SMTP Relay Charm

Merge ~kotodama/smtp-relay-charm/+git/smtp-relay-charm:relay_recipient_maps into smtp-relay-charm:master

  1. Git
  2. lp:~kotodama/smtp-relay-charm/+git/smtp-relay-charm
  3. relay_recipient_maps
  4. Merge into master
Proposed by Loïc Gomez
Status: Merged
Approved by: Haw Loeung
Approved revision: 12b3c440bef279a8f43b898ce1a8d8d8fe2f3a9b
Merged at revision: 7b47dbb2599a043c21354ede1f83cdb54139b76e
Proposed branch: ~kotodama/smtp-relay-charm/+git/smtp-relay-charm:relay_recipient_maps
Merge into: smtp-relay-charm:master
Diff against target: 212 lines (+113/-11)
7 files modified
config.yaml (+9/-0)
reactive/smtp_relay.py (+2/-0)
templates/postfix_main_cf.tmpl (+12/-9)
tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps.cf (+1/-0)
tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps_combined.cf (+63/-0)
tests/unit/files/postfix_main_transport_maps_with_virtual_alias_maps.cf (+1/-2)
tests/unit/test_smtp_relay.py (+25/-0)
Reviewer Review Type Date Requested Status
Haw Loeung +1 Approve
Canonical IS Reviewers Pending
Review via email: mp+416892@code.launchpad.net

Commit message

Add relay_recipient_maps_combined: use transport/aliases as relay_recipient_maps

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Haw Loeung (hloeung) wrote :

LGTM

review: Approve (+1)
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 7b47dbb2599a043c21354ede1f83cdb54139b76e

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/config.yaml b/config.yaml
2index a9daa9b..cc05bde 100644
3--- a/config.yaml
4+++ b/config.yaml
5@@ -83,6 +83,15 @@ options:
6 indicate it is managed outside of juju configs).
7
8 http://www.postfix.org/postconf.5.html#relay_recipient_maps
9+ relay_recipient_maps_combined:
10+ type: boolean
11+ default: false
12+ description: |
13+ Use virtual_alias_maps and transport_maps as value for
14+ relay_recipient_maps.
15+
16+ Allows for all configured aliases and transports to be valid
17+ recipients for relay_domains.
18 restrict_recipients:
19 type: string
20 default: ''
21diff --git a/reactive/smtp_relay.py b/reactive/smtp_relay.py
22index dc13259..5e8354b 100644
23--- a/reactive/smtp_relay.py
24+++ b/reactive/smtp_relay.py
25@@ -115,6 +115,7 @@ def configure_smtp_auth(dovecot_config='/etc/dovecot/dovecot.conf', dovecot_user
26 'config.changed.relay_domains',
27 'config.changed.relay_host',
28 'config.changed.relay_recipient_maps',
29+ 'config.changed.relay_recipient_maps_combined',
30 'config.changed.restrict_recipients',
31 'config.changed.restrict_senders',
32 'config.changed.restrict_sender_access',
33@@ -218,6 +219,7 @@ def configure_smtp_relay(postfix_conf_dir='/etc/postfix', tls_dh_params='/etc/ss
34 'relayhost': config['relay_host'],
35 'relay_domains': config['relay_domains'],
36 'relay_recipient_maps': bool(config['relay_recipient_maps']),
37+ 'relay_recipient_maps_combined': bool(config['relay_recipient_maps_combined']),
38 'restrict_recipients': bool(config['restrict_recipients']),
39 'restrict_senders': bool(config['restrict_senders']),
40 'restrict_sender_access': bool(config['restrict_sender_access']),
41diff --git a/templates/postfix_main_cf.tmpl b/templates/postfix_main_cf.tmpl
42index 6748faf..1f62150 100644
43--- a/templates/postfix_main_cf.tmpl
44+++ b/templates/postfix_main_cf.tmpl
45@@ -103,18 +103,21 @@ non_smtpd_milters = {{milter}}
46 header_checks = regexp:/etc/postfix/header_checks
47 {% endif -%}
48
49+{%- if virtual_alias_domains %}
50+virtual_alias_domains = {{virtual_alias_domains}}
51+{%- endif %}
52 {%- if relay_domains %}
53 relay_domains = {{relay_domains}}
54-{% endif -%}
55-{%- if relay_recipient_maps -%}
56-relay_recipient_maps = hash:/etc/postfix/relay_recipient
57-{% endif -%}
58+{% endif %}
59+
60 {%- if transport_maps %}
61 transport_maps = hash:/etc/postfix/transport
62-{% endif -%}
63-{%- if virtual_alias_domains %}
64-virtual_alias_domains = {{virtual_alias_domains}}
65-{%- endif -%}
66-{%- if virtual_alias_maps %}
67+{% endif %}
68+{%- if virtual_alias_maps -%}
69 virtual_alias_maps = hash:/etc/postfix/virtual_alias
70 {% endif %}
71+{%- if relay_recipient_maps_combined -%}
72+relay_recipient_maps = ${virtual_alias_maps}, ${transport_maps}
73+{% elif relay_recipient_maps %}
74+relay_recipient_maps = hash:/etc/postfix/relay_recipient
75+{% endif %}
76diff --git a/tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps.cf b/tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps.cf
77index 5bc2414..d43ca81 100644
78--- a/tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps.cf
79+++ b/tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps.cf
80@@ -57,4 +57,5 @@ smtpd_tls_auth_only = yes
81 smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/access
82
83 relay_domains = mydomain.local mydomain2.local
84+
85 relay_recipient_maps = hash:/etc/postfix/relay_recipient
86diff --git a/tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps_combined.cf b/tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps_combined.cf
87new file mode 100644
88index 0000000..d686512
89--- /dev/null
90+++ b/tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps_combined.cf
91@@ -0,0 +1,63 @@
92+## This file is Juju managed - do not edit by hand #
93+
94+
95+smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
96+biff = no
97+
98+append_dot_mydomain = no
99+
100+readme_directory = no
101+
102+# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
103+# fresh installs.
104+compatibility_level = 2
105+
106+# TLS parameters
107+tls_preempt_cipherlist = yes
108+smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
109+smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
110+smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams.pem
111+smtpd_tls_ciphers = HIGH
112+smtpd_tls_exclude_ciphers = aNULL, eNULL, DES, 3DES, MD5, RC4, CAMELLIA
113+smtpd_tls_loglevel = 1
114+smtpd_tls_mandatory_ciphers = HIGH
