Merge pull request #43 from EvaSDK/generic-map-handling

Generic map handling
This commit is contained in:
Niels Abspoel 2016-07-04 23:09:43 +02:00 committed by GitHub
commit 0ebb0d5480
7 changed files with 80 additions and 92 deletions

View file

@ -5,22 +5,6 @@ postfix:
enable_service: True enable_service: True
virtual:
groupaliasexample:
- someuser_1@example.com
- someuser_2@example.com
singlealiasexample: 'someuser_3@example.com'
relay_domains:
example.com: 'OK'
sasl_passwd:
smtp.example.com: 'somepassword'
sender_canonical:
root: 'servers@example.com'
nagios: 'alerts@example.com'
postgrey: postgrey:
enabled: True enabled: True
enable_service: True enable_service: True
@ -62,6 +46,14 @@ postfix:
smtp_tls_cert_file: /etc/postfix/ssl/example.com-relay-client-cert.crt smtp_tls_cert_file: /etc/postfix/ssl/example.com-relay-client-cert.crt
smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key
smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
sender_canonical_maps: hash:/etc/postfix/sender_canonical
relay_recipient_maps: hash:/etc/postfix/relay_domains
virtual_alias_maps: hash:/etc/postfix/virtual
certificates: certificates:
server-cert: server-cert:
public_cert: | public_cert: |
@ -88,3 +80,20 @@ postfix:
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
(Your Private key) (Your Private key)
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----
mapping:
smtp_sasl_password_maps:
- smtp.example.com: myaccount:somepassword
sender_canonical_maps:
- root: servers@example.com
- nagios: alerts@example.com
relay_recipient_maps:
- example.com: OK
virtual_alias_maps:
- groupaliasexample:
- someuser_1@example.com
- someuser_2@example.com
- singlealiasexample: someuser_3@example.com

21
postfix/files/mapping.j2 Normal file
View file

@ -0,0 +1,21 @@
# Managed by config management
{%- macro format_value(key, value) %}
{#- Some settings, like virtual_alias_maps can take multiple values. Handle this case. -#}
{%- if value is iterable and value is not string -%}
{{ key }} {{ value|join(", ") }}
{%- else -%}
{{ key }} {{ value }}
{%- endif -%}
{%- endmacro %}
{%- if data is mapping %}
{% for key, value in data.iteritems() %}
{{ format_value(key, value) }}
{%- endfor -%}
{%- else %}
{#- Some settings need order, handle OrderedDict #}
{% for item in data %}
{{ format_value(item.keys()[0], item.values()[0]) }}
{%- endfor -%}
{%- endif %}

View file

@ -12,25 +12,6 @@ postfix:
- watch: - watch:
- pkg: postfix - pkg: postfix
{%- macro postmap_file(filename, mode=644) %}
{%- set file_path = '/etc/postfix/' ~ filename %}
postmap_{{ filename }}:
file.managed:
- name: {{ file_path }}
- source: salt://postfix/{{ filename }}
- user: root
- group: root
- mode: {{ mode }}
- template: jinja
- require:
- pkg: postfix
cmd.wait:
- name: /usr/sbin/postmap {{ file_path }}
- cwd: /
- watch:
- file: {{ file_path }}
{%- endmacro %}
# manage /etc/aliases if data found in pillar # manage /etc/aliases if data found in pillar
{% if 'aliases' in pillar.get('postfix', '') %} {% if 'aliases' in pillar.get('postfix', '') %}
{{ postfix.aliases_file }}: {{ postfix.aliases_file }}:
@ -51,22 +32,37 @@ run-newaliases:
- file: {{ postfix.aliases_file }} - file: {{ postfix.aliases_file }}
{% endif %} {% endif %}
# manage /etc/postfix/virtual if data found in pillar # manage various mappings
{% if 'virtual' in pillar.get('postfix', '') %} {% for mapping, data in salt['pillar.get']('postfix:mapping', {}).items() %}
{{ postmap_file('virtual') }} {%- set need_postmap = False %}
{% endif %} {%- set file_path = salt['pillar.get']('postfix:config:' ~ mapping) %}
{%- if ':' in file_path %}
# manage /etc/postfix/relay_domains if data found in pillar {%- set file_path = file_path.split(':')[1] %}
{% if 'relay_domains' in pillar.get('postfix', '') %} {%- set need_postmap = True %}
{{ postmap_file('relay_domains') }} {%- endif %}
{% endif %} postfix_{{ mapping }}:
file.managed:
# manage /etc/postfix/sasl_passwd if data found in pillar - name: {{ file_path }}
{% if 'sasl_passwd' in pillar.get('postfix', '') %} - source: salt://postfix/files/mapping.j2
{{ postmap_file('sasl_passwd', 600) }} - user: root
{% endif %} - group: root
{%- if mapping.endswith('_sasl_password_maps') %}
# manage /etc/postfix/sender_canonical if data found in pillar - mode: 600
{% if 'sender_canonical' in pillar.get('postfix', '') %} {%- else %}
{{ postmap_file('sender_canonical') }} - mode: 644
{% endif %} {%- endif %}
- template: jinja
- context:
data: {{ data|json() }}
- require:
- pkg: postfix
{%- if need_postmap %}
cmd.wait:
- name: /usr/sbin/postmap {{ file_path }}
- cwd: /
- watch:
- file: {{ file_path }}
- watch_in:
- service: postfix
{%- endif %}
{% endfor %}

View file

@ -1,7 +0,0 @@
# Managed by config management
{% set canonical = salt['pillar.get']('postfix:relay_domains',{}) -%}
{% if canonical is iterable -%}
{% for key,value in salt['pillar.get']('postfix:relay_domains',{}).iteritems() -%}
{{ key }} {{ value }}
{% endfor %}
{% endif %}

View file

@ -1,7 +0,0 @@
# Managed by config management
{% set canonical = salt['pillar.get']('postfix:sasl_passwd',{}) -%}
{% if canonical is iterable -%}
{% for key,value in salt['pillar.get']('postfix:sasl_passwd',{}).iteritems() -%}
{{ key }} {{ value }}
{% endfor %}
{% endif %}

View file

@ -1,7 +0,0 @@
# Managed by config management
{% set canonical = salt['pillar.get']('postfix:sender_canonical',{}) -%}
{% if canonical is iterable -%}
{% for key,value in salt['pillar.get']('postfix:sender_canonical',{}).iteritems() -%}
{{ key }} {{ value }}
{% endfor %}
{% endif %}

View file

@ -1,17 +0,0 @@
# Managed by config management
{% set virtual = salt['pillar.get']('postfix:virtual',{}) -%}
{# to have virtual file emptied, just set an empty key 'virtual' -#}
{% if virtual is iterable -%}
{% for key, value in virtual.iteritems() -%}
{# Mutiple values available for single key in virtual alias maps - ie for dist groups -#}
{# We test if list was provided as value, and iterate if so -#}
{% if value is iterable and value is not string -%}
{% for item in value -%}
{{key }} {{ item }}
{% endfor -%}
{% else -%}
{# ..otherwise expect it to be just a string for the value -#}
{{ key }} {{ value }}
{% endif -%}
{% endfor -%}
{% endif -%}