From dca0c27ec1680dac2a3d77c8c5efada47abde921 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 21 Aug 2017 11:49:50 -0400 Subject: propellor spin --- src/Propellor/Property/SiteSpecific/JoeySites.hs | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs index ab3825a0..80810b0b 100644 --- a/src/Propellor/Property/SiteSpecific/JoeySites.hs +++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs @@ -520,7 +520,6 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props & "/etc/aliases" `File.hasPrivContentExposed` ctx `onChange` Postfix.newaliases - & hasPostfixCert ctx & "/etc/postfix/mydomain" `File.containsLines` [ "/.*\\.kitenet\\.net/\tOK" @@ -583,9 +582,9 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props , "milter_default_action = accept" , "# TLS setup -- server" - , "smtpd_tls_CAfile = /etc/ssl/certs/joeyca.pem" - , "smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem" - , "smtpd_tls_key_file = /etc/ssl/private/postfix.pem" + , "smtpd_tls_CAfile = /etc/letsencrypt/live/kitenet.net/fullchain.pem" + , "smtpd_tls_cert_file = /etc/letsencrypt/live/kitenet.net/cert.pem" + , "smtpd_tls_key_file = /etc/letsencrypt/live/kitenet.net/privkey.pem" , "smtpd_tls_loglevel = 1" , "smtpd_tls_received_header = yes" , "smtpd_use_tls = yes" @@ -593,9 +592,9 @@ kiteMailServer = propertyList "kitenet.net mail server" $ props , "smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache" , "# TLS setup -- client" - , "smtp_tls_CAfile = /etc/ssl/certs/joeyca.pem" - , "smtp_tls_cert_file = /etc/ssl/certs/postfix.pem" - , "smtp_tls_key_file = /etc/ssl/private/postfix.pem" + , "smtp_tls_CAfile = /etc/letsencrypt/live/kitenet.net/fullchain.pem" + , "smtp_tls_cert_file = /etc/letsencrypt/live/kitenet.net/cert.pem" + , "smtp_tls_key_file = /etc/letsencrypt/live/kitenet.net/privkey.pem" , "smtp_tls_loglevel = 1" , "smtp_use_tls = yes" , "smtp_tls_session_cache_database = sdbm:/etc/postfix/smtp_scache" @@ -716,11 +715,6 @@ postfixSaslPasswordClient = combineProperties "postfix uses SASL password to aut ] `onChange` Postfix.reloaded -hasPostfixCert :: Context -> Property (HasInfo + UnixLike) -hasPostfixCert ctx = combineProperties "postfix tls cert installed" $ props - & "/etc/ssl/certs/postfix.pem" `File.hasPrivContentExposed` ctx - & "/etc/ssl/private/postfix.pem" `File.hasPrivContent` ctx - -- Legacy static web sites and redirections from kitenet.net to newer -- sites. legacyWebSites :: Property (HasInfo + DebianLike) -- cgit v1.2.3