Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3945015
D3326.id8593.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
42 KB
Referenced Files
None
Subscribers
None
D3326.id8593.diff
View Options
diff --git a/GIDs b/GIDs
--- a/GIDs
+++ b/GIDs
@@ -8,6 +8,7 @@
3003 deployment
3004 mediawiki
3005 nasquenautes
+6000 mailbox_mail_user
9001 salt
9002 deploy
9003 web
diff --git a/UIDs b/UIDs
--- a/UIDs
+++ b/UIDs
@@ -5,6 +5,11 @@
834 tc2
835 opensearch
3004 mediawiki
+6000 mailbox_mail_user
9001 salt
9002 deploy
8900 zr LEGACY
+
+# Web app
+12000 web-org-nasqueron-mail
+12001 web-org-nasqueron-mail-admin
diff --git a/pillar/credentials/vault.sls b/pillar/credentials/vault.sls
--- a/pillar/credentials/vault.sls
+++ b/pillar/credentials/vault.sls
@@ -94,6 +94,10 @@
- ops/secrets/nasqueron/deploy/deploy_keys/by_repo/bitbucket/ewosp/www
- ops/secrets/nasqueron/deploy/deploy_keys/by_repo/github/wolfplex/api-www
+ mailserver:
+ - ops/secrets/dbserver/cluster-A/users/mailManagement
+ - ops/secrets/mailserver/security
+
opensearch:
- ops/secrets/nasqueron/opensearch/infra-logs/internal_users/admin
- ops/secrets/nasqueron/opensearch/infra-logs/internal_users/dashboards
diff --git a/pillar/dbserver/cluster-A.sls b/pillar/dbserver/cluster-A.sls
--- a/pillar/dbserver/cluster-A.sls
+++ b/pillar/dbserver/cluster-A.sls
@@ -142,7 +142,7 @@
- db: mail
user: mailManagement
- ips: 172.27.27.5/32
+ ips: 172.27.27.3/32
method: password
- db: mail
diff --git a/pillar/mailserver/vimbadmin.sls b/pillar/mailserver/vimbadmin.sls
new file mode 100644
--- /dev/null
+++ b/pillar/mailserver/vimbadmin.sls
@@ -0,0 +1,13 @@
+# -------------------------------------------------------------
+# Salt — ViMbAdmin Configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+vimbadmin_config:
+ db:
+ service: db-A
+ database: mail
+ credential: dbserver/cluster-A/users/mailManagement
+ security: mailserver/security
diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -177,6 +177,8 @@
netmask: 255.255.255.255
roles:
- mailserver
+ - webserver-core
+ - webserver-alkane
router-001:
forest: nasqueron-infra
diff --git a/pillar/paas/alkane/hervil/main.sls b/pillar/paas/alkane/hervil/main.sls
new file mode 100644
--- /dev/null
+++ b/pillar/paas/alkane/hervil/main.sls
@@ -0,0 +1,47 @@
+# -------------------------------------------------------------
+# Salt — PaaS Alkane :: PHP and static sites [development]
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Site: https://explore.wolfplex.org/
+# -------------------------------------------------------------
+
+web_aliases:
+ services:
+ - &db-A 172.27.27.8
+
+# -------------------------------------------------------------
+# PHP sites
+#
+# Username must be unique and use max 31 characters.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+web_domains:
+ nasqueron:
+ - nasqueron.org
+
+nginx_vhosts:
+ nasqueron.org:
+ - admin.mail
+
+php_fpm_instances:
+ # PHP current version, generally installed as package/port
+ prod:
+ command: /usr/local/sbin/php-fpm
+
+web_php_sites:
+ mail.nasqueron.org:
+ domain: nasqueron.org
+ subdomain: mail
+ user: web-org-nasqueron-mail
+ uid: 12000
+ php-fpm: prod
+
+ admin.mail.nasqueron.org:
+ domain: nasqueron.org
+ subdomain: admin.mail
+ user: web-org-nasqueron-mail-admin
+ uid: 12001
+ php-fpm: prod
+ env:
+ DB_HOST: *db-A
diff --git a/pillar/top.sls b/pillar/top.sls
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -51,6 +51,9 @@
eglide:
- shellserver.quassel
+ hervil:
+ - mailserver.vimbadmin
+
ysul:
- devserver.repos
- saas.mediawiki
diff --git a/pillar/webserver/sites.sls b/pillar/webserver/sites.sls
--- a/pillar/webserver/sites.sls
+++ b/pillar/webserver/sites.sls
@@ -22,6 +22,10 @@
#
# Nasqueron servers
#
+ mailserver:
+ - .org/nasqueron/mail
+ - .org/nasqueron/mail_admin
+
mastodon:
- .org/nasqueron/social
diff --git a/roles/mailserver/vimbadmin/files/application.ini b/roles/mailserver/vimbadmin/files/application.ini
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/vimbadmin/files/application.ini
@@ -0,0 +1,694 @@
+# -------------------------------------------------------------
+# ViMbAdmin configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/paas-docker/containers/files/vimbadmin/application.ini
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; ViMbAdmin :: Virtual Mailbox Admin
+;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; IMPORTANT: Review and change all options in [user]
+;;
+;; ** This is for ViMbAdmin V3 and later **
+;;
+;; See: https://github.com/opensolutions/ViMbAdmin/wiki/Configuration
+
+[user]
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Installation Keys and Salts
+;
+; During installation, you will be prompted to enter strings here. This
+; is to verify that you are in fact the person authorised to complete the
+; installation as well as provide security for cookies and passwords.
