Merge remote-tracking branch 'upstream/master' into adminlte3_fixes

master
Alexander Graf 3 years ago
commit 065215d4d1

@ -20,7 +20,6 @@ RUN apk add --no-cache postfix postfix-pcre cyrus-sasl-login
COPY conf /conf COPY conf /conf
COPY start.py /start.py COPY start.py /start.py
COPY mta-sts-daemon.yml /etc/
EXPOSE 25/tcp 10025/tcp EXPOSE 25/tcp 10025/tcp
VOLUME ["/queue"] VOLUME ["/queue"]

@ -59,7 +59,7 @@ tls_ssl_options = NO_COMPRESSION, NO_TICKET
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols =!SSLv2,!SSLv3 smtp_tls_protocols =!SSLv2,!SSLv3
smtp_tls_security_level = {{ OUTBOUND_TLS_LEVEL|default('dane') }} smtp_tls_security_level = {{ OUTBOUND_TLS_LEVEL|default('dane') }}
smtp_tls_dane_insecure_mx_policy = {% if DEFER_ON_TLS_ERROR == 'false' %}may{% else %}dane{% endif %} smtp_tls_dane_insecure_mx_policy = {{ 'dane' if DEFER_ON_TLS_ERROR else 'may' }}
smtp_tls_policy_maps=lmdb:/etc/postfix/tls_policy.map, ${podop}dane, socketmap:unix:/tmp/mta-sts.socket:postfix smtp_tls_policy_maps=lmdb:/etc/postfix/tls_policy.map, ${podop}dane, socketmap:unix:/tmp/mta-sts.socket:postfix
smtp_tls_CApath = /etc/ssl/certs smtp_tls_CApath = /etc/ssl/certs
smtp_tls_session_cache_database = lmdb:/dev/shm/postfix/smtp_scache smtp_tls_session_cache_database = lmdb:/dev/shm/postfix/smtp_scache

@ -6,5 +6,5 @@ cache:
options: options:
cache_size: 10000 cache_size: 10000
default_zone: default_zone:
strict_testing: {{ DEFER_ON_TLS_ERROR |default('true') }} strict_testing: {{ 'true' if DEFER_ON_TLS_ERROR else 'false' }}
timeout: 4 timeout: 4

@ -77,7 +77,8 @@ for map_file in glob.glob("/overrides/*.map"):
if os.path.exists("/overrides/mta-sts-daemon.yml"): if os.path.exists("/overrides/mta-sts-daemon.yml"):
shutil.copyfile("/overrides/mta-sts-daemon.yml", "/etc/mta-sts-daemon.yml") shutil.copyfile("/overrides/mta-sts-daemon.yml", "/etc/mta-sts-daemon.yml")
conf.jinja("/etc/mta-sts-daemon.yml", os.environ, "/etc/mta-sts-daemon.yml") else:
conf.jinja("/conf/mta-sts-daemon.yml", os.environ, "/etc/mta-sts-daemon.yml")
if not os.path.exists("/etc/postfix/tls_policy.map.lmdb"): if not os.path.exists("/etc/postfix/tls_policy.map.lmdb"):
open("/etc/postfix/tls_policy.map", "a").close() open("/etc/postfix/tls_policy.map", "a").close()

Loading…
Cancel
Save