summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/SiteSpecific/JoeySites.hs
diff options
context:
space:
mode:
authorJoey Hess2016-03-30 21:58:56 -0400
committerJoey Hess2016-03-30 21:58:56 -0400
commit947e73a2021fcad36a806a224f171e0dba9ee7da (patch)
treec811604fea144f8128b914f0348e6ae3ba56f5e2 /src/Propellor/Property/SiteSpecific/JoeySites.hs
parent4d3da17e9b02b71847836cabfbaccf47db0e2b30 (diff)
propellor spin
Diffstat (limited to 'src/Propellor/Property/SiteSpecific/JoeySites.hs')
-rw-r--r--src/Propellor/Property/SiteSpecific/JoeySites.hs10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index a6cb3794..d2bd70fe 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -558,7 +558,7 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
& "/etc/aliases" `File.hasPrivContentExposed` ctx
`onChange` Postfix.newaliases
- & hasJoeyCAChain
+ & hasStartSslCAChain
& hasPostfixCert ctx
& "/etc/postfix/mydomain" `File.containsLines`
@@ -622,7 +622,7 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
, "milter_default_action = accept"
, "# TLS setup -- server"
- , "smtpd_tls_CAfile = /etc/ssl/certs/joeyca.pem"
+ , "smtpd_tls_CAfile = /etc/ssl/certs/startssl.pem"
, "smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem"
, "smtpd_tls_key_file = /etc/ssl/private/postfix.pem"
, "smtpd_tls_loglevel = 1"
@@ -632,7 +632,7 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
, "smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache"
, "# TLS setup -- client"
- , "smtp_tls_CAfile = /etc/ssl/certs/joeyca.pem"
+ , "smtp_tls_CAfile = /etc/ssl/certs/startssl.pem"
, "smtp_tls_cert_file = /etc/ssl/certs/postfix.pem"
, "smtp_tls_key_file = /etc/ssl/private/postfix.pem"
, "smtp_tls_loglevel = 1"
@@ -751,6 +751,10 @@ hasJoeyCAChain :: Property (HasInfo + UnixLike)
hasJoeyCAChain = "/etc/ssl/certs/joeyca.pem" `File.hasPrivContentExposed`
Context "joeyca.pem"
+hasStartSslCAChain :: Property (HasInfo + UnixLike)
+hasStartSslCAChain = "/etc/ssl/certs/startssl.pem" `File.hasPrivContentExposed`
+ Context "startssl.pem"
+
hasPostfixCert :: Context -> Property (HasInfo + UnixLike)
hasPostfixCert ctx = combineProperties "postfix tls cert installed" $ props
& "/etc/ssl/certs/postfix.pem" `File.hasPrivContentExposed` ctx