+
+securitysalt = "{{ security.salt }}"
+resources.auth.oss.rememberme.salt = "{{ security.osRememberMeSalt }}"
+defaults.mailbox.password_salt = "{{ security.mailboxSaltPassword }}"
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; When installing for the first time, it may be useful to set the following
+; to 1 BUT ensure you set it to zero again in a production system
+
+phpSettings.display_startup_errors = 1
+phpSettings.display_errors = 1
+resources.frontController.params.displayExceptions = 1
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; You database and caching connection.
+;;
+
+resources.doctrine2.connection.options.driver = 'pdo_pgsql'
+resources.doctrine2.connection.options.dbname = '{{ db.database }}'
+resources.doctrine2.connection.options.user = '{{ db.username }}'
+resources.doctrine2.connection.options.password = '{{ db.password }}'
+resources.doctrine2.connection.options.host = '{{ db.host }}'
+resources.doctrine2.connection.options.charset = 'utf8'
+
+;; Doctrine2 requires Memcache for maximum efficency. Without Memcache
+;; it can be highly inefficient and will slow page requests down.
+;;
+;; You are strongly advised to install memcache and comment ArrayCache
+;; here and uncomment MemcacheCache.
+;;
+
+resources.doctrine2cache.type = 'ArrayCache'
+;resources.doctrine2cache.type = 'MemcacheCache'
+resources.doctrine2cache.memcache.servers.0.host = 'localhost'
+resources.doctrine2cache.namespace = 'ViMbAdmin3'
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Default values used when creating domains
+;
+; See: https://github.com/opensolutions/ViMbAdmin/wiki/Configuration
+; See: https://github.com/opensolutions/ViMbAdmin/wiki/Quotas
+
+defaults.domain.quota = 0
+defaults.domain.maxquota = 0
+defaults.domain.transport = "virtual"
+defaults.domain.aliases = 0
+defaults.domain.mailboxes = 0
+
+defaults.quota.multiplier = 'MB'
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; Use server side filtering to reduce pagination time on client side
+;; Defaults to off / false
+defaults.server_side.pagination.enable = false
+defaults.server_side.pagination.min_search_str = 3
+defaults.server_side.pagination.max_result_cnt = 500
+
+;; Separate configuration for domain list
+defaults.server_side.pagination.domain.enable = false
+defaults.server_side.pagination.domain.min_search_str = 3
+defaults.server_side.pagination.domain.max_result_cnt = 500
+
+; The number of rows displayed in the tables
+; must be one of these: 10, 25, 50, 100
+defaults.table.entries = 50
+
+;; Enable or disable display of Domain name column. Default : enabled
+defaults.list_domain.disabled = false
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; Options for the display of domain and mailbox sizes
+;;
+;; See: https://github.com/opensolutions/ViMbAdmin/wiki/Mailbox-Sizes
+;;
+;; Enable or disable display of sizes. Default: disabled
+
+defaults.list_size.disabled = true
+
+;; Maildir size units. By default: KB. One of B, KB, MB or GB.
+defaults.list_size.multiplier = 'GB'
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Default values for creating mailboxes
+
+; This sets the uid and gid columns in the mailbox table to the below values
+defaults.mailbox.uid = 2000
+defaults.mailbox.gid = 2000
+
+
+; Set the homedir and maildir values in the mailbox table where the
+; following substitutions apply:
+;
+; %d -> domain part of email address
+; %u -> user part of email address
+; %m -> full email address
+; %atmail -> substitutes an email address (test@example.com) with t/e/test@example.com
+;
+;
+; http://wiki2.dovecot.org/VirtualUsers/Home
+
+defaults.mailbox.maildir = "maildir:{{ mailbox.dir }}/%d/%u/mail:LAYOUT=fs"
+defaults.mailbox.homedir = "{{ mailbox.dir }}/%d/%u"
+
+;minimum mailbox password length
+defaults.mailbox.min_password_length = 8
+
+; The password hashing function to use. Set to one of:
+;
+; "plain" - password stored as clear text
+; "md5" - password hashed using MD5 without salt (PHP md5())
+; "md5-salted" - password hashed using MD5 with salt (salt set in defaults.mailbox.password_salt above)
+; "sha1" - password hashed using sha1 without salt
+; "sha1-salted" - password hashed using sha1 with salt (salt set in defaults.mailbox.password_salt above)
+; "crypt:XXX" - call the PHP crypt function (with random salt) where XXX is one of: md5, blowfish, sha256, sha512
+; "dovecot:XXX" - call the Dovecot password generator (see next option below) and use the
+; scheme specified by XXX. To see available schemes, use 'dovecotpw -l'
+; or 'doveadm pw -l'
+
+; You should pick a hashing function as strong as your mail system allows.
+; At time of writing, Dovecot ( http://wiki2.dovecot.org/Authentication/PasswordSchemes ) recommends one of
+; BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT in descending order of strength
+defaults.mailbox.password_scheme = "dovecot:BLF-CRYPT"
+
+; April 2016 - Bad salts - it was pointed out that a typo in the code below meant that
+; the now deprecated md5.salted and sha1.salted (as opposed to their hyphenated versions above)
+; didn't actually use the requested salt string but a fixed salt of "md5.salted" and "sha1.salted"
+; respectively. These options still work for backwards compatibility.
+; See:
+; https://github.com/opensolutions/OSS-Framework/issues/43#issuecomment-207040421
+; https://github.com/opensolutions/OSS-Framework/commit/b3d669a81f8214032a70e594472ece9fe9322fe2
+
+
+; The path to (and initial option(s) if necessary) the Dovecot password generator. Typical
+; values may be something like:
+;
+; "/usr/bin/doveadm pw"
+; "/usr/bin/dovecotpw"
+
+defaults.mailbox.dovecot_pw_binary = "{{ dirs.bin }}/doveadm pw"
+
+
+
+;; A "mailbox alias" will, for example add the following entry to
+;; the alias table for a mailbox: name@example.com
+;;
+;; name@example.com -> name@example.com
+;;
+;; This is required for aliasing an entire domain. If in doubt, leave it enabled.
+mailboxAliases = 1
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; See: https://github.com/opensolutions/ViMbAdmin/wiki/Archiving-Mailboxes
+
+server_id = 1
+
+;;Archive options
+binary.path.chown_R = "/usr/sbin/chown -R"
+binary.path.tar_cf = "/usr/bin/tar -cf"
+binary.path.tar_xf = "/usr/bin/tar -xf"
+binary.path.bzip2_q = "/usr/bin/bzip2 -q"
+binary.path.bunzip2_q = "/usr/bin/bunzip2 -q"
+binary.path.rm_rf = "/usr/bin/rm -rf"
+
+archive.path = "{{ mailbox.archive }}"
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Enable mailbox deletion on the file system
+;
+; See: https://github.com/opensolutions/ViMbAdmin/wiki/Deleting-Mailboxes
+;
+
+mailbox_deletion_fs_enabled = false
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Export Mailbox Settings
+;
+; See: https://github.com/opensolutions/ViMbAdmin/wiki/Export-Settings
+;
+defaults.export_settings.disabled = true
+
+
+;; Export settings alowed subnets
+defaults.export_settings.allowed_subnet[] = "10."
+defaults.export_settings.allowed_subnet[] = "192.168."
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; Settings email default values.
+;;
+;; Substituions are as follows:
+;;
+;; %d -> domain part of email address
+;; %u -> user part of email address
+;; $m -> full email address
+;;
+;; See (and skin) the following file to see how the below are used:
+;;
+;; views/mailbox/email/settings.phtml
+;;
+
+server.smtp.enabled = 1
+server.smtp.host = "mail.%d"
+server.smtp.user = "%m"
+server.smtp.port = "465"
+server.smtp.crypt = "SSL"
+
+server.pop3.enabled = 1
+server.pop3.host = "gpo.%d"
+server.pop3.user = "%m"
+server.pop3.port = "995"
+server.pop3.crypt = "SSL"
+
+server.imap.enabled = 1
+server.imap.host = "gpo.%d"
+server.imap.user = "%m"
+server.imap.port = "993"
+server.imap.crypt = "SSL"
+
+server.webmail.enabled = 1
+server.webmail.host = "https://webmail.%d"
+server.webmail.user = "%m"
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; Identity
+
+identity.orgname = "Nasqueron"
+identity.name = "Nasqueron Operations SIG"
+identity.email = "support@example.com"
+identity.autobot.name = "ViMbAdmin Autobot"
+identity.autobot.email = "autobot@example.com"
+identity.mailer.name = "ViMbAdmin Autobot"
+identity.mailer.email = "do-not-reply@example.com"
+
+identity.sitename = "ViMbAdmin"
+identity.siteurl = "https://www.example.com/vimbadmin/"
+
+
+;;
+;; All mail and correspondence will come from the following;;
+
+server.email.name = "ViMbAdmin Administrator"
+server.email.address = "support@example.com"
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; Skinning
+;;
+;; You can skin ViMbAdmin pages if you wish.
+;;
+;; See: https://github.com/opensolutions/ViMbAdmin/wiki/Skinning
+
+; resources.smarty.skin = "myskin"
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; See: http://framework.zend.com/manual/en/zend.mail.smtp-authentication.html
+;;
+;; Ensure you have a working mail server configuration so the system can
+;; send emails.
+;; Possible values:
+;; transport.type: sendmail, smtp
+;; transport.auth: crammd5, login, plain
+;; transport.ssl: ssl, tls
+;;
+
+resources.mail.transport.type = "smtp"
+resources.mail.transport.host = "localhost"
+;resources.mail.transport.username = ""
+;resources.mail.transport.password = ""
+;resources.mail.transport.auth = ""
+;resources.mail.transport.ssl = ""
+;resources.mail.transport.port = "25"
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; Local filesystem logging.
+;;
+;; We log various things to var/log/YYYY/MM/ if you enable the logger here.
+;;
+;; It is useful to use the email logger to be alerted of serious errors.
+;;
+
+ondemand_resources.logger.enabled = 1
+
+;ondemand_resources.logger.writers.email.from = "admin@example.com"
+;ondemand_resources.logger.writers.email.to = "admin@example.com"
+;ondemand_resources.logger.writers.email.prefix = "ViMbAdmin_Error"
+;ondemand_resources.logger.writers.email.level = 3
+
+ondemand_resources.logger.writers.stream.level = 7
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; ViMbAdmin performs a version check on administrator login and alerts the
+;; user if there is a newer version available.
+;;
+;; This can be disabled by setting the below to 1
+;;
+
+skipVersionCheck = 1
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; ViMbAdmin 'pings' the developers as part of the set up process to let
+;; them know there is a new installation.
+;;
+;; All we are interested in is knowing whether people are using the software
+;; or not and whether continued support and development is worth the time
+;; and effort.
+;;
+;; Unless you're very shy, PLEASE LET US KNOW YOU'RE USING IT!
+;;
+;; This can be disabled by setting the below to 1
+;;
+
+skipInstallPingback = 1
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Allow admins to dictate whether a user can use BOTH, IMAP ONLY,
+; POP3 ONLY when creating mailboxes.
+;
+; Must be supported by your POP3/IMAP server.
+;
+; See https://github.com/opensolutions/ViMbAdmin/wiki/POP3-IMAP-Access-Permissions
+; for documentation.
+;
+; This is handled via a plugin
+;
+
+vimbadmin_plugins.AccessPermissions.disabled = false
+
+; specify the options which should be allowed for access restrictions
+vimbadmin_plugins.AccessPermissions.type.SMTP = "SMTP"
+vimbadmin_plugins.AccessPermissions.type.IMAP = "IMAP"
+vimbadmin_plugins.AccessPermissions.type.POP3 = "POP3"
+vimbadmin_plugins.AccessPermissions.type.SIEVE = "SIEVE"
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Allow admins to force that for a mailbox/domain basic aliases are existing
+; If a new mailbox is created the system will check if the aliases are existing, if not they are created.
+
+vimbadmin_plugins.MailboxAutomaticAliases.disabled = true
+
+; These aliases should always exist, it is not recommened to delete it
+vimbadmin_plugins.MailboxAutomaticAliases.defaultAliases[] = "postmaster"
+vimbadmin_plugins.MailboxAutomaticAliases.defaultAliases[] = "abuse"
+
+; These aliases are optional, but it recommended to not remove them
+vimbadmin_plugins.MailboxAutomaticAliases.defaultAliases[] = "hostmaster"
+vimbadmin_plugins.MailboxAutomaticAliases.defaultAliases[] = "webmaster"
+
+; Define this if emails should be forwarded to a fixed address instead of the first mailbox address of the domain
+vimbadmin_plugins.MailboxAutomaticAliases.defaultMapping.postmaster = "@nasqueron.org"
+;vimbadmin_plugins.MailboxAutomaticAliases.defaultMapping.abuse = "postmaster"
+;vimbadmin_plugins.MailboxAutomaticAliases.defaultMapping.* = "root@domain.tld"
+
+
+
+
+
+
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;
+;; Proceed onwards with caution.
