From bcdc5754fce030fd9a7b213d46ffd27b502f398a Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 1 Feb 2015 14:48:13 -0400 Subject: propellor spin --- src/Propellor/Property/Postfix.hs | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) (limited to 'src/Propellor/Property/Postfix.hs') diff --git a/src/Propellor/Property/Postfix.hs b/src/Propellor/Property/Postfix.hs index fbb1ea51..f37e179e 100644 --- a/src/Propellor/Property/Postfix.hs +++ b/src/Propellor/Property/Postfix.hs @@ -4,8 +4,9 @@ module Propellor.Property.Postfix where import Propellor import qualified Propellor.Property.Apt as Apt -import Propellor.Property.File +import qualified Propellor.Property.File as File import qualified Propellor.Property.Service as Service +import qualified Propellor.Property.User as User import qualified Data.Map as M import Data.List @@ -103,7 +104,7 @@ mainCfIsSet name = do -- Note that multiline configurations that continue onto the next line -- are not currently supported. dedupMainCf :: Property NoInfo -dedupMainCf = fileProperty "postfix main.cf dedupped" dedupCf mainCfFile +dedupMainCf = File.fileProperty "postfix main.cf dedupped" dedupCf mainCfFile dedupCf :: [String] -> [String] dedupCf ls = @@ -125,3 +126,30 @@ dedupCf ls = dedup c kc ((Right (k, v)):rest) = case M.lookup k kc of Just n | n > 1 -> dedup c (M.insert k (n - 1) kc) rest _ -> dedup (fmt k v:c) kc rest + +-- | Installs saslauthd and configures it for postfix. +-- +-- Does not configure postfix to use it; eg smtpd_sasl_auth_enable = yes +-- needs to be set to enable use. See +-- https://wiki.debian.org/PostfixAndSASL +saslAuthdInstalled :: Property NoInfo +saslAuthdInstalled = setupdaemon + `requires` Service.running "saslauthd" + `requires` postfixgroup + `requires` dirperm + `requires` Apt.installed ["sasl2-bin"] + `requires` smtpdconf + where + setupdaemon = "/etc/default/saslauthd" `File.containsLines` + [ "START=yes" + , "OPTIONS=\"-c -m /var/spool/postfix/var/run/saslauthd\"" + ] + `onChange` Service.restarted "saslauthd" + smtpdconf = "/etc/postfix/sasl/smtpd.conf" `File.containsLines` + [ "pwcheck_method: saslauthd" + , "mech_list: PLAIN LOGIN" + ] + dirperm = cmdProperty "dpkg-statoverride" + [ "--add", "root", "sasl", "710", "/var/spool/postfix/var/run/saslauthd"] + postfixgroup = "postfix" `User.hasGroup` "sasl" + `onChange` restarted -- cgit v1.3-2-g0d8e From 3c7c40dd67a48a81d19e24df8d2ca148ae553bd1 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 1 Feb 2015 14:50:54 -0400 Subject: propellor spin --- src/Propellor/Property/Postfix.hs | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'src/Propellor/Property/Postfix.hs') diff --git a/src/Propellor/Property/Postfix.hs b/src/Propellor/Property/Postfix.hs index f37e179e..1e1a3a23 100644 --- a/src/Propellor/Property/Postfix.hs +++ b/src/Propellor/Property/Postfix.hs @@ -142,14 +142,16 @@ saslAuthdInstalled = setupdaemon where setupdaemon = "/etc/default/saslauthd" `File.containsLines` [ "START=yes" - , "OPTIONS=\"-c -m /var/spool/postfix/var/run/saslauthd\"" + , "OPTIONS=\"-c -m " ++ dir ++ "\"" ] `onChange` Service.restarted "saslauthd" smtpdconf = "/etc/postfix/sasl/smtpd.conf" `File.containsLines` [ "pwcheck_method: saslauthd" , "mech_list: PLAIN LOGIN" ] - dirperm = cmdProperty "dpkg-statoverride" - [ "--add", "root", "sasl", "710", "/var/spool/postfix/var/run/saslauthd"] + dirperm = check (not <$> doesDirectoryExist dir) $ + cmdProperty "dpkg-statoverride" + [ "--add", "root", "sasl", "710", dir ] postfixgroup = "postfix" `User.hasGroup` "sasl" `onChange` restarted + dir = "/var/spool/postfix/var/run/saslauthd" -- cgit v1.3-2-g0d8e From 0ea97943246f44a3a2b32c6bc67a1f40b97103b7 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 1 Feb 2015 15:08:30 -0400 Subject: propellor spin --- src/Propellor/Property/Postfix.hs | 3 ++- src/Propellor/Property/SiteSpecific/JoeySites.hs | 2 -- 2 files changed, 2 insertions(+), 3 deletions(-) (limited to 'src/Propellor/Property/Postfix.hs') diff --git a/src/Propellor/Property/Postfix.hs b/src/Propellor/Property/Postfix.hs index 1e1a3a23..0abd783e 100644 --- a/src/Propellor/Property/Postfix.hs +++ b/src/Propellor/Property/Postfix.hs @@ -127,7 +127,8 @@ dedupCf ls = Just n | n > 1 -> dedup c (M.insert k (n - 1) kc) rest _ -> dedup (fmt k v:c) kc rest --- | Installs saslauthd and configures it for postfix. +-- | Installs saslauthd and configures it for postfix, authenticating +-- against PAM. -- -- Does not configure postfix to use it; eg smtpd_sasl_auth_enable = yes -- needs to be set to enable use. See diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs index 0d4687e7..a3413d67 100644 --- a/src/Propellor/Property/SiteSpecific/JoeySites.hs +++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs @@ -518,8 +518,6 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props , "# Password auth for relaying (used by errol)" , "smtpd_sasl_auth_enable = yes" - , "smtpd_sasl_type = dovecot" - , "smtpd_sasl_path = private/auth" , "smtpd_sasl_security_options = noanonymous" , "smtpd_sasl_local_domain = kitenet.net" -- cgit v1.3-2-g0d8e