ ]*proxymap/ | |||
s/-\([ ]*proxymap\)/1\1/ | |||
p | |||
w | |||
q | |||
EOF | |||
} | |||
# Postfix 2.8. | |||
# Add missing postscreen service to master.cf. | |||
grep '^#*smtp.*postscreen' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for postscreen TCP service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
#smtp inet n - n - 1 postscreen | |||
EOF | |||
} | |||
# Postfix 2.8. | |||
# Add missing smtpd (unix-domain) service to master.cf. | |||
grep '^#*smtpd.*smtpd' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for smtpd unix-domain service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
#smtpd pass - - n - - smtpd | |||
EOF | |||
} | |||
# Postfix 2.8. | |||
# Add temporary dnsblog (unix-domain) service to master.cf. | |||
grep '^#*dnsblog.*dnsblog' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for dnsblog unix-domain service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
#dnsblog unix - - n - 0 dnsblog | |||
EOF | |||
} | |||
# Postfix 2.8. | |||
# Add tlsproxy (unix-domain) service to master.cf. | |||
grep '^#*tlsproxy.*tlsproxy' $config_directory/master.cf >/dev/null || { | |||
echo Editing $config_directory/master.cf, adding missing entry for tlsproxy unix-domain service | |||
cat >>$config_directory/master.cf <<EOF || exit 1 | |||
#tlsproxy unix - - n - 0 tlsproxy | |||
EOF | |||
} | |||
# Report (but do not remove) obsolete files. | |||
test -n "$obsolete" && { | |||
cat <<EOF | ${FMT} | |||
Note: the following files or directories still exist but are | |||
no longer part of Postfix: | |||
$obsolete | |||
EOF | |||
} | |||
# Postfix 2.9. | |||
# Safety net for incompatible changes in IPv6 defaults. | |||
# PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO AVOID AN | |||
# UNEXPECTED DROP IN PERFORMANCE AFTER UPGRADING FROM POSTFIX | |||
# BEFORE 2.9. | |||
# This code assumes that the default is "inet_protocols = ipv4" | |||
# when IPv6 support is not compiled in. See util/sys_defs.h. | |||
test "`$POSTCONF -dh inet_protocols`" = "ipv4" || | |||
test -n "`$POSTCONF -c $config_directory -nh inet_protocols`" || { | |||
echo COMPATIBILITY: editing main.cf, setting inet_protocols=ipv4. | |||
echo Specify inet_protocols explicitly if you want to enable IPv6. | |||
echo In a future release IPv6 will be enabled by default. | |||
$POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1 | |||
} | |||
} | |||
# A reminder if this is the first time Postfix is being installed. | |||
test -n "$first_install_reminder" && { | |||
ALIASES=`$POSTCONF -c $config_directory -h alias_database | sed 's/^[^:]*://'` | |||
NEWALIASES_PATH=`$POSTCONF -c $config_directory -h newaliases_path` | |||
cat <<EOF | ${FMT} | |||
Warning: you still need to edit myorigin/mydestination/mynetworks | |||
parameter settings in $config_directory/main.cf. | |||
See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html | |||
for information about dialup sites or about sites inside a | |||
firewalled network. | |||
BTW: Check your $ALIASES file and be sure to set up aliases | |||
that send mail for root and postmaster to a real person, then | |||
run $NEWALIASES_PATH. | |||
EOF | |||
} | |||
exit 0 |
@ -0,0 +1,430 @@ | |||
# | |||
# Do not edit this file. | |||
# | |||
# This file controls the postfix-install script for installation of | |||
# Postfix programs, configuration files and documentation, as well | |||
# as the post-install script for setting permissions and for updating | |||
# Postfix configuration files. See the respective manual pages within | |||
# the script files. | |||
# | |||
# Do not list $command_directory in this file, or it will be blown | |||
# away by a future Postfix uninstallation procedure. You would not | |||
# want to lose all files in /usr/sbin. | |||
# | |||
# Each record in this file describes one file or directory. | |||
# Fields are separated by ":". Specify a null field as "-". | |||
# Missing fields or separators at the end are OK. | |||
# | |||
# File format: | |||
# name:type:owner:group:permission:flags | |||
# No group means don't change group ownership. | |||
# | |||
# File types: | |||
# d=directory | |||
# f=regular file | |||
# h=hard link (*) | |||
# l=symbolic link (*) | |||
# | |||
# (*) With hard links and symbolic links, the owner field becomes the | |||
# source pathname, while the group and permissions are ignored. | |||
# | |||
# File flags: | |||
# No flag means the flag is not active. | |||
# p=preserve existing file, do not replace (postfix-install). | |||
# u=update owner/group/mode (post-install upgrade-permissions). | |||
# c=create missing directory (post-install create-missing). | |||
# r=apply owner/group recursively (post-install set/upgrade-permissions). | |||
# o=obsolete, no longer part of Postfix | |||
# 1=optional for non-default instance (config_dir != built-in default). | |||
# | |||
# Note: the "u" flag is for upgrading the permissions of existing files | |||
# or directories after changes in Postfix architecture. For robustness | |||
# it is a good idea to "u" all the files that have special ownership or | |||
# permissions, so that running "make install" fixes any glitches. | |||
# | |||
$config_directory:d:root:-:755:u | |||