+;;
+;; The above [user] params are the may ones of consequence.
+;;
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Allows to add additional information.
+;
+; This is handled via a plugin
+;
+
+vimbadmin_plugins.AccessPermissions.disabled = false
+vimbadmin_plugins.DirectoryEntry.disabled = true
+vimbadmin_plugins.AdditionalInfo.disabled = true
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;;; Disabling directory entry subform element
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+vimbadmin_plugins.DirectoryEntry.disabled_elements.JpegPhoto = true
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Mail = true
+vimbadmin_plugins.DirectoryEntry.disabled_elements.PreferredLanguage = true
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Secretary = true
+
+vimbadmin_plugins.DirectoryEntry.disabled_elements.PersonalTitle = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.GivenName = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Sn = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.DisplayName = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Initials = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.BusinessCategory = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.EmployeeType = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Title = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.DepartmentNumber = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Ou = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.RoomNumber = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.O = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.CarLicense = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.EmployeeNumber = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.HomePhone = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.TelephoneNumber = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Mobile = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Pager = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.FacsimileTelephoneNumber = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.HomePostalAddress = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.LabeledURI = false
+vimbadmin_plugins.DirectoryEntry.disabled_elements.Manager = false
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;;; Mailbox AdditionalInfo plugin elements
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+
+;;Additional text messages for plugin.
+AdditionalInfo.mailbox.formPreBlurb = "<p><strong>NB:</strong> Do not edit the following. It is sync'd on a nightly basis ..."
+
+; First Name
+vimbadmin_plugins.AdditionalInfo.elements.id.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.id.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.id.options.label = "LDAP Id"
+
+; First Name
+vimbadmin_plugins.AdditionalInfo.elements.first_name.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.first_name.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.first_name.options.label = "First Name"
+
+; Last Name
+vimbadmin_plugins.AdditionalInfo.elements.second_name.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.second_name.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.second_name.options.label = "Last Name"
+
+; Grade
+vimbadmin_plugins.AdditionalInfo.elements.grade.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.grade.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.grade.options.label = "Grade"
+
+; Grade Id
+vimbadmin_plugins.AdditionalInfo.elements.grade_id.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.grade_id.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.grade_id.options.label = "Grade Id"
+vimbadmin_plugins.AdditionalInfo.elements.grade_id.options.validators.digits[] = 'Digits'
+vimbadmin_plugins.AdditionalInfo.elements.grade_id.options.validators.digits[] = true
+
+; Department
+vimbadmin_plugins.AdditionalInfo.elements.department.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.department.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.department.options.label = "Department"
+
+; Department Id
+vimbadmin_plugins.AdditionalInfo.elements.department_id.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.department_id.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.department_id.options.label = "Department Id"
+vimbadmin_plugins.AdditionalInfo.elements.department_id.options.validators.digits[] = 'Digits'
+vimbadmin_plugins.AdditionalInfo.elements.department_id.options.validators.digits[] = true
+
+; Section
+vimbadmin_plugins.AdditionalInfo.elements.section.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.section.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.section.options.label = "Section"
+
+; Extension Number
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.label = "Extension Number"
