summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoey Hess2015-02-01 14:48:13 -0400
committerJoey Hess2015-02-01 14:48:13 -0400
commitbcdc5754fce030fd9a7b213d46ffd27b502f398a (patch)
treef24dfa7c89f02495c94d6fd8f9fee6a807853b82 /src
parentf276466cf280b9ce91bbfefce35d2a27ebc87843 (diff)
propellor spin
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/Postfix.hs32
-rw-r--r--src/Propellor/Property/SiteSpecific/JoeySites.hs4
2 files changed, 33 insertions, 3 deletions
diff --git a/src/Propellor/Property/Postfix.hs b/src/Propellor/Property/Postfix.hs
index fbb1ea51..f37e179e 100644
--- a/src/Propellor/Property/Postfix.hs
+++ b/src/Propellor/Property/Postfix.hs
@@ -4,8 +4,9 @@ module Propellor.Property.Postfix where
import Propellor
import qualified Propellor.Property.Apt as Apt
-import Propellor.Property.File
+import qualified Propellor.Property.File as File
import qualified Propellor.Property.Service as Service
+import qualified Propellor.Property.User as User
import qualified Data.Map as M
import Data.List
@@ -103,7 +104,7 @@ mainCfIsSet name = do
-- Note that multiline configurations that continue onto the next line
-- are not currently supported.
dedupMainCf :: Property NoInfo
-dedupMainCf = fileProperty "postfix main.cf dedupped" dedupCf mainCfFile
+dedupMainCf = File.fileProperty "postfix main.cf dedupped" dedupCf mainCfFile
dedupCf :: [String] -> [String]
dedupCf ls =
@@ -125,3 +126,30 @@ dedupCf ls =
dedup c kc ((Right (k, v)):rest) = case M.lookup k kc of
Just n | n > 1 -> dedup c (M.insert k (n - 1) kc) rest
_ -> dedup (fmt k v:c) kc rest
+
+-- | Installs saslauthd and configures it for postfix.
+--
+-- Does not configure postfix to use it; eg smtpd_sasl_auth_enable = yes
+-- needs to be set to enable use. See
+-- https://wiki.debian.org/PostfixAndSASL
+saslAuthdInstalled :: Property NoInfo
+saslAuthdInstalled = setupdaemon
+ `requires` Service.running "saslauthd"
+ `requires` postfixgroup
+ `requires` dirperm
+ `requires` Apt.installed ["sasl2-bin"]
+ `requires` smtpdconf
+ where
+ setupdaemon = "/etc/default/saslauthd" `File.containsLines`
+ [ "START=yes"
+ , "OPTIONS=\"-c -m /var/spool/postfix/var/run/saslauthd\""
+ ]
+ `onChange` Service.restarted "saslauthd"
+ smtpdconf = "/etc/postfix/sasl/smtpd.conf" `File.containsLines`
+ [ "pwcheck_method: saslauthd"
+ , "mech_list: PLAIN LOGIN"
+ ]
+ dirperm = cmdProperty "dpkg-statoverride"
+ [ "--add", "root", "sasl", "710", "/var/spool/postfix/var/run/saslauthd"]
+ postfixgroup = "postfix" `User.hasGroup` "sasl"
+ `onChange` restarted
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index 7b6a61e4..0d4687e7 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -450,6 +450,8 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
& dkimInstalled
+ & Postfix.saslAuthdInstalled
+
& Apt.installed ["maildrop"]
& "/etc/maildroprc" `File.hasContent`
[ "# Global maildrop filter file (deployed with propellor)"
@@ -514,7 +516,7 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props
, "# Filter out client relay lines from headers."
, "header_checks = pcre:$config_directory/obscure_client_relay.pcre"
- , "# Password auth for relaying"
+ , "# Password auth for relaying (used by errol)"
, "smtpd_sasl_auth_enable = yes"
, "smtpd_sasl_type = dovecot"
, "smtpd_sasl_path = private/auth"