nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-02-18 08:33:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/email/privileged/postfix.py
Sunil Mohan Adapa 2dd00a8f08
*: Fix all typing hint related errors 
- Try to mark class variables in component classes.

- Leave typing hints generic, such as 'list' and 'dict' where content is usually
not filled, too complex, or context is unimportant.

- backups: Handle failure for tarfile extraction so that methods are not called
on potentially None valued variables.

- backups: Prevent potentially passing a keyword argument twice.

- dynamicdns: Deal properly with outcome of urlparsing.

- ejabberd: Deal with failed regex match

- email: Fix a mypy compliant when iterating a filtered list.

- tor: Don't reuse variables for different typed values.

- tor: Don't reuse variables for different typed values.

- operation: Return None explicitly.

- operation: Ensure that keyword argument is not repeated.

Tests:

- Where only typing hints were modified and no syntax error came up, additional
testing was not done.

- `mypy --ignore-missing-imports .` run successfully.

- Generate developer documentation.

- Service runs without errors upon start up.

- backups: Listing and restoring specific apps from a backup works.

- backups: Mounting a remote backup repository works.

- NOT TESTED: dynamicdns: Migrating from old style configuration works.

- ejabberd: Verify that setting coturn configuration works.

- email: Test that showing configuration from postfix works.

- tor: Orport value is properly shown.

- transmission: Configuration values are properly set.

- users: Running unit tests as root works.

- operation: Operation status messages are show properly during app install.

- ./setup.py install runs

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2023-09-25 20:03:24 -04:00

85 lines
2.9 KiB
Python
Raw Blame History

# SPDX-License-Identifier: AGPL-3.0-or-later
"""Configure postix.
- Configure postfix to use auth and local delivery with dovecot.
- Start SMTPS and submission services. Setup aliases database.
See:
https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/
See: https://doc.dovecot.org/configuration_manual/howto/postfix_dovecot_lmtp/
See: http://www.postfix.org/TLS_README.html
"""
from plinth.actions import privileged
from .. import postfix as postconf
default_config = {
'smtpd_sasl_auth_enable':
'yes',
'smtpd_sasl_type':
'dovecot',
'smtpd_sasl_path':
'private/auth',
'mailbox_transport':
'lmtp:unix:private/dovecot-lmtp',
'virtual_transport':
'lmtp:unix:private/dovecot-lmtp',
'smtpd_relay_restrictions':
','.join([
'permit_sasl_authenticated',
'defer_unauth_destination',
])
}
submission_options: dict[str, str] = {
'syslog_name': 'postfix/submission',
'smtpd_tls_security_level': 'encrypt',
'smtpd_client_restrictions': 'permit_sasl_authenticated,reject',
'smtpd_relay_restrictions': 'permit_sasl_authenticated,reject'
}
submission_service = postconf.Service(service='submission', type_='inet',
private='n', unpriv='-', chroot='y',
wakeup='-', maxproc='-', command='smtpd',
options=submission_options)
smtps_options: dict[str, str] = {
'syslog_name': 'postfix/smtps',
'smtpd_tls_wrappermode': 'yes',
'smtpd_sasl_auth_enable': 'yes',
'smtpd_relay_restrictions': 'permit_sasl_authenticated,reject'
}
smtps_service = postconf.Service(service='smtps', type_='inet', private='n',
unpriv='-', chroot='y', wakeup='-',
maxproc='-', command='smtpd',
options=smtps_options)
SQLITE_ALIASES = 'sqlite:/etc/postfix/freedombox-aliases.cf'
@privileged
def setup_postfix():
"""Configure postfix."""
postconf.set_config(default_config)
_setup_submission()
_setup_alias_maps()
def _setup_submission():
"""Update configuration for smtps and smtp-submission."""
postconf.set_master_config(submission_service)
postconf.set_master_config(smtps_service)
def _setup_alias_maps():
"""Setup alias maps to include an sqlite DB."""
alias_maps = postconf.get_config(['alias_maps'])['alias_maps']
alias_maps = alias_maps.replace(',', ' ').split(' ')
if SQLITE_ALIASES not in alias_maps:
# Prioritize FreedomBox's sqlite based aliases file over /etc/aliases.
# Otherwise, the common aliases will be pointing to 'root' instead of
# first admin user (which is more practical in FreedomBox).
alias_maps = [SQLITE_ALIASES] + alias_maps
postconf.set_config({'alias_maps': ' '.join(alias_maps)})
Reference in New Issue View Git Blame Copy Permalink