$data_directory:d:$mail_owner:-:700:uc | |||
$daemon_directory:d:root:-:755:u | |||
$queue_directory:d:root:-:755:uc | |||
$sample_directory:d:root:-:755:o | |||
$readme_directory:d:root:-:755 | |||
$html_directory:d:root:-:755 | |||
$queue_directory/active:d:$mail_owner:-:700:ucr | |||
$queue_directory/bounce:d:$mail_owner:-:700:ucr | |||
$queue_directory/corrupt:d:$mail_owner:-:700:ucr | |||
$queue_directory/defer:d:$mail_owner:-:700:ucr | |||
$queue_directory/deferred:d:$mail_owner:-:700:ucr | |||
$queue_directory/flush:d:$mail_owner:-:700:ucr | |||
$queue_directory/hold:d:$mail_owner:-:700:ucr | |||
$queue_directory/incoming:d:$mail_owner:-:700:ucr | |||
$queue_directory/private:d:$mail_owner:-:700:uc | |||
$queue_directory/maildrop:d:$mail_owner:$setgid_group:730:uc | |||
$queue_directory/public:d:$mail_owner:$setgid_group:710:uc | |||
$queue_directory/pid:d:root:-:755:uc | |||
$queue_directory/saved:d:$mail_owner:-:700:ucr | |||
$queue_directory/trace:d:$mail_owner:-:700:ucr | |||
$daemon_directory/anvil:f:root:-:755 | |||
$daemon_directory/bounce:f:root:-:755 | |||
$daemon_directory/dict_cdb.so:f:root:-:755 | |||
$daemon_directory/dict_ldap.so:f:root:-:755 | |||
$daemon_directory/dict_pcre.so:f:root:-:755 | |||
$daemon_directory/dict_mysql.so:f:root:-:755 | |||
$daemon_directory/dict_sqlite.so:f:root:-:755 | |||
$daemon_directory/dict_tcp.so:f:root:-:755 | |||
$daemon_directory/dict_sdbm.so:f:root:-:755 | |||
$daemon_directory/cleanup:f:root:-:755 | |||
$daemon_directory/discard:f:root:-:755 | |||
$daemon_directory/error:f:root:-:755 | |||
$daemon_directory/flush:f:root:-:755 | |||
#$daemon_directory/lmtp:f:root:-:755 | |||
$daemon_directory/local:f:root:-:755 | |||
$daemon_directory/main.cf:f:root:-:644 | |||
$daemon_directory/master.cf:f:root:-:644 | |||
$daemon_directory/master:f:root:-:755 | |||
$daemon_directory/oqmgr:f:root:-:755 | |||
$daemon_directory/pickup:f:root:-:755 | |||
$daemon_directory/pipe:f:root:-:755 | |||
$daemon_directory/post-install:f:root:-:755 | |||
$daemon_directory/postfix-files:f:root:-:644 | |||
$daemon_directory/postfix-script:f:root:-:755 | |||
$daemon_directory/postfix-wrapper:f:root:-:755 | |||
$daemon_directory/postmulti-script:f:root:-:755 | |||
$daemon_directory/proxymap:f:root:-:755 | |||
$daemon_directory/qmgr:f:root:-:755 | |||
$daemon_directory/qmqpd:f:root:-:755 | |||
$daemon_directory/scache:f:root:-:755 | |||
$daemon_directory/showq:f:root:-:755 | |||
$daemon_directory/smtp:f:root:-:755 | |||
$daemon_directory/smtpd:f:root:-:755 | |||
$daemon_directory/spawn:f:root:-:755 | |||
$daemon_directory/tlsproxy:f:root:-:755 | |||
$daemon_directory/tlsmgr:f:root:-:755 | |||
$daemon_directory/trivial-rewrite:f:root:-:755 | |||
$daemon_directory/verify:f:root:-:755 | |||
$daemon_directory/virtual:f:root:-:755 | |||
/usr/lib/libpostfix-dns.so.1:f:root:-:755 | |||
/usr/lib/libpostfix-global.so.1:f:root:-:755 | |||
/usr/lib/libpostfix-tls.so.1:f:root:-:755 | |||
/usr/lib/libpostfix-master.so.1:f:root:-:755 | |||
/usr/lib/libpostfix-util.so.1:f:root:-:755 | |||
$daemon_directory/nqmgr:h:$daemon_directory/qmgr | |||
$daemon_directory/lmtp:h:$daemon_directory/smtp | |||
$command_directory/postalias:f:root:-:755 | |||
$command_directory/postcat:f:root:-:755 | |||
$command_directory/postconf:f:root:-:755 | |||
$command_directory/postfix:f:root:-:755 | |||
$command_directory/postkick:f:root:-:755 | |||
$command_directory/postlock:f:root:-:755 | |||
$command_directory/postlog:f:root:-:755 | |||
$command_directory/postmap:f:root:-:755 | |||
$command_directory/postmulti:f:root:-:755 | |||
$command_directory/postsuper:f:root:-:755 | |||
$command_directory/postdrop:f:root:$setgid_group:2755:u | |||
$command_directory/postqueue:f:root:$setgid_group:2755:u | |||
$sendmail_path:f:root:-:755 | |||
$newaliases_path:l:$sendmail_path | |||
$mailq_path:l:$sendmail_path | |||
$config_directory/LICENSE:f:root:-:644:1 | |||
$config_directory/TLS_LICENSE:f:root:-:644:1 | |||
$config_directory/access:f:root:-:644:p1 | |||
$config_directory/aliases:f:root:-:644:p1 | |||
$config_directory/bounce.cf.default:f:root:-:644:1 | |||
$config_directory/canonical:f:root:-:644:p1 | |||
$config_directory/dynamicmaps.cf:f:root:-:644:p1 | |||
$config_directory/cidr_table:f:root:-:644:o | |||
$config_directory/generic:f:root:-:644:p1 | |||
$config_directory/generics:f:root:-:644:o | |||
$config_directory/header_checks:f:root:-:644:p1 | |||
$config_directory/install.cf:f:root:-:644:o | |||
$config_directory/main.cf.default:f:root:-:644:1 | |||
$config_directory/main.cf:f:root:-:644:p | |||
