5:38 p.m.
Hi Maciej,
hi all,
for a long time now I'm looking for a reliable solution to send system
emails to mail relays. It's mostly the same: The critical point is the
default envelope sender. Most mail relays don't allow that envelope
senders differ from sasl user.
So the default debops nullmailer configuration doesn't fit. I found out,
that for nullmailer the configuration file "allmailfrom" was added in
version 1.4.
To use this in debops, we need (with the last item additionally)
nullmailer__configuration_files:
- dest: '/etc/mailname'
content: '{{ nullmailer__mailname }}'
purge: False
- dest: '/etc/nullmailer/adminaddr'
content: '{{ nullmailer__adminaddr
if nullmailer__adminaddr is string
else nullmailer__adminaddr|join(",") }}'
- dest: '/etc/nullmailer/idhost'
content: '{{ nullmailer__idhost }}'
state: '{{ "present" if nullmailer__idhost else "absent"
}}'
- dest: '/etc/nullmailer/helohost'
content: '{{ nullmailer__helohost }}'
state: '{{ "present" if nullmailer__helohost else "absent"
}}'
- dest: '/etc/nullmailer/defaulthost'
content: '{{ nullmailer__defaulthost }}'
state: '{{ "present" if nullmailer__defaulthost else "absent"
}}'
- dest: '/etc/nullmailer/defaultdomain'
content: '{{ nullmailer__defaultdomain }}'
state: '{{ "present" if nullmailer__defaultdomain else
"absent" }}'
- dest: '/etc/nullmailer/maxpause'
content: '{{ nullmailer__maxpause }}'
state: '{{ "present" if nullmailer__maxpause else "absent"
}}'
- dest: '/etc/nullmailer/pausetime'
content: '{{ nullmailer__pausetime }}'
state: '{{ "present" if nullmailer__pausetime else "absent"
}}'
- dest: '/etc/nullmailer/sendtimeout'
content: '{{ nullmailer__sendtimeout }}'
state: '{{ "present" if nullmailer__sendtimeout else "absent"
}}'
- dest: '/etc/nullmailer/allmailfrom'
content: 'mail.gateway(a)datenkollektiv.net'
state: '{{ "present" if nullmailer__allmailfrom else "absent"
}}'
... together wie a new template and a version check.
Overwriting just the "nullmailer__configuration_files:" variable in my
inventory, I wondered if it's possible to just add another item to an
already defined variable from defaults:
like
nullmailer__configuration_files: "{{ nullmailer__configuration_files + \
additional_nullmailer__configuration_files }}"
or something like this.
Kind regards
Jan
7:03 p.m.
On Jan 28, Jan Kowalsky wrote:
Hi Maciej,
hi all,
Welcome!
for a long time now I'm looking for a reliable solution to send
system
emails to mail relays. It's mostly the same: The critical point is the
default envelope sender. Most mail relays don't allow that envelope
senders differ from sasl user.
For a large number of hosts you could solve that by creating a mail hub with
Postfix to which all other hosts send their mail. Postfix could use its
rewriting capabilities to masquerade the other hosts and send the mail on its
way outside.
Ref: http://www.postfix.org/ADDRESS_REWRITING_README.html
So the default debops nullmailer configuration doesn't fit. I
found out,
that for nullmailer the configuration file "allmailfrom" was added in
version 1.4.
I suppose that the default version in Debian Stretch doesn't have that
functionality, but there's a backported version which you are probably using?
The 'debops.nullmailer' role could use a fact script which could check the
available version and expose that to the configuration to enable/disable this
config file automatically.
To use this in debops, we need (with the last item additionally)
nullmailer__configuration_files:
[...]
- dest: '/etc/nullmailer/allmailfrom'
content: 'mail.gateway(a)datenkollektiv.net'
state: '{{ "present" if nullmailer__allmailfrom else "absent"
}}'
... together wie a new template and a version check.
Overwriting just the "nullmailer__configuration_files:" variable in my
inventory, I wondered if it's possible to just add another item to an
already defined variable from defaults:
like
nullmailer__configuration_files: "{{ nullmailer__configuration_files + \
additional_nullmailer__configuration_files }}"
Unfortunately not with regular Ansible. All variables are in global namespace,
if you overwrite a variable with that you end up with nothing or an error. For
a correct modification you have to copy the entire variable to the inventory.
... which I didn't really like, so I wrote the 'parse_kv_items' and
'parse_kv_config' filter plugins, which you can find in the
'debops.ansible_plugins' role. They allow you to specify multiple sets of
lists in role defaults, Ansible inventory and dependent variables, and merge
them intelligently - the YAML dictionaries in the lists are squashed to
a single YAML dictionary of dictionaries based on the 'name' key, and specific
keys are overwritten or merged based on their values. Lots of DebOps roles use
that mechanism now to allow easy modification of default variables, almost
like you imagined. It's easy to find them in the DebOps monorepo:
$ grep -l 'debops.ansible_plugins' ansible/roles/*/meta/main.yml \
| awk -F '/' '{print $3}' | wc -l
47
I suppose that the 'debops.nullmailer' role could also use this variable,
so that in the future change like you propose could be possible. Or, for now,
you could see if adding the 'allmailfrom' config file has any effect on older
versions of nullmailer, and if not, we can just add the required variables to
the role for now, perhaps with explanation that it works with nullmailer 1.4+.
Do you want to try and update the role?
Cheers,
Maciej Delmanowski
12:25 p.m.
Hi Maciej,
thanks for anser.
Am 28.01.19 um 19:03 schrieb Maciej Delmanowski:
For a large number of hosts you could solve that by creating a mail
hub with
Postfix to which all other hosts send their mail. Postfix could use its
rewriting capabilities to masquerade the other hosts and send the mail on its
way outside.
yes, this is what I do. But it feels to much sometimes for just 1 or two
hosts.
> So the default debops nullmailer configuration doesn't fit. I
found out,
> that for nullmailer the configuration file "allmailfrom" was added in
> version 1.4.
I suppose that the default version in Debian Stretch doesn't have that
functionality, but there's a backported version which you are probably using?
that's the case.
I suppose that the 'debops.nullmailer' role could also use
this variable,
so that in the future change like you propose could be possible. Or, for now,
you could see if adding the 'allmailfrom' config file has any effect on older
versions of nullmailer, and if not, we can just add the required variables to
the role for now, perhaps with explanation that it works with nullmailer 1.4+.
no, it should just be ignored.
Do you want to try and update the role?
I just did .
Kind regards
Jan
2153
days inactive
2154
days old
3 comments
2 participants
participants (2)
-
Jan Kowalsky -
Maciej Delmanowski