diff options
| author | Joey Hess <joeyh@joeyh.name> | 2017-05-23 17:00:08 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2017-05-23 17:00:08 -0400 |
| commit | 5d0e9e8d0673541d5fac7387910d72a46d27322e (patch) | |
| tree | a1db7056943810218340abd06fa66c29cfcd80c0 /src | |
| parent | 1128231ae56e418c291cec20afc5feeecf2d5de1 (diff) | |
| parent | 93e7f465efb340af0777013ecf947b7611b9f625 (diff) | |
Merge remote-tracking branch 'origin/joeyconfig' into joeyconfig
Diffstat (limited to 'src')
| -rw-r--r-- | src/Propellor/Property/SiteSpecific/JoeySites.hs | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs index 9b4a3378..c6a0c1ad 100644 --- a/src/Propellor/Property/SiteSpecific/JoeySites.hs +++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs @@ -681,6 +681,10 @@ dkimInstalled = go `onChange` Service.restarted "opendkim" & File.ownerGroup "/etc/mail/dkim.key" (User "opendkim") (Group "opendkim") & "/etc/default/opendkim" `File.containsLine` "SOCKET=\"inet:8891@localhost\"" + `onChange` + (cmdProperty "/lib/opendkim/opendkim.service.generate" [] + `assume` MadeChange) + `onChange` Service.restarted "opendkim" & "/etc/opendkim.conf" `File.containsLines` [ "KeyFile /etc/mail/dkim.key" , "SubDomains yes" @@ -694,9 +698,22 @@ dkimInstalled = go `onChange` Service.restarted "opendkim" domainKey :: (BindDomain, Record) domainKey = (RelDomain "mail._domainkey", TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCc+/rfzNdt5DseBBmfB3C6sVM7FgVvf4h1FeCfyfwPpVcmPdW6M2I+NtJsbRkNbEICxiP6QY2UM0uoo9TmPqLgiCCG2vtuiG6XMsS0Y/gGwqKM7ntg/7vT1Go9vcquOFFuLa5PnzpVf8hB9+PMFdS4NPTvWL2c5xxshl/RJzICnQIDAQAB") -hasJoeyCAChain :: Property (HasInfo + UnixLike) -hasJoeyCAChain = "/etc/ssl/certs/joeyca.pem" `File.hasPrivContentExposed` - Context "joeyca.pem" +postfixSaslPasswordClient :: Property (HasInfo + DebianLike) +postfixSaslPasswordClient = combineProperties "postfix uses SASL password to authenticate with smarthost" $ props + & Postfix.satellite + & Postfix.mappedFile "/etc/postfix/sasl_passwd" + (`File.hasPrivContent` (Context "kitenet.net")) + & Postfix.mainCfFile `File.containsLines` + [ "# TLS setup for SASL auth to kite" + , "smtp_sasl_auth_enable = yes" + , "smtp_tls_security_level = encrypt" + , "smtp_sasl_tls_security_options = noanonymous" + , "relayhost = [kitenet.net]" + , "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" + , "# kite's fingerprint" + , "smtp_tls_fingerprint_cert_match = 13:B0:0C:F3:11:83:A5:EB:A9:37:C6:C5:ED:16:60:86" + ] + `onChange` Postfix.reloaded hasPostfixCert :: Context -> Property (HasInfo + UnixLike) hasPostfixCert ctx = combineProperties "postfix tls cert installed" $ props |