From a6f81d0c12541ca7399a94f748a48f36b33f6cb0 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Fri, 24 May 2019 09:24:02 +0100
Subject: [PATCH] Set the internal networks from config in Postfix/SA
---
roles/mail/templates/postfix-delivery/main.cf | 2 +-
roles/mail/templates/postfix-out/main.cf | 2 +-
roles/mail/templates/spamassassin/local.cf | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/roles/mail/templates/postfix-delivery/main.cf b/roles/mail/templates/postfix-delivery/main.cf
index 962f9eb6..18a9b1a6 100644
--- a/roles/mail/templates/postfix-delivery/main.cf
+++ b/roles/mail/templates/postfix-delivery/main.cf
@@ -6,7 +6,7 @@
ldap = proxy:ldap:/etc/postfix/ldap/
-mynetworks = 127.0.0.0/8 [::1]/128 172.16.1.0/24
+mynetworks = 127.0.0.0/8 [::1]/128 {% for o in net_overlays %}{{ o.network }} {% endfor %}
# Don't anvil(8) control the internal port.
smtpd_client_connection_count_limit = 0
diff --git a/roles/mail/templates/postfix-out/main.cf b/roles/mail/templates/postfix-out/main.cf
index 6388046e..6bb35658 100644
--- a/roles/mail/templates/postfix-out/main.cf
+++ b/roles/mail/templates/postfix-out/main.cf
@@ -4,7 +4,7 @@
ldap = proxy:ldap:/etc/postfix/ldap/
-mynetworks = 127.0.0.0/8 [::1]/128 172.16.1.0/24
+mynetworks = 127.0.0.0/8 [::1]/128 {% for o in net_overlays %}{{ o.network }} {% endfor %}
smtpd_authorized_xforward_hosts = $mynetworks
diff --git a/roles/mail/templates/spamassassin/local.cf b/roles/mail/templates/spamassassin/local.cf
index 8311c61c..2be3e2f0 100644
--- a/roles/mail/templates/spamassassin/local.cf
+++ b/roles/mail/templates/spamassassin/local.cf
@@ -11,8 +11,8 @@
# The ring0 network is trusted, which implies that email originating
# from them (not just relayed through) will usually not be considered
# spam.
-trusted_networks 172.16.0.0/16
-internal_networks 172.16.0.0/16
+trusted_networks {% for o in net_overlays %}{{ o.network }} {% endfor %}
+internal_networks {% for o in net_overlays %}{{ o.network }} {% endfor %}
lock_method flock
--
GitLab