postmoogle feedback

This commit is contained in:
Aine 2022-09-09 13:19:25 +03:00
parent b92ff748e4
commit 692a7af36a
No known key found for this signature in database
GPG key ID: 34969C908CCA2804
7 changed files with 34 additions and 13 deletions

View file

@ -84,5 +84,5 @@ When you're done with the DNS configuration and ready to proceed, continue with
## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup
To make the [postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge enable its email sending features, you need to configure
To make the [postmoogle](configuring-playbook-bot-postmoogle.md) email bridge enable its email sending features, you need to configure
SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records

View file

@ -1210,6 +1210,9 @@ matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in
# We don't enable bots by default.
matrix_bot_postmoogle_enabled: false
matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}"
matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem"
matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem"
matrix_bot_postmoogle_systemd_required_services_list: |
{{

View file

@ -17,7 +17,6 @@ matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_
matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle"
matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config"
matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data"
matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}"
# A list of extra arguments to pass to the container
matrix_bot_postmoogle_container_extra_arguments: []
@ -111,20 +110,35 @@ matrix_bot_postmoogle_noencryption: false
matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}"
# Mandatory TLS, even on plain SMTP port
matrix_bot_postmoogle_tls_required: false
# in-container ports
matrix_bot_postmoogle_port: '2525'
matrix_bot_postmoogle_tls_port: '25587'
# on-host ports
matrix_bot_postmoogle_smtp_host_bind_port: '25'
matrix_bot_postmoogle_smtps_host_bind_port: '587'
matrix_bot_postmoogle_submission_host_bind_port: '587'
# in-container SSL paths
matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem"
matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem"
### SSL
## on-host SSL dir
matrix_bot_postmoogle_ssl_path: ""
## in-container SSL paths
# matrix_bot_postmoogle_tls_cert is the SSL certificate's certificate.
# This is likely set via group_vars/matrix_servers, so you don't need to set it.
# If you do need to set it manually, note that this is an in-container path.
# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path
# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem
matrix_bot_postmoogle_tls_cert: ""
# matrix_bot_postmoogle_tls_key is the SSL certificate's key.
# This is likely set via group_vars/matrix_servers, so you don't need to set it.
# If you do need to set it manually, note that this is an in-container path.
# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path
# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem
matrix_bot_postmoogle_tls_key: ""
# Mandatory TLS, even on plain SMTP port
matrix_bot_postmoogle_tls_required: false
# Additional environment variables to pass to the postmoogle container
#

View file

@ -24,9 +24,13 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle
--network={{ matrix_docker_network }} \
--env-file={{ matrix_bot_postmoogle_config_path }}/env \
-p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \
-p {{ matrix_bot_postmoogle_smtps_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \
{% if matrix_bot_postmoogle_ssl_path %}
-p {{ matrix_bot_postmoogle_submission_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \
{% endif %}
--mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \
{% if matrix_bot_postmoogle_ssl_path %}
--mount type=bind,src={{ matrix_bot_postmoogle_ssl_path }},dst=/ssl \
{% endif %}
{% for arg in matrix_bot_postmoogle_container_extra_arguments %}
{{ arg }} \
{% endfor %}

View file

@ -26,7 +26,7 @@
- name: Obtain Let's Encrypt certificates
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml"
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}"
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}"
loop_control:
loop_var: domain_name

View file

@ -2,7 +2,7 @@
- name: Verify certificates
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml"
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}"
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}"
loop_control:
loop_var: domain_name
when: "matrix_ssl_retrieval_method == 'manually-managed'"

View file

@ -5,7 +5,7 @@
- name: Generate self-signed certificates
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml"
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}"
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}"
loop_control:
loop_var: domain_name
when: "matrix_ssl_retrieval_method == 'self-signed'"