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.validators.digits[] = 'Digits'
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.validators.digits[] = true
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.validators.length[] = 'StringLength'
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.validators.length[] = false
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.validators.length.range[] = 4
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.validators.length.range[] = 4
+;;to disable autocomplete functionality
+vimbadmin_plugins.AdditionalInfo.elements.ext_no.options.autocomplete = 'off'
+
+; Direct Dial
+vimbadmin_plugins.AdditionalInfo.elements.d_dial.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.d_dial.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.d_dial.options.label = "Direct Dial"
+vimbadmin_plugins.AdditionalInfo.elements.d_dial.options.autocomplete = 'off'
+
+; Mobile
+vimbadmin_plugins.AdditionalInfo.elements.mobile.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.elements.mobile.options.required = false
+vimbadmin_plugins.AdditionalInfo.elements.mobile.options.label = "Mobile"
+vimbadmin_plugins.AdditionalInfo.elements.mobile.options.autocomplete = 'off'
+
+;;;;;;;
+;; Aliases additional information
+;;
+; First Name
+vimbadmin_plugins.AdditionalInfo.alias.elements.name.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.alias.elements.name.options.required = false
+vimbadmin_plugins.AdditionalInfo.alias.elements.name.options.label = "Name"
+
+; Extension Number
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.required = false
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.label = "Extension Number"
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.validators.digits[] = 'Digits'
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.validators.digits[] = true
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.validators.length[] = 'StringLength'
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.validators.length[] = false
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.validators.length.range[] = 4
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.validators.length.range[] = 4
+vimbadmin_plugins.AdditionalInfo.alias.elements.ext_no.options.autocomplete = 'off'
+
+; Direct Dial
+vimbadmin_plugins.AdditionalInfo.alias.elements.d_dial.type = "Zend_Form_Element_Text"
+vimbadmin_plugins.AdditionalInfo.alias.elements.d_dial.options.required = false
+vimbadmin_plugins.AdditionalInfo.alias.elements.d_dial.options.label = "Direct Dial"
+vimbadmin_plugins.AdditionalInfo.alias.elements.d_dial.options.autocomplete = 'off'
+
+
+[production : user]
+
+includePaths.library = APPLICATION_PATH "/../library"
+includePaths.osslibrary = APPLICATION_PATH "/../vendor/opensolutions/oss-framework/src/"
+
+bootstrap.path = APPLICATION_PATH "/Bootstrap.php"
+bootstrap.class = "Bootstrap"
+appnamespace = "ViMbAdmin"
+
+temporary_directory = APPLICATION_PATH "/../var/tmp"
+
+pluginPaths.OSS_Resource = APPLICATION_PATH "/../library/OSS/Resource"
+pluginPaths.ViMbAdmin_Resource = APPLICATION_PATH "/../library/ViMbAdmin/Resource"
+
+mini_js = 1
+mini_css = 1
+
+alias_autocomplete_min_length = 2
+
+
+
+resources.frontController.controllerDirectory = APPLICATION_PATH "/controllers"
+resources.frontController.moduleDirectory = APPLICATION_PATH "/modules"
+resources.modules[] =
+
+
+; doctrine2
+resources.doctrine2.models_path = APPLICATION_PATH
+resources.doctrine2.proxies_path = APPLICATION_PATH "/Proxies"
+resources.doctrine2.repositories_path = APPLICATION_PATH
+resources.doctrine2.xml_schema_path = APPLICATION_PATH "/../doctrine2/xml"
+resources.doctrine2.autogen_proxies = 0
+resources.doctrine2.logger = 1
+resources.doctrine2.models_namespace = "Entities"
+resources.doctrine2.proxies_namespace = "Proxies"
+resources.doctrine2.repositories_namespace = "Repositories"
+
+
+resources.doctrine2cache.autoload_method = "composer"
+;resources.doctrine2cache.type = 'ArrayCache'
+;resources.doctrine2cache.type = 'MemcacheCache'
+;resources.doctrine2cache.memcache.servers.0.host = '127.0.0.1'
+;resources.doctrine2cache.memcache.servers.0.port = '11211'
+;resources.doctrine2cache.memcache.servers.0.persistent = false
+;resources.doctrine2cache.memcache.servers.0.weight = 1
+;resources.doctrine2cache.memcache.servers.0.timeout = 1
+;resources.doctrine2cache.memcache.servers.0.retry_int = 15
+
+; resources.doctrine2cache.memcache.servers.1.host = 'xxx'
+; resources.doctrine2cache.memcache.servers.2.host = 'yyy'
+
+resources.namespace.checkip = 0
+
+resources.auth.enabled = 1
+resources.auth.oss.adapter = "OSS_Auth_Doctrine2Adapter"
+resources.auth.oss.pwhash = "bcrypt"
+resources.auth.oss.hash_cost = 9
