diff options
author | Georg Pfuetzenreuter | 2023-01-27 12:45:01 +0100 |
---|---|---|
committer | Georg Pfuetzenreuter | 2023-01-27 12:45:01 +0100 |
commit | 950b3085463d50814d3b343604460939e7ead7a4 (patch) | |
tree | d6281c2a17927fbd2159e632575725fa1821142e | |
parent | b7ec9e683fd299b088d59c84e669eccd372aa7f3 (diff) | |
download | salt-950b3085463d50814d3b343604460939e7ead7a4.tar.gz salt-950b3085463d50814d3b343604460939e7ead7a4.tar.bz2 salt-950b3085463d50814d3b343604460939e7ead7a4.zip |
Relay via static zz0.email host
Split horizon for the complete .email zone is not feasible for all
sites, and TLS certificate currently does not cover any of the internal
hostnames.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
-rw-r--r-- | pillar/global/mta.sls | 1 | ||||
-rw-r--r-- | salt/common/hosts.sls | 9 | ||||
-rw-r--r-- | salt/common/init.sls | 1 |
3 files changed, 11 insertions, 0 deletions
diff --git a/pillar/global/mta.sls b/pillar/global/mta.sls index a992440..b0ab601 100644 --- a/pillar/global/mta.sls +++ b/pillar/global/mta.sls @@ -17,6 +17,7 @@ postfix: smtp_use_tls: 'yes' smtp_tls_security_level: encrypt smtp_tls_wrappermode: 'yes' + disable_dns_lookups: 'yes' aliases: use_file: false diff --git a/salt/common/hosts.sls b/salt/common/hosts.sls new file mode 100644 index 0000000..0a37f2c --- /dev/null +++ b/salt/common/hosts.sls @@ -0,0 +1,9 @@ +# this is a hack because we currently only allow email relaying using the split-horizon zz0.email +selene-hosts: + host.present: + - comment: Needed for email + - ip: 192.168.0.120 + - names: + - selene.psyched.dev + - selene + - zz0.email diff --git a/salt/common/init.sls b/salt/common/init.sls index 52ac5a5..01229be 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -1,3 +1,4 @@ include: - role.salt.minion + - .hosts - common.{{ grains['os'] | lower }} |