$config_directory/makedefs.out:f:root:-:644:1 | |||
$config_directory/master.cf:f:root:-:644:p | |||
$config_directory/pcre_table:f:root:-:644:o | |||
$config_directory/postfix-files:f:root:-:644:o | |||
$config_directory/regexp_table:f:root:-:644:o | |||
$config_directory/relocated:f:root:-:644:p1 | |||
$config_directory/tcp_table:f:root:-:644:o | |||
$config_directory/transport:f:root:-:644:p1 | |||
$config_directory/virtual:f:root:-:644:p1 | |||
$config_directory/postfix-script:f:root:-:755:o | |||
$config_directory/postfix-script-sgid:f:root:-:755:o | |||
$config_directory/postfix-script-nosgid:f:root:-:755:o | |||
$config_directory/post-install:f:root:-:755:o | |||
$manpage_directory/man1/mailq.1:f:root:-:644 | |||
$manpage_directory/man1/newaliases.1:f:root:-:644 | |||
$manpage_directory/man1/postalias.1:f:root:-:644 | |||
$manpage_directory/man1/postcat.1:f:root:-:644 | |||
$manpage_directory/man1/postconf.1:f:root:-:644 | |||
$manpage_directory/man1/postdrop.1:f:root:-:644 | |||
$manpage_directory/man1/postfix.1:f:root:-:644 | |||
$manpage_directory/man1/postkick.1:f:root:-:644 | |||
$manpage_directory/man1/postlock.1:f:root:-:644 | |||
$manpage_directory/man1/postlog.1:f:root:-:644 | |||
$manpage_directory/man1/postmap.1:f:root:-:644 | |||
$manpage_directory/man1/postmulti.1:f:root:-:644 | |||
$manpage_directory/man1/postqueue.1:f:root:-:644 | |||
$manpage_directory/man1/postsuper.1:f:root:-:644 | |||
$manpage_directory/man1/sendmail.1:f:root:-:644 | |||
$manpage_directory/man5/access.5:f:root:-:644 | |||
$manpage_directory/man5/aliases.5:f:root:-:644 | |||
$manpage_directory/man5/body_checks.5:f:root:-:644 | |||
$manpage_directory/man5/bounce.5:f:root:-:644 | |||
$manpage_directory/man5/canonical.5:f:root:-:644 | |||
$manpage_directory/man5/cidr_table.5:f:root:-:644 | |||
$manpage_directory/man5/generics.5:f:root:-:644:o | |||
$manpage_directory/man5/generic.5:f:root:-:644 | |||
$manpage_directory/man5/header_checks.5:f:root:-:644 | |||
$manpage_directory/man5/ldap_table.5:f:root:-:644 | |||
$manpage_directory/man5/master.5:f:root:-:644 | |||
$manpage_directory/man5/memcache_table.5:f:root:-:644 | |||
$manpage_directory/man5/mysql_table.5:f:root:-:644 | |||
$manpage_directory/man5/sqlite_table.5:f:root:-:644 | |||
$manpage_directory/man5/nisplus_table.5:f:root:-:644 | |||
$manpage_directory/man5/pcre_table.5:f:root:-:644 | |||
$manpage_directory/man5/pgsql_table.5:f:root:-:644 | |||
$manpage_directory/man5/postconf.5:f:root:-:644 | |||
$manpage_directory/man5/postfix-wrapper.5:f:root:-:644 | |||
$manpage_directory/man5/regexp_table.5:f:root:-:644 | |||
$manpage_directory/man5/relocated.5:f:root:-:644 | |||
$manpage_directory/man5/tcp_table.5:f:root:-:644 | |||
$manpage_directory/man5/transport.5:f:root:-:644 | |||
$manpage_directory/man5/virtual.5:f:root:-:644 | |||
$manpage_directory/man8/bounce.8:f:root:-:644 | |||
$manpage_directory/man8/cleanup.8:f:root:-:644 | |||
$manpage_directory/man8/anvil.8:f:root:-:644 | |||
$manpage_directory/man8/defer.8:f:root:-:644 | |||
$manpage_directory/man8/discard.8:f:root:-:644 | |||
$manpage_directory/man8/error.8:f:root:-:644 | |||
$manpage_directory/man8/flush.8:f:root:-:644 | |||
$manpage_directory/man8/lmtp.8:f:root:-:644 | |||
$manpage_directory/man8/local.8:f:root:-:644 | |||
$manpage_directory/man8/master.8:f:root:-:644 | |||
$manpage_directory/man8/nqmgr.8:f:root:-:644:o | |||
$manpage_directory/man8/oqmgr.8:f:root:-:644: | |||
$manpage_directory/man8/pickup.8:f:root:-:644 | |||
$manpage_directory/man8/pipe.8:f:root:-:644 | |||
$manpage_directory/man8/proxymap.8:f:root:-:644 | |||
$manpage_directory/man8/qmgr.8:f:root:-:644 | |||
$manpage_directory/man8/qmqpd.8:f:root:-:644 | |||
$manpage_directory/man8/scache.8:f:root:-:644 | |||
$manpage_directory/man8/showq.8:f:root:-:644 | |||
$manpage_directory/man8/smtp.8:f:root:-:644 | |||
$manpage_directory/man8/smtpd.8:f:root:-:644 | |||
$manpage_directory/man8/spawn.8:f:root:-:644 | |||
$manpage_directory/man8/tlsproxy.8:f:root:-:644 | |||
$manpage_directory/man8/tlsmgr.8:f:root:-:644 | |||
$manpage_directory/man8/trace.8:f:root:-:644 | |||
$manpage_directory/man8/trivial-rewrite.8:f:root:-:644 | |||
$manpage_directory/man8/verify.8:f:root:-:644 | |||
$manpage_directory/man8/virtual.8:f:root:-:644 | |||
$sample_directory/sample-aliases.cf:f:root:-:644:o | |||
$sample_directory/sample-auth.cf:f:root:-:644:o | |||
$sample_directory/sample-canonical.cf:f:root:-:644:o | |||
$sample_directory/sample-compatibility.cf:f:root:-:644:o | |||
$sample_directory/sample-debug.cf:f:root:-:644:o | |||
$sample_directory/sample-filter.cf:f:root:-:644:o | |||
$sample_directory/sample-flush.cf:f:root:-:644:o | |||
$sample_directory/sample-ipv6.cf:f:root:-:644:o | |||
$sample_directory/sample-ldap.cf:f:root:-:644:o | |||
$sample_directory/sample-lmtp.cf:f:root:-:644:o | |||
$sample_directory/sample-local.cf:f:root:-:644:o | |||
$sample_directory/sample-mime.cf:f:root:-:644:o | |||
$sample_directory/sample-misc.cf:f:root:-:644:o | |||
$sample_directory/sample-pcre-access.cf:f:root:-:644:o | |||
$sample_directory/sample-pcre-body.cf:f:root:-:644:o | |||
$sample_directory/sample-pcre-header.cf:f:root:-:644:o | |||
$sample_directory/sample-pgsql-aliases.cf:f:root:-:644:o | |||
$sample_directory/sample-qmqpd.cf:f:root:-:644:o | |||
$sample_directory/sample-rate.cf:f:root:-:644:o | |||
$sample_directory/sample-regexp-access.cf:f:root:-:644:o | |||
$sample_directory/sample-regexp-body.cf:f:root:-:644:o | |||
$sample_directory/sample-regexp-header.cf:f:root:-:644:o | |||
$sample_directory/sample-relocated.cf:f:root:-:644:o | |||
$sample_directory/sample-resource.cf:f:root:-:644:o | |||
$sample_directory/sample-rewrite.cf:f:root:-:644:o | |||
$sample_directory/sample-scheduler.cf:f:root:-:644:o | |||
$sample_directory/sample-smtp.cf:f:root:-:644:o | |||
$sample_directory/sample-smtpd.cf:f:root:-:644:o | |||
$sample_directory/sample-tls.cf:f:root:-:644:o | |||
$sample_directory/sample-transport.cf:f:root:-:644:o | |||
$sample_directory/sample-verify.cf:f:root:-:644:o | |||
$sample_directory/sample-virtual.cf:f:root:-:644:o | |||
$readme_directory/AAAREADME:f:root:-:644 | |||
$readme_directory/ADDRESS_CLASS_README:f:root:-:644 | |||
$readme_directory/ADDRESS_REWRITING_README:f:root:-:644 | |||
$readme_directory/ADDRESS_VERIFICATION_README:f:root:-:644 | |||
$readme_directory/BACKSCATTER_README:f:root:-:644 | |||
$readme_directory/BASIC_CONFIGURATION_README:f:root:-:644 | |||
$readme_directory/BUILTIN_FILTER_README:f:root:-:644 | |||
$readme_directory/CDB_README:f:root:-:644 | |||
$readme_directory/CONNECTION_CACHE_README:f:root:-:644 | |||
$readme_directory/CONTENT_INSPECTION_README:f:root:-:644 | |||
$readme_directory/DATABASE_README:f:root:-:644 | |||
$readme_directory/DB_README:f:root:-:644 | |||
$readme_directory/DEBUG_README:f:root:-:644 | |||
$readme_directory/DSN_README:f:root:-:644 | |||
$readme_directory/ETRN_README:f:root:-:644 | |||
$readme_directory/FILTER_README:f:root:-:644 | |||
$readme_directory/HOSTING_README:f:root:-:644:o | |||
$readme_directory/INSTALL:f:root:-:644 | |||
$readme_directory/IPV6_README:f:root:-:644 | |||
$readme_directory/LDAP_README:f:root:-:644 | |||
$readme_directory/LINUX_README:f:root:-:644 | |||
$readme_directory/LOCAL_RECIPIENT_README:f:root:-:644 | |||
$readme_directory/MACOSX_README:f:root:-:644:o | |||
$readme_directory/MAILDROP_README:f:root:-:644 | |||
$readme_directory/MEMCACHE_README:f:root:-:644 | |||
$readme_directory/MILTER_README:f:root:-:644 | |||
$readme_directory/MULTI_INSTANCE_README:f:root:-:644 | |||
$readme_directory/MYSQL_README:f:root:-:644 | |||
$readme_directory/SQLITE_README:f:root:-:644 | |||
$readme_directory/NFS_README:f:root:-:644 | |||
$readme_directory/OVERVIEW:f:root:-:644 | |||
$readme_directory/PACKAGE_README:f:root:-:644 | |||
$readme_directory/PCRE_README:f:root:-:644 | |||
$readme_directory/PGSQL_README:f:root:-:644 | |||
$readme_directory/POSTSCREEN_README:f:root:-:644 | |||
$readme_directory/QMQP_README:f:root:-:644:o | |||
$readme_directory/QSHAPE_README:f:root:-:644 | |||
$readme_directory/RELEASE_NOTES:f:root:-:644 | |||
$readme_directory/RESTRICTION_CLASS_README:f:root:-:644 | |||
$readme_directory/SASL_README:f:root:-:644 | |||
$readme_directory/SCHEDULER_README:f:root:-:644 | |||
$readme_directory/SMTPD_ACCESS_README:f:root:-:644 | |||
$readme_directory/SMTPD_POLICY_README:f:root:-:644 | |||
$readme_directory/SMTPD_PROXY_README:f:root:-:644 | |||
$readme_directory/SOHO_README:f:root:-:644 | |||
$readme_directory/STANDARD_CONFIGURATION_README:f:root:-:644 | |||
$readme_directory/STRESS_README:f:root:-:644 | |||
$readme_directory/TLS_LEGACY_README:f:root:-:644 | |||
$readme_directory/TLS_README:f:root:-:644 | |||
$readme_directory/TUNING_README:f:root:-:644 | |||
$readme_directory/ULTRIX_README:f:root:-:644 | |||
$readme_directory/UUCP_README:f:root:-:644 | |||
$readme_directory/VERP_README:f:root:-:644 | |||
$readme_directory/VIRTUAL_README:f:root:-:644 | |||
$readme_directory/XCLIENT_README:f:root:-:644 | |||
$readme_directory/XFORWARD_README:f:root:-:644 | |||
$html_directory/ADDRESS_CLASS_README.html:f:root:-:644 | |||
$html_directory/ADDRESS_REWRITING_README.html:f:root:-:644 | |||
$html_directory/ADDRESS_VERIFICATION_README.html:f:root:-:644 | |||
$html_directory/BACKSCATTER_README.html:f:root:-:644 | |||
$html_directory/BASIC_CONFIGURATION_README.html:f:root:-:644 | |||
$html_directory/BUILTIN_FILTER_README.html:f:root:-:644 | |||
$html_directory/CDB_README.html:f:root:-:644 | |||
$html_directory/CONNECTION_CACHE_README.html:f:root:-:644 | |||
$html_directory/CONTENT_INSPECTION_README.html:f:root:-:644 | |||
$html_directory/CYRUS_README.html:f:root:-:644:o | |||
$html_directory/DATABASE_README.html:f:root:-:644 | |||
