aboutsummaryrefslogtreecommitdiff
path: root/scripts/hostclass/smtp_server
diff options
context:
space:
mode:
authorCullum Smith <cullum@sacredheartsc.com>2024-10-12 08:14:59 -0400
committerCullum Smith <cullum@sacredheartsc.com>2024-10-12 08:15:33 -0400
commit99b8524c16cc99ceeaf1ebf588f2fc0f2c0fbe0a (patch)
tree3ffa4113f23eca6cea8ff2c94ba7ce60188d943e /scripts/hostclass/smtp_server
parent1c882c769e5476b5cb3fa294257c76165a7a6f46 (diff)
downloadinfrastructure-99b8524c16cc99ceeaf1ebf588f2fc0f2c0fbe0a.tar.gz
add a bunch of hostclasses
Diffstat (limited to 'scripts/hostclass/smtp_server')
-rw-r--r--scripts/hostclass/smtp_server/10-rspamd8
-rw-r--r--scripts/hostclass/smtp_server/20-postfix2
2 files changed, 5 insertions, 5 deletions
diff --git a/scripts/hostclass/smtp_server/10-rspamd b/scripts/hostclass/smtp_server/10-rspamd
index 094dc8a..1794e04 100644
--- a/scripts/hostclass/smtp_server/10-rspamd
+++ b/scripts/hostclass/smtp_server/10-rspamd
@@ -21,8 +21,8 @@ rspamd_redis_sock=/var/run/redis/rspamd.sock
rspamd_bayes_redis_sock=/var/run/redis/rspamd-bayes.sock
rspamd_redis_data_dir="${redis_data_dir}/rspamd"
rspamd_bayes_redis_data_dir="${redis_data_dir}/rspamd-bayes"
-rspamd_tls_cert=/usr/local/etc/nginx/rspamd.crt
-rspamd_tls_key=/usr/local/etc/nginx/rspamd.key
+rspamd_https_cert="${nginx_conf_dir}/rspamd.crt"
+rspamd_https_key="${nginx_conf_dir}/rspamd.key"
nginx_keytab="${keytab_dir}/nginx.keytab"
pkg install -y \
@@ -97,8 +97,8 @@ chgrp "$nginx_user" "$nginx_keytab"
chmod 640 "$nginx_keytab"
# Copy TLS certificate for nginx.
-install_certificate nginx "$rspamd_tls_cert"
-install_certificate_key nginx "$rspamd_tls_key"
+install_certificate nginx "$rspamd_https_cert"
+install_certificate_key nginx "$rspamd_https_key"
# Enable and start rspamd and nginx.
sysrc -v \
diff --git a/scripts/hostclass/smtp_server/20-postfix b/scripts/hostclass/smtp_server/20-postfix
index e224e9b..68ac474 100644
--- a/scripts/hostclass/smtp_server/20-postfix
+++ b/scripts/hostclass/smtp_server/20-postfix
@@ -52,7 +52,7 @@ install_certificate_key -m 0640 -o root -g "$postfix_user" postfix "$postfix_loc
if [ "$postfix_public_fqdn" != "$fqdn" ]; then
# Acquire public TLS certificate.
- install_file /usr/local/etc/sudoers.d/acme
+ install_template -m 0600 /usr/local/etc/sudoers.d/acme
acme_install_certificate \
-c "$postfix_public_tls_cert" \
-k "$postfix_public_tls_key" \