aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2020-06-14 11:48:53 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2020-06-14 11:48:53 +0200
commit3534ba1a19844e55982cb773599671d2fdb4be02 (patch)
tree0a523f5c5c5c00c7d31d75c87609afef2fe8c65e
parent9b7fd2fc0ac6f11e47a9355ba6ec7db0f0e42dbe (diff)
downloadinfrastructure-3534ba1a19844e55982cb773599671d2fdb4be02.tar.gz
infrastructure-3534ba1a19844e55982cb773599671d2fdb4be02.zip
Read domain name from LDAP
-rw-r--r--consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl12
-rw-r--r--consul/configuration/email/postfix/main.cf5
-rw-r--r--nomad/email.hcl10
-rw-r--r--nomad/jitsi.hcl2
4 files changed, 24 insertions, 5 deletions
diff --git a/consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl b/consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl
new file mode 100644
index 0000000..e013953
--- /dev/null
+++ b/consul/configuration/email/postfix/ldap-virtual-domains.cf.tpl
@@ -0,0 +1,12 @@
+bind = yes
+bind_dn = {{ key "secrets/email/postfix/ldap_binddn" | trimSpace }}
+bind_pw = {{ key "secrets/email/postfix/ldap_bindpwd" | trimSpace }}
+version = 3
+timeout = 20
+start_tls = no
+tls_require_cert = no
+server_host = ldap://bottin2.service.2.cluster.deuxfleurs.fr
+scope = sub
+search_base = ou=domains,ou=groups,dc=deuxfleurs,dc=fr
+query_filter = (&(objectclass=dNSDomain)(domain=%s))
+result_attribute = domain
diff --git a/consul/configuration/email/postfix/main.cf b/consul/configuration/email/postfix/main.cf
index f121089..4204cb4 100644
--- a/consul/configuration/email/postfix/main.cf
+++ b/consul/configuration/email/postfix/main.cf
@@ -90,13 +90,10 @@ slow_destination_concurrency_limit = 2
# Transport configuration
#====
transport_maps = hash:/etc/postfix/transport
-virtual_mailbox_domains = deuxfleurs.fr, dufour.io, dufour.tk
+virtual_mailbox_domains = ldap:/etc/postfix/ldap-virtual-domains.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap-account.cf
-#virtual_alias_domains = deuxfleurs.fr, dufour.io, dufour.tk
virtual_alias_maps = ldap:/etc/postfix/ldap-alias.cf
virtual_transport = lmtp:dovecot-lmtp.service.2.cluster.deuxfleurs.fr:24
-#master_service_disable =
-#tcp_windowsize = 1400
#===
# Mail filters
diff --git a/nomad/email.hcl b/nomad/email.hcl
index 75849cd..4b4be41 100644
--- a/nomad/email.hcl
+++ b/nomad/email.hcl
@@ -356,6 +356,16 @@ job "email" {
destination = "secrets/postfix/ldap-alias.cf"
}
+ artifact {
+ source = "http://127.0.0.1:8500/v1/kv/configuration/email/postfix/ldap-virtual-domains.cf.tpl?raw"
+ destination = "secrets/postfix/ldap-virtual-domains.cf.tpl"
+ mode = "file"
+ }
+ template {
+ source = "secrets/postfix/ldap-virtual-domains.cf.tpl"
+ destination = "secrets/postfix/ldap-virtual-domains.cf"
+ }
+
template {
data = "{{ key \"configuration/email/postfix/postfix.crt\" }}"
diff --git a/nomad/jitsi.hcl b/nomad/jitsi.hcl
index 00d7767..4ef2f98 100644
--- a/nomad/jitsi.hcl
+++ b/nomad/jitsi.hcl
@@ -182,7 +182,7 @@ job "jitsi" {
resources {
cpu = 300
- memory = 200
+ memory = 400
}
}