$html_directory/DB_README.html:f:root:-:644 | |||
$html_directory/DEBUG_README.html:f:root:-:644 | |||
$html_directory/DSN_README.html:f:root:-:644 | |||
$html_directory/ETRN_README.html:f:root:-:644 | |||
$html_directory/FILTER_README.html:f:root:-:644 | |||
$html_directory/INSTALL.html:f:root:-:644 | |||
$html_directory/IPV6_README.html:f:root:-:644 | |||
$html_directory/LDAP_README.html:f:root:-:644 | |||
$html_directory/LINUX_README.html:f:root:-:644 | |||
$html_directory/LOCAL_RECIPIENT_README.html:f:root:-:644 | |||
$html_directory/MAILDROP_README.html:f:root:-:644 | |||
$html_directory/MILTER_README.html:f:root:-:644 | |||
$html_directory/MULTI_INSTANCE_README.html:f:root:-:644 | |||
$html_directory/MYSQL_README.html:f:root:-:644 | |||
$html_directory/SQLITE_README.html:f:root:-:644 | |||
$html_directory/NFS_README.html:f:root:-:644 | |||
$html_directory/OVERVIEW.html:f:root:-:644 | |||
$html_directory/PACKAGE_README.html:f:root:-:644 | |||
$html_directory/PCRE_README.html:f:root:-:644 | |||
$html_directory/PGSQL_README.html:f:root:-:644 | |||
$html_directory/POSTSCREEN_README.html:f:root:-:644 | |||
$html_directory/QMQP_README.html:f:root:-:644:o | |||
$html_directory/QSHAPE_README.html:f:root:-:644 | |||
$html_directory/RESTRICTION_CLASS_README.html:f:root:-:644 | |||
$html_directory/SASL_README.html:f:root:-:644 | |||
$html_directory/SCHEDULER_README.html:f:root:-:644 | |||
$html_directory/SMTPD_ACCESS_README.html:f:root:-:644 | |||
$html_directory/SMTPD_POLICY_README.html:f:root:-:644 | |||
$html_directory/SMTPD_PROXY_README.html:f:root:-:644 | |||
$html_directory/SOHO_README.html:f:root:-:644 | |||
$html_directory/STANDARD_CONFIGURATION_README.html:f:root:-:644 | |||
$html_directory/STRESS_README.html:f:root:-:644 | |||
$html_directory/TLS_LEGACY_README.html:f:root:-:644 | |||
$html_directory/TLS_README.html:f:root:-:644 | |||
$html_directory/TUNING_README.html:f:root:-:644 | |||
$html_directory/ULTRIX_README.html:f:root:-:644:o | |||
$html_directory/UUCP_README.html:f:root:-:644 | |||
$html_directory/VERP_README.html:f:root:-:644 | |||
$html_directory/VIRTUAL_README.html:f:root:-:644 | |||
$html_directory/XCLIENT_README.html:f:root:-:644 | |||
$html_directory/XFORWARD_README.html:f:root:-:644 | |||
$html_directory/access.5.html:f:root:-:644 | |||
$html_directory/aliases.5.html:f:root:-:644 | |||
$html_directory/anvil.8.html:f:root:-:644 | |||
$html_directory/bounce.8.html:f:root:-:644 | |||
$html_directory/canonical.5.html:f:root:-:644 | |||
$html_directory/cidr_table.5.html:f:root:-:644 | |||
$html_directory/cleanup.8.html:f:root:-:644 | |||
$html_directory/defer.8.html:h:$html_directory/bounce.8.html:-:644 | |||
$html_directory/discard.8.html:f:root:-:644 | |||
$html_directory/error.8.html:f:root:-:644 | |||
$html_directory/flush.8.html:f:root:-:644 | |||
$html_directory/generics.5.html:f:root:-:644:o | |||
$html_directory/generic.5.html:f:root:-:644 | |||
$html_directory/header_checks.5.html:f:root:-:644 | |||
$html_directory/index.html:f:root:-:644 | |||
$html_directory/ldap_table.5.html:f:root:-:644 | |||
$html_directory/lmtp.8.html:f:root:-:644 | |||
$html_directory/local.8.html:f:root:-:644 | |||
$html_directory/mailq.1.html:f:root:-:644 | |||
$html_directory/master.5.html:f:root:-:644 | |||
$html_directory/master.8.html:f:root:-:644 | |||
$html_directory/memcache_table.5.html:f:root:-:644 | |||
$html_directory/mysql_table.5.html:f:root:-:644 | |||
$html_directory/sqlite_table.5.html:f:root:-:644 | |||
$html_directory/nisplus_table.5.html:f:root:-:644 | |||
$html_directory/newaliases.1.html:h:$html_directory/mailq.1.html:-:644 | |||
$html_directory/oqmgr.8.html:f:root:-:644 | |||
$html_directory/pcre_table.5.html:f:root:-:644 | |||
$html_directory/pgsql_table.5.html:f:root:-:644 | |||
$html_directory/pickup.8.html:f:root:-:644 | |||
$html_directory/pipe.8.html:f:root:-:644 | |||
$html_directory/postalias.1.html:f:root:-:644 | |||
$html_directory/postcat.1.html:f:root:-:644 | |||
$html_directory/postconf.1.html:f:root:-:644 | |||
$html_directory/postconf.5.html:f:root:-:644 | |||
$html_directory/postdrop.1.html:f:root:-:644 | |||
$html_directory/postfix-logo.jpg:f:root:-:644 | |||
$html_directory/postfix-manuals.html:f:root:-:644 | |||
$html_directory/postfix-wrapper.5.html:f:root:-:644 | |||
$html_directory/postfix.1.html:f:root:-:644 | |||
$html_directory/postkick.1.html:f:root:-:644 | |||
$html_directory/postlock.1.html:f:root:-:644 | |||
$html_directory/postlog.1.html:f:root:-:644 | |||
$html_directory/postmap.1.html:f:root:-:644 | |||
$html_directory/postmulti.1.html:f:root:-:644 | |||
$html_directory/postqueue.1.html:f:root:-:644 | |||
$html_directory/postsuper.1.html:f:root:-:644 | |||
$html_directory/qshape.1.html:f:root:-:644 | |||
$html_directory/proxymap.8.html:f:root:-:644 | |||
$html_directory/qmgr.8.html:f:root:-:644 | |||
$html_directory/qmqp-sink.1.html:f:root:-:644 | |||
$html_directory/qmqp-source.1.html:f:root:-:644 | |||
$html_directory/qmqpd.8.html:f:root:-:644 | |||
$html_directory/regexp_table.5.html:f:root:-:644 | |||
$html_directory/relocated.5.html:f:root:-:644 | |||
$html_directory/sendmail.1.html:h:$html_directory/mailq.1.html:-:644 | |||
$html_directory/showq.8.html:f:root:-:644 | |||
$html_directory/smtp-sink.1.html:f:root:-:644 | |||
$html_directory/smtp-source.1.html:f:root:-:644 | |||
$html_directory/smtp.8.html:h:$html_directory/lmtp.8.html:-:644 | |||
$html_directory/smtpd.8.html:f:root:-:644 | |||
$html_directory/spawn.8.html:f:root:-:644 | |||
$html_directory/tlsproxy.8.html:f:root:-:644 | |||
$html_directory/tcp_table.5.html:f:root:-:644 | |||
$html_directory/trace.8.html:h:$html_directory/bounce.8.html:-:644 | |||
$html_directory/transport.5.html:f:root:-:644 | |||
$html_directory/trivial-rewrite.8.html:f:root:-:644 | |||
$html_directory/verify.8.html:f:root:-:644 | |||
$html_directory/virtual.5.html:f:root:-:644 | |||
$html_directory/virtual.8.html:f:root:-:644 |
@ -0,0 +1,376 @@ | |||
#!/bin/sh | |||
#++ | |||
# NAME | |||
# postfix-script 1 | |||
# SUMMARY | |||
# execute Postfix administrative commands | |||
# SYNOPSIS | |||
# \fBpostfix-script\fR \fIcommand\fR | |||
# DESCRIPTION | |||
# The \fBpostfix-script\fR script executes Postfix administrative | |||
# commands in an environment that is set up by the \fBpostfix\fR(1) | |||
# command. | |||
# SEE ALSO | |||
# master(8) Postfix master program | |||
# postfix(1) Postfix administrative interface | |||
# LICENSE | |||
# .ad | |||
# .fi | |||
# The Secure Mailer license must be distributed with this software. | |||
# AUTHOR(S) | |||
# Wietse Venema | |||
# IBM T.J. Watson Research | |||
# P.O. Box 704 | |||
# Yorktown Heights, NY 10598, USA | |||
#-- | |||
# Avoid POSIX death due to SIGHUP when some parent process exits. | |||
trap '' 1 | |||
case $daemon_directory in | |||
"") echo This script must be run by the postfix command. 1>&2 | |||
echo Do not run directly. 1>&2 | |||
exit 1 | |||
esac | |||
LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script" | |||
INFO="$LOGGER -p info" | |||
WARN="$LOGGER -p warn" | |||
ERROR="$LOGGER -p error" | |||
FATAL="$LOGGER -p fatal" | |||
PANIC="$LOGGER -p panic" | |||
if [ "X${1#quiet-}" != "X${1}" ]; then | |||
INFO=: | |||
x=${1#quiet-} | |||
shift | |||
set -- $x "$@" | |||
fi | |||
umask 022 | |||
SHELL=/bin/sh | |||
# | |||
# Can't do much without these in place. | |||
# | |||
cd $command_directory || { | |||
$FATAL no Postfix command directory $command_directory! | |||
exit 1 | |||
} | |||
cd $daemon_directory || { | |||
$FATAL no Postfix daemon directory $daemon_directory! | |||
exit 1 | |||
} | |||
test -f master || { | |||
$FATAL no Postfix master program $daemon_directory/master! | |||
exit 1 | |||
} | |||
cd $config_directory || { | |||
$FATAL no Postfix configuration directory $config_directory! | |||
exit 1 | |||
} | |||
cd $queue_directory || { | |||
$FATAL no Postfix queue directory $queue_directory! | |||
exit 1 | |||
} | |||
def_config_directory=`$command_directory/postconf -dh config_directory` || { | |||
$FATAL cannot execute $command_directory/postconf! | |||
exit 1 | |||
} | |||
# If this is a secondary instance, don't touch shared files. | |||
instances=`test ! -f $def_config_directory/main.cf || | |||
$command_directory/postconf -c $def_config_directory \ | |||
-h multi_instance_directories | sed 's/,/ /'` || { | |||
$FATAL cannot execute $command_directory/postconf! | |||
exit 1 | |||
} | |||
check_shared_files=1 | |||
for name in $instances | |||
do | |||
case "$name" in | |||
"$def_config_directory") ;; | |||
"$config_directory") check_shared_files=; break;; | |||
esac | |||
done | |||
# | |||
# Parse JCL | |||
# | |||
case $1 in | |||
start_msg) | |||
echo "Start postfix" | |||
;; | |||
stop_msg) | |||
echo "Stop postfix" | |||
;; | |||
quick-start) | |||
$daemon_directory/master -t 2>/dev/null || { | |||
$FATAL the Postfix mail system is already running | |||
exit 1 | |||
} | |||
$daemon_directory/postfix-script quick-check || { | |||
$FATAL Postfix integrity check failed! | |||
exit 1 | |||
} | |||
$INFO starting the Postfix mail system | |||
$daemon_directory/master & | |||
;; | |||
start) | |||
$daemon_directory/master -t 2>/dev/null || { | |||
$FATAL the Postfix mail system is already running | |||
exit 1 | |||
} | |||
if [ -f $queue_directory/quick-start ] | |||
then | |||
rm -f $queue_directory/quick-start | |||
else | |||
$daemon_directory/postfix-script check-fatal || { | |||
$FATAL Postfix integrity check failed! | |||
exit 1 | |||
} | |||
# Foreground this so it can be stopped. All inodes are cached. | |||
$daemon_directory/postfix-script check-warn | |||
fi | |||
$INFO starting the Postfix mail system | |||
$daemon_directory/master & | |||
;; | |||
drain) | |||
