refactor: recreate profiles::postfix::gateway with parameterization and templates
Build / precommit (pull_request) Successful in 5m18s
Build / precommit (pull_request) Successful in 5m18s
- refactor profiles::postfix::gateway as parameterized class - move base postfix parameters, transports, and virtuals to hiera for flexibility - convert SMTP restrictions to arrays for better readability using join() - add postscreen enable/disable boolean with conditional master.cf configuration - add per-domain TLS policy maps (smtp_tls_policy_maps) - convert alias_maps to array parameter for flexibility - convert all postfix map files to ERB templates with parameter hashes - add map parameters: sender_canonical_maps, sender_access_maps, relay_recipients_maps, relay_domains_maps, recipient_canonical_maps, recipient_access_maps, postscreen_access_maps, helo_access_maps - move default map data to hiera while keeping parameters as empty hashes by default This approach balances flexibility with data-driven configuration, allowing easy customization through parameters while keeping transport/virtual maps and default map data in hiera for role-specific overrides.
This commit is contained in:
@@ -1,11 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
# HELO/EHLO access controls
|
||||
# Format: pattern action
|
||||
# Actions: REJECT, OK, WARN, etc.
|
||||
|
||||
# Block common spam patterns
|
||||
.dynamic. REJECT
|
||||
.dialup. REJECT
|
||||
unknown REJECT
|
||||
localhost REJECT You are not localhost
|
||||
@@ -1,4 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
127.0.0.1/32 permit
|
||||
10.10.12.200/32 permit
|
||||
@@ -1,9 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
# Recipient access controls
|
||||
# Format: recipient_pattern action
|
||||
# Actions: REJECT, OK, WARN, DISCARD, etc.
|
||||
|
||||
# Protected recipients that require special handling
|
||||
# Example entries:
|
||||
# @main.unkin.net OK
|
||||
@@ -1,8 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
# Recipient canonical address mapping
|
||||
# Format: original_address canonical_address
|
||||
# Used to rewrite recipient addresses
|
||||
|
||||
# Example mappings:
|
||||
# user@olddomain.com user@main.unkin.net
|
||||
@@ -1,3 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
main.unkin.net OK
|
||||
@@ -1,3 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
@main.unkin.net OK
|
||||
@@ -1,10 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
# Sender access controls
|
||||
# Format: sender_pattern action
|
||||
# Actions: REJECT, OK, WARN, DISCARD, etc.
|
||||
|
||||
# Block known spam domains
|
||||
# Example entries:
|
||||
# spammer@example.com REJECT
|
||||
# @badspammer.com REJECT
|
||||
@@ -1,8 +0,0 @@
|
||||
# FILE MANAGED BY PUPPET, CHANGES WILL BE REPLACED
|
||||
|
||||
# Sender canonical address mapping
|
||||
# Format: original_address canonical_address
|
||||
# Used to rewrite sender addresses
|
||||
|
||||
# Example mappings:
|
||||
# user@internal.local user@main.unkin.net
|
||||
Reference in New Issue
Block a user