finetuning lldap mail settings #6

Merged
mg merged 12 commits from l2 into master 2024-04-04 22:25:20 +02:00
6 changed files with 24 additions and 11 deletions

View file

@ -11,11 +11,14 @@ services:
SMTP_USERNAME: info@mgrote.net
SMTP_PASSWORD: "{{ lookup('keepass', 'strato_smtp_password', 'password') }}"
SERVER_HOSTNAME: mgrote.net
# DEBUG: "yes" # literal
ALWAYS_ADD_MISSING_HEADERS: "no" # literal
# LOG_SUBJECT: "yes" # literal
# DEBUG: "yes" # as string not boolean
ALWAYS_ADD_MISSING_HEADERS: "no" # as string not boolean
# LOG_SUBJECT: "yes" # as string not boolean
INET_PROTOCOL: ipv4
#SMTP_GENERIC_MAP: "/.*/ info@mgrote.net" # deactivated; dont overwrite sender
SMTP_GENERIC_MAP: |
/nobody@lldap/ lldap@mgrote.net
# rewrite FROM "nobody@lldap" to "lldap@mgrote.net"
# /.*/ würde alle absender adressen ersetzen
networks:
- mail-relay
healthcheck:

View file

@ -35,7 +35,7 @@ lldap_logging_verbose: "true" # must be a string not a boolean
lldap_http_port: 17170
lldap_http_host: "0.0.0.0"
lldap_ldap_host: "0.0.0.0"
lldap_public_url: http://localhost
lldap_public_url: http://ldap.mgrote.net:17170
lldap_jwt_secret: "{{ lookup('keepass', 'lldap_jwt_secret', 'password') }}"
lldap_ldap_base_dn: "dc=mgrote,dc=net"
lldap_admin_username: ladmin # only used on setup
@ -43,12 +43,12 @@ lldap_admin_password: "{{ lookup('keepass', 'lldap_ldap_user_pass', 'password')
lldap_admin_mailaddress: lldap-admin@mgrote.net # only used on setup
lldap_database_url: "postgres://{{ lldap_db_user }}:{{ lldap_db_pass }}@{{ lldap_db_host }}/{{ lldap_db_name }}"
lldap_key_seed: "{{ lookup('keepass', 'lldap_key_seed', 'password') }}"
lldap_smtp_from: "LLDAP Admin <info@mgrote.net>"
#lldap_smtp_from: "lldap@mgrote.net" # unused in role
lldap_smtp_reply_to: "Do not reply <info@mgrote.net>"
lldap_smtp_server: "docker10.mgrote.net"
lldap_smtp_port: "1025"
lldap_smtp_smtp_encryption: "NONE"
lldap_smtp_user: "info@mgrote.net"
#lldap_smtp_user: "info@mgrote.net" # unused in role
lldap_smtp_enable_password_reset: "true" # must be a string not a boolean
# "meta vars"; daraus werden die db-url und die postgres-db abgeleitet
lldap_db_name: "lldap"

View file

@ -5,5 +5,7 @@
tags: "db"
become: true
- role: mgrote_lldap
tags: "lldap"
tags:
- lldap
- ldap
become: true

View file

@ -6,4 +6,10 @@
masked: false
enabled: true
state: started
- name: Ensure service is restarted
become: true
ansible.builtin.systemd:
name: lldap.service
state: restarted
...

View file

@ -23,5 +23,7 @@
owner: lldap
group: lldap
mode: "0644"
notify: Ensure services are enabled and started
notify:
- Ensure services are enabled and started
- Ensure service is restarted
...

View file

@ -121,12 +121,12 @@ port={{ lldap_smtp_port }}
## How the connection is encrypted, either "NONE" (no encryption), "TLS" or "STARTTLS".
smtp_encryption = "{{ lldap_smtp_smtp_encryption }}"
## The SMTP user, usually your email address.
user="{{ lldap_smtp_user }}"
#user="{{ lldap_smtp_user }}"
## The SMTP password.
#password="password" #gitleaks:allow
## The header field, optional: how the sender appears in the email. The first
## is a free-form name, followed by an email between <>.
from="{{ lldap_smtp_from }}"
#from="{{ lldap_smtp_from }}"
## Same for reply-to, optional.
reply_to="{{ lldap_smtp_reply_to }}"