$daemon_directory/master -t 2>/dev/null && { | |||
$FATAL the Postfix mail system is not running | |||
exit 1 | |||
} | |||
$INFO stopping the Postfix mail system | |||
kill -9 `sed 1q pid/master.pid` | |||
;; | |||
quick-stop) | |||
$daemon_directory/postfix-script stop | |||
touch $queue_directory/quick-start | |||
;; | |||
stop) | |||
$daemon_directory/master -t 2>/dev/null && { | |||
$FATAL the Postfix mail system is not running | |||
exit 0 | |||
} | |||
$INFO stopping the Postfix mail system | |||
kill `sed 1q pid/master.pid` | |||
for i in 5 4 3 2 1 | |||
do | |||
$daemon_directory/master -t && exit 0 | |||
$INFO waiting for the Postfix mail system to terminate | |||
sleep 1 | |||
done | |||
$WARN stopping the Postfix mail system with force | |||
pid=`awk '{ print $1; exit 0 } END { exit 1 }' pid/master.pid` && | |||
kill -9 -$pid | |||
;; | |||
abort) | |||
$daemon_directory/master -t 2>/dev/null && { | |||
$FATAL the Postfix mail system is not running | |||
exit 0 | |||
} | |||
$INFO aborting the Postfix mail system | |||
kill `sed 1q pid/master.pid` | |||
;; | |||
reload) | |||
$daemon_directory/master -t 2>/dev/null && { | |||
$FATAL the Postfix mail system is not running | |||
exit 1 | |||
} | |||
$INFO refreshing the Postfix mail system | |||
$command_directory/postsuper active || exit 1 | |||
kill -HUP `sed 1q pid/master.pid` | |||
$command_directory/postsuper & | |||
;; | |||
flush) | |||
cd $queue_directory || { | |||
$FATAL no Postfix queue directory $queue_directory! | |||
exit 1 | |||
} | |||
$command_directory/postqueue -f | |||
;; | |||
check) | |||
$daemon_directory/postfix-script check-fatal || exit 1 | |||
$daemon_directory/postfix-script check-warn | |||
exit 0 | |||
;; | |||
status) | |||
$daemon_directory/master -t 2>/dev/null && { | |||
$INFO the Postfix mail system is not running | |||
exit 1 | |||
} | |||
$INFO the Postfix mail system is running: PID: `sed 1q pid/master.pid` | |||
exit 0 | |||
;; | |||
quick-check) | |||
# This command is NOT part of the public interface. | |||
$SHELL $daemon_directory/post-install create-missing || { | |||
$WARN unable to create missing queue directories | |||
exit 1 | |||
} | |||
# Look for incomplete installations. | |||
test -f $config_directory/master.cf || { | |||
$FATAL no $config_directory/master.cf file found | |||
exit 1 | |||
} | |||
exit 0 | |||
;; | |||
check-fatal) | |||
# This command is NOT part of the public interface. | |||
$daemon_directory/postfix-script quick-check | |||
# See if all queue files are in the right place. This is slow. | |||
# We must scan all queues for mis-named queue files before the | |||
# mail system can run. | |||
$command_directory/postsuper || exit 1 | |||
exit 0 | |||
;; | |||
check-warn) | |||
# This command is NOT part of the public interface. | |||
todo="$config_directory $queue_directory $queue_directory/pid" | |||
test -n "$check_shared_files" && todo="$daemon_directory $todo" | |||
for dir in $todo | |||
do | |||
ls -lLd $dir | (grep " root " >/dev/null || | |||
$WARN not owned by root: $dir) | |||
done | |||
# Some people break Postfix's security model. | |||
ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \ | |||
$WARN group or other writable: $queue_directory | |||
todo="$config_directory/*" | |||
test -n "$check_shared_files" && todo="$daemon_directory/* $todo" | |||
find $todo ! -user root \ | |||
-exec $WARN not owned by root: {} \; | |||
todo="$config_directory/." | |||
test -n "$check_shared_files" && todo="$daemon_directory/. $todo" | |||
find $todo \ | |||
\( -perm -020 -o -perm -002 \) -type f \ | |||
-exec $WARN group or other writable: {} \; | |||
find $data_directory/. ! -user $mail_owner \ | |||
-exec $WARN not owned by $mail_owner: {} \; | |||
ls -lLd $data_directory | egrep '^.....(w|...w)' >/dev/null && \ | |||
$WARN group or other writable: $data_directory | |||
find `ls -d $queue_directory/* | \ | |||
egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \ | |||
! \( -type p -o -type s \) ! -user $mail_owner \ | |||
-exec $WARN not owned by $mail_owner: {} \; | |||
todo="$queue_directory/public $queue_directory/maildrop" | |||
test -n "$check_shared_files" && | |||
todo="$command_directory/postqueue $command_directory/postdrop $todo" | |||
find $todo \ | |||
-prune ! -group $setgid_group \ | |||
-exec $WARN not owned by group $setgid_group: {} \; | |||
test -n "$check_shared_files" && | |||
find $command_directory/postqueue $command_directory/postdrop \ | |||
-prune ! -perm -02111 \ | |||
-exec $WARN not set-gid or not owner+group+world executable: {} \; | |||
for name in `ls -d $queue_directory/* | \ | |||
egrep '/(bin|etc|lib|usr)$'` ; \ | |||
do \ | |||
find $name ! -user root \ | |||
-exec $WARN not owned by root: {} \; ; \ | |||
done | |||
# WARNING: this should not descend into the maildrop directory. | |||
# maildrop is the least trusted Postfix directory. | |||
find $queue_directory/maildrop/. -prune ! -user $mail_owner \ | |||
-exec $WARN not owned by $mail_owner: $queue_directory/maildrop \; | |||
for dir in bin etc lib sbin usr | |||
do | |||
test -d $dir && find $dir -type f -print | while read path | |||
do | |||
test -f /$path && { | |||
cmp -s $path /$path || | |||
$WARN $queue_directory/$path and /$path differ | |||
} | |||
done | |||
done | |||
find corrupt -type f -exec $WARN damaged message: {} \; | |||
# XXX also: look for weird stuff, weird permissions, etc. | |||
test -n "$check_shared_files" -a -f /usr/sbin/sendmail -a \ | |||
-f /usr/lib/sendmail && { | |||
cmp -s /usr/sbin/sendmail /usr/lib/sendmail || { | |||
$WARN /usr/lib/sendmail and /usr/sbin/sendmail differ | |||
$WARN Replace one by a symbolic link to the other | |||
} | |||
} | |||
exit 0 | |||
;; | |||
set-permissions|upgrade-configuration) | |||
$daemon_directory/post-install create-missing "$@" | |||
;; | |||
post-install) | |||
# Currently not part of the public interface. | |||
shift | |||
$daemon_directory/post-install "$@" | |||
;; | |||
/*) | |||
# Currently not part of the public interface. | |||
"$@" | |||
;; | |||
*) | |||
$ERROR "unknown command: '$1'" | |||
$FATAL "usage: postfix start (or stop, reload, abort, flush, check, status, set-permissions, upgrade-configuration)" | |||
exit 1 | |||
;; | |||
esac |
@ -0,0 +1,4 @@ | |||
CREATE DATABASE postfix; | |||
GRANT ALL PRIVILEGES ON postfix.* TO 'postfix_admin'@'%' IDENTIFIED BY '{{ dbpassword.stdout }}'; | |||
GRANT SELECT ON postfix.* TO 'postfix'@'%' IDENTIFIED BY '{{ dbpassword.stdout }}'; | |||
FLUSH PRIVILEGES; |
@ -0,0 +1,63 @@ | |||
firstpkg: | |||
- pwgen | |||
packages: | |||
- postfix | |||
- postfix-mysql | |||
- libsasl2-modules | |||
- libsasl2-modules-sql | |||
# - postfixadmin | |||
- dovecot-common | |||
- dovecot-imapd | |||
- dovecot-pop3d | |||
- dovecot-mysql | |||
- dovecot-lmtpd | |||
- dovecot-core | |||
- dovecot-dbg | |||
- dovecot-gssapi | |||
- postgrey | |||
- dovecot-imapd | |||
- dovecot-ldap | |||
- dovecot-lmtpd | |||
- dovecot-managesieved | |||
- dovecot-pop3d | |||
- dovecot-sieve | |||
- dovecot-antispam | |||
- sasl2-bin | |||
- amavis | |||
- spamassassin | |||
- razor | |||
- pyzor | |||
- clamav-milter | |||
- clamav-unofficial-sigs | |||
- milter-greylist | |||
- spamass-milter | |||
- mailutils | |||
- amavisd-new | |||
- spamassassin | |||
- clamav | |||
- clamav-daemon | |||
- zoo | |||
- unzip | |||
- bzip2 | |||
- arj | |||
- nomarch | |||
- lzop | |||
- cabextract | |||
- apt-listchanges | |||
- libnet-ldap-perl | |||
- libauthen-sasl-perl | |||
- clamav-docs | |||
- daemon | |||
- libio-string-perl | |||
- libio-socket-ssl-perl | |||
- libnet-ident-perl | |||
- zip | |||
- libnet-dns-perl | |||
- p7zip | |||
- unrar-free | |||
files: | |||
- random | |||
# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab: |
@ -0,0 +1,50 @@ | |||
--- | |||
- name: MySQL already installed ? | |||
shell: dpkg -l|egrep "mysql|mariadb"|grep -iq serv | |||
ignore_errors: true | |||
register: mysql | |||
- name: update apt-cache | |||
apt: update_cache=yes | |||
- name: Install prerequisites packages | |||
apt: pkg={{item}} state=installed install_recommends=no update_cache=yes | |||
with_items: | |||
- python-software-properties | |||
- php5-cli | |||
- php5-mysql | |||
when: mysql|failed | |||
- name: Add MariaDB repository Key | |||
apt_key: keyserver=keyserver.ubuntu.com id=0xcbcb082a1bb943db state=present | |||
when: mysql|failed | |||
- name: Add Mariadb repository file | |||
template: src=etc-apt-sources.list.d-mariadb.list dest=/etc/apt/sources.list.d/mariadb.list | |||
when: mysql|failed | |||
- name: Install Mariadb packages | |||
apt: pkg={{item}} state=installed update_cache=yes | |||
with_items: | |||
- mariadb-server-{{ mariadb_version | default("10") }} | |||
- python-mysqldb | |||
- percona-toolkit | |||
when: mysql|failed | |||
- name: Set root mysql password | |||
mysql_user: name=root password={{ mysql_root_password | default("changeme") }} | |||
when: mysql|failed | |||
- name: File .my.cnf for root | |||
template: src={{item.src}} dest={{item.dest}} | |||
with_items : | |||
- { src: root-.my.cnf , dest: /root/.my.cnf } | |||
when: mysql|failed | |||
- name: Ensure 600 permissions on my.cnf | |||
file: path=/root/.my.cnf mode=600 | |||
when: mysql|failed | |||
# vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab: | |||
# |
@ -0,0 +1,4 @@ | |||
# MariaDB 10.0 repository list - created 2014-10-21 08:52 UTC | |||
# http://mariadb.org/mariadb/repositories/ | |||
deb http://ftp.igh.cnrs.fr/pub/mariadb/repo/{{ mariadb_version }}/debian wheezy main | |||
deb-src http://ftp.igh.cnrs.fr/pub/mariadb/repo/{{ mariadb_version }}/debian wheezy main |
@ -0,0 +1,5 @@ | |||
[client] | |||
host = {{ mysql_host }} | |||
user = root | |||
password = {{ mysql_root_password }} | |||