123456789101112131415161718192021222324252627282930313233343536373839404142 |
- # SPDX-FileCopyrightText: 2016-2023 Helmut Pozimski <helmut@pozimski.eu>
- #
- # SPDX-License-Identifier: GPL-2.0-only
- # -*- coding: utf8 -*-
- """ Contains the postfix module which manages certificates for the postfix
- mail server.
- """
- import socket
- from amulib import service
- from amulib.cert_path_provider import CertPathProvider
- def run(cert_path_provider: CertPathProvider, config=None,
- named_key_path="/run/named/session.key",
- dns_server="localhost"):
- """ manages the certificates for postfix
- :param cert_path_provider: provider for certificate paths
- :type cert_path_provider: CertPathProvider
- :param config: configuration for the service
- :type config: dict
- :param acme_dir: path to the acme state dir
- :type acme_dir: str
- :param named_key_path: path to the named session.key
- :type named_key_path: str
- :param dns_server: DNS server to use to create TLSA records
- :type dns_server: str
- """
- hostname = socket.gethostname()
- if not config:
- config = {
- "certificate_path": "/etc/postfix/%s.crt" % hostname,
- "key_path": "/etc/postfix/%s.key" % hostname,
- "tlsa": True,
- "tlsa_ports": [25, 465, 587]
- }
- service.run(cert_path_provider, "postfix", config, named_key_path, dns_server)
|