⬆️ Update to latest version

davestephens · Oct 6, 2024 · 1a8a30c · 1a8a30c
1 parent e13cf26
commit 1a8a30c
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 15 deletions.
diff --git a/roles/simplelogin/defaults/main.yml b/roles/simplelogin/defaults/main.yml
@@ -32,14 +32,14 @@ simplelogin_postfix_container_name: simplelogin-postfix
 simplelogin_postfix_image_name: anarion/postfix
 simplelogin_postfix_image_version: latest-ubuntu
 simplelogin_webapp_container_name: simplelogin-webapp
-simplelogin_webapp_image_name:  simplelogin/app
-simplelogin_webapp_image_version: 3.4.0
+simplelogin_webapp_image_name:  simplelogin/app-ci
+simplelogin_webapp_image_version: latest
 simplelogin_email_handler_container_name: simplelogin-email-handler
-simplelogin_email_handler_image_name:  simplelogin/app
-simplelogin_email_handler_image_version: 3.4.0
+simplelogin_email_handler_image_name:  simplelogin/app-ci
+simplelogin_email_handler_image_version: latest
 simplelogin_job_runner_container_name: simplelogin-job-runner
-simplelogin_job_runner_image_name:  simplelogin/app
-simplelogin_job_runner_image_version: 3.4.0
+simplelogin_job_runner_image_name:  simplelogin/app-ci
+simplelogin_job_runner_image_version: latest
 simplelogin_user_id: "1000"
 simplelogin_group_id: "1000"
 

diff --git a/roles/simplelogin/tasks/main.yml b/roles/simplelogin/tasks/main.yml
@@ -105,7 +105,7 @@
           - name: "{{ simplelogin_network_name }}"
         network_mode: "{{ simplelogin_network_name }}"
         container_default_behavior: no_defaults
-        command: ['flask', 'db', 'upgrade']
+        command: ['alembic', 'upgrade', 'head']
         env: "{{ simplelogin_env }}"
         restart_policy: "no"
       tags: molecule-idempotence-notest

diff --git a/roles/simplelogin/templates/main.cf.j2 b/roles/simplelogin/templates/main.cf.j2
@@ -12,7 +12,7 @@ readme_directory = no
 
 # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
 # fresh installs.
-compatibility_level = 2
+compatibility_level = 4
 
 header_size_limit = 4096000
 
@@ -22,7 +22,7 @@ smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 smtp_tls_security_level = may
-smtpd_tls_security_level = may
+smtpd_tls_security_level = none
 
 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
 # information on enabling SSL in the smtp client.
@@ -44,11 +44,10 @@ relayhost = {{ simplelogin_postfix_relayhost }}
 # HELO restrictions
 smtpd_delay_reject = yes
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_mynetworks,reject_invalid_helo_hostname,permit
+smtpd_helo_restrictions = permit_mynetworks,reject_non_fqdn_helo_hostname,reject_invalid_helo_hostname,permit
 
 # Client restrictions
-smtpd_client_restrictions = permit_mynetworks,reject
-# smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_rbl_client bl.spamcop.net, permit
+smtpd_client_restrictions =
 
 # Sender restrictions:
 smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
@@ -57,4 +56,6 @@ smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_un
 smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_rbl_client bl.spamcop.net, permit
 
 # Relay restrictions:
-smtpd_relay_restrictions = reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_rbl_client bl.spamcop.net, permit
+smtpd_relay_restrictions = reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_rbl_client bl.spamcop.net, permit
+
+# debug_peer_list = 209.85.0.0/16 193.222.0.0/16
diff --git a/roles/simplelogin/templates/pgsql-relay-domains.cf.j2 b/roles/simplelogin/templates/pgsql-relay-domains.cf.j2
@@ -4,4 +4,4 @@ user = {{ simplelogin_postgres_username }}
 password = {{ simplelogin_postgres_password }}
 dbname = {{ simplelogin_postgres_database }}
 
-query = SELECT domain FROM custom_domain WHERE domain='%s' AND verified=true UNION SELECT '%s' WHERE '%s' = '{{ simplelogin_email_domain }}' LIMIT 1
+query = SELECT domain FROM custom_domain WHERE domain='%s' AND verified=true UNION SELECT domain FROM public_domain WHERE domain='%s' UNION SELECT '%s' WHERE '%s' = '{{ simplelogin_email_domain }}' LIMIT 1;
diff --git a/roles/simplelogin/templates/pgsql-transport-maps.cf.j2 b/roles/simplelogin/templates/pgsql-transport-maps.cf.j2
@@ -5,4 +5,5 @@ password = {{ simplelogin_postgres_password }}
 dbname = {{ simplelogin_postgres_database }}
 
 # forward to smtp:{{ simplelogin_email_handler_container_name }}:{{ simplelogin_email_handler_port }} for custom domain AND email domain
-query = SELECT 'smtp:{{ simplelogin_email_handler_container_name }}:{{ simplelogin_email_handler_port }}' FROM custom_domain WHERE domain = '%s' AND verified=true UNION SELECT 'smtp:{{ simplelogin_email_handler_container_name }}:{{ simplelogin_email_handler_port }}' WHERE '%s' = '{{ simplelogin_email_domain }}' LIMIT 1;
+
+query = SELECT 'smtp:{{ simplelogin_email_handler_container_name }}:{{ simplelogin_email_handler_port }}' FROM custom_domain WHERE domain = '%s' AND verified=true UNION SELECT 'smtp:{{ simplelogin_email_handler_container_name }}:{{ simplelogin_email_handler_port }}' FROM public_domain WHERE domain = '%s' UNION SELECT 'smtp:{{ simplelogin_email_handler_container_name }}:{{ simplelogin_email_handler_port }}' WHERE '%s' = '{{ simplelogin_email_domain }}' LIMIT 1;