foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sendmail: Don't hardcode tls key and cert paths

Browse source
This commit is contained in:
Timo Makinen 2021-03-16 08:27:23 +00:00
parent 183208afff
commit ac3ac750c1
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
roles/sendmail/templates/sendmail.mc.j2
View file

@ -23,11 +23,11 @@ TRUST_AUTH_MECH(`GSSAPI LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI LOGIN PLAIN')dnl
dnl # dnl #
define(`confCACERT_PATH', `/etc/mail/certs')dnl define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/{{ mail_server }}-chain.crt')dnl define(`confCACERT', `{{ tls_certs }}/{{ mail_server }}-chain.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/{{ mail_server }}.crt')dnl define(`confSERVER_CERT', `{{ tls_certs }}/{{ mail_server }}.crt')dnl
define(`confSERVER_KEY', `/etc/pki/tls/private/{{ mail_server }}.key')dnl define(`confSERVER_KEY', `{{ tls_private }}/{{ mail_server }}.key')dnl
define(`confCLIENT_CERT', `/etc/pki/tls/certs/{{ mail_server }}.crt')dnl define(`confCLIENT_CERT', `{{ tls_certs }}/{{ mail_server }}.crt')dnl
define(`confCLIENT_KEY', `/etc/pki/tls/private/{{ mail_server }}.key')dnl define(`confCLIENT_KEY', `{{ tls_private }}/{{ mail_server }}.key')dnl
dnl # dnl #
FEATURE(`no_default_msa', `dnl')dnl FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl FEATURE(`smrsh', `/usr/sbin/smrsh')dnl