diff --git a/bin/script-template b/bin/script-template index 88ad260..1b90bff 100755 --- a/bin/script-template +++ b/bin/script-template @@ -4,13 +4,3 @@ from bundlewrap.repo import Repository from os.path import realpath, dirname repo = Repository(dirname(dirname(realpath(__file__)))) -domains = set() - -for node in repo.nodes: - domains.update( - set(node.metadata.get('opendkim/domains', [])) - ) - -print(domains) - -# Do in Metaproc diff --git a/bundles/mailserver/metadata.py b/bundles/mailserver/metadata.py index fe73dba..8857007 100644 --- a/bundles/mailserver/metadata.py +++ b/bundles/mailserver/metadata.py @@ -1,3 +1,5 @@ +from ipaddress import ip_interface + database_password = repo.vault.password_for(f'{node.name} db mailserver') defaults = { @@ -10,6 +12,7 @@ defaults = { 'password': database_password, }, 'test_password': repo.vault.password_for(f'{node.name} test_pw mailserver'), + 'domains': [], }, 'postgresql': { 'roles': { @@ -33,6 +36,24 @@ defaults = { }, } + +@metadata_reactor.provides( + 'dns', +) +def dns(metadata): + dns = {} + + for domain in metadata.get('mailserver/domains'): + dns[domain] = { + 'MX': [ + str(ip_interface(metadata.get('network/ipv4')).ip) + ], + } + + return { + 'dns': dns, + } + @metadata_reactor.provides( 'letsencrypt/domains', ) diff --git a/bundles/nginx/metadata.py b/bundles/nginx/metadata.py index 5fd11dc..2008a46 100644 --- a/bundles/nginx/metadata.py +++ b/bundles/nginx/metadata.py @@ -1,5 +1,4 @@ from ipaddress import ip_interface -from bundlewrap.metadata import atomic defaults = { 'apt': { diff --git a/bundles/opendkim/items.py b/bundles/opendkim/items.py index 1e0ccd9..5d10151 100644 --- a/bundles/opendkim/items.py +++ b/bundles/opendkim/items.py @@ -32,20 +32,20 @@ files = { '/etc/opendkim/key_table': { 'content_type': 'mako', 'context': { - 'domains': node.metadata.get('opendkim/domains'), + 'domains': node.metadata.get('mailserver/domains'), }, **file_attributes, }, '/etc/opendkim/signing_table': { 'content_type': 'mako', 'context': { - 'domains': node.metadata.get('opendkim/domains'), + 'domains': node.metadata.get('mailserver/domains'), }, **file_attributes, }, } -for domain in node.metadata.get('opendkim/domains'): +for domain in node.metadata.get('mailserver/domains'): directories[f'/etc/opendkim/keys/{domain}'] = { **file_attributes, 'purge': True, diff --git a/bundles/opendkim/metadata.py b/bundles/opendkim/metadata.py index 5f2d68f..2f4bb9e 100644 --- a/bundles/opendkim/metadata.py +++ b/bundles/opendkim/metadata.py @@ -13,7 +13,6 @@ defaults = { }, }, 'opendkim': { - 'domains': [], 'keys': {}, }, 'dns': { @@ -32,7 +31,7 @@ defaults = { def keys(metadata): keys = {} - for domain in metadata.get('opendkim/domains'): + for domain in metadata.get('mailserver/domains'): if domain in metadata.get(f'opendkim/keys'): continue diff --git a/groups/all.py b/groups/all.py new file mode 100644 index 0000000..0967ef4 --- /dev/null +++ b/groups/all.py @@ -0,0 +1 @@ +{} diff --git a/groups/os/linux.py b/groups/os/linux.py index 9917160..0f8f0d7 100644 --- a/groups/os/linux.py +++ b/groups/os/linux.py @@ -1,4 +1,7 @@ { + 'supergroups': [ + 'all', + ], 'bundles': [ 'network', 'systemd', diff --git a/nodes/htz.mails.py b/nodes/htz.mails.py index 735b9b1..0c93520 100644 --- a/nodes/htz.mails.py +++ b/nodes/htz.mails.py @@ -37,8 +37,6 @@ 'mailserver': { 'hostname': 'mail2.sublimity.de', 'admin_email': 'postmaster@sublimity.de', - }, - 'opendkim': { 'domains': [ 'mail2.sublimity.de', # 'sublimity.de',