115+smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
116+smtpd_tls_protocols = !SSLv2 !SSLv3
117+smtpd_tls_received_header = yes
118+smtpd_tls_security_level = may
119+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
120+
121+smtp_tls_CApath = /etc/ssl/certs
122+smtp_tls_loglevel = 1
123+smtp_tls_security_level = may
124+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
125+
126+message_size_limit = 61440000
127+strict_rfc821_envelopes = yes
128+smtpd_client_connection_count_limit = 100
129+smtpd_helo_required = yes
130+smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
131+myhostname = juju-87625f-hloeung-94.openstacklocal
132+alias_maps = hash:/etc/aliases
133+alias_database = hash:/etc/aliases
134+mydestination = $myhostname, juju-87625f-hloeung-94, localhost.localdomain, localhost
135+relayhost =
136+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
137+mailbox_size_limit = 0
138+recipient_delimiter = +
139+inet_interfaces = all
140+inet_protocols = all
141+
142+broken_sasl_auth_clients = yes
143+smtpd_sasl_auth_enable = yes
144+smtpd_sasl_security_options = noanonymous
145+smtpd_sasl_type = dovecot
146+smtpd_sasl_path = private/auth
147+smtpd_tls_auth_only = yes
148+smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/access
149+
150+relay_domains = mydomain.local mydomain2.local
151+
152+transport_maps = hash:/etc/postfix/transport
153+virtual_alias_maps = hash:/etc/postfix/virtual_alias
154+relay_recipient_maps = ${virtual_alias_maps}, ${transport_maps}
155diff --git a/tests/unit/files/postfix_main_transport_maps_with_virtual_alias_maps.cf b/tests/unit/files/postfix_main_transport_maps_with_virtual_alias_maps.cf
156index a53e353..dc25f1f 100644
157--- a/tests/unit/files/postfix_main_transport_maps_with_virtual_alias_maps.cf
158+++ b/tests/unit/files/postfix_main_transport_maps_with_virtual_alias_maps.cf
159@@ -56,9 +56,8 @@ smtpd_sasl_path = private/auth
160 smtpd_tls_auth_only = yes
161 smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/access
162
163+virtual_alias_domains = mydomain.local mydomain2.local
164 relay_domains = mydomain.local mydomain2.local
165
166 transport_maps = hash:/etc/postfix/transport
167-
168-virtual_alias_domains = mydomain.local mydomain2.local
169 virtual_alias_maps = hash:/etc/postfix/virtual_alias
170diff --git a/tests/unit/test_smtp_relay.py b/tests/unit/test_smtp_relay.py
171index 6324706..58ab466 100644
172--- a/tests/unit/test_smtp_relay.py
173+++ b/tests/unit/test_smtp_relay.py
174@@ -69,6 +69,7 @@ class TestCharm(unittest.TestCase):
175 'relay_domains': '',
176 'relay_host': '',
177 'relay_recipient_maps': '',
178+ 'relay_recipient_maps_combined': False,
179 'restrict_recipients': '',
180 'restrict_senders': '',
181 'restrict_sender_access': '',
182@@ -950,6 +951,30 @@ someplace.local encrypt
183 @mock.patch('reactive.smtp_relay._get_autocert_cn')
184 @mock.patch('reactive.smtp_relay._get_milters')
185 @mock.patch('subprocess.call')
186+ def test_configure_smtp_relay_config_relay_domains_with_relay_recipient_maps_combined(
187+ self, call, get_milters, get_cn, set_flag, clear_flag
188+ ):
189+ postfix_main_cf = os.path.join(self.tmpdir, 'main.cf')
190+ get_cn.return_value = ''
191+ get_milters.return_value = ''
192+ self.mock_config.return_value['relay_domains'] = 'mydomain.local mydomain2.local'
193+ self.mock_config.return_value['relay_recipient_maps_combined'] = True
194+ self.mock_config.return_value['transport_maps'] = '.mydomain.local smtp:[smtp.mydomain.local]'
195+ self.mock_config.return_value['virtual_alias_maps'] = 'abuse@mydomain.local sysadmin@mydomain.local'
196+ smtp_relay.configure_smtp_relay(self.tmpdir)
197+ with open(
198+ 'tests/unit/files/postfix_main_relay_domains_with_relay_recipient_maps_combined.cf', 'r', encoding='utf-8'
199+ ) as f:
200+ want = f.read()
201+ with open(postfix_main_cf, 'r', encoding='utf-8') as f:
202+ got = f.read()
203+ self.assertEqual(want, got)
204+
205+ @mock.patch('charms.reactive.clear_flag')
206+ @mock.patch('charms.reactive.set_flag')
207+ @mock.patch('reactive.smtp_relay._get_autocert_cn')
208+ @mock.patch('reactive.smtp_relay._get_milters')
209+ @mock.patch('subprocess.call')
210 def test_configure_smtp_relay_config_transport_maps(self, call, get_milters, get_cn, set_flag, clear_flag):
211 postfix_main_cf = os.path.join(self.tmpdir, 'main.cf')
212 postfix_transport_maps = os.path.join(self.tmpdir, 'transport')

Subscribers

People subscribed via source and target branches