fix postsrsd config template
This commit is contained in:
s3lph
parent
832f3a205d
commit
4c4993b5cc
2 changed files with 22 additions and 6 deletions
roles/postsrsd
|
|
@ -4,8 +4,11 @@ postsrsd_exclude_domains: []
|
|||
# Can be one of: -+=
|
||||
postsrsd_separator: '='
|
||||
postsrsd_secret: /etc/postsrsd.secret
|
||||
postsrsd_hashlength: 4
|
||||
postsrsd_hashmin: 4
|
||||
postsrsd_forward_port: 10001
|
||||
postsrsd_reverse_port: 10002
|
||||
postsrsd_runas: postsrsd
|
||||
postsrsd_listen_addr: 127.0.0.1
|
||||
postsrsd_chroot: /var/lib/postsrsd
|
||||
|
||||
|
|
|
|||
|
|
@ -17,13 +17,22 @@ SRS_EXCLUDE_DOMAINS={{ postsrsd_exclude_domains | join(',') }}
|
|||
|
||||
# First separator character after SRS0 or SRS1.
|
||||
# Can be one of: -+=
|
||||
SRS_SEPARATOR={{ postsrsd_separator }}=
|
||||
SRS_SEPARATOR={{ postsrsd_separator }}
|
||||
|
||||
# Secret key to sign rewritten addresses.
|
||||
# When postsrsd is installed for the first time, a random secret is generated
|
||||
# and stored in /etc/postsrsd.secret. For most installations, that's just fine.
|
||||
#
|
||||
SRS_SECRET={{ postsrsd_secret }}/etc/postsrsd.secret
|
||||
SRS_SECRET={{ postsrsd_secret }}
|
||||
|
||||
# Length of hash to be used in rewritten addresses
|
||||
SRS_HASHLENGTH={{ postsrsd_hashlength }}
|
||||
|
||||
# Minimum length of hash to accept when validating return addresses.
|
||||
# When increasing SRS_HASHLENGTH, set this to its previous value and
|
||||
# wait for the duration of SRS return address validity (21 days) before
|
||||
# increading this value as well.
|
||||
SRS_HASHMIN={{ postsrsd_hashmin }}
|
||||
|
||||
# Local ports for TCP list.
|
||||
# These ports are used to bind the TCP list for postfix. If you change
|
||||
|
|
@ -31,14 +40,18 @@ SRS_SECRET={{ postsrsd_secret }}/etc/postsrsd.secret
|
|||
# are bound to the loopback interface, and should never be exposed on
|
||||
# the internet.
|
||||
#
|
||||
SRS_FORWARD_PORT={{ postsrsd_forward_port }}10001
|
||||
SRS_REVERSE_PORT={{ postsrsd_reverse_port }}10002
|
||||
SRS_FORWARD_PORT={{ postsrsd_forward_port }}
|
||||
SRS_REVERSE_PORT={{ postsrsd_reverse_port }}
|
||||
|
||||
# Drop root privileges and run as another user after initialization.
|
||||
# This is highly recommended as postsrsd handles untrusted input.
|
||||
#
|
||||
RUN_AS={{ postsrsd_runas }}postsrsd
|
||||
RUN_AS={{ postsrsd_runas }}
|
||||
|
||||
# Bind to this address
|
||||
#
|
||||
SRS_LISTEN_ADDR={{ postsrsd_listen_addr }}
|
||||
|
||||
# Jail daemon in chroot environment
|
||||
CHROOT={{ postsrsd_chroot }}/var/lib/postsrsd
|
||||
CHROOT={{ postsrsd_chroot }}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue