forked from ISTI-ansible-roles/ansible-roles
The TLS level is now a paremeter everywhere.
This commit is contained in:
parent
05e4cb9478
commit
f6dcee2182
|
@ -27,7 +27,7 @@ postfix_tls_dhparam_file: /etc/postfix/dhparam.pem
|
|||
# Accepted values: none, may, encrypt
|
||||
postfix_smtpd_tls_security_level: encrypt
|
||||
# Accepted values: none, may, encrypt, fingerprint, verify, secure. And from 2.11: dane, dane-only
|
||||
postfix_smtp_tls_security_level: encrypt
|
||||
postfix_smtp_tls_security_level: may
|
||||
postfix_use_sasl_auth: True
|
||||
postfix_smtp_sasl_auth_enable: "yes"
|
||||
postfix_smtp_create_relay_user: True
|
||||
|
|
|
@ -16,7 +16,7 @@ smtp inet n - n - - smtpd
|
|||
{% if postfix_smtpd_server %}
|
||||
submission inet n - n - - smtpd
|
||||
-o syslog_name=postfix/submission
|
||||
-o smtpd_tls_security_level=encrypt
|
||||
-o smtpd_tls_security_level={{ postfix_smtpd_tls_security_level }}
|
||||
{% if postfix_use_letsencrypt %}
|
||||
-o smtpd_tls_cert_file={{ letsencrypt_acme_certs_dir }}/cert
|
||||
-o smtpd_tls_key_file={{ letsencrypt_acme_certs_dir }}/privkey
|
||||
|
|
Loading…
Reference in New Issue