finetuning lldap mail settings (#6)
Reviewed-on: #6 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
parent
2e249095b8
commit
5e6034bf59
6 changed files with 24 additions and 11 deletions
|
@ -11,11 +11,14 @@ services:
|
|||
SMTP_USERNAME: info@mgrote.net
|
||||
SMTP_PASSWORD: "{{ lookup('keepass', 'strato_smtp_password', 'password') }}"
|
||||
SERVER_HOSTNAME: mgrote.net
|
||||
# DEBUG: "yes" # literal
|
||||
ALWAYS_ADD_MISSING_HEADERS: "no" # literal
|
||||
# LOG_SUBJECT: "yes" # literal
|
||||
# DEBUG: "yes" # as string not boolean
|
||||
ALWAYS_ADD_MISSING_HEADERS: "no" # as string not boolean
|
||||
# LOG_SUBJECT: "yes" # as string not boolean
|
||||
INET_PROTOCOL: ipv4
|
||||
#SMTP_GENERIC_MAP: "/.*/ info@mgrote.net" # deactivated; dont overwrite sender
|
||||
SMTP_GENERIC_MAP: |
|
||||
/nobody@lldap/ lldap@mgrote.net
|
||||
# rewrite FROM "nobody@lldap" to "lldap@mgrote.net"
|
||||
# /.*/ würde alle absender adressen ersetzen
|
||||
networks:
|
||||
- mail-relay
|
||||
healthcheck:
|
||||
|
|
|
@ -35,7 +35,7 @@ lldap_logging_verbose: "true" # must be a string not a boolean
|
|||
lldap_http_port: 17170
|
||||
lldap_http_host: "0.0.0.0"
|
||||
lldap_ldap_host: "0.0.0.0"
|
||||
lldap_public_url: http://localhost
|
||||
lldap_public_url: http://ldap.mgrote.net:17170
|
||||
lldap_jwt_secret: "{{ lookup('keepass', 'lldap_jwt_secret', 'password') }}"
|
||||
lldap_ldap_base_dn: "dc=mgrote,dc=net"
|
||||
lldap_admin_username: ladmin # only used on setup
|
||||
|
@ -43,12 +43,12 @@ lldap_admin_password: "{{ lookup('keepass', 'lldap_ldap_user_pass', 'password')
|
|||
lldap_admin_mailaddress: lldap-admin@mgrote.net # only used on setup
|
||||
lldap_database_url: "postgres://{{ lldap_db_user }}:{{ lldap_db_pass }}@{{ lldap_db_host }}/{{ lldap_db_name }}"
|
||||
lldap_key_seed: "{{ lookup('keepass', 'lldap_key_seed', 'password') }}"
|
||||
lldap_smtp_from: "LLDAP Admin <info@mgrote.net>"
|
||||
#lldap_smtp_from: "lldap@mgrote.net" # unused in role
|
||||
lldap_smtp_reply_to: "Do not reply <info@mgrote.net>"
|
||||
lldap_smtp_server: "docker10.mgrote.net"
|
||||
lldap_smtp_port: "1025"
|
||||
lldap_smtp_smtp_encryption: "NONE"
|
||||
lldap_smtp_user: "info@mgrote.net"
|
||||
#lldap_smtp_user: "info@mgrote.net" # unused in role
|
||||
lldap_smtp_enable_password_reset: "true" # must be a string not a boolean
|
||||
# "meta vars"; daraus werden die db-url und die postgres-db abgeleitet
|
||||
lldap_db_name: "lldap"
|
||||
|
|
|
@ -5,5 +5,7 @@
|
|||
tags: "db"
|
||||
become: true
|
||||
- role: mgrote_lldap
|
||||
tags: "lldap"
|
||||
tags:
|
||||
- lldap
|
||||
- ldap
|
||||
become: true
|
||||
|
|
|
@ -6,4 +6,10 @@
|
|||
masked: false
|
||||
enabled: true
|
||||
state: started
|
||||
|
||||
- name: Ensure service is restarted
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
name: lldap.service
|
||||
state: restarted
|
||||
...
|
||||
|
|
|
@ -23,5 +23,7 @@
|
|||
owner: lldap
|
||||
group: lldap
|
||||
mode: "0644"
|
||||
notify: Ensure services are enabled and started
|
||||
notify:
|
||||
- Ensure services are enabled and started
|
||||
- Ensure service is restarted
|
||||
...
|
||||
|
|
|
@ -121,12 +121,12 @@ port={{ lldap_smtp_port }}
|
|||
## How the connection is encrypted, either "NONE" (no encryption), "TLS" or "STARTTLS".
|
||||
smtp_encryption = "{{ lldap_smtp_smtp_encryption }}"
|
||||
## The SMTP user, usually your email address.
|
||||
user="{{ lldap_smtp_user }}"
|
||||
#user="{{ lldap_smtp_user }}"
|
||||
## The SMTP password.
|
||||
#password="password" #gitleaks:allow
|
||||
## The header field, optional: how the sender appears in the email. The first
|
||||
## is a free-form name, followed by an email between <>.
|
||||
from="{{ lldap_smtp_from }}"
|
||||
#from="{{ lldap_smtp_from }}"
|
||||
## Same for reply-to, optional.
|
||||
reply_to="{{ lldap_smtp_reply_to }}"
|
||||
|
||||
|
|
Loading…
Reference in a new issue