Re: [PATCH] Update postfix on jenkins master to not use bastion as a relay

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 23 Oct 2013 09:13:16 +0000
Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> wrote:

> Bastion is not accessible internally for the cloud instances which
> thus cannot use it as relay to send emails. This change uses sed to
> change the postfix configuration and tell postfix to not use bastion
> as relay.
> ---
> 
> This concerns jenkins master which is not in freeze but since it
> touches postfix I prefer to have approval for this change before
> pushing it.
> 
> I made the change by hand to clean the mail queue on jenkins master
> (and then reverted it), so it works.
> I tried to telnet to the host but port 25 is closed, as it should be,
> so there are little chances it transforms this machine onto a spam
> box, but again, I'd rather be on the safe side :)

I'd prefer a slightly different approach here, for a few reasons: 
1) shell commands always will show 'changed' to ansible (unless you
add a 'creates=/some/file' to tell it not to run except the first
time. 

2) we might change other things in the config, so better to just use
seperate file for it. 

So, instead we could: 

create a inventory/group_vars/jenkins_cloud
add to it: 

postfix_group: jenkins_cloud

and then make a new: 

roles/base/files/postfix/main.cf.jenkins_cloud

with whatever you want in it. :) 

Thoughts?

kevin
--
> 
> Thanks,
> Pierre
> 
> 
>  playbooks/groups/jenkins-cloud.yml |    5 +++++
>  1 files changed, 5 insertions(+), 0 deletions(-)
> 
> diff --git a/playbooks/groups/jenkins-cloud.yml
> b/playbooks/groups/jenkins-cloud.yml index 31da1c0..8079c4a 100644
> --- a/playbooks/groups/jenkins-cloud.yml
> +++ b/playbooks/groups/jenkins-cloud.yml
> @@ -128,6 +128,11 @@
>      notify: 
>        - restart jenkins
>  
> +  # Postfix cannot use relay as it cannot connect to bastion
> +  - name: Update postfix to send directly rather than via bastion
> +    shell: sed -i -e 's|relayhost =  bastion|#relayhost =
> bastion|' /etc/postfix/main.cf
> +    notify:
> +      - restart postfix
>  
>    handlers:
>    - include: $handlers/restart_services.yml

Attachment: signature.asc
Description: PGP signature

_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux