finetuning lldap mail settings (#6)
Reviewed-on: #6 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
parent
2e249095b8
commit
5e6034bf59
6 changed files with 24 additions and 11 deletions
|
@ -11,11 +11,14 @@ services:
|
||||||
SMTP_USERNAME: info@mgrote.net
|
SMTP_USERNAME: info@mgrote.net
|
||||||
SMTP_PASSWORD: "{{ lookup('keepass', 'strato_smtp_password', 'password') }}"
|
SMTP_PASSWORD: "{{ lookup('keepass', 'strato_smtp_password', 'password') }}"
|
||||||
SERVER_HOSTNAME: mgrote.net
|
SERVER_HOSTNAME: mgrote.net
|
||||||
# DEBUG: "yes" # literal
|
# DEBUG: "yes" # as string not boolean
|
||||||
ALWAYS_ADD_MISSING_HEADERS: "no" # literal
|
ALWAYS_ADD_MISSING_HEADERS: "no" # as string not boolean
|
||||||
# LOG_SUBJECT: "yes" # literal
|
# LOG_SUBJECT: "yes" # as string not boolean
|
||||||
INET_PROTOCOL: ipv4
|
INET_PROTOCOL: ipv4
|
||||||
#SMTP_GENERIC_MAP: "/.*/ info@mgrote.net" # deactivated; dont overwrite sender
|
SMTP_GENERIC_MAP: |
|
||||||
|
/nobody@lldap/ lldap@mgrote.net
|
||||||
|
# rewrite FROM "nobody@lldap" to "lldap@mgrote.net"
|
||||||
|
# /.*/ würde alle absender adressen ersetzen
|
||||||
networks:
|
networks:
|
||||||
- mail-relay
|
- mail-relay
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
|
|
@ -35,7 +35,7 @@ lldap_logging_verbose: "true" # must be a string not a boolean
|
||||||
lldap_http_port: 17170
|
lldap_http_port: 17170
|
||||||
lldap_http_host: "0.0.0.0"
|
lldap_http_host: "0.0.0.0"
|
||||||
lldap_ldap_host: "0.0.0.0"
|
lldap_ldap_host: "0.0.0.0"
|
||||||
lldap_public_url: http://localhost
|
lldap_public_url: http://ldap.mgrote.net:17170
|
||||||
lldap_jwt_secret: "{{ lookup('keepass', 'lldap_jwt_secret', 'password') }}"
|
lldap_jwt_secret: "{{ lookup('keepass', 'lldap_jwt_secret', 'password') }}"
|
||||||
lldap_ldap_base_dn: "dc=mgrote,dc=net"
|
lldap_ldap_base_dn: "dc=mgrote,dc=net"
|
||||||
lldap_admin_username: ladmin # only used on setup
|
lldap_admin_username: ladmin # only used on setup
|
||||||
|
@ -43,12 +43,12 @@ lldap_admin_password: "{{ lookup('keepass', 'lldap_ldap_user_pass', 'password')
|
||||||
lldap_admin_mailaddress: lldap-admin@mgrote.net # only used on setup
|
lldap_admin_mailaddress: lldap-admin@mgrote.net # only used on setup
|
||||||
lldap_database_url: "postgres://{{ lldap_db_user }}:{{ lldap_db_pass }}@{{ lldap_db_host }}/{{ lldap_db_name }}"
|
lldap_database_url: "postgres://{{ lldap_db_user }}:{{ lldap_db_pass }}@{{ lldap_db_host }}/{{ lldap_db_name }}"
|
||||||
lldap_key_seed: "{{ lookup('keepass', 'lldap_key_seed', 'password') }}"
|
lldap_key_seed: "{{ lookup('keepass', 'lldap_key_seed', 'password') }}"
|
||||||
lldap_smtp_from: "LLDAP Admin <info@mgrote.net>"
|
#lldap_smtp_from: "lldap@mgrote.net" # unused in role
|
||||||
lldap_smtp_reply_to: "Do not reply <info@mgrote.net>"
|
lldap_smtp_reply_to: "Do not reply <info@mgrote.net>"
|
||||||
lldap_smtp_server: "docker10.mgrote.net"
|
lldap_smtp_server: "docker10.mgrote.net"
|
||||||
lldap_smtp_port: "1025"
|
lldap_smtp_port: "1025"
|
||||||
lldap_smtp_smtp_encryption: "NONE"
|
lldap_smtp_smtp_encryption: "NONE"
|
||||||
lldap_smtp_user: "info@mgrote.net"
|
#lldap_smtp_user: "info@mgrote.net" # unused in role
|
||||||
lldap_smtp_enable_password_reset: "true" # must be a string not a boolean
|
lldap_smtp_enable_password_reset: "true" # must be a string not a boolean
|
||||||
# "meta vars"; daraus werden die db-url und die postgres-db abgeleitet
|
# "meta vars"; daraus werden die db-url und die postgres-db abgeleitet
|
||||||
lldap_db_name: "lldap"
|
lldap_db_name: "lldap"
|
||||||
|
|
|
@ -5,5 +5,7 @@
|
||||||
tags: "db"
|
tags: "db"
|
||||||
become: true
|
become: true
|
||||||
- role: mgrote_lldap
|
- role: mgrote_lldap
|
||||||
tags: "lldap"
|
tags:
|
||||||
|
- lldap
|
||||||
|
- ldap
|
||||||
become: true
|
become: true
|
||||||
|
|
|
@ -6,4 +6,10 @@
|
||||||
masked: false
|
masked: false
|
||||||
enabled: true
|
enabled: true
|
||||||
state: started
|
state: started
|
||||||
|
|
||||||
|
- name: Ensure service is restarted
|
||||||
|
become: true
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: lldap.service
|
||||||
|
state: restarted
|
||||||
...
|
...
|
||||||
|
|
|
@ -23,5 +23,7 @@
|
||||||
owner: lldap
|
owner: lldap
|
||||||
group: lldap
|
group: lldap
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: Ensure services are enabled and started
|
notify:
|
||||||
|
- Ensure services are enabled and started
|
||||||
|
- Ensure service is restarted
|
||||||
...
|
...
|
||||||
|
|
|
@ -121,12 +121,12 @@ port={{ lldap_smtp_port }}
|
||||||
## How the connection is encrypted, either "NONE" (no encryption), "TLS" or "STARTTLS".
|
## How the connection is encrypted, either "NONE" (no encryption), "TLS" or "STARTTLS".
|
||||||
smtp_encryption = "{{ lldap_smtp_smtp_encryption }}"
|
smtp_encryption = "{{ lldap_smtp_smtp_encryption }}"
|
||||||
## The SMTP user, usually your email address.
|
## The SMTP user, usually your email address.
|
||||||
user="{{ lldap_smtp_user }}"
|
#user="{{ lldap_smtp_user }}"
|
||||||
## The SMTP password.
|
## The SMTP password.
|
||||||
#password="password" #gitleaks:allow
|
#password="password" #gitleaks:allow
|
||||||
## The header field, optional: how the sender appears in the email. The first
|
## The header field, optional: how the sender appears in the email. The first
|
||||||
## is a free-form name, followed by an email between <>.
|
## is a free-form name, followed by an email between <>.
|
||||||
from="{{ lldap_smtp_from }}"
|
#from="{{ lldap_smtp_from }}"
|
||||||
## Same for reply-to, optional.
|
## Same for reply-to, optional.
|
||||||
reply_to="{{ lldap_smtp_reply_to }}"
|
reply_to="{{ lldap_smtp_reply_to }}"
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue