3 commits - ucs/conffiles ucs/debian
Christoph Wickert
wickert at kolabsys.com
Tue Sep 15 17:02:20 CEST 2015
ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.distlist.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.groups.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.virtual.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base | 10 ++
ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base | 10 ++
ucs/debian/kolab-mta.univention-config-registry | 44 ++++++++++
ucs/debian/kolab-mta.univention-config-registry-variables | 24 +++++
ucs/debian/kolab-ucs.univention-config-registry | 1
14 files changed, 168 insertions(+), 11 deletions(-)
New commits:
commit 9ca032cb8682417e75f0029e8158d61c44b9dc35
Author: Christoph Wickert <wickert at kolabsys.com>
Date: Tue Sep 15 17:02:14 2015 +0200
Update univention-config-registry for kolab-ucs (#5222)
diff --git a/ucs/debian/kolab-ucs.univention-config-registry b/ucs/debian/kolab-ucs.univention-config-registry
index 4cfd97e..cbcd932 100644
--- a/ucs/debian/kolab-ucs.univention-config-registry
+++ b/ucs/debian/kolab-ucs.univention-config-registry
@@ -16,6 +16,7 @@ File: etc/kolab/kolab.conf
Variables: hostname
Variables: domainname
Variables: ldap/base
+Variables: ldap/hostdn
Variables: ldap/server/name
Variables: ldap/server/port
User: listener
commit 37c3c291ec89ecd3950098328008cfc831269d77
Author: Christoph Wickert <wickert at kolabsys.com>
Date: Thu Sep 10 13:02:45 2015 +0200
Implement mail/ldaptable/* variables (from upstream univention-mail-postfix rev. 21923)
diff --git a/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base b/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base
index 9d10b11..5dc4c78 100644
--- a/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base
@@ -19,4 +19,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base b/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base
index a7d9fc6..252aa4f 100644
--- a/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base
@@ -19,4 +19,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base b/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base
index 2afb82c..1b4f7e7 100644
--- a/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base
@@ -19,4 +19,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.groups.d/10_base b/ucs/conffiles/etc/postfix/ldap.groups.d/10_base
index e3e741f..0582fd7 100644
--- a/ucs/conffiles/etc/postfix/ldap.groups.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.groups.d/10_base
@@ -20,4 +20,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base b/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base
index 671dd67..291b40d 100644
--- a/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base
@@ -21,4 +21,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base b/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base
index 4346658..ef2c594 100644
--- a/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base
@@ -21,4 +21,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base b/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base
index b06c401..884b48c 100644
--- a/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base
@@ -21,4 +21,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base b/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base
index 622d2b6..c2f5d1e 100644
--- a/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base
@@ -21,4 +21,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base b/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base
index 55580bb..7eb6ca0 100644
--- a/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base
@@ -20,4 +20,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base b/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base
index de1f5ec..bdd04cc 100644
--- a/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base
@@ -19,4 +19,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base b/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base
index 9b54c5b..aa07395 100644
--- a/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base
@@ -20,4 +20,11 @@ if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
print 'bind_pw = MACHINE.SECRET_IS_MISSING'
+if configRegistry.is_true('mail/postfix/ldaptable/starttls', False):
+ print 'start_tls = yes'
+if configRegistry.is_true('mail/postfix/ldaptable/tlsrequirecert', False):
+ print 'tls_require_cert = yes'
+if configRegistry.get('mail/postfix/ldaptable/tlscacertfile'):
+ print 'tls_ca_cert_file = %s' % configRegistry['mail/postfix/ldaptable/tlscacertfile']
+print 'debuglevel = %s' % configRegistry.get('mail/postfix/ldaptable/debuglevel', '0')
@!@
diff --git a/ucs/debian/kolab-mta.univention-config-registry b/ucs/debian/kolab-mta.univention-config-registry
index c26a8f6..2d73896 100644
--- a/ucs/debian/kolab-mta.univention-config-registry
+++ b/ucs/debian/kolab-mta.univention-config-registry
@@ -153,6 +153,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.groups
Subfile: etc/postfix/ldap.groups.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.transportlocal
@@ -164,6 +168,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.transportlocal
Subfile: etc/postfix/ldap.transportlocal.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.transportremote
@@ -175,6 +183,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.transportremote
Subfile: etc/postfix/ldap.transportremote.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.virtualwithcanonical
@@ -186,6 +198,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.virtualwithcanonical
Subfile: etc/postfix/ldap.virtualwithcanonical.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.sharedfolderremote
@@ -197,6 +213,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.sharedfolderremote
Subfile: etc/postfix/ldap.sharedfolderremote.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.virtual
@@ -208,6 +228,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.virtual
Subfile: etc/postfix/ldap.virtual.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.virtualdomains
@@ -219,6 +243,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.virtualdomains
Subfile: etc/postfix/ldap.virtualdomains.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.sharedfolderlocal
@@ -230,6 +258,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.sharedfolderlocal
Subfile: etc/postfix/ldap.sharedfolderlocal.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.canonicalrecipient
@@ -241,6 +273,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.canonicalrecipient
Subfile: etc/postfix/ldap.canonicalrecipient.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.distlist
@@ -252,6 +288,10 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.distlist
Subfile: etc/postfix/ldap.distlist.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
Type: multifile
Multifile: etc/postfix/ldap.canonicalsender
@@ -263,3 +303,7 @@ Mode: 0440
Type: subfile
Multifile: etc/postfix/ldap.canonicalsender
Subfile: etc/postfix/ldap.canonicalsender.d/10_base
+Variables: mail/postfix/ldaptable/tlscacertfile
+Variables: mail/postfix/ldaptable/debuglevel
+Variables: mail/postfix/ldaptable/starttls
+Variables: mail/postfix/ldaptable/tlsrequirecert
diff --git a/ucs/debian/kolab-mta.univention-config-registry-variables b/ucs/debian/kolab-mta.univention-config-registry-variables
index 6d092e9..6aad8d4 100644
--- a/ucs/debian/kolab-mta.univention-config-registry-variables
+++ b/ucs/debian/kolab-mta.univention-config-registry-variables
@@ -183,3 +183,27 @@ Description[de]=Liste mit Protokollen, die in Postfix aktiviert werden (Möglich
Description[en]=List of protocols activated in postfix (Valid values: "all", "ipv4", "ipv6", "ipv4, ipv6"; Default: "ipv4")
Type=str
Categories=service-mail
+
+[mail/postfix/ldaptable/starttls]
+Description[de]=Ist diese Option aktiviert, verwendet Postfix eine verschlüsselte Verbindung für LDAP-Suchen.
+Description[en]=If this option is activated, Postfix uses an encrypted connection for ldap lookups.
+Type=bool
+Categories=service-mail
+
+[mail/postfix/ldaptable/tlsrequirecert]
+Description[de]=Ist diese Option aktiviert, wird beim Aufbau einer SSL/TLS Verbindung die Gültigkeit des X509 Zertifikat des Server geprüft.
+Description[en]=Whether or not to request the server's X509 certificate and check its validity when establishing SSL/TLS connections.
+Type=bool
+Categories=service-mail
+
+[mail/postfix/ldaptable/tlscacertfile]
+Description[de]=Datei mit den X509 CA-Zertifikaten in PEM Format für Validierung der SSL/TLS Verbindungen.
+Description[en]=File containing the X509 CA certificates in PEM format which are to be recognized by the client in SSL/TLS connections.
+Type=str
+Categories=service-mail
+
+[mail/postfix/ldaptable/debuglevel]
+Description[de]=Debug-Level für OpenLDAP Operationen.
+Description[en]=What level to set for debugging in the OpenLDAP libraries.
