acme-updater/amulib/postfix.py

# SPDX-FileCopyrightText: 2016-2017 Helmut Pozimski <helmut@pozimski.eu>
#
# SPDX-License-Identifier: GPL-2.0-only


# -*- coding: utf8 -*-

""" Contains the postfix module which manages certificates for the postfix
mail server.
"""

import socket

from amulib import service


def run(config=None, acme_dir="/var/lib/acme",
        named_key_path="/run/named/session.key",
        dns_server="localhost"):
    """ manages the certificates for postfix

    :param config: configuration for the service
    :type config: dict
    :param acme_dir: path to the acme state dir
    :type acme_dir: str
    :param named_key_path: path to the named session.key
    :type named_key_path: str
    :param dns_server: DNS server to use to create TLSA records
    :type dns_server: str
    """
    hostname = socket.gethostname()
    if not config:
        config = {
            "certificate_path": "/etc/postfix/%s.crt" % hostname,
            "key_path": "/etc/postfix/%s.key" % hostname,
            "tlsa": True,
            "tlsa_ports": [25, 465, 587]
        }
    service.run("postfix", config, acme_dir, named_key_path, dns_server)