+resources.auth.oss.entity = "\\Entities\\Admin"
+resources.auth.oss.disabled.lost-username = 1
+resources.auth.oss.disabled.lost-password = 0
+
+resources.auth.oss.rememberme.enabled = 1
+resources.auth.oss.rememberme.timeout = 2592000
+resources.auth.oss.rememberme.secure = true
+
+resources.auth.oss.lost_password.use_captcha = true
+
+resources.session.save_path = APPLICATION_PATH "/../var/session"
+resources.session.use_only_cookies = true
+resources.session.remember_me_seconds = 3600
+resources.session.name = 'VIMBADMIN3'
+
+ondemand_resources.logger.writers.stream.path = APPLICATION_PATH "/../var/log"
+ondemand_resources.logger.writers.stream.owner = www-data
+ondemand_resources.logger.writers.stream.group = www-data
+ondemand_resources.logger.writers.stream.mode = single
+ondemand_resources.logger.writers.stream.logname = vimbadmin.log
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Smarty View
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+resources.smarty.enabled = 1
+resources.smarty.templates = APPLICATION_PATH "/views"
+; resources.smarty.skin = "myskin"
+resources.smarty.compiled = APPLICATION_PATH "/../var/templates_c"
+resources.smarty.cache = APPLICATION_PATH "/../var/cache"
+resources.smarty.config = APPLICATION_PATH "/configs/smarty"
+resources.smarty.plugins[] = APPLICATION_PATH "/../library/ViMbAdmin/Smarty/functions"
+resources.smarty.plugins[] = APPLICATION_PATH "/../library/OSS/Smarty/functions"
+resources.smarty.plugins[] = APPLICATION_PATH "/../vendor/smarty/smarty/libs/plugins"
+resources.smarty.plugins[] = APPLICATION_PATH "/../vendor/smarty/smarty/libs/sysplugins"
+resources.smarty.debugging = 0
+
+
+
+
+[development : production]
+
+mini_js = 0
+mini_css = 0
+
+phpSettings.display_startup_errors = 1
+phpSettings.display_errors = 1
+resources.frontController.params.displayExceptions = 1
diff --git a/roles/mailserver/vimbadmin/init.sls b/roles/mailserver/vimbadmin/init.sls
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/vimbadmin/init.sls
@@ -0,0 +1,56 @@
+# -------------------------------------------------------------
+# Salt — Provision ViMbAdmin Config
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set db = pillar["vimbadmin_config"]["db"] %}
+{% set securityCredentials = pillar["vimbadmin_config"]["security"] %}
+
+{% from "map.jinja" import dirs with context %}
+
+# init mail user
+
+mailbox_mail_user:
+ user.present:
+ - name: mailbox_mail_user
+ - uid: 6000
+ - gid: 6000
+ - system: True
+ - home: /var/run/web/mailbox_mail_user
+
+/var/mail_virtual:
+ file.directory:
+ - user: 6000
+ - group: 6000
+ - mode: 700
+ - makedirs: True
+
+/var/mail_archive:
+ file.directory:
+ - user: 6000
+ - group: 6000
+ - mode: 700
+ - makedirs: True
+
+/var/wwwroot/nasqueron.org/admin.mail/application/configs/application.ini:
+ file.managed:
+ - source: salt://roles/mailserver/vimbadmin/files/application.ini
+ - mode: 400
+ - user: web-org-nasqueron-mail-admin
+ - template: jinja
+ - context:
+ db:
+ database: {{ db["database"] }}
+ username: {{ salt["credentials.get_username"](db["credential"]) }}
+ password: {{ salt["credentials.get_password"](db["credential"]) }}
+ host: {{ pillar["nasqueron_services"][db["service"]] }}
+ security:
+ salt: {{ salt["credentials.read_secret"](securityCredentials)["salt"] | yaml_dquote }}
+ osRememberMeSalt: {{ salt["credentials.read_secret"](securityCredentials)["osRememberMeSalt"] | yaml_dquote }}
+ mailboxSaltPassword: {{ salt["credentials.read_secret"](securityCredentials)["mailboxSaltPassword"] | yaml_dquote }}
+ dirs: {{ dirs }}
+ mailbox:
+ dir: "/var/mail_virtual"
+ archive: "/var/mail_archive"
diff --git a/roles/webserver-alkane/account/init.sls b/roles/webserver-alkane/account/init.sls
--- a/roles/webserver-alkane/account/init.sls
+++ b/roles/webserver-alkane/account/init.sls
@@ -43,6 +43,9 @@
user.present:
- name: {{ site['user' ] }}
- fullname: {{ fqdn }}
+{% if 'uid' in site %}
+ - uid: {{ site['uid'] }}
+{% endif %}
- gid: 9003
- system: True
- home: /var/run/web/{{ fqdn }}
diff --git a/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
new file mode 100644
--- /dev/null
+++ b/roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/admin.mail.conf
@@ -0,0 +1,45 @@
+# -------------------------------------------------------------
+# Webserver
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Site: mail.nasqueron.org
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-alkane/nginx/files/vhosts/nasqueron.org/mail.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# Main site
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name admin.mail.nasqueron.org;
+
+ include includes/tls;
+ ssl_certificate /usr/local/etc/letsencrypt/live/admin.mail.nasqueron.org/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/admin.mail.nasqueron.org/privkey.pem;