+Type=int
+Categories=service-mail
commit 5c990958eff9c457c2d3d8876f4755263f96fac3
Author: Christoph Wickert <wickert at kolabsys.com>
Date: Thu Sep 10 11:40:07 2015 +0200
Use the new getLDAPURIs method to determine server_host
diff --git a/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base b/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base
index f6427cd..9d10b11 100644
--- a/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.canonicalrecipient.d/10_base
@@ -3,7 +3,6 @@
# LDAP Recipient Canonical Maps support
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(univentionCanonicalRecipientRewriteEnabled=1)(|(univentionPublicPrimaryMailAddress=%s)(univentionPublicAlternativeMailAddress=%s)))
@@ -14,6 +13,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base b/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base
index 9ef890a..a7d9fc6 100644
--- a/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.canonicalsender.d/10_base
@@ -3,7 +3,6 @@
# LDAP Sender Canonical Maps support
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(univentionCanonicalSenderRewriteEnabled=1)(|(univentionInternalPrimaryMailAddress=%s)(univentionInternalAlternativeMailAddress=%s)))
@@ -14,6 +13,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base b/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base
index 43f6013..2afb82c 100644
--- a/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.distlist.d/10_base
@@ -3,7 +3,6 @@
# LDAP Distributionlist support
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(objectClass=univentionMailList)(mailPrimaryAddress=%s))
@@ -14,6 +13,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.groups.d/10_base b/ucs/conffiles/etc/postfix/ldap.groups.d/10_base
index dffb306..e3e741f 100644
--- a/ucs/conffiles/etc/postfix/ldap.groups.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.groups.d/10_base
@@ -3,7 +3,6 @@
# LDAP Mail Groups
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(mailPrimaryAddress=%s)(objectclass=posixGroup))
@@ -15,6 +14,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base b/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base
index 4da95c4..671dd67 100644
--- a/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.sharedfolderlocal.d/10_base
@@ -4,7 +4,6 @@
# rewrite mail address for shared imap folders if univentionMailHomeServer is my fqdn
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(objectClass=univentionMailSharedFolder)(|(mailPrimaryAddress=%s)(mailAlternativeAddress=%s)(univentionMailSharedFolderDeliveryAddress=%s))(univentionMailHomeServer=@%@hostname@%@.@%@domainname@%@))
@@ -16,6 +15,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base b/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base
index 828caec..4346658 100644
--- a/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.sharedfolderremote.d/10_base
@@ -4,7 +4,6 @@
# find mail address for shared imap folders and do not rewrite recipient address if univentionMailHomeServer is NOT my fqdn
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(objectClass=univentionMailSharedFolder)(|(mailPrimaryAddress=%s)(mailAlternativeAddress=%s))(!(univentionMailHomeServer=@%@hostname@%@.@%@domainname@%@)))
@@ -16,6 +15,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base b/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base
index d3d1458..b06c401 100644
--- a/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.transportlocal.d/10_base
@@ -4,7 +4,6 @@
# if mail shall not be delivered locally then send it to univentionMailHomeServer
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(mailPrimaryAddress=%s)(univentionMailHomeServer=@%@hostname@%@.@%@domainname@%@))
@@ -16,6 +15,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base b/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base
index fcda259..622d2b6 100644
--- a/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.transportremote.d/10_base
@@ -4,7 +4,6 @@
# if mail shall not be delivered locally then send it to univentionMailHomeServer
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(mailPrimaryAddress=%s)(univentionMailHomeServer=*)(!(univentionMailHomeServer=@%@hostname@%@.@%@domainname@%@)))
@@ -16,6 +15,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base b/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base
index 66ddbf8..55580bb 100644
--- a/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.virtual.d/10_base
@@ -3,7 +3,6 @@
# LDAP Alias support (without recipient canonical rewrite)
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(objectClass=univentionKolabInetOrgPerson)(|(uid=%s)(uid=%u)(mailAlternativeAddress=%s)(mailPrimaryAddress=%s))(!(univentionCanonicalRecipientRewriteEnabled=1)))
@@ -15,6 +14,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base b/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base
index eec8e57..de1f5ec 100644
--- a/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.virtualdomains.d/10_base
@@ -3,7 +3,6 @@
# LDAP Virtual Domains
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
query_filter = (&(objectClass=univentionMailDomainname)(cn=%s))
result_attribute = cn
@@ -14,6 +13,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
diff --git a/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base b/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base
index d2996a6..9b54c5b 100644
--- a/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base
+++ b/ucs/conffiles/etc/postfix/ldap.virtualwithcanonical.d/10_base
@@ -3,7 +3,6 @@
# LDAP Alias support (with recipient canonical rewrite)
#
-server_host = ldap://@%@ldap/server/name@%@:@%@ldap/server/port@%@
search_base = @%@ldap/base@%@
domain = ldap:/etc/postfix/ldap.virtualdomains
query_filter = (&(objectClass=univentionMail)(|(mailAlternativeAddress=%s)(mailPrimaryAddress=%s))(univentionCanonicalRecipientRewriteEnabled=1))
@@ -15,6 +14,8 @@ version = 3
bind_dn = @%@ldap/hostdn@%@
@!@
import os
+from univention.lib.misc import getLDAPURIs
+print 'server_host = %s' % getLDAPURIs(configRegistry)
if os.path.exists('/etc/machine.secret'):
print 'bind_pw = %s' % (open('/etc/machine.secret','r').read())
else:
More information about the commits
mailing list