]> git.openstreetmap.org Git - chef.git/blob - roles/mail.rb
Add alert for DNSSEC validation failures
[chef.git] / roles / mail.rb
1 name "mail"
2 description "Role applied to all mail servers"
3
4 default_attributes(
5   :exim => {
6     :local_domains => [
7       "openstreetmap.org",
8       "osm.org",
9       "noreply.openstreetmap.org",
10       "openstreetmap.co.uk",
11       "openstreetmap.org.uk",
12       "openstreetmap.com",
13       "openstreetmap.io",
14       "openstreetmap.pro",
15       "openstreetmaps.org",
16       "osm.io"
17     ],
18     :daemon_smtp_ports => [25, 26],
19     :certificate_names => [
20       "mail.openstreetmap.org",
21       "a.mx.openstreetmap.org",
22       "a.mx.osm.org",
23       "a.mx.openstreetmap.com",
24       "a.mx.openstreetmap.io",
25       "a.mx.openstreetmap.pro",
26       "a.mx.openstreetmaps.org",
27       "a.mx.osm.io"
28     ],
29     :queue_run_max => 25,
30     :smtp_accept_max => 200,
31     :smarthost_name => "mail.openstreetmap.org",
32     :smarthost_via => nil,
33     :dns_blacklists => ["zen.spamhaus.org!&0.255.255.0"],
34     :routes => {
35       :messages => {
36         :comment => "messages.openstreetmap.org",
37         :domains => ["messages.openstreetmap.org"],
38         :host => [
39           "spike-01.openstreetmap.org",
40           "spike-02.openstreetmap.org",
41           "spike-03.openstreetmap.org",
42           "spike-06.openstreetmap.org",
43           "spike-07.openstreetmap.org",
44           "spike-08.openstreetmap.org"
45         ]
46       },
47       :otrs => {
48         :comment => "otrs.openstreetmap.org",
49         :domains => ["otrs.openstreetmap.org"],
50         :host => "naga.dub.openstreetmap.org"
51       },
52       :join => {
53         :comment => "join.osmfoundation.org",
54         :domains => ["join.osmfoundation.org"],
55         :host => "ridley.ucl.openstreetmap.org"
56       },
57       :supporting => {
58         :comment => "supporting.openstreetmap.org",
59         :domains => ["supporting.openstreetmap.org"],
60         :host => "ridley.ucl.openstreetmap.org"
61       },
62       :community => {
63         :comment => "community.openstreetmap.org",
64         :domains => ["community.openstreetmap.org"],
65         :host => "fume.dub.openstreetmap.org::2500"
66       }
67     },
68     :dkim_selectors => {
69       "openstreetmap.org" => "20200301",
70       "osmfoundation.org" => "20201112"
71     },
72     :aliases => {
73       "abuse" => "root",
74       "postmaster" => "root",
75       "webmaster" => "support",
76       "clamav" => "root",
77       "rails" => "root",
78       "trac" => "root",
79       "prometheus" => "root",
80       "www-data" => "root",
81       "osmbackup" => "root",
82       "noreply" => "/dev/null",
83       "bounces" => "/dev/null",
84       "wishlist" => "/dev/null",
85       "treasurer" => "treasurer@osmfoundation.org",
86       "donations" => "treasurer@osmfoundation.org",
87       "secretary" => "secretary@osmfoundation.org",
88       "chairman" => "chairman@osmfoundation.org",
89       "accountant" => "accountant@osmfoundation.org",
90       "data" => "data@otrs.openstreetmap.org",
91       "otrs" => "otrs@otrs.openstreetmap.org",
92       "support" => "support@otrs.openstreetmap.org",
93       "memorial" => "communication@osmfoundation.org",
94       "legal" => "legal@osmfoundation.org",
95       "dmca" => "dmca@osmfoundation.org",
96       "program-sotm" => "sotm-program@otrs.openstreetmap.org"
97     },
98     :private_aliases => "mail"
99   },
100   :prometheus => {
101     :metrics => {
102       :exim_queue_limit => { :metric => 2500 }
103     }
104   }
105 )
106
107 run_list(
108   "recipe[clamav]",
109   "recipe[exim]",
110   "recipe[spamassassin]"
111 )