+
+ include includes/letsencrypt;
+
+ root /var/wwwroot/nasqueron.org/admin.mail/public;
+ index index.html index.php index.htm;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+ }
+
+ location ~ \.php$ {
+ fastcgi_pass unix:/var/run/web/admin.mail.nasqueron.org/php-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/wwwroot/nasqueron.org/admin.mail/public/index.php;
+ include includes/fastcgi;
+ }
+}
diff --git a/roles/webserver-content/init.sls b/roles/webserver-content/init.sls
--- a/roles/webserver-content/init.sls
+++ b/roles/webserver-content/init.sls
@@ -19,6 +19,8 @@
- .org/nasqueron/docs
- .org/nasqueron/infra
- .org/nasqueron/labs
+ - .org/nasqueron/mail
+ - .org/nasqueron/mail_admin
- .org/nasqueron/rain
- .org/nasqueron/social
- .org/wolfplex/api
diff --git a/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# Nasqueron PaaS :: Alkane :: Recipe for deployment
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
+# Action: init
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+set -e
+
+git clone https://github.com/opensolutions/ViMbAdmin.git "$ALKANE_SITE_PATH"
+cd "$ALKANE_SITE_PATH"
+git remote add nasqueron https://github.com/dereckson/ViMbAdmin.git
+git fetch --all
+git checkout nasqueron/production -b production
+
+composer install --prefer-dist --no-dev
diff --git a/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# Nasqueron PaaS :: Alkane :: Recipe for deployment
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
+# Action: update
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+set -e
+
+
+cd "$ALKANE_SITE_PATH"
+
+git fetch --all
+git diff-index --quiet HEAD && git pull
+
+composer update --prefer-dist --no-dev
diff --git a/roles/webserver-content/org/nasqueron/mail.sls b/roles/webserver-content/org/nasqueron/mail.sls
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/mail.sls
@@ -0,0 +1,28 @@
+# -------------------------------------------------------------
+# Salt — Provision rain.nasqueron.org website
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% if salt['node.has_web_content'](".org/nasqueron/mail") %}
+
+# -------------------------------------------------------------
+# Base directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/wwwroot/nasqueron.org/mail:
+ file.directory:
+ - user: deploy
+ - group: web
+ - dir_mode: 755
+
+# -------------------------------------------------------------
+# Deploy mail
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+www_mail_build:
+ cmd.run:
+ - name: alkane deploy mail.nasqueron.org
+
+{% endif %}
diff --git a/roles/webserver-content/org/nasqueron/mail_admin.sls b/roles/webserver-content/org/nasqueron/mail_admin.sls
new file mode 100644
--- /dev/null
+++ b/roles/webserver-content/org/nasqueron/mail_admin.sls
@@ -0,0 +1,56 @@
+# -------------------------------------------------------------
+# Salt — Provision rain.nasqueron.org website
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% if salt['node.has_web_content'](".org/nasqueron/mail_admin") %}
+
+# -------------------------------------------------------------
+# Base directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/wwwroot/nasqueron.org/admin.mail:
+ file.directory:
+ - user: deploy
+ - group: wheel
+ - dir_mode: 755
+
+# -------------------------------------------------------------
+# Deploy mail
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/usr/local/libexec/alkane/admin.mail.nasqueron.org:
+ file.directory:
+ - user: root
+ - group: web
+ - dir_mode: 755
+
+
+/usr/local/libexec/alkane/admin.mail.nasqueron.org/init:
+ file.managed:
+ - source: salt://roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/init.sh
+ - mode: 755
+
+/usr/local/libexec/alkane/admin.mail.nasqueron.org/update:
+ file.managed:
+ - source: salt://roles/webserver-content/org/nasqueron/files/recipes/admin.mail.nasqueron.org/update.sh
+ - mode: 755
+
+www_admin_mail_build:
+ cmd.run:
+ - name: alkane deploy admin.mail.nasqueron.org
+ - runas: deploy
+
+/var/wwwroot/nasqueron.org/admin.mail/var:
+ file.directory:
+ - user: web-org-nasqueron-mail-admin
+ - group: web
+ - dir_mode: 711
+ - recurse:
+ - user
+ - group
+ - mode
+
+{% endif %}
diff --git a/top.sls b/top.sls
--- a/top.sls
+++ b/top.sls
@@ -46,6 +46,8 @@
- roles/shellserver
'hervil':
- roles/mailserver
+ - roles/webserver-core
+ - roles/webserver-alkane
'web-001':
- roles/webserver-core
- roles/webserver-alkane
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Fri, Dec 27, 03:16 (10 h, 23 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2316353
Default Alt Text
D3326.id8593.diff (42 KB)
Attached To
Mode
D3326: Deploy ViMbAdmin web application
Attached
Detach File
Event Timeline
Log In to Comment